Resources
MethodURLDescription
GET/Welcome page of Keycloak
GET/adminConvenience path to master realm admin console
GET/admin/index.{html}Convenience path to master realm admin console
GET/admin/realmsReturns a list of realms.
POST/admin/realmsImport a realm from a full representation of that realm.
POST/admin/realmsUpload a realm from a uploaded JSON file.
GET/admin/realms/{realm}Get the top-level representation of the realm.
PUT/admin/realms/{realm}Update the top-level information of this realm.
DELETE/admin/realms/{realm}Delete this realm.
GET/admin/realms/{realm}/application-by-id-session-statsReturns a JSON map.
GET/admin/realms/{realm}/application-session-statsReturns a JSON map.
GET/admin/realms/{realm}/applicationsList of applications belonging to this realm.
POST/admin/realms/{realm}/applicationsCreate a new application.
PUT/admin/realms/{realm}/applications/{app-name}Update the application.
GET/admin/realms/{realm}/applications/{app-name}Get representation of the application.
DELETE/admin/realms/{realm}/applications/{app-name}Delete this application.
GET/admin/realms/{realm}/applications/{app-name}/allowed-originsReturns set of allowed origin.
PUT/admin/realms/{realm}/applications/{app-name}/allowed-originsChange the set of allowed origins.
DELETE/admin/realms/{realm}/applications/{app-name}/allowed-originsRemove set of allowed origins from current allowed origins list.
GET/admin/realms/{realm}/applications/{app-name}/certificates/{attr} 
POST/admin/realms/{realm}/applications/{app-name}/certificates/{attr}/download 
POST/admin/realms/{realm}/applications/{app-name}/certificates/{attr}/generate 
POST/admin/realms/{realm}/applications/{app-name}/certificates/{attr}/upload 
GET/admin/realms/{realm}/applications/{app-name}/claimsGet the claims a client is allowed to ask for
PUT/admin/realms/{realm}/applications/{app-name}/claimsSet the cliams a client is allowed to ask for.
POST/admin/realms/{realm}/applications/{app-name}/client-secretGenerates a new secret for this application
GET/admin/realms/{realm}/applications/{app-name}/client-secretGet the secret of this application
GET/admin/realms/{realm}/applications/{app-name}/installation/jbossReturn XML that can be included in the JBoss/Wildfly Keycloak subsystem to configure the adapter of that application.
GET/admin/realms/{realm}/applications/{app-name}/installation/jsonReturn keycloak.json file for this application to be used to configure the adapter of that application.
POST/admin/realms/{realm}/applications/{app-name}/logout-allIf the application has an admin URL, invalidate all sessions associated with that application directly.
POST/admin/realms/{realm}/applications/{app-name}/logout-user/{username}If the application has an admin URL, invalidate the sessions for a particular user directly.
POST/admin/realms/{realm}/applications/{app-name}/nodesManually register cluster node to this application - usually it's not needed to call this directly as adapter should handle by sending registration request to Keycloak
DELETE/admin/realms/{realm}/applications/{app-name}/nodes/{node}Unregister cluster node from this application
POST/admin/realms/{realm}/applications/{app-name}/push-revocationIf the application has an admin URL, push the application's revocation policy to it.
GET/admin/realms/{realm}/applications/{app-name}/rolesList all roles for this realm or application
POST/admin/realms/{realm}/applications/{app-name}/rolesCreate a new role for this realm or application
GET/admin/realms/{realm}/applications/{app-name}/roles/{role-name}Get a role by name
DELETE/admin/realms/{realm}/applications/{app-name}/roles/{role-name}Delete a role by name
PUT/admin/realms/{realm}/applications/{app-name}/roles/{role-name}Update a role by name
POST/admin/realms/{realm}/applications/{app-name}/roles/{role-name}/compositesAdd a composite to this role
GET/admin/realms/{realm}/applications/{app-name}/roles/{role-name}/compositesList composites of this role
DELETE/admin/realms/{realm}/applications/{app-name}/roles/{role-name}/compositesRemove roles from this role's composite
GET/admin/realms/{realm}/applications/{app-name}/roles/{role-name}/composites/application/{app}An app-level roles for a specific app for this role's composite
GET/admin/realms/{realm}/applications/{app-name}/roles/{role-name}/composites/application-by-id/{appId}An app-level roles for a specific app for this role's composite
GET/admin/realms/{realm}/applications/{app-name}/roles/{role-name}/composites/realmGet realm-level roles of this role's composite
GET/admin/realms/{realm}/applications/{app-name}/scope-mappingsGet all scope mappings for this client
GET/admin/realms/{realm}/applications/{app-name}/scope-mappings/applications/{app}Get the roles associated with a client's scope for a specific application.
POST/admin/realms/{realm}/applications/{app-name}/scope-mappings/applications/{app}Add application-level roles to the client's scope
DELETE/admin/realms/{realm}/applications/{app-name}/scope-mappings/applications/{app}Remove application-level roles from the client's scope.
GET/admin/realms/{realm}/applications/{app-name}/scope-mappings/applications/{app}/availableThe available application-level roles that can be associated with the client's scope
GET/admin/realms/{realm}/applications/{app-name}/scope-mappings/applications/{app}/compositeGet effective application roles that are associated with the client's scope for a specific application.
