|
| GET | /admin/realms | Returns a list of realms. |
| POST | /admin/realms | Import a realm from a full representation of that realm. |
| POST | /admin/realms | Upload a realm from a uploaded JSON file. |
| GET | /admin/realms/{realm} | Get the top-level representation of the realm. |
| PUT | /admin/realms/{realm} | Update the top-level information of this realm. |
| DELETE | /admin/realms/{realm} | Delete this realm. |
| GET | /admin/realms/{realm}/admin-events?authRealm=…&authClient=…&authUser=…&authIpAddress=…&resourcePath=…&dateFrom=…&dateTo=…&first=…&max=… | Query admin events. |
| DELETE | /admin/realms/{realm}/admin-events | Delete all admin events. |
| GET | /admin/realms/{realm}/client-session-stats | Returns a JSON map. |
| GET | /admin/realms/{realm}/clients | List of clients belonging to this realm. |
| POST | /admin/realms/{realm}/clients | Create a new client. |
| PUT | /admin/realms/{realm}/clients/{id} | Update the client. |
| GET | /admin/realms/{realm}/clients/{id} | Get representation of the client. |
| DELETE | /admin/realms/{realm}/clients/{id} | Delete this client. |
| GET | /admin/realms/{realm}/clients/{id}/allowed-origins | Returns set of allowed origin. |
| PUT | /admin/realms/{realm}/clients/{id}/allowed-origins | Change the set of allowed origins. |
| DELETE | /admin/realms/{realm}/clients/{id}/allowed-origins | Remove set of allowed origins from current allowed origins list. |
| GET | /admin/realms/{realm}/clients/{id}/certificates/{attr} | |
| POST | /admin/realms/{realm}/clients/{id}/certificates/{attr}/download | |
| POST | /admin/realms/{realm}/clients/{id}/certificates/{attr}/generate | |
| POST | /admin/realms/{realm}/clients/{id}/certificates/{attr}/upload | |
| POST | /admin/realms/{realm}/clients/{id}/client-secret | Generates a new secret for this client |
| GET | /admin/realms/{realm}/clients/{id}/client-secret | Get the secret of this client |
| GET | /admin/realms/{realm}/clients/{id}/installation/jboss | Return XML that can be included in the JBoss/Wildfly Keycloak subsystem to configure the adapter of that client. |
| GET | /admin/realms/{realm}/clients/{id}/installation/json | Return keycloak.json file for this client to be used to configure the adapter of that client. |
| POST | /admin/realms/{realm}/clients/{id}/logout-all | If the client has an admin URL, invalidate all sessions associated with that client directly. |
| POST | /admin/realms/{realm}/clients/{id}/logout-user/{username} | If the client has an admin URL, invalidate the sessions for a particular user directly. |
| POST | /admin/realms/{realm}/clients/{id}/nodes | Manually register cluster node to this client - usually it's not needed to call this directly as adapter should handle
by sending registration request to Keycloak |
| DELETE | /admin/realms/{realm}/clients/{id}/nodes/{node} | Unregister cluster node from this client |
| POST | /admin/realms/{realm}/clients/{id}/protocol-mappers/add-models | creates multiple mapper |
| POST | /admin/realms/{realm}/clients/{id}/protocol-mappers/models | creates mapper |
| GET | /admin/realms/{realm}/clients/{id}/protocol-mappers/models | |
| GET | /admin/realms/{realm}/clients/{id}/protocol-mappers/models/{id} | |
| PUT | /admin/realms/{realm}/clients/{id}/protocol-mappers/models/{id} | |
| DELETE | /admin/realms/{realm}/clients/{id}/protocol-mappers/models/{id} | |
| GET | /admin/realms/{realm}/clients/{id}/protocol-mappers/protocol/{protocol} | Map of mappers by name for a specific protocol |
| POST | /admin/realms/{realm}/clients/{id}/push-revocation | If the client has an admin URL, push the client's revocation policy to it. |
| GET | /admin/realms/{realm}/clients/{id}/roles | List all roles for this realm or client |
