|
GET | / | Welcome page of Keycloak |
GET | /admin | Convenience path to master realm admin console |
GET | /admin/index.{html} | Convenience path to master realm admin console |
GET | /admin/realms | Returns a list of realms. |
POST | /admin/realms | Import a realm from a full representation of that realm. |
POST | /admin/realms | Upload a realm from a uploaded JSON file. |
GET | /admin/realms/{realm} | Get the top-level representation of the realm. |
PUT | /admin/realms/{realm} | Update the top-level information of this realm. |
DELETE | /admin/realms/{realm} | Delete this realm. |
GET | /admin/realms/{realm}/application-session-stats | Returns a JSON map. |
GET | /admin/realms/{realm}/applications | List of applications belonging to this realm. |
POST | /admin/realms/{realm}/applications | Create a new application. |
PUT | /admin/realms/{realm}/applications/{app-name} | Update the application. |
GET | /admin/realms/{realm}/applications/{app-name} | Get representation of the application. |
DELETE | /admin/realms/{realm}/applications/{app-name} | Delete this application. |
GET | /admin/realms/{realm}/applications/{app-name}/allowed-origins | Returns set of allowed origin. |
PUT | /admin/realms/{realm}/applications/{app-name}/allowed-origins | Change the set of allowed origins. |
DELETE | /admin/realms/{realm}/applications/{app-name}/allowed-origins | Remove set of allowed origins from current allowed origins list. |
GET | /admin/realms/{realm}/applications/{app-name}/claims | Get the claims a client is allowed to ask for |
PUT | /admin/realms/{realm}/applications/{app-name}/claims | Set the cliams a client is allowed to ask for. |
POST | /admin/realms/{realm}/applications/{app-name}/client-secret | Generates a new secret for this application |
GET | /admin/realms/{realm}/applications/{app-name}/client-secret | Get the secret of this application |
GET | /admin/realms/{realm}/applications/{app-name}/installation/jboss | Return XML that can be included in the JBoss/Wildfly Keycloak subsystem to configure the adapter of that application. |
GET | /admin/realms/{realm}/applications/{app-name}/installation/json | Return keycloak.json file for this application to be used to configure the adapter of that application. |
POST | /admin/realms/{realm}/applications/{app-name}/logout-all | If the application has an admin URL, invalidate all sessions associated with that application directly. |
POST | /admin/realms/{realm}/applications/{app-name}/logout-user/{username} | If the application has an admin URL, invalidate the sessions for a particular user directly. |
POST | /admin/realms/{realm}/applications/{app-name}/push-revocation | If the application has an admin URL, push the application's revocation policy to it. |
GET | /admin/realms/{realm}/applications/{app-name}/roles | List all roles for this realm or application |
POST | /admin/realms/{realm}/applications/{app-name}/roles | Create a new role for this realm or application |
GET | /admin/realms/{realm}/applications/{app-name}/roles/{role-name} | Get a role by name |
DELETE | /admin/realms/{realm}/applications/{app-name}/roles/{role-name} | Delete a role by name |
PUT | /admin/realms/{realm}/applications/{app-name}/roles/{role-name} | Update a role by name |
POST | /admin/realms/{realm}/applications/{app-name}/roles/{role-name}/composites | Add a composite to this role |
GET | /admin/realms/{realm}/applications/{app-name}/roles/{role-name}/composites | List composites of this role |
DELETE | /admin/realms/{realm}/applications/{app-name}/roles/{role-name}/composites | Remove roles from this role's composite |
GET | /admin/realms/{realm}/applications/{app-name}/roles/{role-name}/composites/application/{app} | An app-level roles for a specific app for this role's composite |
GET | /admin/realms/{realm}/applications/{app-name}/roles/{role-name}/composites/realm | Get realm-level roles of this role's composite |
GET | /admin/realms/{realm}/applications/{app-name}/scope-mappings | Get all scope mappings for this client |
GET | /admin/realms/{realm}/applications/{app-name}/scope-mappings/applications/{app} | Get the roles associated with a client's scope for a specific application. |
POST | /admin/realms/{realm}/applications/{app-name}/scope-mappings/applications/{app} | Add application-level roles to the client's scope |
