/ | Welcome page of Keycloak | GET |
/admin | Convenience path to master realm admin console | GET |
/admin/index.{html} | Convenience path to master realm admin console | GET |
/admin/realms | Returns a list of realms. | GET, POST, POST |
/admin/realms/{realm} | Get the top-level representation of the realm. | GET, PUT, DELETE |
/admin/realms/{realm}/application-session-stats | Returns a JSON map. | GET |
/admin/realms/{realm}/applications | List of applications belonging to this realm. | GET, POST |
/admin/realms/{realm}/applications/{app-name} | Get representation of the application. | PUT, GET, DELETE |
/admin/realms/{realm}/applications/{app-name}/allowed-origins | Returns set of allowed origin. | GET, PUT, DELETE |
/admin/realms/{realm}/applications/{app-name}/claims | Get the claims a client is allowed to ask for | GET, PUT |
/admin/realms/{realm}/applications/{app-name}/client-secret | Get the secret of this application | POST, GET |
/admin/realms/{realm}/applications/{app-name}/installation/jboss | Return XML that can be included in the JBoss/Wildfly Keycloak subsystem to configure the adapter of that application. | GET |
/admin/realms/{realm}/applications/{app-name}/installation/json | Return keycloak.json file for this application to be used to configure the adapter of that application. | GET |
/admin/realms/{realm}/applications/{app-name}/logout-all | If the application has an admin URL, invalidate all sessions associated with that application directly. | POST |
/admin/realms/{realm}/applications/{app-name}/logout-user/{username} | If the application has an admin URL, invalidate the sessions for a particular user directly. | POST |
/admin/realms/{realm}/applications/{app-name}/push-revocation | If the application has an admin URL, push the application's revocation policy to it. | POST |
/admin/realms/{realm}/applications/{app-name}/roles | List all roles for this realm or application | GET, POST |
/admin/realms/{realm}/applications/{app-name}/roles/{role-name} | Get a role by name | GET, DELETE, PUT |
/admin/realms/{realm}/applications/{app-name}/roles/{role-name}/composites | List composites of this role | POST, GET, DELETE |
/admin/realms/{realm}/applications/{app-name}/roles/{role-name}/composites/application/{app} | An app-level roles for a specific app for this role's composite | GET |
/admin/realms/{realm}/applications/{app-name}/roles/{role-name}/composites/realm | Get realm-level roles of this role's composite | GET |
/admin/realms/{realm}/applications/{app-name}/scope-mappings | Get all scope mappings for this client | GET |
/admin/realms/{realm}/applications/{app-name}/scope-mappings/applications/{app} | Get the roles associated with a client's scope for a specific application. | GET, POST, DELETE |
/admin/realms/{realm}/applications/{app-name}/scope-mappings/applications/{app}/available | The available application-level roles that can be associated with the client's scope | GET |
/admin/realms/{realm}/applications/{app-name}/scope-mappings/applications/{app}/composite | Get effective application roles that are associated with the client's scope for a specific application. | GET |
/admin/realms/{realm}/applications/{app-name}/scope-mappings/realm | Get list of realm-level roles associated with this client's scope. | GET, POST, DELETE |
/admin/realms/{realm}/applications/{app-name}/scope-mappings/realm/available | Get list of realm-level roles that are available to attach to this client's scope. | GET |
/admin/realms/{realm}/applications/{app-name}/scope-mappings/realm/composite | Get all effective realm-level roles that are associated with this client's scope. | GET |
/admin/realms/{realm}/applications/{app-name}/session-count | Number of user sessions associated with this application
{
"count": number
} | GET |
/admin/realms/{realm}/applications/{app-name}/session-stats | If the application has an admin URL, query it directly for session stats. | GET |
/admin/realms/{realm}/applications/{app-name}/user-sessions | Return a list of user sessions associated with this application | GET |
/admin/realms/{realm}/events | Query events. | GET, DELETE |
/admin/realms/{realm}/events/config | View the events provider and how it is configured. | GET, PUT |
