### Authenticate and Create User
Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/server_admin/topics/admin-cli.html
Example of starting an authenticated session and creating a user in a specific realm.
```bash
$ kcadm.sh config credentials --server http://localhost:8080/auth --realm master --user admin --password admin
$ kcadm.sh create users -s username=testuser -s enabled=true -r demorealm
```
--------------------------------
### Clone the Quickstarts Repository
Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/authorization_services/topics/getting-started/hello-world/deploy.html
Use this command to download the Keycloak quickstart projects from GitHub.
```bash
$ git clone https://github.com/keycloak/keycloak-quickstarts
```
--------------------------------
### Run Federation Setup Script
Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/server_admin/topics/user-federation/sssd.html
Execute the Keycloak federation setup script to configure SSSD.
```bash
$ bin/federation-sssd-setup.sh
```
--------------------------------
### CLI Scripting Example
Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/server_installation/topics/config-subsystem/start-cli.html
Example script content and the command to execute it from the terminal.
```cli
/subsystem=keycloak-server/theme=defaults/:write-attribute(name=cacheThemes,value=false)
/subsystem=keycloak-server/theme=defaults/:write-attribute(name=cacheTemplates,value=false)
```
```bash
$ .../bin/jboss-cli.sh --file=turn-off-caching.cli
```
--------------------------------
### Boot the Keycloak server
Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/getting_started/topics/first-boot/boot.html
Execute the standalone script from the bin directory to start the server.
```bash
$ .../bin/standalone.sh
```
```batch
> ...\bin\standalone.bat
```
--------------------------------
### Verify Feature Installation
Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/securing_apps/topics/oidc/java/fuse/install-feature.html
Command to list installed features and filter for Keycloak to confirm successful installation.
```bash
features:list | grep keycloak
```
--------------------------------
### Navigate to Authorization Examples Directory
Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/authorization_services/topics/example/overview.html
Use this command to access the authorization examples directory within a properly extracted Keycloak demo distribution.
```bash
cd ${KEYCLOAK_DEMO_SERVER_DIR}/examples/authz
```
--------------------------------
### HttpClient Configuration Example
Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/securing_apps/topics/saml/java/general-config/idp_httpclient_subelement.html
Example XML configuration for the HttpClient sub element.
```xml
```
--------------------------------
### Install Jetty 8.1.x Adapter
Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/securing_apps/topics/oidc/java/jetty8-adapter.html
Unzip the adapter distribution into the root directory of the Jetty installation.
```bash
$ cd $JETTY_HOME
$ unzip keycloak-jetty81-adapter-dist.zip
```
--------------------------------
### Example SAML Subsystem Deployment Configuration
Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/securing_apps/topics/saml/java/jboss-adapter/securing_wars.html
A comprehensive example of a secure-deployment configuration including SP and IDP settings, keystore references, and role mapping.
```xml
```
--------------------------------
### Navigate to the Application Directory
Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/authorization_services/topics/getting-started/hello-world/deploy.html
Change the working directory to the specific JEE vanilla authorization quickstart.
```bash
$ cd keycloak-quickstarts/app-authz-jee-vanilla
```
--------------------------------
### Start Wildfly Load Balancer
Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/server_installation/topics/clustering/sticky-sessions.html
Commands to start the Wildfly instance acting as a load balancer.
```bash
cd $WILDFLY_LB/bin
./standalone.sh
```
--------------------------------
### Client Redirect Endpoint Example
Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/server_admin/topics/clients/client-link.html
Example URL structure for redirecting to the account client within the master realm.
```text
http://host:port/auth/realms/master/clients/account/redirect
```
--------------------------------
### Start Wildfly Server
Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/securing_apps/topics/oidc/java/fuse/hawtio.html
Launch the Wildfly server with the specified port offset.
```bash
cd $EAP_HOME/bin
./standalone.sh -Djboss.socket.binding.port-offset=101
```
--------------------------------
### Boot Domain Controllers
Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/server_installation/topics/operating-mode/domain.html
Commands to start the master and slave host controllers for a simulated cluster.
```bash
$ domain.sh --host-config=host-master.xml
```
```bash
$ domain.sh --host-config=host-slave.xml
```
--------------------------------
### Install Keycloak Adapter on JBoss/Wildfly
Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/securing_apps/topics/oidc/java/jboss-adapter.html
Commands to install the Keycloak adapter by unzipping the distribution archive into the server home directory.
