org.keycloak.services.resources.admin

Class UsersResource

java.lang.Object

org.keycloak.services.resources.admin.UsersResource

public class UsersResource
extends Object

Base resource for managing users

Version:

$Revision: 1 $

Author:

Bill Burke

Field Summary

Fields

Modifier and Type	Field and Description
protected org.keycloak.common.ClientConnection	clientConnection
protected javax.ws.rs.core.HttpHeaders	headers
protected static org.jboss.logging.Logger	logger
protected BruteForceProtector	protector
protected RealmModel	realm
protected KeycloakSession	session
protected javax.ws.rs.core.UriInfo	uriInfo

Constructor Summary

Constructors

Constructor and Description
UsersResource(RealmModel realm, RealmAuth auth, TokenManager tokenManager, AdminEventBuilder adminEvent)

Method Summary

Modifier and Type	Method and Description
javax.ws.rs.core.Response	addFederatedIdentity(String id, String provider, FederatedIdentityRepresentation rep) Add a social login provider to the user
javax.ws.rs.core.Response	createUser(javax.ws.rs.core.UriInfo uriInfo, UserRepresentation rep) Create a new user Username must be unique.
javax.ws.rs.core.Response	deleteUser(String id) Delete the user
javax.ws.rs.core.Response	executeActionsEmail(String id, String redirectUri, String clientId, List<String> actions) Send a update account email to the user An email contains a link the user can click to perform a set of required actions.
List<Map<String,Object>>	getConsents(String id) Get consents granted by the user
List<FederatedIdentityRepresentation>	getFederatedIdentity(String id) Get social logins associated with the user
RoleMapperResource	getRoleMappings(String id)
List<UserSessionRepresentation>	getSessions(String id) Get sessions associated with the user
List<UserSessionRepresentation>	getSessions(String id, String clientId) Get offline sessions associated with the user and client
UserRepresentation	getUser(String id) Get represenation of the user
List<UserRepresentation>	getUsers(String search, String last, String first, String email, String username, Integer firstResult, Integer maxResults) Get users Returns a list of users, filtered according to query parameters
List<GroupRepresentation>	groupMembership(String id)
Map<String,Object>	impersonate(String id) Impersonate the user
void	joinGroup(String id, String groupId)
void	logout(String id) Remove all user sessions associated with the user Also send notification to all clients that have an admin URL to invalidate the sessions for the particular user.
void	removeFederatedIdentity(String id, String provider) Remove a social login provider from user
void	removeMembership(String id, String groupId)
void	removeTotp(String id) Remove TOTP from the user
void	resetPassword(String id, CredentialRepresentation pass) Set up a temporary password for the user User will have to reset the temporary password next time they log in.
javax.ws.rs.core.Response	resetPasswordEmail(String id, String redirectUri, String clientId) Deprecated.
void	revokeConsent(String id, String clientId) Revoke consent and offline tokens for particular client from user
javax.ws.rs.core.Response	sendVerifyEmail(String id, String redirectUri, String clientId) Send an email-verification email to the user An email contains a link the user can click to verify their email address.
javax.ws.rs.core.Response	updateUser(String id, UserRepresentation rep) Update the user
static void	updateUserFromRep(UserModel user, UserRepresentation rep, Set<String> attrsToRemove, RealmModel realm, KeycloakSession session)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

logger

protected static final org.jboss.logging.Logger logger

realm

protected RealmModel realm

clientConnection

@Context
protected org.keycloak.common.ClientConnection clientConnection

uriInfo

@Context
protected javax.ws.rs.core.UriInfo uriInfo

session

@Context
protected KeycloakSession session

headers

@Context
protected javax.ws.rs.core.HttpHeaders headers

protector

@Context
protected BruteForceProtector protector

Constructor Detail

UsersResource

public UsersResource(RealmModel realm,
                     RealmAuth auth,
                     TokenManager tokenManager,
                     AdminEventBuilder adminEvent)

Method Detail

updateUser

public javax.ws.rs.core.Response updateUser(String id,
                                            UserRepresentation rep)

Update the user

Parameters:

id - User id

rep -

Returns:

createUser

public javax.ws.rs.core.Response createUser(@Context
                                            javax.ws.rs.core.UriInfo uriInfo,
                                            UserRepresentation rep)

Create a new user Username must be unique.