/admin/realms/{realm}/logout-all | Removes all user sessions. | POST |
/admin/realms/{realm}/oauth-clients | Get a list of oauth clients in this realm. | GET, POST |
/admin/realms/{realm}/oauth-clients/{clientId} | Get a representation of the oauth client | PUT, GET, DELETE |
/admin/realms/{realm}/oauth-clients/{clientId}/claims | Get the claims a client is allowed to ask for | GET, PUT |
/admin/realms/{realm}/oauth-clients/{clientId}/client-secret | Get the secret of the oauth client | POST, GET |
/admin/realms/{realm}/oauth-clients/{clientId}/installation | Get an example keycloak.json file to use to configure the oauth client | GET |
/admin/realms/{realm}/oauth-clients/{clientId}/scope-mappings | Get all scope mappings for this client | GET |
/admin/realms/{realm}/oauth-clients/{clientId}/scope-mappings/applications/{app} | Get the roles associated with a client's scope for a specific application. | GET, POST, DELETE |
/admin/realms/{realm}/oauth-clients/{clientId}/scope-mappings/applications/{app}/available | The available application-level roles that can be associated with the client's scope | GET |
/admin/realms/{realm}/oauth-clients/{clientId}/scope-mappings/applications/{app}/composite | Get effective application roles that are associated with the client's scope for a specific application. | GET |
/admin/realms/{realm}/oauth-clients/{clientId}/scope-mappings/realm | Get list of realm-level roles associated with this client's scope. | GET, POST, DELETE |
/admin/realms/{realm}/oauth-clients/{clientId}/scope-mappings/realm/available | Get list of realm-level roles that are available to attach to this client's scope. | GET |
/admin/realms/{realm}/oauth-clients/{clientId}/scope-mappings/realm/composite | Get all effective realm-level roles that are associated with this client's scope. | GET |
/admin/realms/{realm}/push-revocation | Push the realm's revocation policy to any application that has an admin url associated with it. | POST |
/admin/realms/{realm}/roles | List all roles for this realm or application | GET, POST |
/admin/realms/{realm}/roles/{role-name} | Get a role by name | GET, DELETE, PUT |
/admin/realms/{realm}/roles/{role-name}/composites | List composites of this role | POST, GET, DELETE |
/admin/realms/{realm}/roles/{role-name}/composites/application/{app} | An app-level roles for a specific app for this role's composite | GET |
/admin/realms/{realm}/roles/{role-name}/composites/realm | Get realm-level roles of this role's composite | GET |
/admin/realms/{realm}/roles-by-id/{role-id} | Get a specific role's representation | GET, DELETE, PUT |
/admin/realms/{realm}/roles-by-id/{role-id}/composites | If this role is a composite, return a set of its children | POST, GET, DELETE |
/admin/realms/{realm}/roles-by-id/{role-id}/composites/applications/{app} | Return a set of application-level roles for a specific app that are in the role's composite | GET |
/admin/realms/{realm}/roles-by-id/{role-id}/composites/realm | Return a set of realm-level roles that are in the role's composite | GET |
/admin/realms/{realm}/session-stats | Any application that has an admin URL will be asked directly how many sessions they have active and what users
are involved with those sessions. | GET |
/admin/realms/{realm}/sessions/{session} | Remove a specific user session. | DELETE |
/admin/realms/{realm}/testLDAPConnection | | GET |
/admin/realms/{realm}/user-federation/instances | list configured providers | POST, GET |
/admin/realms/{realm}/user-federation/instances/{id} | get a provider | PUT, GET, DELETE |
/admin/realms/{realm}/user-federation/providers | Get List of available provider factories | GET |
/admin/realms/{realm}/user-federation/providers/{id} | Get List of available provider factories | GET |
/admin/realms/{realm}/user-federation/sync/{id} | trigger sync of users | GET |
/admin/realms/{realm}/users | Query list of users. | POST, GET |
/admin/realms/{realm}/users/{username} | Get represenation of the user | PUT, GET, DELETE |
/admin/realms/{realm}/users/{username}/logout | Remove all user sessions associated with this user. | POST |
/admin/realms/{realm}/users/{username}/remove-totp | | PUT |
/admin/realms/{realm}/users/{username}/reset-password | Set up a temporary password for this user. | PUT |