```bash
$ cd $WILDFLY_HOME
$ unzip keycloak-wildfly-adapter-dist-SNAPSHOT.zip
```
```bash
$ cd $WILDFLY_HOME
$ unzip keycloak-wf8-adapter-dist-SNAPSHOT.zip
```
```bash
$ cd $EAP_HOME
$ unzip keycloak-eap7-adapter-dist-SNAPSHOT.zip
```
```bash
$ cd $EAP_HOME
$ unzip keycloak-eap6-adapter-dist-SNAPSHOT.zip
```
```bash
$ cd $JBOSS_HOME
$ unzip keycloak-as7-adapter-dist-SNAPSHOT.zip
```
--------------------------------
### Start Keycloak Backend Nodes
Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/server_installation/topics/clustering/sticky-sessions.html
Commands to start Keycloak nodes with specific port offsets and node names.
```bash
cd $RHSSO_NODE1
./standalone.sh -c standalone-ha.xml -Djboss.socket.binding.port-offset=100 -Djboss.node.name=node1
```
```bash
cd $RHSSO_NODE2
./standalone.sh -c standalone-ha.xml -Djboss.socket.binding.port-offset=200 -Djboss.node.name=node2
```
--------------------------------
### Install SAML Adapter Modules
Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/securing_apps/topics/saml/java/jboss-adapter/jboss_adapter_installation.html
Commands to extract the adapter distribution into the application server home directory.
```bash
$ cd $WILDFLY_HOME
$ unzip keycloak-saml-wildfly-adapter-dist.zip
```
```bash
$ cd $JBOSS_HOME
$ unzip keycloak-saml-eap6-adapter-dist.zip
```
--------------------------------
### GET /realms//clients-registrations/install/
Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/securing_apps/topics/client-registration.html
Retrieves the adapter configuration for a client.
```APIDOC
## GET /realms//clients-registrations/install/
### Description
Retrieves the adapter configuration for a client. Authentication can be performed via token or HTTP basic authentication.
### Method
GET
### Endpoint
/realms//clients-registrations/install/
### Parameters
#### Path Parameters
- **client id** (string) - Required - The unique identifier of the client.
```
--------------------------------
### Example Root URL Configuration
Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/authorization_services/topics/resource-server/create-client.html
The Root URL should point to the base location of your application.
```text
http://${host}:${port}/my-resource-server
```
--------------------------------
### Boot Keycloak Server on Windows
Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/authorization_services/topics/getting-started/overview.html
Starts the Keycloak server on Windows with a port offset to prevent conflicts.
```batch
> ...\bin\standalone.bat -Djboss.socket.binding.port-offset=100
```
--------------------------------
### Install Jetty Adapter
Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/securing_apps/topics/oidc/java/jetty9-adapter.html
Commands to unzip the adapter distribution and enable the Keycloak module in the Jetty base directory.
```bash
$ cd your-base
$ unzip keycloak-jetty93-adapter-dist-2.5.0.Final.zip
```
```bash
$ java -jar $JETTY_HOME/start.jar --add-to-startd=keycloak
```
--------------------------------
### Install Keycloak Service Pack on WildFly
Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/server_installation/topics/installation/distribution-files-community.html
Execute the CLI script to install the Keycloak overlay onto an existing WildFly distribution.
```bash
./jboss-cli.[sh|bat] --file=keycloak-install.cli
```
--------------------------------
### Configure web.xml for Keycloak
Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/securing_apps/topics/oidc/java/jboss-adapter.html
Example web.xml configuration setting the auth-method to KEYCLOAK and defining security constraints.
```xml
application
Admins
/admin/*
admin
CONFIDENTIAL
Customers
/customers/*
user
CONFIDENTIAL
KEYCLOAK
this is ignored currently
admin
user
```
--------------------------------
### SSSD Configuration File
Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/server_admin/topics/user-federation/sssd.html
Example configuration for /etc/sssd/sssd.conf to enable D-Bus and attribute mapping.
```ini
[domain/your-hostname.local]
...
ldap_user_extra_attrs = mail:mail, sn:sn, givenname:givenname, telephoneNumber:telephoneNumber
...
[sssd]
services = nss, sudo, pam, ssh, ifp
...