Parameters:

uriInfo -

rep -

Returns:

updateUserFromRep

public static void updateUserFromRep(UserModel user,
                                     UserRepresentation rep,
                                     Set<String> attrsToRemove,
                                     RealmModel realm,
                                     KeycloakSession session)

getUser

public UserRepresentation getUser(String id)

Get represenation of the user

Parameters:

id - User id

Returns:

impersonate

public Map<String,Object> impersonate(String id)

Impersonate the user

Parameters:

id - User id

Returns:

getSessions

public List<UserSessionRepresentation> getSessions(String id)

Get sessions associated with the user

Parameters:

id - User id

Returns:

getSessions

public List<UserSessionRepresentation> getSessions(String id,
                                                   String clientId)

Get offline sessions associated with the user and client

Parameters:

id - User id

Returns:

getFederatedIdentity

public List<FederatedIdentityRepresentation> getFederatedIdentity(String id)

Get social logins associated with the user

Parameters:

id - User id

Returns:

addFederatedIdentity

public javax.ws.rs.core.Response addFederatedIdentity(String id,
                                                      String provider,
                                                      FederatedIdentityRepresentation rep)

Add a social login provider to the user

Parameters:

id - User id

provider - Social login provider id

rep -

Returns:

removeFederatedIdentity

public void removeFederatedIdentity(String id,
                                    String provider)

Remove a social login provider from user

Parameters:

id - User id

provider - Social login provider id

getConsents

public List<Map<String,Object>> getConsents(String id)

Get consents granted by the user

Parameters:

id - User id

Returns:

revokeConsent

public void revokeConsent(String id,
                          String clientId)

Revoke consent and offline tokens for particular client from user

Parameters:

id - User id

clientId - Client id

logout

public void logout(String id)

Remove all user sessions associated with the user Also send notification to all clients that have an admin URL to invalidate the sessions for the particular user.

Parameters:

id - User id

deleteUser

public javax.ws.rs.core.Response deleteUser(String id)

Delete the user

Parameters:

id - User id

getUsers

public List<UserRepresentation> getUsers(String search,
                                         String last,
                                         String first,
                                         String email,
                                         String username,
                                         Integer firstResult,
                                         Integer maxResults)

Get users Returns a list of users, filtered according to query parameters

Parameters:

search - A String contained in username, first or last name, or email

last -

first -

email -

username -

first - Pagination offset

maxResults - Pagination size

Returns:

getRoleMappings

public RoleMapperResource getRoleMappings(String id)

resetPassword

public void resetPassword(String id,
                          CredentialRepresentation pass)

Set up a temporary password for the user User will have to reset the temporary password next time they log in.

Parameters:

id - User id

pass - A Temporary password

removeTotp

public void removeTotp(String id)

Remove TOTP from the user

Parameters:

id - User id

resetPasswordEmail

@Deprecated
public javax.ws.rs.core.Response resetPasswordEmail(String id,
                                                                String redirectUri,
                                                                String clientId)

Deprecated.

Send an email to the user with a link they can click to reset their password. The redirectUri and clientId parameters are optional. The default for the redirect is the account client. This endpoint has been deprecated. Please use the execute-actions-email passing a list with UPDATE_PASSWORD within it.

Parameters:

id -

redirectUri - redirect uri

clientId - client id

Returns:

executeActionsEmail

public javax.ws.rs.core.Response executeActionsEmail(String id,
                                                     String redirectUri,
                                                     String clientId,
                                                     List<String> actions)

Send a update account email to the user An email contains a link the user can click to perform a set of required actions. The redirectUri and clientId parameters are optional. The default for the redirect is the account client.

Parameters:

id - User is

redirectUri - Redirect uri

clientId - Client id

actions - required actions the user needs to complete

Returns:

sendVerifyEmail

public javax.ws.rs.core.Response sendVerifyEmail(String id,
                                                 String redirectUri,
                                                 String clientId)

Send an email-verification email to the user An email contains a link the user can click to verify their email address. The redirectUri and clientId parameters are optional. The default for the redirect is the account client.

Parameters:

id - User id

redirectUri - Redirect uri

clientId - Client id

Returns:

groupMembership

public List<GroupRepresentation> groupMembership(String id)

removeMembership

public void removeMembership(String id,
                             String groupId)

joinGroup

public void joinGroup(String id,
                      String groupId)