DELETE | /admin/realms/{realm}/applications/{app-name}/scope-mappings/applications/{app} | Remove application-level roles from the client's scope. |
GET | /admin/realms/{realm}/applications/{app-name}/scope-mappings/applications/{app}/available | The available application-level roles that can be associated with the client's scope |
GET | /admin/realms/{realm}/applications/{app-name}/scope-mappings/applications/{app}/composite | Get effective application roles that are associated with the client's scope for a specific application. |
GET | /admin/realms/{realm}/applications/{app-name}/scope-mappings/realm | Get list of realm-level roles associated with this client's scope. |
POST | /admin/realms/{realm}/applications/{app-name}/scope-mappings/realm | Add a set of realm-level roles to the client's scope |
DELETE | /admin/realms/{realm}/applications/{app-name}/scope-mappings/realm | Remove a set of realm-level roles from the client's scope |
GET | /admin/realms/{realm}/applications/{app-name}/scope-mappings/realm/available | Get list of realm-level roles that are available to attach to this client's scope. |
GET | /admin/realms/{realm}/applications/{app-name}/scope-mappings/realm/composite | Get all effective realm-level roles that are associated with this client's scope. |
GET | /admin/realms/{realm}/applications/{app-name}/session-count | Number of user sessions associated with this application
{
"count": number
} |
GET | /admin/realms/{realm}/applications/{app-name}/session-stats?users=… | If the application has an admin URL, query it directly for session stats. |
GET | /admin/realms/{realm}/applications/{app-name}/user-sessions | Return a list of user sessions associated with this application |
GET | /admin/realms/{realm}/audit | View the audit provider and how it is configured. |
PUT | /admin/realms/{realm}/audit | Change the audit provider and/or it's configuration |
GET | /admin/realms/{realm}/audit/events?max=…&client=…&event=…&user=…&first=…&ipAddress=… | Query audit events. |
DELETE | /admin/realms/{realm}/audit/events | Delete all audit events. |
POST | /admin/realms/{realm}/logout-all | Removes all user sessions. |
GET | /admin/realms/{realm}/oauth-clients | Get a list of oauth clients in this realm. |
POST | /admin/realms/{realm}/oauth-clients | Create an oauth client |
PUT | /admin/realms/{realm}/oauth-clients/{id} | Update the oauth client |
GET | /admin/realms/{realm}/oauth-clients/{id} | Get a representation of the oauth client |
DELETE | /admin/realms/{realm}/oauth-clients/{id} | Remove the OAuth Client |
GET | /admin/realms/{realm}/oauth-clients/{id}/claims | Get the claims a client is allowed to ask for |
PUT | /admin/realms/{realm}/oauth-clients/{id}/claims | Set the cliams a client is allowed to ask for. |
POST | /admin/realms/{realm}/oauth-clients/{id}/client-secret | Generate a new client secret for the oauth client |
GET | /admin/realms/{realm}/oauth-clients/{id}/client-secret | Get the secret of the oauth client |
GET | /admin/realms/{realm}/oauth-clients/{id}/installation | Get an example keycloak.json file to use to configure the oauth client |
GET | /admin/realms/{realm}/oauth-clients/{id}/scope-mappings | Get all scope mappings for this client |
GET | /admin/realms/{realm}/oauth-clients/{id}/scope-mappings/applications/{app} | Get the roles associated with a client's scope for a specific application. |
POST | /admin/realms/{realm}/oauth-clients/{id}/scope-mappings/applications/{app} | Add application-level roles to the client's scope |
DELETE | /admin/realms/{realm}/oauth-clients/{id}/scope-mappings/applications/{app} | Remove application-level roles from the client's scope. |
GET | /admin/realms/{realm}/oauth-clients/{id}/scope-mappings/applications/{app}/available | The available application-level roles that can be associated with the client's scope |
GET | /admin/realms/{realm}/oauth-clients/{id}/scope-mappings/applications/{app}/composite | Get effective application roles that are associated with the client's scope for a specific application. |
GET | /admin/realms/{realm}/oauth-clients/{id}/scope-mappings/realm | Get list of realm-level roles associated with this client's scope. |
POST | /admin/realms/{realm}/oauth-clients/{id}/scope-mappings/realm | Add a set of realm-level roles to the client's scope |