[ifp]
allowed_uids = root, yourOSUsername
user_attributes = +mail, +telephoneNumber, +givenname, +sn
```
--------------------------------
### Install mod_auth_mellon packages
Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/securing_apps/topics/saml/mod-auth-mellon.html
Installs the Apache web server, the Mellon SAML module, and OpenSSL tools on the service provider host.
```bash
yum install httpd mod_auth_mellon mod_ssl openssl
```
--------------------------------
### Boot Keycloak Server on Linux/Unix
Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/authorization_services/topics/getting-started/overview.html
Starts the Keycloak server with a port offset to prevent conflicts.
```bash
$ .../bin/standalone.sh -Djboss.socket.binding.port-offset=100
```
--------------------------------
### Start CLI in GUI Mode
Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/server_installation/topics/config-subsystem/start-cli.html
Launch the Swing-based graphical interface for the management model.
```bash
$ .../bin/jboss-cli.sh --gui
```
--------------------------------
### Install and Run Keycloak Proxy
Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/server_installation/topics/proxy.html
Commands to extract the distribution and launch the proxy server using a configuration file.
```bash
$ unzip keycloak-proxy-dist.zip
```
```bash
$ java -jar bin/launcher.jar [your-config.json]
```
--------------------------------
### Configure SP element attributes
Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/securing_apps/topics/saml/java/general-config/sp_element.html
Example of the SP element structure with common configuration attributes.
```xml
...
```
--------------------------------
### Start the Wildfly CLI
Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/server_installation/topics/config-subsystem/start-cli.html
Commands to launch the CLI tool on different operating systems.
```bash
$ .../bin/jboss-cli.sh
```
```batch
> ...\bin\jboss-cli.bat
```
--------------------------------
### Install Adapter for WildFly 10
Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/getting_started/topics/secure-jboss-app/install-client-adapter.html
Use the adapter-install-offline.cli script to configure the WildFly 10 application server.
```bash
$ cd bin
$ ./jboss-cli.sh --file=adapter-install-offline.cli
```
```batch
> cd bin
> jboss-cli.bat --file=adapter-install-offline.cli
```
--------------------------------
### Clone and Deploy Quickstart Application
Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/getting_started/topics/secure-jboss-app/download-quickstarts.html
Commands to clone the repository, navigate to the project directory, and deploy the application using Maven.
```bash
$ git clone https://github.com/keycloak/keycloak-quickstarts
$ cd keycloak-quickstarts/app-profile-jee-vanilla
$ mvn clean wildfly:deploy
```
--------------------------------
### init(options)
Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/securing_apps/topics/oidc/javascript-adapter.html
Initializes the Keycloak adapter. Returns a promise.
```APIDOC
## init(options)
### Description
Called to initialize the adapter. Returns a promise to set functions to be invoked on success or error.
### Parameters
- **options** (Object) - Required - Configuration object:
- **onLoad** (string) - Optional - 'login-required' or 'check-sso'.
- **token** (string) - Optional - Initial token value.
- **refreshToken** (string) - Optional - Initial refresh token value.
- **idToken** (string) - Optional - Initial ID token value.
- **timeSkew** (number) - Optional - Skew between local time and server in seconds.
- **checkLoginIframe** (boolean) - Optional - Enable/disable monitoring login state (default: true).
- **checkLoginIframeInterval** (number) - Optional - Interval to check login state (default: 5).
- **responseMode** (string) - Optional - 'query' or 'fragment' (default: 'fragment').
- **flow** (string) - Optional - 'standard', 'implicit', or 'hybrid'.
```
--------------------------------
### HTTP GET Request with Bearer Token
Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/authorization_services/topics/enforcer/keycloak-enforcement-bearer.html
Example of a client request passing an RPT as a bearer token to a protected resource.
```http
GET /my-resource-server/my-protected-resource HTTP/1.1
Host: host.com
Authorization: Bearer ${RPT}
...
```
--------------------------------
### Accessing a Protected Resource with a Bearer Token
Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/authorization_services/topics/enforcer/keycloak-enforcement-bearer.html
Example of an HTTP GET request to a protected resource using an RPT as a bearer token.
```APIDOC
## GET /my-protected-resource
### Description
Access a protected resource on the resource server by providing an RPT in the Authorization header.
