### Authenticate and Create User Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/server_admin/topics/admin-cli.html Example of starting an authenticated session and creating a user in a specific realm. ```bash $ kcadm.sh config credentials --server http://localhost:8080/auth --realm master --user admin --password admin $ kcadm.sh create users -s username=testuser -s enabled=true -r demorealm ``` -------------------------------- ### Clone the Quickstarts Repository Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/authorization_services/topics/getting-started/hello-world/deploy.html Use this command to download the Keycloak quickstart projects from GitHub. ```bash $ git clone https://github.com/keycloak/keycloak-quickstarts ``` -------------------------------- ### Run Federation Setup Script Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/server_admin/topics/user-federation/sssd.html Execute the Keycloak federation setup script to configure SSSD. ```bash $ bin/federation-sssd-setup.sh ``` -------------------------------- ### CLI Scripting Example Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/server_installation/topics/config-subsystem/start-cli.html Example script content and the command to execute it from the terminal. ```cli /subsystem=keycloak-server/theme=defaults/:write-attribute(name=cacheThemes,value=false) /subsystem=keycloak-server/theme=defaults/:write-attribute(name=cacheTemplates,value=false) ``` ```bash $ .../bin/jboss-cli.sh --file=turn-off-caching.cli ``` -------------------------------- ### Boot the Keycloak server Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/getting_started/topics/first-boot/boot.html Execute the standalone script from the bin directory to start the server. ```bash $ .../bin/standalone.sh ``` ```batch > ...\bin\standalone.bat ``` -------------------------------- ### Verify Feature Installation Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/securing_apps/topics/oidc/java/fuse/install-feature.html Command to list installed features and filter for Keycloak to confirm successful installation. ```bash features:list | grep keycloak ``` -------------------------------- ### Navigate to Authorization Examples Directory Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/authorization_services/topics/example/overview.html Use this command to access the authorization examples directory within a properly extracted Keycloak demo distribution. ```bash cd ${KEYCLOAK_DEMO_SERVER_DIR}/examples/authz ``` -------------------------------- ### HttpClient Configuration Example Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/securing_apps/topics/saml/java/general-config/idp_httpclient_subelement.html Example XML configuration for the HttpClient sub element. ```xml ``` -------------------------------- ### Install Jetty 8.1.x Adapter Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/securing_apps/topics/oidc/java/jetty8-adapter.html Unzip the adapter distribution into the root directory of the Jetty installation. ```bash $ cd $JETTY_HOME $ unzip keycloak-jetty81-adapter-dist.zip ``` -------------------------------- ### Example SAML Subsystem Deployment Configuration Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/securing_apps/topics/saml/java/jboss-adapter/securing_wars.html A comprehensive example of a secure-deployment configuration including SP and IDP settings, keystore references, and role mapping. ```xml ``` -------------------------------- ### Navigate to the Application Directory Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/authorization_services/topics/getting-started/hello-world/deploy.html Change the working directory to the specific JEE vanilla authorization quickstart. ```bash $ cd keycloak-quickstarts/app-authz-jee-vanilla ``` -------------------------------- ### Start Wildfly Load Balancer Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/server_installation/topics/clustering/sticky-sessions.html Commands to start the Wildfly instance acting as a load balancer. ```bash cd $WILDFLY_LB/bin ./standalone.sh ``` -------------------------------- ### Client Redirect Endpoint Example Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/server_admin/topics/clients/client-link.html Example URL structure for redirecting to the account client within the master realm. ```text http://host:port/auth/realms/master/clients/account/redirect ``` -------------------------------- ### Start Wildfly Server Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/securing_apps/topics/oidc/java/fuse/hawtio.html Launch the Wildfly server with the specified port offset. ```bash cd $EAP_HOME/bin ./standalone.sh -Djboss.socket.binding.port-offset=101 ``` -------------------------------- ### Boot Domain Controllers Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/server_installation/topics/operating-mode/domain.html