DELETE | /admin/realms/{realm}/oauth-clients/{id}/scope-mappings/realm | Remove a set of realm-level roles from the client's scope |
GET | /admin/realms/{realm}/oauth-clients/{id}/scope-mappings/realm/available | Get list of realm-level roles that are available to attach to this client's scope. |
GET | /admin/realms/{realm}/oauth-clients/{id}/scope-mappings/realm/composite | Get all effective realm-level roles that are associated with this client's scope. |
POST | /admin/realms/{realm}/push-revocation | Push the realm's revocation policy to any application that has an admin url associated with it. |
GET | /admin/realms/{realm}/roles | List all roles for this realm or application |
POST | /admin/realms/{realm}/roles | Create a new role for this realm or application |
GET | /admin/realms/{realm}/roles/{role-name} | Get a role by name |
DELETE | /admin/realms/{realm}/roles/{role-name} | Delete a role by name |
PUT | /admin/realms/{realm}/roles/{role-name} | Update a role by name |
POST | /admin/realms/{realm}/roles/{role-name}/composites | Add a composite to this role |
GET | /admin/realms/{realm}/roles/{role-name}/composites | List composites of this role |
DELETE | /admin/realms/{realm}/roles/{role-name}/composites | Remove roles from this role's composite |
GET | /admin/realms/{realm}/roles/{role-name}/composites/application/{app} | An app-level roles for a specific app for this role's composite |
GET | /admin/realms/{realm}/roles/{role-name}/composites/realm | Get realm-level roles of this role's composite |
GET | /admin/realms/{realm}/roles-by-id/{role-id} | Get a specific role's representation |
DELETE | /admin/realms/{realm}/roles-by-id/{role-id} | Delete this role |
PUT | /admin/realms/{realm}/roles-by-id/{role-id} | Update this role |
POST | /admin/realms/{realm}/roles-by-id/{role-id}/composites | Make this role a composite role by associating some child roles to it. |
GET | /admin/realms/{realm}/roles-by-id/{role-id}/composites | If this role is a composite, return a set of its children |
DELETE | /admin/realms/{realm}/roles-by-id/{role-id}/composites | Remove the listed set of roles from this role's composite |
GET | /admin/realms/{realm}/roles-by-id/{role-id}/composites/applications/{app} | Return a set of application-level roles for a specific app that are in the role's composite |
GET | /admin/realms/{realm}/roles-by-id/{role-id}/composites/realm | Return a set of realm-level roles that are in the role's composite |
GET | /admin/realms/{realm}/session-stats | Any application that has an admin URL will be asked directly how many sessions they have active and what users
are involved with those sessions. |
DELETE | /admin/realms/{realm}/sessions/{session} | Remove a specific user session. |
POST | /admin/realms/{realm}/users | Create a new user. |
GET | /admin/realms/{realm}/users?lastName=…&username=…&search=…&email=…&firstName=… | Query list of users. |
PUT | /admin/realms/{realm}/users/{username} | Update the user |
GET | /admin/realms/{realm}/users/{username} | Get represenation of the user |
DELETE | /admin/realms/{realm}/users/{username} | delete this user |
POST | /admin/realms/{realm}/users/{username}/logout | Remove all user sessions associated with this user. |
PUT | /admin/realms/{realm}/users/{username}/remove-totp | |
PUT | /admin/realms/{realm}/users/{username}/reset-password | Set up a temporary password for this user. |
PUT | /admin/realms/{realm}/users/{username}/reset-password-email | Send an email to the user with a link they can click to reset their password |
GET | /admin/realms/{realm}/users/{username}/role-mappings | Get role mappings for this user |
GET | /admin/realms/{realm}/users/{username}/role-mappings/applications/{app} | Get application-level role mappings for this user for a specific app |
POST | /admin/realms/{realm}/users/{username}/role-mappings/applications/{app} | Add applicaiton-level roles to the user role mapping. |
DELETE | /admin/realms/{realm}/users/{username}/role-mappings/applications/{app} | Delete application-level roles from user role mapping. |
GET | /admin/realms/{realm}/users/{username}/role-mappings/applications/{app}/available | Get available application-level roles that can be mapped to the user |
GET | /admin/realms/{realm}/users/{username}/role-mappings/applications/{app}/composite | Get effective application-level role mappings. |