| POST | /admin/realms/{realm}/clients/{id}/roles | Create a new role for this realm or client |
| GET | /admin/realms/{realm}/clients/{id}/roles/{role-name} | Get a role by name |
| DELETE | /admin/realms/{realm}/clients/{id}/roles/{role-name} | Delete a role by name |
| PUT | /admin/realms/{realm}/clients/{id}/roles/{role-name} | Update a role by name |
| POST | /admin/realms/{realm}/clients/{id}/roles/{role-name}/composites | Add a composite to this role |
| GET | /admin/realms/{realm}/clients/{id}/roles/{role-name}/composites | List composites of this role |
| DELETE | /admin/realms/{realm}/clients/{id}/roles/{role-name}/composites | Remove roles from this role's composite |
| GET | /admin/realms/{realm}/clients/{id}/roles/{role-name}/composites/clients/{client} | An app-level roles for a specific app for this role's composite |
| GET | /admin/realms/{realm}/clients/{id}/roles/{role-name}/composites/realm | Get realm-level roles of this role's composite |
| GET | /admin/realms/{realm}/clients/{id}/scope-mappings | Get all scope mappings for this client |
| GET | /admin/realms/{realm}/clients/{id}/scope-mappings/clients/{client} | Get the roles associated with a client's scope for a specific client. |
| POST | /admin/realms/{realm}/clients/{id}/scope-mappings/clients/{client} | Add client-level roles to the client's scope |
| DELETE | /admin/realms/{realm}/clients/{id}/scope-mappings/clients/{client} | Remove client-level roles from the client's scope. |
| GET | /admin/realms/{realm}/clients/{id}/scope-mappings/clients/{client}/available | The available client-level roles that can be associated with the client's scope |
| GET | /admin/realms/{realm}/clients/{id}/scope-mappings/clients/{client}/composite | Get effective client roles that are associated with the client's scope for a specific client. |
| GET | /admin/realms/{realm}/clients/{id}/scope-mappings/realm | Get list of realm-level roles associated with this client's scope. |
| POST | /admin/realms/{realm}/clients/{id}/scope-mappings/realm | Add a set of realm-level roles to the client's scope |
| DELETE | /admin/realms/{realm}/clients/{id}/scope-mappings/realm | Remove a set of realm-level roles from the client's scope |
| GET | /admin/realms/{realm}/clients/{id}/scope-mappings/realm/available | Get list of realm-level roles that are available to attach to this client's scope. |
| GET | /admin/realms/{realm}/clients/{id}/scope-mappings/realm/composite | Get all effective realm-level roles that are associated with this client's scope. |
| GET | /admin/realms/{realm}/clients/{id}/session-count | Number of user sessions associated with this client
{
"count": number
} |
| GET | /admin/realms/{realm}/clients/{id}/test-nodes-available | Test if registered cluster nodes are available by sending 'ping' request to all of them |
| GET | /admin/realms/{realm}/clients/{id}/user-sessions?first=…&max=… | Return a list of user sessions associated with this client |
| GET | /admin/realms/{realm}/events?client=…&user=…&dateFrom=…&dateTo=…&ipAddress=…&first=…&max=… | Query events. |
| DELETE | /admin/realms/{realm}/events | Delete all events. |
| GET | /admin/realms/{realm}/events/config | View the events provider and how it is configured. |
| PUT | /admin/realms/{realm}/events/config | Change the events provider and/or it's configuration |
| POST | /admin/realms/{realm}/identity-provider/import-config | |
| POST | /admin/realms/{realm}/identity-provider/import-config | |
| GET | /admin/realms/{realm}/identity-provider/instances | |
| POST | /admin/realms/{realm}/identity-provider/instances | |
| GET | /admin/realms/{realm}/identity-provider/instances/{alias} | |
| DELETE | /admin/realms/{realm}/identity-provider/instances/{alias} | |