Commands to start the master and slave host controllers for a simulated cluster. ```bash $ domain.sh --host-config=host-master.xml ``` ```bash $ domain.sh --host-config=host-slave.xml ``` -------------------------------- ### Install Keycloak Adapter on JBoss/Wildfly Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/securing_apps/topics/oidc/java/jboss-adapter.html Commands to install the Keycloak adapter by unzipping the distribution archive into the server home directory. ```bash $ cd $WILDFLY_HOME $ unzip keycloak-wildfly-adapter-dist-SNAPSHOT.zip ``` ```bash $ cd $WILDFLY_HOME $ unzip keycloak-wf8-adapter-dist-SNAPSHOT.zip ``` ```bash $ cd $EAP_HOME $ unzip keycloak-eap7-adapter-dist-SNAPSHOT.zip ``` ```bash $ cd $EAP_HOME $ unzip keycloak-eap6-adapter-dist-SNAPSHOT.zip ``` ```bash $ cd $JBOSS_HOME $ unzip keycloak-as7-adapter-dist-SNAPSHOT.zip ``` -------------------------------- ### Start Keycloak Backend Nodes Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/server_installation/topics/clustering/sticky-sessions.html Commands to start Keycloak nodes with specific port offsets and node names. ```bash cd $RHSSO_NODE1 ./standalone.sh -c standalone-ha.xml -Djboss.socket.binding.port-offset=100 -Djboss.node.name=node1 ``` ```bash cd $RHSSO_NODE2 ./standalone.sh -c standalone-ha.xml -Djboss.socket.binding.port-offset=200 -Djboss.node.name=node2 ``` -------------------------------- ### Install SAML Adapter Modules Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/securing_apps/topics/saml/java/jboss-adapter/jboss_adapter_installation.html Commands to extract the adapter distribution into the application server home directory. ```bash $ cd $WILDFLY_HOME $ unzip keycloak-saml-wildfly-adapter-dist.zip ``` ```bash $ cd $JBOSS_HOME $ unzip keycloak-saml-eap6-adapter-dist.zip ``` -------------------------------- ### GET /realms//clients-registrations/install/ Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/securing_apps/topics/client-registration.html Retrieves the adapter configuration for a client. ```APIDOC ## GET /realms//clients-registrations/install/ ### Description Retrieves the adapter configuration for a client. Authentication can be performed via token or HTTP basic authentication. ### Method GET ### Endpoint /realms//clients-registrations/install/ ### Parameters #### Path Parameters - **client id** (string) - Required - The unique identifier of the client. ``` -------------------------------- ### Example Root URL Configuration Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/authorization_services/topics/resource-server/create-client.html The Root URL should point to the base location of your application. ```text http://${host}:${port}/my-resource-server ``` -------------------------------- ### Boot Keycloak Server on Windows Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/authorization_services/topics/getting-started/overview.html Starts the Keycloak server on Windows with a port offset to prevent conflicts. ```batch > ...\bin\standalone.bat -Djboss.socket.binding.port-offset=100 ``` -------------------------------- ### Install Jetty Adapter Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/securing_apps/topics/oidc/java/jetty9-adapter.html Commands to unzip the adapter distribution and enable the Keycloak module in the Jetty base directory. ```bash $ cd your-base $ unzip keycloak-jetty93-adapter-dist-2.5.0.Final.zip ``` ```bash $ java -jar $JETTY_HOME/start.jar --add-to-startd=keycloak ``` -------------------------------- ### Install Keycloak Service Pack on WildFly Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/server_installation/topics/installation/distribution-files-community.html Execute the CLI script to install the Keycloak overlay onto an existing WildFly distribution. ```bash ./jboss-cli.[sh|bat] --file=keycloak-install.cli ``` -------------------------------- ### Configure web.xml for Keycloak Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/securing_apps/topics/oidc/java/jboss-adapter.html Example web.xml configuration setting the auth-method to KEYCLOAK and defining security constraints. ```xml application Admins /admin/* admin CONFIDENTIAL Customers /customers/* user CONFIDENTIAL KEYCLOAK this is ignored currently admin user ``` -------------------------------- ### SSSD Configuration File Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/server_admin/topics/user-federation/sssd.html Example configuration for /etc/sssd/sssd.conf to enable D-Bus and attribute mapping. ```ini [domain/your-hostname.local] ... ldap_user_extra_attrs = mail:mail, sn:sn, givenname:givenname, telephoneNumber:telephoneNumber ... [sssd] services = nss, sudo, pam, ssh, ifp ... [ifp] allowed_uids = root, yourOSUsername user_attributes = +mail, +telephoneNumber, +givenname, +sn ``` -------------------------------- ### Install