GET | /admin/realms/{realm}/users/{username}/role-mappings/realm | Get realm-level role mappings for this user |
POST | /admin/realms/{realm}/users/{username}/role-mappings/realm | Add realm-level role mappings |
DELETE | /admin/realms/{realm}/users/{username}/role-mappings/realm | Delete realm-level role mappings |
GET | /admin/realms/{realm}/users/{username}/role-mappings/realm/available | Realm-level roles that can be mapped to this user |
GET | /admin/realms/{realm}/users/{username}/role-mappings/realm/composite | Effective realm-level role mappings for this user. |
GET | /admin/realms/{realm}/users/{username}/session-stats | For each application with an admin URL, query them for the set of users logged in. |
GET | /admin/realms/{realm}/users/{username}/sessions | List set of sessions associated with this user. |
GET | /admin/realms/{realm}/users/{username}/social-links | List set of social logins associated with this user. |
GET | /admin/serverinfo | Returns a list of themes, social providers, auth providers, and audit listeners available on this server |
GET | /admin/{realm}/console | Main page of this realm's admin console |
GET | /admin/{realm}/console/config | Adapter configuration for the admin console for this realm |
GET | /admin/{realm}/console/js/keycloak.js | Javascript used by admin console |
GET | /admin/{realm}/console/logout | Logout from the admin console |
GET | /admin/{realm}/console/whoami | Permission information |
GET | /admin/{realm}/console/{path} | Theme resources for this realm's admin console. |
GET | /js/keycloak.js | Get keycloak.js file for javascript clients |
GET | /qrcode?contents=…&size=… | Create a bar code image |
GET | /realms/{realm} | Public information about the realm. |
GET | /realms/{realm}/account | Get account information. |
POST | /realms/{realm}/account | Update account information. |
GET | /realms/{realm}/account/log | |
GET | /realms/{realm}/account/login-redirect?referrer=…&error=…&state=…&path=…&code=… | |
GET | /realms/{realm}/account/password | |
POST | /realms/{realm}/account/password | Update account password
Form params:
password - old password
password-new
pasword-confirm |
GET | /realms/{realm}/account/sessions | |
GET | /realms/{realm}/account/sessions-logout | |
GET | /realms/{realm}/account/social | |
GET | /realms/{realm}/account/social-update?provider_id=…&action=… | |
GET | /realms/{realm}/account/totp | |
POST | /realms/{realm}/account/totp | Update the TOTP for this account. |
GET | /realms/{realm}/account/totp-remove | |
GET | /realms/{realm}/login-status-iframe.html?origin=…&client_id=… | |
POST | /realms/{realm}/tokens/access/codes | URL invoked by adapter to turn an access code to access token |
POST | /realms/{realm}/tokens/auth/request/login?scope=…&redirect_uri=…&state=…&client_id=… | URL called after login page. |
GET | /realms/{realm}/tokens/auth/request/login-actions/email-verification | |
POST | /realms/{realm}/tokens/auth/request/login-actions/password | |
GET | /realms/{realm}/tokens/auth/request/login-actions/password-reset | |
POST | /realms/{realm}/tokens/auth/request/login-actions/password-reset | |
POST | /realms/{realm}/tokens/auth/request/login-actions/profile | |
POST | /realms/{realm}/tokens/auth/request/login-actions/totp | |
POST | /realms/{realm}/tokens/grants/access | Direct grant REST invocation. |
GET | /realms/{realm}/tokens/login?response_type=…&scope=…&redirect_uri=…&state=…&client_id=…&prompt=… | Login page. |
GET | /realms/{realm}/tokens/logout?session_state=…&redirect_uri=… | Logout user session. |
POST | /realms/{realm}/tokens/oauth/grant | OAuth grant page. |
GET | /realms/{realm}/tokens/oauth/oob?error=…&code=…&error_description=… | |
POST | /realms/{realm}/tokens/refresh | URL for making refresh token requests. |
POST | /realms/{realm}/tokens/registrations?scope=…&redirect_uri=…&state=…&client_id=… | Registration |
GET | /realms/{realm}/tokens/registrations?response_type=…&scope=…&redirect_uri=…&state=…&client_id=… | Registration page. |
GET | /social/callback?state=… | |
GET | /social/{realm}/login?response_type=…&scope=…&redirect_uri=…&provider_id=…&state=…&client_id=… | |
GET | /theme/{themeType}/{themeName}/{path} | Get theme content |
GET | /welcome-content/{name} | Resources for welcome page |