### Method
GET
### Endpoint
/my-resource-server/my-protected-resource
### Request Headers
- **Authorization** (string) - Required - Bearer ${RPT}
### Response
#### Unauthorized Response (401)
- **WWW-Authenticate** (header) - Contains authorization protocol details (UMA or Entitlement) and the authorization server URI.
```
--------------------------------
### Initialize Application Environment
Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/securing_apps/topics/oidc/nodejs-adapter.html
Commands to set up the project directory and add the Keycloak dependency.
```bash
mkdir myapp && cd myapp
```
```json
"dependencies": {
"keycloak-connect": "SNAPSHOT"
}
```
--------------------------------
### Install JNA package
Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/server_admin/topics/user-federation/sssd.html
Install the JNA package required for PAM authentication.
```bash
$ sudo yum install jna
```
--------------------------------
### Configure and Create Client with Initial Access Token on Linux
Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/securing_apps/topics/client-registration/client-registration-cli.html
Sets the initial access token in the configuration or passes it as a flag during client creation.
```bash
$ kcreg.sh config initial-token $TOKEN
$ kcreg.sh create -s clientId=myclient
```
```bash
$ kcreg.sh create -s clientId=myclient -t $TOKEN
```
--------------------------------
### Configure and Create Client with Initial Access Token on Windows
Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/securing_apps/topics/client-registration/client-registration-cli.html
Sets the initial access token in the configuration or passes it as a flag during client creation using Windows command syntax.
```batch
c:\> kcreg config initial-token %TOKEN%
c:\> kcreg create -s clientId=myclient
```
```batch
c:\> kcreg create -s clientId=myclient -t %TOKEN%
```
--------------------------------
### Install SSSD D-Bus Support
Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/server_admin/topics/user-federation/sssd.html
Install the sssd-dbus package to enable D-Bus communication.
```bash
$ sudo yum install sssd-dbus
```
--------------------------------
### Build and Deploy the Application
Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/authorization_services/topics/getting-started/hello-world/deploy.html
Compile the project and deploy it to a WildFly server instance.
```bash
$ cd redhat-sso-quickstarts/app-authz-jee-vanilla
$ mvn clean package wildfly:deploy
```
--------------------------------
### Install Keycloak JAAS Feature
Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/securing_apps/topics/oidc/java/fuse/fuse-admin.html
Register and install the Keycloak JAAS feature in the Fuse terminal.
```bash
features:addurl mvn:org.keycloak/keycloak-osgi-features/SNAPSHOT/xml/features
features:install keycloak-jaas
```
--------------------------------
### Create a new client
Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/securing_apps/topics/client-registration/client-registration-cli.html
Create a client using a JSON template file with attribute overrides.
```bash
$ kcreg.sh create -s clientId=myclient -f client-template.json -s baseUrl=/myclient -s 'redirectUris=["/myclient/*"]' -o
```
```cmd
C:\> kcreg create -s clientId=myclient -f client-template.json -s baseUrl=/myclient -s "redirectUris=[\"/myclient/*\"]" -o
```
--------------------------------
### Install SSSD dependencies
Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/server_admin/topics/user-federation/sssd.html
Verify the RPM signature and install the required Unix Sockets Library for D-Bus communication.
```bash
$ rpm -K libunix-dbus-java-0.8.0-1.fc24.x86_64.rpm
libunix-dbus-java-0.8.0-1.fc24.x86_64.rpm:
Header V4 RSA/SHA256 Signature, key ID 84dc9914: OK
Header SHA1 digest: OK (d17bb7ebaa7a5304c1856ee4357c8ba4ec9c0b89)
V4 RSA/SHA256 Signature, key ID 84dc9914: OK
MD5 digest: OK (770c2e68d052cb4a4473e1e9fd8818cf)
$ sudo yum install libunix-dbus-java-0.8.0-1.fc24.x86_64.rpm
```
--------------------------------
### Initialize Keycloak Object
Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/securing_apps/topics/oidc/javascript-adapter.html
Demonstrates different ways to instantiate the Keycloak object, either with no arguments, a path to a configuration file, or a configuration object.
```javascript
new Keycloak();
new Keycloak('http://localhost/keycloak.json');
new Keycloak({ url: 'http://localhost/auth', realm: 'myrealm', clientId: 'myApp' });
```
--------------------------------
### Get a specific realm role
Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/server_admin/topics/admin-cli.html
Retrieve details for a specific realm role using the get or get-roles command.