| PUT | /admin/realms/{realm}/identity-provider/instances/{alias} | |
| GET | /admin/realms/{realm}/identity-provider/instances/{alias}/export?format=… | |
| GET | /admin/realms/{realm}/identity-provider/instances/{alias}/mapper-types | |
| GET | /admin/realms/{realm}/identity-provider/instances/{alias}/mappers | |
| POST | /admin/realms/{realm}/identity-provider/instances/{alias}/mappers | |
| GET | /admin/realms/{realm}/identity-provider/instances/{alias}/mappers/{id} | |
| PUT | /admin/realms/{realm}/identity-provider/instances/{alias}/mappers/{id} | |
| DELETE | /admin/realms/{realm}/identity-provider/instances/{alias}/mappers/{id} | |
| GET | /admin/realms/{realm}/identity-provider/providers/{provider_id} | |
| POST | /admin/realms/{realm}/logout-all | Removes all user sessions. |
| POST | /admin/realms/{realm}/push-revocation | Push the realm's revocation policy to any client that has an admin url associated with it. |
| GET | /admin/realms/{realm}/roles | List all roles for this realm or client |
| POST | /admin/realms/{realm}/roles | Create a new role for this realm or client |
| GET | /admin/realms/{realm}/roles/{role-name} | Get a role by name |
| DELETE | /admin/realms/{realm}/roles/{role-name} | Delete a role by name |
| PUT | /admin/realms/{realm}/roles/{role-name} | Update a role by name |
| POST | /admin/realms/{realm}/roles/{role-name}/composites | Add a composite to this role |
| GET | /admin/realms/{realm}/roles/{role-name}/composites | List composites of this role |
| DELETE | /admin/realms/{realm}/roles/{role-name}/composites | Remove roles from this role's composite |
| GET | /admin/realms/{realm}/roles/{role-name}/composites/clients/{client} | An app-level roles for a specific app for this role's composite |
| GET | /admin/realms/{realm}/roles/{role-name}/composites/realm | Get realm-level roles of this role's composite |
| GET | /admin/realms/{realm}/roles-by-id/{role-id} | Get a specific role's representation |
| DELETE | /admin/realms/{realm}/roles-by-id/{role-id} | Delete this role |
| PUT | /admin/realms/{realm}/roles-by-id/{role-id} | Update this role |
| POST | /admin/realms/{realm}/roles-by-id/{role-id}/composites | Make this role a composite role by associating some child roles to it. |
| GET | /admin/realms/{realm}/roles-by-id/{role-id}/composites | If this role is a composite, return a set of its children |
| DELETE | /admin/realms/{realm}/roles-by-id/{role-id}/composites | Remove the listed set of roles from this role's composite |
| GET | /admin/realms/{realm}/roles-by-id/{role-id}/composites/clients/{client} | Return a set of client-level roles for a specific client that are in the role's composite |
| GET | /admin/realms/{realm}/roles-by-id/{role-id}/composites/realm | Return a set of realm-level roles that are in the role's composite |
| GET | /admin/realms/{realm}/roles-by-id/{role}/composites/clients/{client} | Return a set of client-level roles for a specific client that are in the role's composite |
| DELETE | /admin/realms/{realm}/sessions/{session} | Remove a specific user session. |
| GET | /admin/realms/{realm}/testLDAPConnection?action=…&connectionUrl=…&bindDn=…&bindCredential=… | |
| POST | /admin/realms/{realm}/user-federation/instances | Create a provider |
| GET | /admin/realms/{realm}/user-federation/instances | list configured providers |
| PUT | /admin/realms/{realm}/user-federation/instances/{id} | Update a provider |
| GET | /admin/realms/{realm}/user-federation/instances/{id} | get a provider |
| DELETE | /admin/realms/{realm}/user-federation/instances/{id} | Delete a provider |
| GET | /admin/realms/{realm}/user-federation/instances/{id}/mapper-types | List of available User Federation mapper types |
