### Get Client Installation Provider Source: https://www.keycloak.org/docs-api/latest/rest-api/openapi.json Retrieves the installation provider configuration for a specific client. ```APIDOC ## GET /admin/realms/{realm}/clients/{client-uuid}/installation/providers/{providerId} ### Description Get the installation provider configuration for a specific client. ### Method GET ### Endpoint /admin/realms/{realm}/clients/{client-uuid}/installation/providers/{providerId} ### Parameters #### Path Parameters - **realm** (string) - Required - realm name (not id!) - **client-uuid** (string) - Required - id of client (not client-id!) - **providerId** (string) - Required - ### Response #### Success Response (200) - **OK** ``` -------------------------------- ### GET /admin/realms/{realm}/clients/{client-uuid}/evaluate-scopes/generate-example-userinfo Source: https://www.keycloak.org/docs-api/latest/rest-api Generates a JSON payload representing example user info for the specified client. ```APIDOC ## GET /admin/realms/{realm}/clients/{client-uuid}/evaluate-scopes/generate-example-userinfo ### Description Create JSON with payload of example user info ### Method GET ### Endpoint /admin/realms/{realm}/clients/{client-uuid}/evaluate-scopes/generate-example-userinfo ### Parameters #### Path Parameters - **realm** (string) - Required - realm name (not id!) - **client-uuid** (string) - Required - id of client (not client-id!) #### Query Parameters - **scope** (string) - Optional - **userId** (string) - Optional ### Response #### Success Response (200) - **Object** (object) - User info payload ``` -------------------------------- ### GET /admin/realms/{realm}/clients/{client-uuid}/evaluate-scopes/generate-example-access-token Source: https://www.keycloak.org/docs-api/latest/rest-api Generates a JSON payload representing an example access token for the specified client. ```APIDOC ## GET /admin/realms/{realm}/clients/{client-uuid}/evaluate-scopes/generate-example-access-token ### Description Create JSON with payload of example access token ### Method GET ### Endpoint /admin/realms/{realm}/clients/{client-uuid}/evaluate-scopes/generate-example-access-token ### Parameters #### Path Parameters - **realm** (string) - Required - realm name (not id!) - **client-uuid** (string) - Required - id of client (not client-id!) #### Query Parameters - **audience** (string) - Optional - **scope** (string) - Optional - **userId** (string) - Optional ### Response #### Success Response (200) - **AccessToken** (object) - Access token payload ``` -------------------------------- ### GET /admin/realms/{realm}/clients/{client-uuid}/evaluate-scopes/generate-example-id-token Source: https://www.keycloak.org/docs-api/latest/rest-api Generates a JSON payload representing an example ID token for the specified client. ```APIDOC ## GET /admin/realms/{realm}/clients/{client-uuid}/evaluate-scopes/generate-example-id-token ### Description Create JSON with payload of example id token ### Method GET ### Endpoint /admin/realms/{realm}/clients/{client-uuid}/evaluate-scopes/generate-example-id-token ### Parameters #### Path Parameters - **realm** (string) - Required - realm name (not id!) - **client-uuid** (string) - Required - id of client (not client-id!) #### Query Parameters - **audience** (string) - Optional - **scope** (string) - Optional - **userId** (string) - Optional ### Response #### Success Response (200) - **IDToken** (object) - ID token payload ``` -------------------------------- ### Generate Example Access Token Source: https://www.keycloak.org/docs-api/latest/rest-api/openapi.json Creates a JSON object containing the payload of an example access token for a client, based on specified audience and scope. ```APIDOC ## GET /admin/realms/{realm}/clients/{client-uuid}/evaluate-scopes/generate-example-access-token ### Description Create JSON with payload of example access token. ### Method GET ### Endpoint /admin/realms/{realm}/clients/{client-uuid}/evaluate-scopes/generate-example-access-token ### Parameters #### Path Parameters - **realm** (string) - Required - realm name (not id!) - **client-uuid** (string) - Required - id of client (not client-id!) #### Query Parameters - **audience** (string) - Optional - **scope** (string) - Optional - **userId** (string) - Optional ### Response #### Success Response (200) - (AccessToken) - #### Error Response (403) - Forbidden #### Error Response (404) - Not Found ``` -------------------------------- ### GET /admin/realms/{realm}/identity-provider/instances/{alias} Source: https://www.keycloak.org/docs-api/latest/rest-api Get the identity provider. ```APIDOC ## GET /admin/realms/{realm}/identity-provider/instances/{alias} ### Description Get the identity provider. ### Method GET ### Endpoint /admin/realms/{realm}/identity-provider/instances/{alias} ### Parameters #### Path Parameters - **realm** (string) - Required - realm name (not id!) - **alias** (string) - Required ### Response #### Success Response (200) - **IdentityProviderRepresentation** (object) - OK ``` -------------------------------- ### Generate Example User Info Source: https://www.keycloak.org/docs-api/latest/rest-api/openapi.json Generates a JSON object containing payload of example user information based on provided scope and user ID. ```APIDOC ## GET /admin/realms/{realm}/clients/{client-uuid}/evaluate-scopes/generate-example-userinfo ### Description Create JSON with payload of example user info. ### Method GET ### Endpoint /admin/realms/{realm}/clients/{client-uuid}/evaluate-scopes/generate-example-userinfo ### Parameters #### Path Parameters - **realm** (string) - Required - realm name (not id!) - **client-uuid** (string) - Required - id of client (not client-id!) #### Query Parameters - **scope** (string) - Optional - **userId** (string) - Optional #### Response #### Success Response (200) - (object) - ``` -------------------------------- ### GET /admin/realms/{realm}/client-scopes/{client-scope-id}/scope-mappings Source: https://www.keycloak.org/docs-api/latest/rest-api Get all scope mappings for the client. ```APIDOC ## GET /admin/realms/{realm}/client-scopes/{client-scope-id}/scope-mappings ### Description Get all scope mappings for the client ### Method GET ### Endpoint /admin/realms/{realm}/client-scopes/{client-scope-id}/scope-mappings ### Parameters #### Path Parameters - **realm** (string) - Required - realm name (not id!) - **client-scope-id** (string) - Required ### Response #### Success Response (200) - **MappingsRepresentation** (object) - Mappings representation ``` -------------------------------- ### Generate Example ID Token Source: https://www.keycloak.org/docs-api/latest/rest-api/openapi.json Creates a JSON object containing the payload of an example ID token for a client, based on specified audience and scope. ```APIDOC ## GET /admin/realms/{realm}/clients/{client-uuid}/evaluate-scopes/generate-example-id-token ### Description Create JSON with payload of example id token. ### Method GET ### Endpoint /admin/realms/{realm}/clients/{client-uuid}/evaluate-scopes/generate-example-id-token ### Parameters #### Path Parameters - **realm** (string) - Required - realm name (not id!) - **client-uuid** (string) - Required - id of client (not client-id!) #### Query Parameters - **audience** (string) - Optional - **scope** (string) - Optional - **userId** (string) - Optional ### Response #### Success Response (200) - (object) - ``` -------------------------------- ### GET /admin/realms/{realm}/authentication/per-client-config-description Source: https://www.keycloak.org/docs-api/latest/rest-api Retrieves configuration descriptions for all clients. ```APIDOC ## GET /admin/realms/{realm}/authentication/per-client-config-description ### Description Get configuration descriptions for all clients. ### Method GET ### Endpoint /admin/realms/{realm}/authentication/per-client-config-description ### Parameters #### Path Parameters - **realm** (string) - Required - realm name (not id!) ``` -------------------------------- ### GET /admin/realms/{realm}/clients/{client-uuid}/roles/{role-name} Source: https://www.keycloak.org/docs-api/latest/rest-api Get a role by name. ```APIDOC ## GET /admin/realms/{realm}/clients/{client-uuid}/roles/{role-name} ### Description Get a role by name. ### Method GET ### Endpoint /admin/realms/{realm}/clients/{client-uuid}/roles/{role-name} ### Parameters #### Path Parameters - **realm** (string) - Required - realm name (not id!) - **client-uuid** (string) - Required - id of client (not client-id!) - **role-name** (string) - Required - role's name (not id!) ### Response #### Success Response (200) - **RoleRepresentation** (object) - Role details ``` -------------------------------- ### GET /admin/realms/{realm}/clients/{client-uuid}/roles/{role-name}/composites/clients/{targetClientUuid} Source: https://www.keycloak.org/docs-api/latest/rest-api Get client-level roles for the client that are in the role’s composite. ```APIDOC ## GET /admin/realms/{realm}/clients/{client-uuid}/roles/{role-name}/composites/clients/{targetClientUuid} ### Description Get client-level roles for the client that are in the role’s composite. ### Method GET ### Endpoint /admin/realms/{realm}/clients/{client-uuid}/roles/{role-name}/composites/clients/{targetClientUuid} ### Parameters #### Path Parameters - **realm** (string) - Required - realm name (not id!) - **client-uuid** (string) - Required - id of client (not client-id!) - **role-name** (string) - Required - role's name (not id!) - **targetClientUuid** (string) - Required ### Response #### Success Response (200) - **List[RoleRepresentation]** (array) - List of roles ``` -------------------------------- ### Get Per-Client Config Description Source: https://www.keycloak.org/docs-api/latest/rest-api/openapi.json Retrieves configuration descriptions for all clients within a realm. ```APIDOC ## GET /admin/realms/{realm}/authentication/per-client-config-description ### Description Get configuration descriptions for all clients ### Method GET ### Endpoint /admin/realms/{realm}/authentication/per-client-config-description ### Parameters #### Path Parameters - **realm** (string) - Required - realm name (not id!) ### Response #### Success Response (200) - Description: OK - Content: application/json - Schema: object where additional properties are arrays of ConfigPropertyRepresentation ``` -------------------------------- ### GET /admin/realms/{realm}/client-templates/{client-scope-id}/scope-mappings Source: https://www.keycloak.org/docs-api/latest/rest-api Retrieves all scope mappings for the client. ```APIDOC ## GET /admin/realms/{realm}/client-templates/{client-scope-id}/scope-mappings ### Description Get all scope mappings for the client ### Method GET ### Endpoint /admin/realms/{realm}/client-templates/{client-scope-id}/scope-mappings ### Parameters #### Path Parameters - **realm** (string) - Required - realm name (not id!) - **client-scope-id** (string) - Required ### Response #### Success Response (200) - **MappingsRepresentation** (object) - Scope mappings ``` -------------------------------- ### Get Realm Localization Source: https://www.keycloak.org/docs-api/latest/rest-api/openapi.json Get