mod_auth_mellon packages Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/securing_apps/topics/saml/mod-auth-mellon.html Installs the Apache web server, the Mellon SAML module, and OpenSSL tools on the service provider host. ```bash yum install httpd mod_auth_mellon mod_ssl openssl ``` -------------------------------- ### Boot Keycloak Server on Linux/Unix Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/authorization_services/topics/getting-started/overview.html Starts the Keycloak server with a port offset to prevent conflicts. ```bash $ .../bin/standalone.sh -Djboss.socket.binding.port-offset=100 ``` -------------------------------- ### Start CLI in GUI Mode Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/server_installation/topics/config-subsystem/start-cli.html Launch the Swing-based graphical interface for the management model. ```bash $ .../bin/jboss-cli.sh --gui ``` -------------------------------- ### Install and Run Keycloak Proxy Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/server_installation/topics/proxy.html Commands to extract the distribution and launch the proxy server using a configuration file. ```bash $ unzip keycloak-proxy-dist.zip ``` ```bash $ java -jar bin/launcher.jar [your-config.json] ``` -------------------------------- ### Configure SP element attributes Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/securing_apps/topics/saml/java/general-config/sp_element.html Example of the SP element structure with common configuration attributes. ```xml ... ``` -------------------------------- ### Start the Wildfly CLI Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/server_installation/topics/config-subsystem/start-cli.html Commands to launch the CLI tool on different operating systems. ```bash $ .../bin/jboss-cli.sh ``` ```batch > ...\bin\jboss-cli.bat ``` -------------------------------- ### Install Adapter for WildFly 10 Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/getting_started/topics/secure-jboss-app/install-client-adapter.html Use the adapter-install-offline.cli script to configure the WildFly 10 application server. ```bash $ cd bin $ ./jboss-cli.sh --file=adapter-install-offline.cli ``` ```batch > cd bin > jboss-cli.bat --file=adapter-install-offline.cli ``` -------------------------------- ### Clone and Deploy Quickstart Application Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/getting_started/topics/secure-jboss-app/download-quickstarts.html Commands to clone the repository, navigate to the project directory, and deploy the application using Maven. ```bash $ git clone https://github.com/keycloak/keycloak-quickstarts $ cd keycloak-quickstarts/app-profile-jee-vanilla $ mvn clean wildfly:deploy ``` -------------------------------- ### init(options) Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/securing_apps/topics/oidc/javascript-adapter.html Initializes the Keycloak adapter. Returns a promise. ```APIDOC ## init(options) ### Description Called to initialize the adapter. Returns a promise to set functions to be invoked on success or error. ### Parameters - **options** (Object) - Required - Configuration object: - **onLoad** (string) - Optional - 'login-required' or 'check-sso'. - **token** (string) - Optional - Initial token value. - **refreshToken** (string) - Optional - Initial refresh token value. - **idToken** (string) - Optional - Initial ID token value. - **timeSkew** (number) - Optional - Skew between local time and server in seconds. - **checkLoginIframe** (boolean) - Optional - Enable/disable monitoring login state (default: true). - **checkLoginIframeInterval** (number) - Optional - Interval to check login state (default: 5). - **responseMode** (string) - Optional - 'query' or 'fragment' (default: 'fragment'). - **flow** (string) - Optional - 'standard', 'implicit', or 'hybrid'. ``` -------------------------------- ### HTTP GET Request with Bearer Token Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/authorization_services/topics/enforcer/keycloak-enforcement-bearer.html Example of a client request passing an RPT as a bearer token to a protected resource. ```http GET /my-resource-server/my-protected-resource HTTP/1.1 Host: host.com Authorization: Bearer ${RPT} ... ``` -------------------------------- ### Accessing a Protected Resource with a Bearer Token Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/authorization_services/topics/enforcer/keycloak-enforcement-bearer.html Example of an HTTP GET request to a protected resource using an RPT as a bearer token. ```APIDOC ## GET /my-protected-resource ### Description Access a protected resource on the resource server by providing an RPT in the Authorization header. ### Method GET ### Endpoint /my-resource-server/my-protected-resource ### Request Headers - **Authorization** (string) - Required - Bearer ${RPT} ### Response #### Unauthorized Response (401) - **WWW-Authenticate** (header) - Contains authorization protocol details (UMA or Entitlement) and the authorization server URI. ``` -------------------------------- ### Initialize Application Environment Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/securing_apps/topics/oidc/nodejs-adapter.html Commands to set up the project directory and add the Keycloak dependency. ```bash mkdir myapp && cd myapp ``` ```json "dependencies": { "keycloak-connect": "SNAPSHOT" } ``` -------------------------------- ### Install JNA package Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/server_admin/topics/user-federation/sssd.html Install the JNA package required for PAM authentication. ```bash $ sudo yum install jna ``` -------------------------------- ### Configure and Create Client with Initial Access Token on Linux Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/securing_apps/topics/client-registration/client-registration-cli.html Sets the initial access token in the configuration or passes it as a flag during client creation. ```bash $ kcreg.sh config initial-token $TOKEN $ kcreg.sh create -s clientId=myclient ``` ```bash $ kcreg.sh create -s clientId=myclient -t $TOKEN ``` -------------------------------- ### Configure and Create Client with Initial Access Token on Windows Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/securing_apps/topics/client-registration/client-registration-cli.html Sets the initial access token in the configuration or passes it as a flag during client creation using Windows command syntax. ```batch c:\> kcreg config initial-token %TOKEN% c:\> kcreg create -s clientId=myclient ``` ```batch c:\> kcreg create -s clientId=myclient -t %TOKEN% ``` -------------------------------- ### Install SSSD D-Bus Support Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/server_admin/topics/user-federation/sssd.html Install the sssd-dbus package to enable D-Bus communication. ```bash $ sudo yum install sssd-dbus ``` -------------------------------- ### Build and Deploy the Application Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/authorization_services/topics/getting-started/hello-world/deploy.html Compile the project and deploy it to a WildFly server instance. ```bash $ cd redhat-sso-quickstarts/app-authz-jee-vanilla $ mvn clean package wildfly:deploy ``` -------------------------------- ### Install Keycloak JAAS Feature Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/securing_apps/topics/oidc/java/fuse/fuse-admin.html Register and install the Keycloak JAAS feature in the Fuse terminal. ```bash features:addurl mvn:org.keycloak/keycloak-osgi-features/SNAPSHOT/xml/features features:install keycloak-jaas ``` -------------------------------- ### Create a new client Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/securing_apps/topics/client-registration/client-registration-cli.html Create a client using a JSON template file with attribute overrides. ```bash $ kcreg.sh create -s clientId=myclient -f client-template.json -s baseUrl=/myclient -s 'redirectUris=["/myclient/*"]' -o ``` ```cmd C:\> kcreg create -s clientId=myclient -f client-template.json -s baseUrl=/myclient -s "redirectUris=[\"/myclient/*\"]" -o ``` -------------------------------- ### Install SSSD dependencies Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/server_admin/topics/user-federation/sssd.html Verify the RPM signature and install the required Unix Sockets Library for D-Bus communication. ```bash $ rpm -K libunix-dbus-java-0.8.0-1.fc24.x86_64.rpm libunix-dbus-java-0.8.0-1.fc24.x86_64.rpm: Header V4 RSA/SHA256 Signature, key ID 84dc9914: OK Header SHA1 digest: OK (d17bb7ebaa7a5304c1856ee4357c8ba4ec9c0b89) V4 RSA/SHA256 Signature, key ID 84dc9914: OK MD5 digest: OK (770c2e68d052cb4a4473e1e9fd8818cf) $ sudo yum install libunix-dbus-java-0.8.0-1.fc24.x86_64.rpm ``` -------------------------------- ### Initialize Keycloak Object Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/securing_apps/topics/oidc/javascript-adapter.html Demonstrates different ways to instantiate the Keycloak object, either with no arguments, a path to a configuration file, or a configuration object. ```javascript new Keycloak(); new Keycloak('http://localhost/keycloak.json'); new Keycloak({ url: 'http://localhost/auth', realm: 'myrealm', clientId: 'myApp' }); ``` -------------------------------- ### Get a specific realm role Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/server_admin/topics/admin-cli.html Retrieve details for a specific realm role using the get or get-roles command. ```bash $ kcadm.sh get roles/user -r demorealm ``` ```bash $ kcadm.sh get-roles -r demorealm --rolename user ``` -------------------------------- ### Obtain Entitlements via GET Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/authorization_services/topics/service/entitlement/entitlement-api-aapi.html