| GET | /admin/realms/{realm}/user-federation/instances/{id}/mappers | Get mappers configured for this provider |
| POST | /admin/realms/{realm}/user-federation/instances/{id}/mappers | Create mapper |
| GET | /admin/realms/{realm}/user-federation/instances/{id}/mappers/{id} | Get mapper |
| PUT | /admin/realms/{realm}/user-federation/instances/{id}/mappers/{id} | Update mapper |
| DELETE | /admin/realms/{realm}/user-federation/instances/{id}/mappers/{id} | Delete mapper with given ID |
| POST | /admin/realms/{realm}/user-federation/instances/{id}/sync?action=… | trigger sync of users |
| GET | /admin/realms/{realm}/user-federation/providers | Get List of available provider factories |
| GET | /admin/realms/{realm}/user-federation/providers/{id} | Get factory with given ID |
| POST | /admin/realms/{realm}/users | Create a new user. |
| GET | /admin/realms/{realm}/users?search=…&lastName=…&firstName=…&email=…&username=…&first=…&max=… | Query list of users. |
| PUT | /admin/realms/{realm}/users/{id} | Update the user |
| GET | /admin/realms/{realm}/users/{id} | Get represenation of the user |
| DELETE | /admin/realms/{realm}/users/{id} | delete this user |
| GET | /admin/realms/{realm}/users/{id}/consents | List set of consents granted by this user. |
| DELETE | /admin/realms/{realm}/users/{id}/consents/{client} | Revoke consent for particular client |
| GET | /admin/realms/{realm}/users/{id}/federated-identity | List set of social logins associated with this user. |
| POST | /admin/realms/{realm}/users/{id}/federated-identity/{provider} | |
| DELETE | /admin/realms/{realm}/users/{id}/federated-identity/{provider} | |
| POST | /admin/realms/{realm}/users/{id}/logout | Remove all user sessions associated with this user. |
| PUT | /admin/realms/{realm}/users/{id}/remove-totp | |
| PUT | /admin/realms/{realm}/users/{id}/reset-password | Set up a temporary password for this user. |
| PUT | /admin/realms/{realm}/users/{id}/reset-password-email?redirect_uri=…&client_id=… | Send an email to the user with a link they can click to reset their password. |
| GET | /admin/realms/{realm}/users/{id}/role-mappings | Get role mappings for this user |
| GET | /admin/realms/{realm}/users/{id}/role-mappings/clients/{client} | Get client-level role mappings for this user for a specific app |
| POST | /admin/realms/{realm}/users/{id}/role-mappings/clients/{client} | Add client-level roles to the user role mapping. |
| DELETE | /admin/realms/{realm}/users/{id}/role-mappings/clients/{client} | Delete client-level roles from user role mapping. |
| GET | /admin/realms/{realm}/users/{id}/role-mappings/clients/{client}/available | Get available client-level roles that can be mapped to the user |
| GET | /admin/realms/{realm}/users/{id}/role-mappings/clients/{client}/composite | Get effective client-level role mappings. |
| GET | /admin/realms/{realm}/users/{id}/role-mappings/realm | Get realm-level role mappings for this user |
| POST | /admin/realms/{realm}/users/{id}/role-mappings/realm | Add realm-level role mappings |
| DELETE | /admin/realms/{realm}/users/{id}/role-mappings/realm | Delete realm-level role mappings |
| GET | /admin/realms/{realm}/users/{id}/role-mappings/realm/available | Realm-level roles that can be mapped to this user |
| GET | /admin/realms/{realm}/users/{id}/role-mappings/realm/composite | Effective realm-level role mappings for this user. |
| PUT | /admin/realms/{realm}/users/{id}/send-verify-email?redirect_uri=…&client_id=… | Send an email to the user with a link they can click to verify their email address. |
| GET | /admin/realms/{realm}/users/{id}/sessions | List set of sessions associated with this user. |
| GET | /admin/serverinfo | Returns a list of themes, social providers, auth providers, and event listeners available on this server |