realm localization texts. ```APIDOC ## GET /admin/realms/{realm}/localization ### Description Get realm localization texts. ### Method GET ### Endpoint /admin/realms/{realm}/localization ### Parameters #### Path Parameters - **realm** (string) - Required - realm name (not id!) ### Response #### Success Response (200) - **array** (array) - #### Error Response (403) - **description** - Forbidden ``` -------------------------------- ### Get Resource Server Settings Source: https://www.keycloak.org/docs-api/latest/rest-api/openapi.json Retrieves the resource server settings for a specific client. ```APIDOC ## GET /admin/realms/{realm}/clients/{client-uuid}/authz/resource-server/settings ### Description Retrieves the resource server settings for a given client within a realm. ### Method GET ### Endpoint /admin/realms/{realm}/clients/{client-uuid}/authz/resource-server/settings ### Parameters #### Path Parameters - **realm** (string) - Required - realm name (not id!) - **client-uuid** (string) - Required - id of client (not client-id!) ### Response #### Success Response (200) - **ResourceServerRepresentation** - The representation of the resource server settings. ``` -------------------------------- ### POST /admin/realms/{realm}/clients/{client-uuid}/certificates/{attr}/generate-and-download Source: https://www.keycloak.org/docs-api/latest/rest-api Generates a new keypair and certificate, then serves the private key in a specified keystore format. ```APIDOC ## POST /admin/realms/{realm}/clients/{client-uuid}/certificates/{attr}/generate-and-download ### Description Generates a keypair and certificate and serves the private key in a specified keystore format. Only generated public certificate is saved in Keycloak DB - the private key is not. ### Method POST ### Endpoint /admin/realms/{realm}/clients/{client-uuid}/certificates/{attr}/generate-and-download ### Parameters #### Path Parameters - **realm** (string) - Required - realm name (not id!) - **client-uuid** (string) - Required - id of client (not client-id!) - **attr** (string) - Required #### Request Body - **KeyStoreConfig** (object) - Optional - KeyStoreConfig ### Response #### Success Response (200) - **File** - Private key file ``` -------------------------------- ### GET /admin/realms/{realm}/workflows Source: https://www.keycloak.org/docs-api/latest/rest-api Lists workflows for a realm, supporting filtering and pagination. ```APIDOC ## GET /admin/realms/{realm}/workflows ### Description List workflows filtered by name and paginated using first and max parameters. ### Method GET ### Endpoint /admin/realms/{realm}/workflows ### Parameters #### Path Parameters - **realm** (string) - Required - realm name (not id!) #### Query Parameters - **exact** (boolean) - Optional - Boolean which defines whether the param 'search' must match exactly or not - **first** (integer) - Optional - The position of the first result to be processed (pagination offset) - **max** (integer) - Optional - The maximum number of results to be returned - defaults to 10 - **search** (string) - Optional - A String representing the workflow name - either partial or exact ``` -------------------------------- ### POST /admin/realms/{realm}/clients/{client-uuid}/certificates/{attr}/download Source: https://www.keycloak.org/docs-api/latest/rest-api Downloads a keystore file for the client containing the private key and public certificate. ```APIDOC ## POST /admin/realms/{realm}/clients/{client-uuid}/certificates/{attr}/download ### Description Get a keystore file for the client, containing private key and public certificate. ### Method POST ### Endpoint /admin/realms/{realm}/clients/{client-uuid}/certificates/{attr}/download ### Parameters #### Path Parameters - **realm** (string) - Required - realm name (not id!) - **client-uuid** (string) - Required - id of client (not client-id!) - **attr** (string) - Required #### Request Body - **KeyStoreConfig** (object) - Optional - KeyStoreConfig ### Response #### Success Response (200) - **File** - Keystore file ``` -------------------------------- ### GET /admin/realms/{realm}/localization/{locale} Source: https://www.keycloak.org/docs-api/latest/rest-api/openapi.json Get localization for a specific realm and locale. ```APIDOC ## GET /admin/realms/{realm}/localization/{locale} ### Description Get localization for a specific realm and locale. ### Method GET ### Endpoint /admin/realms/{realm}/localization/{locale} ### Parameters #### Path Parameters - **realm** (string) - Required - realm name (not id!) - **locale** (string) - Required - ### Responses #### Success Response (200) - **content** (object) - Description: OK - **additionalProperties** (string) - Description: #### Response Example ```json { "example": "{\"description\": \"OK\", \"content\": { \"application/json\" : { \"schema\" : { \"type\" : \"object\", \"additionalProperties\" : { \"type\" : \"string\" } } } } }" } ``` #### Error Response (403) - **description** (string) - Forbidden ``` -------------------------------- ### Get Realm Localization by Locale Source: https://www.keycloak.org/docs-api/latest/rest-api/openapi.json Get realm localization texts for a specific locale. ```APIDOC ## GET /admin/realms/{realm}/localization/{locale} ### Description Get realm localization texts for a specific locale. ### Method GET ### Endpoint /admin/realms/{realm}/localization/{locale} ### Parameters #### Path Parameters - **realm** (string) - Required - realm name (not id!) - **locale** (string) - Required - #### Query Parameters - **useRealmDefaultLocaleFallback** (boolean) - Optional - ``` -------------------------------- ### ClientInitialAccessCreatePresentation Source: https://www.keycloak.org/docs-api/latest/rest-api Represents the data needed to create initial access for a client. ```APIDOC ## ClientInitialAccessCreatePresentation ### Description Represents the data needed to create initial access for a client. ### Fields - **expiration** (Integer) - Optional - The expiration time for the initial access token in seconds. - **count** (Integer) - Optional - The number of times the initial access token can be used. - **webOrigins** (List of [string]) - Optional - A list of allowed web origins for the initial access. ``` -------------------------------- ### List and Create Resources Source: https://www.keycloak.org/docs-api/latest/rest-api/openapi.json Allows listing resources associated with a client within a realm and creating new resources. ```APIDOC ## GET /admin/realms/{realm}/clients/{client-uuid}/authz/resource-server/resource ### Description Retrieves a list of resources associated with a specific client within a realm. Supports filtering by various parameters. ### Method GET ### Endpoint /admin/realms/{realm}/clients/{client-uuid}/authz/resource-server/resource ### Parameters #### Path Parameters - **realm** (string) - Required - The name of the realm (not ID). - **client-uuid** (string) - Required - The UUID of the client (not client ID). #### Query Parameters - **_id** (string) - Optional - Filter by resource ID. - **deep** (boolean) - Optional - Perform a deep search. - **exactName** (boolean) - Optional - Match the name exactly. - **first** (integer) - Optional - The first result to return (for pagination). - **matchingUri** (boolean) - Optional - Match by URI. - **max** (integer) - Optional - The maximum number of results to return (for pagination). - **name** (string) - Optional - Filter by resource name. - **owner** (string) - Optional - Filter by resource owner. - **scope** (string) - Optional - Filter by resource scope. - **type** (string) - Optional - Filter by resource type. - **uri** (string) - Optional - Filter by resource URI. ### Response #### Success Response (200) - **array of ResourceRepresentation** - OK ## POST /admin/realms/{realm}/clients/{client-uuid}/authz/resource-server/resource ### Description Creates a new resource associated with a specific client within a realm. ### Method POST ### Endpoint /admin/realms/{realm}/clients/{client-uuid}/authz/resource-server/resource ### Parameters #### Path Parameters - **realm** (string) - Required - The name of the realm (not ID). - **client-uuid** (string) - Required - The UUID of the client (not client ID). #### Request Body - **ResourceRepresentation** - Required - The representation of the resource to create. ### Request Example ```json { "example": "request body" } ``` ### Response #### Success Response (201) - **ResourceRepresentation** - Created #### Error Response (400) - **Bad Request** ``` -------------------------------- ### GET /admin/realms/{realm}/default-groups Source: https://www.keycloak.org/docs-api/latest/rest-api Get group hierarchy. Only name and ids are returned. ```APIDOC ## GET /admin/realms/{realm}/default-groups ### Description Get group hierarchy. Only name and ids are returned. ### Method GET ### Endpoint /admin/realms/{realm}/default-groups ### Parameters #### Path Parameters - **realm** (string) - Required - realm name (not id!) ### Response #### Success Response (200) - **List[GroupRepresentation]** - List of default groups ``` -------------------------------- ### GET /admin/realms/{realm}/clients/{client-uuid}/roles/{role-name}/composites Source: https://www.keycloak.org/docs-api/latest/rest-api Get composites of the role. ```APIDOC ## GET /admin/realms/{realm}/clients/{client-uuid}/roles/{role-name}/composites ### Description Get composites of the role. ### Method GET ### Endpoint /admin/realms/{realm}/clients/{client-uuid}/roles/{role-name}/composites ### Parameters #### Path Parameters - **realm** (string) - Required - realm name (not id!) - **client-uuid** (string) - Required - id of client (not client-id!) - **role-name** (string) - Required - role's name (not id!) ### Response #### Success Response (200) - **List[RoleRepresentation]** (array) - List of roles ``` -------------------------------- ### POST /admin/realms/{realm}/client-templates/{client-scope-id}/protocol-mappers/add-models Source: https://www.keycloak.org/docs-api/latest/rest-api Creates multiple protocol mappers for a client template. ```APIDOC ## POST /admin/realms/{realm}/client-templates/{client-scope-id}/protocol-mappers/add-models ### Description Create multiple mappers. ### Method POST ### Endpoint /admin/realms/{realm}/client-templates/{client-scope-id}/protocol-mappers/add-models ### Parameters #### Path Parameters - **realm** (string) - Required - realm name (not id!) - **client-scope-id** (string) - Required - #### Request Body - **ProtocolMapperRepresentation** (object) - Optional - ProtocolMapperRepresentation ### Responses #### Success Response (204) - <<>> - No Content ``` -------------------------------- ### POST /admin/realms/{realm}/localization/{locale} Source: https://www.keycloak.org/docs-api/latest/rest-api/openapi.json Import localization from uploaded JSON file. ```APIDOC ## POST /admin/realms/{realm}/localization/{locale} ### Description Import localization from uploaded JSON file. ### Method POST ### Endpoint /admin/realms/{realm}/localization/{locale} ### Parameters #### Path Parameters - **realm** (string) - Required - realm name (not id!) - **locale** (string) - Required - #### Request Body - **additionalProperties** (string) - Required - ### Responses #### Success Response (204) - Description: No Content #### Error Response (400) - Description: Bad Request #### Error Response (403) - Description: Forbidden ``` -------------------------------- ### GET /admin/realms/{realm}/default-default-client-scopes Source: https://www.keycloak.org/docs-api/latest/rest-api Get realm default client scopes. Only name and ids are returned. ```APIDOC ## GET /admin/realms/{realm}/default-default-client-scopes ### Description Get realm default client scopes. Only name and ids are returned. ### Method GET ### Endpoint /admin/realms/{realm}/default-default-client-scopes ### Parameters #### Path Parameters - **realm** (string) - Required - realm name (not id!) ### Response #### Success Response (200) - **List[ClientScopeRepresentation]** - List of default client scopes ``` -------------------------------- ### Create Component Source: https://www.keycloak.org/docs-api/latest/rest-api/openapi.json Creates a new component in the specified realm. ```APIDOC ## POST /admin/realms/{realm}/components ### Description Creates a new component in the specified realm. ### Method POST ### Endpoint /admin/realms/{realm}/components ### Parameters #### Path Parameters - **realm** (string) - Required - realm name (not id!) #### Request Body - **ComponentRepresentation** (object) - Required - The representation of the component to create. ### Request Example { "name": "my-component", "providerId": "my-provider", "providerType": "my-provider-type", "config": { "some_key": ["some_value"] } } ### Response #### Success Response (200) OK ``` -------------------------------- ### GET /admin/realms/{realm}/clients/{client-uuid}/scope-mappings/clients/{client} Source: https://www.keycloak.org/docs-api/latest/rest-api Get the roles associated with a client’s scope. ```APIDOC ## GET /admin/realms/{realm}/clients/{client-uuid}/scope-mappings/clients/{client} ### Description Get the roles associated with a client’s scope. Returns roles for the client. ### Method GET ### Endpoint /admin/realms/{realm}/clients/{client-uuid}/scope-mappings/clients/{client} ### Parameters #### Path Parameters - **realm** (string) - Required - realm name (not id!) - **client-uuid** (string) - Required - id of client (not client-id!) - **client** (string) - Required ### Response #### Success Response (200) - **List[RoleRepresentation]** (array) - List of roles ``` -------------------------------- ### GET /admin/realms/{realm}/identity-provider/instances/{alias}/export Source: https://www.keycloak.org/docs-api/latest/rest-api Export public broker configuration for identity provider. ```APIDOC ## GET /admin/realms/{realm}/identity-provider/instances/{alias}/export ### Description Export public broker configuration for identity provider. ### Method GET ### Endpoint /admin/realms/{realm}/identity-provider/instances/{alias}/export ### Parameters #### Path Parameters - **realm** (string) - Required - realm name (not id!) - **alias** (string) - Required #### Query Parameters - **format** (string) - Optional - Format to use ### Response #### Success Response (200) - OK ``` -------------------------------- ### GET /admin/realms/{realm}/client-templates/{client-scope-id}/scope-mappings/realm Source: https://www.keycloak.org/docs-api/latest/rest-api Get realm-level roles associated with the client’s scope. ```APIDOC ## GET /admin/realms/{realm}/client-templates/{client-scope-id}/scope-mappings/realm ### Description Get realm-level roles associated with the client’s scope. ### Method GET ### Endpoint /admin/realms/{realm}/client-templates/{client-scope-id}/scope-mappings/realm ### Parameters #### Path Parameters - **realm** (string) - Required - realm name (not id!) - **client-scope-id** (string) - Required #### Query Parameters - **briefRepresentation** (boolean) - Optional - if false, return roles with their attributes (Default: true) ### Response #### Success Response (200) - **List[RoleRepresentation]** (array) - List of roles ``` -------------------------------- ### GET /admin/realms/{realm}/client-scopes/{client-scope-id}/scope-mappings/realm Source: https://www.keycloak.org/docs-api/latest/rest-api Get realm-level roles associated with the client’s scope. ```APIDOC ## GET /admin/realms/{realm}/client-scopes/{client-scope-id}/scope-mappings/realm ### Description Get realm-level roles associated with the client’s scope ### Method GET ### Endpoint /admin/realms/{realm}/client-scopes/{client-scope-id}/scope-mappings/realm ### Parameters #### Path Parameters - **realm** (string) - Required - realm name (not id!) - **client-scope-id** (string) - Required ### Response #### Success Response (200) - **List[RoleRepresentation]** (array) - List of roles ``` -------------------------------- ### POST /admin/realms/{realm}/clients-initial-access Source: https://www.keycloak.org/docs-api/latest/rest-api Create a new initial access token for a specific realm. ```APIDOC ## POST /admin/realms/{realm}/clients-initial-access ### Description Create a new initial access token. ### Method POST ### Endpoint /admin/realms/{realm}/clients-initial-access ### Parameters #### Path Parameters - **realm** (string) - Required - realm name (not id!) #### Request Body - **ClientInitialAccessCreatePresentation** (object) - Optional - ClientInitialAccessCreatePresentation ### Response #### Success Response (201) - **ClientInitialAccessCreatePresentation** - Created ``` -------------------------------- ### GET /admin/realms/{realm}/client-scopes/{client-scope-id}/scope-mappings/clients/{client} Source: https://www.keycloak.org/docs-api/latest/rest-api Get the roles associated with a client’s scope. ```APIDOC ## GET /admin/realms/{realm}/client-scopes/{client-scope-id}/scope-mappings/clients/{client} ### Description Get the roles associated with a client’s scope Returns roles for the client. ### Method GET ### Endpoint /admin/realms/{realm}/client-scopes/{client-scope-id}/scope-mappings/clients/{client} ### Parameters #### Path Parameters - **realm** (string) - Required - realm name (not id!) - **client-scope-id** (string) - Required - **client** (string) - Required ### Response #### Success Response (200) - **List[RoleRepresentation]** (array) - List of roles ``` -------------------------------- ### GET /admin/realms/{realm}/clients/{client-uuid}/roles/{role-name}/management/permissions Source: https://www.keycloak.org/docs-api/latest/rest-api Retrieves the initialization status and reference for role Authorization permissions. ```APIDOC ## GET /admin/realms/{realm}/clients/{client-uuid}/roles/{role-name}/management/permissions ### Description Return object stating whether role Authorization permissions have been initialized or not and a reference. ### Method GET ### Endpoint /admin/realms/{realm}/clients/{client-uuid}/roles/{role-name}/management/permissions ### Parameters #### Path Parameters - **realm** (string) - Required - realm name (not id!) - **client-uuid** (string) - Required - id of client (not client-id!) - **role-name** (string) - Required - the role name ### Response #### Success Response (200) - **ManagementPermissionReference** (object) - Reference object for permissions ``` -------------------------------- ### GET /admin/realms/{realm}/client-scopes/{client-scope-id}/scope-mappings/realm/composite Source: https://www.keycloak.org/docs-api/latest/rest-api Get effective realm-level roles associated with the client’s scope. ```APIDOC ## GET /admin/realms/{realm}/client-scopes/{client-scope-id}/scope-mappings/realm/composite ### Description Get effective realm-level roles associated with the client’s scope. This method recurses any composite roles associated with the client’s scope and provides a comprehensive total view of realm-level roles. ### Method GET ### Endpoint /admin/realms/{realm}/client-scopes/{client-scope-id}/scope-mappings/realm/composite ### Parameters #### Path Parameters - **realm** (string) - Required - realm name (not id!) - **client-scope-id** (string) - Required #### Query Parameters - **briefRepresentation** (boolean) - Optional - if false, return roles with their attributes (default: true) ### Response #### Success Response (200) - **List[RoleRepresentation]** (array) - List of effective roles ``` -------------------------------- ### POST /admin/realms/{realm}/identity-provider/import-config Source: https://www.keycloak.org/docs-api/latest/rest-api Import identity provider from uploaded JSON file. ```APIDOC ## POST /admin/realms/{realm}/identity-provider/import-config ### Description Import identity provider from uploaded JSON file. ### Method POST ### Endpoint /admin/realms/{realm}/identity-provider/import-config ### Parameters #### Path Parameters - **realm** (string) - Required - realm name (not id!) #### Request Body - **request_body** (AnyType) - Optional ### Response #### Success Response (200) - **Map[[string]]** (object) - OK ``` -------------------------------- ### GET /admin/realms/{realm}/client-scopes/{client-scope-id}/scope-mappings/realm/available Source: https://www.keycloak.org/docs-api/latest/rest-api Get realm-level roles that are available to attach to this client’s scope. ```APIDOC ## GET /admin/realms/{realm}/client-scopes/{client-scope-id}/scope-mappings/realm/available ### Description Get realm-level roles that are available to attach to this client’s scope ### Method GET ### Endpoint /admin/realms/{realm}/client-scopes/{client-scope-id}/scope-mappings/realm/available ### Parameters #### Path Parameters - **realm** (string) - Required - realm name (not id!) - **client-scope-id** (string) - Required ### Response #### Success Response (200) - **List[RoleRepresentation]** (array) - List of available roles ``` -------------------------------- ### POST /admin/realms/{realm}/client-templates/{client-scope-id}/protocol-mappers/models Source: https://www.keycloak.org/docs-api/latest/rest-api Creates a new protocol mapper for a client template. ```APIDOC ## POST /admin/realms/{realm}/client-templates/{client-scope-id}/protocol-mappers/models ### Description Create a mapper. ### Method POST ### Endpoint /admin/realms/{realm}/client-templates/{client-scope-id}/protocol-mappers/models ### Parameters #### Path Parameters - **realm** (string) - Required - realm name (not id!) - **client-scope-id** (string) - Required - #### Request Body - **ProtocolMapperRepresentation** (object) - Optional - ProtocolMapperRepresentation ### Responses #### Success Response (201) - <<>> - Created #### Error Response (409) - <<>> - Conflict ``` -------------------------------- ### GET /admin/realms/{realm}/roles-by-id/{role-id}/composites/clients/{clientUuid} Source: https://www.keycloak.org/docs-api/latest/rest-api Get client-level roles for the client that are in the role’s composite. ```APIDOC ## GET /admin/realms/{realm}/roles-by-id/{role-id}/composites/clients/{clientUuid} ### Description Get client-level roles for the client that are in the role’s composite. ### Method GET ### Endpoint /admin/realms/{realm}/roles-by-id/{role-id}/composites/clients/{clientUuid} ### Parameters #### Path Parameters - **realm** (string) - Required - realm name (not id!) - **clientUuid** (string) - Required - **role-id** (string) - Required ### Response #### Success Response (200) - **List[RoleRepresentation]** (array) - List of roles #### Error Response - 403 Forbidden - 404 Not Found ``` -------------------------------- ### GET /admin/realms/{realm}/clients/{client-uuid}/roles/{role-name}/composites/realm Source: https://www.keycloak.org/docs-api/latest/rest-api Get realm-level roles of the role’s composite. ```APIDOC ## GET /admin/realms/{realm}/clients/{client-uuid}/roles/{role-name}/composites/realm ### Description Get realm-level roles of the role’s composite. ### Method GET ### Endpoint /admin/realms/{realm}/clients/{client-uuid}/roles/{role-name}/composites/realm ### Parameters #### Path Parameters - **realm** (string) - Required - realm name (not id!) - **client-uuid** (string) - Required - id of client (not client-id!) - **role-name** (string) - Required - role's name (not id!) ### Response #### Success Response (200) - **List[RoleRepresentation]** (array) - List of roles ``` -------------------------------- ### GET /admin/realms/{realm}/identity-provider/instances/{alias}/management/permissions Source: https://www.keycloak.org/docs-api/latest/rest-api Returns an object stating whether client Authorization permissions have been initialized or not and a reference. ```APIDOC ## GET /admin/realms/{realm}/identity-provider/instances/{alias}/management/permissions ### Description Return object stating whether client Authorization permissions have been initialized or not and a reference. ### Method GET ### Endpoint /admin/realms/{realm}/identity-provider/instances/{alias}/management/permissions ### Parameters #### Path Parameters - **realm** (string) - Required - realm name (not id!) - **alias** (string) - Required ### Response #### Success Response (200) - **ManagementPermissionReference** (object) - ManagementPermissionReference ``` -------------------------------- ### GET /admin/realms/{realm}/groups/{group-id}/members Source: https://www.keycloak.org/docs-api/latest/rest-api Get users Returns a stream of users, filtered according to query parameters. ```APIDOC ## GET /admin/realms/{realm}/groups/{group-id}/members ### Description Get users Returns a stream of users, filtered according to query parameters. ### Method GET ### Endpoint /admin/realms/{realm}/groups/{group-id}/members ### Parameters #### Path Parameters - **realm** (string) - Required - realm name (not id!) - **group-id** (string) - Required #### Query Parameters - **briefRepresentation** (boolean) - Optional - Only return basic information. - **first** (integer) - Optional - Pagination offset - **max** (integer) - Optional - Maximum results size (defaults to 100) ### Response #### Success Response (200) - **List[UserRepresentation]** (array) - OK ``` -------------------------------- ### GET /admin/realms/{realm}/clients/{client-uuid}/scope-mappings/clients/{client}/composite Source: https://www.keycloak.org/docs-api/latest/rest-api Get effective client roles associated with the client’s scope. ```APIDOC ## GET /admin/realms/{realm}/clients/{client-uuid}/scope-mappings/clients/{client}/composite ### Description Get effective client roles. Returns the roles for the client that are associated with the client’s scope. ### Method GET ### Endpoint /admin/realms/{realm}/clients/{client-uuid}/scope-mappings/clients/{client}/composite ### Parameters #### Path Parameters - **realm** (string) - Required - realm name (not id!) - **client-uuid** (string) - Required - id of client (not client-id!) - **client** (string) - Required #### Query Parameters - **briefRepresentation** (boolean) - Optional - if false, return roles with their attributes (Default: true) ### Response #### Success Response (200) - **List[RoleRepresentation]** (array) - List of effective roles ``` -------------------------------- ### POST /admin/realms/{realm}/client-description-converter Source: https://www.keycloak.org/docs-api/latest/rest-api Imports clients under a specific realm using the provided client description. ```APIDOC ## POST /admin/realms/{realm}/client-description-converter ### Description Base path for importing clients under this realm. ### Method POST ### Endpoint /admin/realms/{realm}/client-description-converter ### Parameters #### Path Parameters - **realm** (string) - Required - realm name (not id!) #### Request Body - **body** (string) - Optional - [string] ### Response #### Success Response (200) - **ClientRepresentation** (object) - OK #### Error Response - 403 Forbidden - 404 Not Found ``` -------------------------------- ### POST /admin/realms/{realm}/clients/{client-uuid}/certificates/{attr}/upload Source: https://www.keycloak.org/docs-api/latest/rest-api Uploads a certificate and optionally the private key. ```APIDOC ## POST /admin/realms/{realm}/clients/{client-uuid}/certificates/{attr}/upload ### Description Upload certificate and eventually private key. ### Method POST ### Endpoint /admin/realms/{realm}/clients/{client-uuid}/certificates/{attr}/upload ### Parameters #### Path Parameters - **realm** (string) - Required - realm name (not id!) - **client-uuid** (string) - Required - id of client (not client-id!) - **attr** (string) - Required ### Response #### Success Response (200) - **CertificateRepresentation** - Certificate details ``` -------------------------------- ### GET /admin/realms/{realm}/clients-initial-access Source: https://www.keycloak.org/docs-api/latest/rest-api Retrieve a list of client initial access tokens for a specific realm. ```APIDOC ## GET /admin/realms/{realm}/clients-initial-access ### Description Retrieve a list of