Retrieve all user entitlements for a resource server using an HTTP GET request. ```bash curl -X GET \ -H "Authorization: Bearer ${access_token}" \ "http://localhost:8080/auth/realms/hello-world-authz/authz/entitlement/${resource_server_id}" ``` -------------------------------- ### Configure Welcome Theme in XML Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/server_development/topics/themes.html Add the welcomeTheme element to the theme configuration in your server configuration file. ```xml ... custom-theme ... ``` -------------------------------- ### Install Keycloak Feature via Maven Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/securing_apps/topics/oidc/java/fuse/install-feature.html Commands to add the Keycloak feature URL and install the feature in the Karaf terminal. ```bash features:addurl mvn:org.keycloak/keycloak-osgi-features/SNAPSHOT/xml/features features:install keycloak ``` -------------------------------- ### Example of a formatted User ID Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/server_development/topics/user-storage/model-interfaces.html A concrete example of a user ID string combining the component ID and the external ID. ```text f:332a234e31234:wburke ``` -------------------------------- ### Start Master Host with Bind Addresses Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/server_installation/topics/clustering/load-balancer.html Configure public and management bind addresses for the master host via command line arguments. ```bash $ domain.sh --host-config=host-master.xml -Djboss.bind.address=192.168.0.2 -Djboss.bind.address.management=192.168.0.2 ``` -------------------------------- ### Install Jetty 9 Adapter Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/securing_apps/topics/oidc/java/fuse/install-feature.html Command to install the Jetty 9 adapter feature for JBoss Fuse 6.3.0 Rollup 1. ```bash features:install keycloak-jetty9-adapter ``` -------------------------------- ### Booting Keycloak in Domain Mode Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/server_installation/topics/clustering/booting.html Use these commands to start Keycloak domain controller or host controller instances using specific host configurations. ```bash $ bin/domain.sh --host-config=host-master.xml $ bin/domain.sh --host-config=host-slave.xml ``` -------------------------------- ### Install Middleware Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/securing_apps/topics/oidc/nodejs-adapter.html Register the Keycloak middleware into a connect-capable application. ```javascript var app = express(); app.use( keycloak.middleware() ); ``` -------------------------------- ### Access CLI help documentation Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/securing_apps/topics/client-registration/client-registration-cli.html Display built-in help information for the CLI. ```bash $ kcreg.sh help ``` ```batch c:\> kcreg help ``` -------------------------------- ### Create Realm via Standard Input Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/server_admin/topics/admin-cli.html Piping JSON configuration to the Admin CLI. ```bash $ kcadm.sh create realms -f - << EOF { "realm": "demorealm", "enabled": true } EOF ``` ```cmd c:\> echo { "realm": "demorealm", "enabled": true } | kcadm create realms -f - ``` -------------------------------- ### Get groups for a user Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/server_admin/topics/admin-cli.html Lists all groups a specific user belongs to. ```bash $ kcadm.sh get users/b544f379-5fc4-49e5-8a8d-5cfb71f46f53/groups -r demorealm ``` -------------------------------- ### Lookup Other Providers Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/server_development/topics/providers.html Example of a provider interacting with other Keycloak services like EmailSenderProvider. ```java public class MyEventListenerProvider implements EventListenerProvider { private KeycloakSession session; private List events; public MyEventListenerProvider(KeycloakSession session, List events) { this.session = session; this.events = events; } public void onEvent(Event event) { RealmModel realm = session.realms().getRealm(event.getRealmId()); UserModel user = session.users().getUserById(event.getUserId(), realm); EmailSenderProvider emailSender = session.getProvider(EmailSenderProvider.class); emailSender.send(realm, user, "Hello", "Hello plain text", "

Hello html