```bash
$ kcadm.sh get roles/user -r demorealm
```
```bash
$ kcadm.sh get-roles -r demorealm --rolename user
```
--------------------------------
### Obtain Entitlements via GET
Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/authorization_services/topics/service/entitlement/entitlement-api-aapi.html
Retrieve all user entitlements for a resource server using an HTTP GET request.
```bash
curl -X GET \
-H "Authorization: Bearer ${access_token}" \
"http://localhost:8080/auth/realms/hello-world-authz/authz/entitlement/${resource_server_id}"
```
--------------------------------
### Configure Welcome Theme in XML
Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/server_development/topics/themes.html
Add the welcomeTheme element to the theme configuration in your server configuration file.
```xml
...
custom-theme
...
```
--------------------------------
### Install Keycloak Feature via Maven
Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/securing_apps/topics/oidc/java/fuse/install-feature.html
Commands to add the Keycloak feature URL and install the feature in the Karaf terminal.
```bash
features:addurl mvn:org.keycloak/keycloak-osgi-features/SNAPSHOT/xml/features
features:install keycloak
```
--------------------------------
### Example of a formatted User ID
Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/server_development/topics/user-storage/model-interfaces.html
A concrete example of a user ID string combining the component ID and the external ID.
```text
f:332a234e31234:wburke
```
--------------------------------
### Start Master Host with Bind Addresses
Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/server_installation/topics/clustering/load-balancer.html
Configure public and management bind addresses for the master host via command line arguments.
```bash
$ domain.sh --host-config=host-master.xml -Djboss.bind.address=192.168.0.2 -Djboss.bind.address.management=192.168.0.2
```
--------------------------------
### Install Jetty 9 Adapter
Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/securing_apps/topics/oidc/java/fuse/install-feature.html
Command to install the Jetty 9 adapter feature for JBoss Fuse 6.3.0 Rollup 1.
```bash
features:install keycloak-jetty9-adapter
```
--------------------------------
### Booting Keycloak in Domain Mode
Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/server_installation/topics/clustering/booting.html
Use these commands to start Keycloak domain controller or host controller instances using specific host configurations.
```bash
$ bin/domain.sh --host-config=host-master.xml
$ bin/domain.sh --host-config=host-slave.xml
```
--------------------------------
### Install Middleware
Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/securing_apps/topics/oidc/nodejs-adapter.html
Register the Keycloak middleware into a connect-capable application.
```javascript
var app = express();
app.use( keycloak.middleware() );
```
--------------------------------
### Access CLI help documentation
Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/securing_apps/topics/client-registration/client-registration-cli.html
Display built-in help information for the CLI.
```bash
$ kcreg.sh help
```
```batch
c:\> kcreg help
```
--------------------------------
### Create Realm via Standard Input
Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/server_admin/topics/admin-cli.html
Piping JSON configuration to the Admin CLI.
```bash
$ kcadm.sh create realms -f - << EOF
{ "realm": "demorealm", "enabled": true }
EOF
```
```cmd
c:\> echo { "realm": "demorealm", "enabled": true } | kcadm create realms -f -
```
--------------------------------
### Get groups for a user
Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/server_admin/topics/admin-cli.html
Lists all groups a specific user belongs to.
```bash
$ kcadm.sh get users/b544f379-5fc4-49e5-8a8d-5cfb71f46f53/groups -r demorealm
```
--------------------------------
### Lookup Other Providers
Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/server_development/topics/providers.html
Example of a provider interacting with other Keycloak services like EmailSenderProvider.
```java
public class MyEventListenerProvider implements EventListenerProvider {
private KeycloakSession session;
private List events;
public MyEventListenerProvider(KeycloakSession session, List events) {
this.session = session;
this.events = events;
}
public void onEvent(Event event) {
RealmModel realm = session.realms().getRealm(event.getRealmId());
UserModel user = session.users().getUserById(event.getUserId(), realm);
EmailSenderProvider emailSender = session.getProvider(EmailSenderProvider.class);
emailSender.send(realm, user, "Hello", "Hello plain text", "Hello html
" );
}
...
}
```
--------------------------------
### AuthzClient.create()
Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/authorization_services/topics/service/client-api.html
Initializes a new AuthzClient instance using the configuration found in the classpath's keycloak.json file.