/admin/realms/{realm}/users/{username}/reset-password-email | Send an email to the user with a link they can click to reset their password | PUT |
/admin/realms/{realm}/users/{username}/role-mappings | Get role mappings for this user | GET |
/admin/realms/{realm}/users/{username}/role-mappings/applications/{app} | Get application-level role mappings for this user for a specific app | GET, POST, DELETE |
/admin/realms/{realm}/users/{username}/role-mappings/applications/{app}/available | Get available application-level roles that can be mapped to the user | GET |
/admin/realms/{realm}/users/{username}/role-mappings/applications/{app}/composite | Get effective application-level role mappings. | GET |
/admin/realms/{realm}/users/{username}/role-mappings/realm | Get realm-level role mappings for this user | GET, POST, DELETE |
/admin/realms/{realm}/users/{username}/role-mappings/realm/available | Realm-level roles that can be mapped to this user | GET |
/admin/realms/{realm}/users/{username}/role-mappings/realm/composite | Effective realm-level role mappings for this user. | GET |
/admin/realms/{realm}/users/{username}/session-stats | For each application with an admin URL, query them for the set of users logged in. | GET |
/admin/realms/{realm}/users/{username}/sessions | List set of sessions associated with this user. | GET |
/admin/realms/{realm}/users/{username}/social-links | List set of social logins associated with this user. | GET |
/admin/serverinfo | Returns a list of themes, social providers, auth providers, and event listeners available on this server | GET |
/admin/{realm}/console | Main page of this realm's admin console | GET |
/admin/{realm}/console/config | Adapter configuration for the admin console for this realm | GET |
/admin/{realm}/console/js/keycloak.js | Javascript used by admin console | GET |
/admin/{realm}/console/logout | Logout from the admin console | GET |
/admin/{realm}/console/whoami | Permission information | GET |
/admin/{realm}/console/{path} | Theme resources for this realm's admin console. | GET |
/js/keycloak.js | Get keycloak.js file for javascript clients | GET |
/js/keycloak.min.js | | GET |
/qrcode | Create a bar code image | GET |
/realms/{realm} | Public information about the realm. | GET |
/realms/{realm}/account | Get account information. | GET, POST |
/realms/{realm}/account/log | | GET |
/realms/{realm}/account/login-redirect | | GET |
/realms/{realm}/account/password | Update account password
Form params:
password - old password
password-new
pasword-confirm | GET, POST |
/realms/{realm}/account/sessions | | GET |
/realms/{realm}/account/sessions-logout | | GET |
/realms/{realm}/account/social | | GET |
/realms/{realm}/account/social-update | | GET |
/realms/{realm}/account/totp | Update the TOTP for this account. | GET, POST |
/realms/{realm}/account/totp-remove | | GET |
/realms/{realm}/login-status-iframe.html | | GET |
/realms/{realm}/tokens/access/codes | URL invoked by adapter to turn an access code to access token | POST |
/realms/{realm}/tokens/auth/request/login | URL called after login page. | POST |
/realms/{realm}/tokens/auth/request/login-actions/email-verification | | GET |
/realms/{realm}/tokens/auth/request/login-actions/password | | POST |
/realms/{realm}/tokens/auth/request/login-actions/password-reset | | GET, POST |
/realms/{realm}/tokens/auth/request/login-actions/profile | | POST |
/realms/{realm}/tokens/auth/request/login-actions/totp | | POST |
/realms/{realm}/tokens/grants/access | Direct grant REST invocation. | POST |
/realms/{realm}/tokens/login | Login page. | GET |
/realms/{realm}/tokens/logout | Logout user session. | GET, POST |
/realms/{realm}/tokens/oauth/grant | OAuth grant page. | POST |
/realms/{realm}/tokens/oauth/oob | | GET |
/realms/{realm}/tokens/refresh | URL for making refresh token requests. | POST |
/realms/{realm}/tokens/registrations | Registration page. | POST, GET |
/realms/{realm}/tokens/validate | Validate encoded access token. | GET |
/social/callback | | GET |
/social/{realm}/login | | GET |
/theme/{themeType}/{themeName}/{path} | Get theme content | GET |
/version | | GET |
/welcome-content/{name} | Resources for welcome page | GET |