" ); } ... } ``` -------------------------------- ### AuthzClient.create() Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/authorization_services/topics/service/client-api.html Initializes a new AuthzClient instance using the configuration found in the classpath's keycloak.json file. ```APIDOC ## AuthzClient.create() ### Description Creates a new instance of the AuthzClient based on the configuration defined in a keycloak.json file located in the application's classpath. ### Usage ```java AuthzClient authzClient = AuthzClient.create(); ``` ``` -------------------------------- ### GET /admin/realms/{realm-name}/components/{id} Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/server_development/topics/user-storage/rest.html Retrieves the representation of a specific component. ```APIDOC ## GET /admin/realms/{realm-name}/components/{id} ### Description Fetches the details of a specific component by its ID. ### Method GET ### Endpoint /admin/realms/{realm-name}/components/{id} ### Parameters #### Path Parameters - **realm-name** (string) - Required - The name of the realm. - **id** (string) - Required - The unique identifier of the component. ``` -------------------------------- ### Creating a Resource Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/authorization_services/topics/service/client-api.html Demonstrates how to create a new resource representation and register it with the Keycloak server using the Protection API. ```APIDOC ## Create Resource ### Description Creates a new resource on the server using the AuthzClient protection resource client. ### Method POST (via ProtectedResource.create) ### Parameters - **newResource** (ResourceRepresentation) - Required - The resource object containing name, type, and scopes. ``` -------------------------------- ### Retrieve adapter configuration Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/securing_apps/topics/client-registration/client-registration-cli.html Get the adapter configuration for integrating with a web application. ```bash $ kcreg.sh get myclient -e install ``` ```cmd C:\> kcreg get myclient -e install ``` -------------------------------- ### Start Host Slave with Bind Addresses Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/server_installation/topics/clustering/load-balancer.html Configure public, management, and master domain controller addresses for a host slave via command line arguments. ```bash $ domain.sh --host-config=host-slave.xml -Djboss.bind.address=192.168.0.5 -Djboss.bind.address.management=192.168.0.5 -Djboss.domain.master.address=192.168.0.2 ``` -------------------------------- ### Target User Resource URL Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/server_admin/topics/admin-cli.html The resulting resource URL for the user creation example. ```text http://localhost:8080/auth/admin/realms/demorealm/users ``` -------------------------------- ### Run FreeIPA Server with Docker Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/server_admin/topics/user-federation/sssd.html Command to initialize a FreeIPA server container for identity management. ```bash docker run --name freeipa-server-container -it \ -h server.freeipa.local -e PASSWORD=YOUR_PASSWORD \ -v /sys/fs/cgroup:/sys/fs/cgroup:ro \ -v /var/lib/ipa-data:/data:Z adelton/freeipa-server ``` -------------------------------- ### JMX Connection URL Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/securing_apps/topics/oidc/java/fuse/fuse-admin.html Example JMX service URL for connecting via jconsole. ```text service:jmx:rmi://localhost:44444/jndi/rmi://localhost:1099/karaf-root ``` -------------------------------- ### Introspection Response Examples Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/authorization_services/topics/service/protection/token-introspection.html JSON responses for active and inactive RPT introspection requests. ```json { "permissions": [ { "resource_set_id": "90ccc6fc-b296-4cd1-881e-089e1ee15957", "resource_set_name": "Hello World Resource" } ], "exp": 1465314139, "nbf": 0, "iat": 1465313839, "aud": "hello-world-authz-service", "active": true } ``` ```json { "active": false } ``` -------------------------------- ### Initialize AuthzClient Instance Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/authorization_services/topics/service/client-api.html Create an AuthzClient instance using the configuration found in the classpath. ```java // create a new instance based on the configuration defined in a keycloak.json located in your classpath AuthzClient authzClient = AuthzClient.create(); ``` -------------------------------- ### Create a Client using Java Client Registration API Source: https://wjw465150.gitbooks.io/keycloak-documentation/content/securing_apps/topics/client-registration.html Demonstrates creating a client programmatically using the Keycloak Client Registration Java API. ```java String token = "eyJhbGciOiJSUz..."; ClientRepresentation client = new ClientRepresentation(); client.setClientId(CLIENT_ID); ClientRegistration reg = ClientRegistration.create() .url("http://localhost:8080/auth", "myrealm") .build(); reg.auth(Auth.token(token)); client = reg.create(client); String registrationAccessToken = client.getRegistrationAccessToken(); ```