```APIDOC
## AuthzClient.create()
### Description
Creates a new instance of the AuthzClient based on the configuration defined in a keycloak.json file located in the application's classpath.
### Usage
```java
AuthzClient authzClient = AuthzClient.create();
```
```
--------------------------------
### GET /admin/realms/{realm-name}/components/{id}
Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/server_development/topics/user-storage/rest.html
Retrieves the representation of a specific component.
```APIDOC
## GET /admin/realms/{realm-name}/components/{id}
### Description
Fetches the details of a specific component by its ID.
### Method
GET
### Endpoint
/admin/realms/{realm-name}/components/{id}
### Parameters
#### Path Parameters
- **realm-name** (string) - Required - The name of the realm.
- **id** (string) - Required - The unique identifier of the component.
```
--------------------------------
### Creating a Resource
Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/authorization_services/topics/service/client-api.html
Demonstrates how to create a new resource representation and register it with the Keycloak server using the Protection API.
```APIDOC
## Create Resource
### Description
Creates a new resource on the server using the AuthzClient protection resource client.
### Method
POST (via ProtectedResource.create)
### Parameters
- **newResource** (ResourceRepresentation) - Required - The resource object containing name, type, and scopes.
```
--------------------------------
### Retrieve adapter configuration
Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/securing_apps/topics/client-registration/client-registration-cli.html
Get the adapter configuration for integrating with a web application.
```bash
$ kcreg.sh get myclient -e install
```
```cmd
C:\> kcreg get myclient -e install
```
--------------------------------
### Start Host Slave with Bind Addresses
Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/server_installation/topics/clustering/load-balancer.html
Configure public, management, and master domain controller addresses for a host slave via command line arguments.
```bash
$ domain.sh --host-config=host-slave.xml
-Djboss.bind.address=192.168.0.5
-Djboss.bind.address.management=192.168.0.5
-Djboss.domain.master.address=192.168.0.2
```
--------------------------------
### Target User Resource URL
Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/server_admin/topics/admin-cli.html
The resulting resource URL for the user creation example.
```text
http://localhost:8080/auth/admin/realms/demorealm/users
```
--------------------------------
### Run FreeIPA Server with Docker
Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/server_admin/topics/user-federation/sssd.html
Command to initialize a FreeIPA server container for identity management.
```bash
docker run --name freeipa-server-container -it \
-h server.freeipa.local -e PASSWORD=YOUR_PASSWORD \
-v /sys/fs/cgroup:/sys/fs/cgroup:ro \
-v /var/lib/ipa-data:/data:Z adelton/freeipa-server
```
--------------------------------
### JMX Connection URL
Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/securing_apps/topics/oidc/java/fuse/fuse-admin.html
Example JMX service URL for connecting via jconsole.
```text
service:jmx:rmi://localhost:44444/jndi/rmi://localhost:1099/karaf-root
```
--------------------------------
### Introspection Response Examples
Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/authorization_services/topics/service/protection/token-introspection.html
JSON responses for active and inactive RPT introspection requests.
```json
{
"permissions": [
{
"resource_set_id": "90ccc6fc-b296-4cd1-881e-089e1ee15957",
"resource_set_name": "Hello World Resource"
}
],
"exp": 1465314139,
"nbf": 0,
"iat": 1465313839,
"aud": "hello-world-authz-service",
"active": true
}
```
```json
{
"active": false
}
```
--------------------------------
### Initialize AuthzClient Instance
Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/authorization_services/topics/service/client-api.html
Create an AuthzClient instance using the configuration found in the classpath.
```java
// create a new instance based on the configuration defined in a keycloak.json located in your classpath
AuthzClient authzClient = AuthzClient.create();
```
--------------------------------
### Create a Client using Java Client Registration API
Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/securing_apps/topics/client-registration.html
Demonstrates creating a client programmatically using the Keycloak Client Registration Java API.
```java
String token = "eyJhbGciOiJSUz...";
ClientRepresentation client = new ClientRepresentation();
client.setClientId(CLIENT_ID);
ClientRegistration reg = ClientRegistration.create()
.url("http://localhost:8080/auth", "myrealm")
.build();
reg.auth(Auth.token(token));
client = reg.create(client);
String registrationAccessToken = client.getRegistrationAccessToken();
```