client initial access tokens for a specific realm. ### Method GET ### Endpoint /admin/realms/{realm}/clients-initial-access ### Parameters #### Path Parameters - **realm** (string) - Required - realm name (not id!) ### Response #### Success Response (200) - **List[ClientInitialAccessPresentation]** - List of client initial access presentations ``` -------------------------------- ### List Components Source: https://www.keycloak.org/docs-api/latest/rest-api/openapi.json Retrieves a list of all components for a given realm. Supports filtering by provider ID and type. ```APIDOC ## GET /admin/realms/{realm}/components ### Description Retrieves a list of all components for a given realm. Supports filtering by provider ID and type. ### Method GET ### Endpoint /admin/realms/{realm}/components ### Parameters #### Path Parameters - **realm** (string) - Required - realm name (not id!) #### Query Parameters - **providerId** (string) - Optional - Filters components by provider ID. - **type** (string) - Optional - Filters components by type. ### Response #### Success Response (200) - **array** - List of ComponentRepresentation objects. #### Response Example [ { "id": "string", "name": "string", "providerId": "string", "providerType": "string", "parent": "string", "state": "string", "config": {}, "subType": "string" } ] ``` -------------------------------- ### Create Client API Source: https://www.keycloak.org/docs-api/latest/rest-api Create a new client within a realm. The client's client_id must be unique. ```APIDOC ## POST /admin/realms/{realm}/clients ### Description Create a new client. Client’s client_id must be unique! ### Method POST ### Endpoint /admin/realms/{realm}/clients ### Parameters #### Path Parameters - **realm** (string) - Required - realm name (not id!) #### Request Body - **ClientRepresentation** (object) - Optional - ClientRepresentation ### Responses #### Success Response (201) - **<<>>** - Created #### Error Response (409) - **<<>>** - Conflict ``` -------------------------------- ### GET /admin/realms/{realm}/roles-by-id/{role-id}/composites Source: https://www.keycloak.org/docs-api/latest/rest-api Get role’s children. Returns a set of role’s children provided the role is a composite. ```APIDOC ## GET /admin/realms/{realm}/roles-by-id/{role-id}/composites ### Description Get role’s children. Returns a set of role’s children provided the role is a composite. ### Method GET ### Endpoint /admin/realms/{realm}/roles-by-id/{role-id}/composites ### Parameters #### Path Parameters - **realm** (string) - Required - realm name (not id!) - **role-id** (string) - Required #### Query Parameters - **first** (integer) - Optional - **max** (integer) - Optional - **search** (string) - Optional ### Response #### Success Response (200) - **List[RoleRepresentation]** (array) - List of roles #### Error Response - 403 Forbidden ``` -------------------------------- ### Get Realm Permissions Source: https://www.keycloak.org/docs-api/latest/rest-api/openapi.json Retrieves the management permissions for a realm. ```APIDOC ## GET /admin/realms/{realm}/users-management-permissions ### Description Retrieves the management permissions for a realm. ### Method GET ### Endpoint /admin/realms/{realm}/users-management-permissions ### Parameters #### Path Parameters - **realm** (string) - Required - The name of the realm (not ID). ### Response #### Success Response (200) - **ManagementPermissionReference** - OK #### Error Response (403) - **Forbidden** ``` -------------------------------- ### Download Client Attribute Certificate Keystore Source: https://www.keycloak.org/docs-api/latest/rest-api/openapi.json Downloads a keystore file for the client, containing the private key and public certificate. ```APIDOC ## POST /admin/realms/{realm}/clients/{client-uuid}/certificates/{attr}/download ### Description Get a keystore file for the client, containing private key and public certificate. ### Method POST ### Endpoint /admin/realms/{realm}/clients/{client-uuid}/certificates/{attr}/download ### Parameters #### Path Parameters - **realm** (string) - Required - realm name (not id!) - **client-uuid** (string) - Required - id of client (not client-id!) - **attr** (string) - Required - The attribute name of the certificate. #### Request Body - **KeyStoreConfig** - Configuration for the keystore. ### Response #### Success Response (200) - **binary** - The keystore file as a binary stream. ``` -------------------------------- ### GET /admin/realms/{realm} Source: https://www.keycloak.org/docs-api/latest/rest-api Retrieves the top-level representation of a realm. ```APIDOC ## GET /admin/realms/{realm} ### Description Get the top-level representation of the realm. It will not include nested information like User and Client representations. ### Method GET ### Endpoint /admin/realms/{realm} ### Parameters #### Path Parameters - **realm** (string) - Required - realm name (not id!) ### Response #### Success Response (200) - **RealmRepresentation** (object) - The realm details. ``` -------------------------------- ### GET /admin/realms/{realm}/authentication/form-providers Source: https://www.keycloak.org/docs-api/latest/rest-api Retrieves form providers. ```APIDOC ## GET /admin/realms/{realm}/authentication/form-providers ### Description Get form providers Returns a stream of form providers. ### Method GET ### Endpoint /admin/realms/{realm}/authentication/form-providers ### Parameters #### Path Parameters - **realm** (string) - Required - realm name (not id!) ### Response #### Success Response (200) - **List[[AnyType]]** - List of form providers ```