GET/admin/realms/{realm}/applications/{app-name}/scope-mappings/applications-by-id/{appId}Get the roles associated with a client's scope for a specific application.
POST/admin/realms/{realm}/applications/{app-name}/scope-mappings/applications-by-id/{appId}Add application-level roles to the client's scope
DELETE/admin/realms/{realm}/applications/{app-name}/scope-mappings/applications-by-id/{appId}Remove application-level roles from the client's scope.
GET/admin/realms/{realm}/applications/{app-name}/scope-mappings/applications-by-id/{appId}/availableThe available application-level roles that can be associated with the client's scope
GET/admin/realms/{realm}/applications/{app-name}/scope-mappings/applications-by-id/{appId}/compositeGet effective application roles that are associated with the client's scope for a specific application.
GET/admin/realms/{realm}/applications/{app-name}/scope-mappings/realmGet list of realm-level roles associated with this client's scope.
POST/admin/realms/{realm}/applications/{app-name}/scope-mappings/realmAdd a set of realm-level roles to the client's scope
DELETE/admin/realms/{realm}/applications/{app-name}/scope-mappings/realmRemove a set of realm-level roles from the client's scope
GET/admin/realms/{realm}/applications/{app-name}/scope-mappings/realm/availableGet list of realm-level roles that are available to attach to this client's scope.
GET/admin/realms/{realm}/applications/{app-name}/scope-mappings/realm/compositeGet all effective realm-level roles that are associated with this client's scope.
GET/admin/realms/{realm}/applications/{app-name}/session-countNumber of user sessions associated with this application { "count": number }
GET/admin/realms/{realm}/applications/{app-name}/test-nodes-availableTest if registered cluster nodes are available by sending 'ping' request to all of them
GET/admin/realms/{realm}/applications/{app-name}/user-sessions?first=…&max=…Return a list of user sessions associated with this application
GET/admin/realms/{realm}/applications-by-idList of applications belonging to this realm.
POST/admin/realms/{realm}/applications-by-idCreate a new application.
PUT/admin/realms/{realm}/applications-by-id/{app-name}Update the application.
GET/admin/realms/{realm}/applications-by-id/{app-name}Get representation of the application.
DELETE/admin/realms/{realm}/applications-by-id/{app-name}Delete this application.
GET/admin/realms/{realm}/applications-by-id/{app-name}/allowed-originsReturns set of allowed origin.
PUT/admin/realms/{realm}/applications-by-id/{app-name}/allowed-originsChange the set of allowed origins.
DELETE/admin/realms/{realm}/applications-by-id/{app-name}/allowed-originsRemove set of allowed origins from current allowed origins list.
GET/admin/realms/{realm}/applications-by-id/{app-name}/certificates/{attr} 
POST/admin/realms/{realm}/applications-by-id/{app-name}/certificates/{attr}/download 
POST/admin/realms/{realm}/applications-by-id/{app-name}/certificates/{attr}/generate 
POST/admin/realms/{realm}/applications-by-id/{app-name}/certificates/{attr}/upload 
GET/admin/realms/{realm}/applications-by-id/{app-name}/claimsGet the claims a client is allowed to ask for
PUT/admin/realms/{realm}/applications-by-id/{app-name}/claimsSet the cliams a client is allowed to ask for.
POST/admin/realms/{realm}/applications-by-id/{app-name}/client-secretGenerates a new secret for this application
GET/admin/realms/{realm}/applications-by-id/{app-name}/client-secretGet the secret of this application
GET/admin/realms/{realm}/applications-by-id/{app-name}/installation/jbossReturn XML that can be included in the JBoss/Wildfly Keycloak subsystem to configure the adapter of that application.
GET/admin/realms/{realm}/applications-by-id/{app-name}/installation/jsonReturn keycloak.json file for this application to be used to configure the adapter of that application.
POST/admin/realms/{realm}/applications-by-id/{app-name}/logout-allIf the application has an admin URL, invalidate all sessions associated with that application directly.
POST/admin/realms/{realm}/applications-by-id/{app-name}/logout-user/{username}If the application has an admin URL, invalidate the sessions for a particular user directly.
POST/admin/realms/{realm}/applications-by-id/{app-name}/nodesManually register cluster node to this application - usually it's not needed to call this directly as adapter should handle by sending registration request to Keycloak
DELETE/admin/realms/{realm}/applications-by-id/{app-name}/nodes/{node}Unregister cluster node from this application
POST/admin/realms/{realm}/applications-by-id/{app-name}/push-revocationIf the application has an admin URL, push the application's revocation policy to it.
GET/admin/realms/{realm}/applications-by-id/{app-name}/rolesList all roles for this realm or application
POST/admin/realms/{realm}/applications-by-id/{app-name}/rolesCreate a new role for this realm or application
GET/admin/realms/{realm}/applications-by-id/{app-name}/roles/{role-name}Get a role by name
DELETE/admin/realms/{realm}/applications-by-id/{app-name}/roles/{role-name}Delete a role by name
PUT/admin/realms/{realm}/applications-by-id/{app-name}/roles/{role-name}Update a role by name
POST/admin/realms/{realm}/applications-by-id/{app-name}/roles/{role-name}/compositesAdd a composite to this role
GET/admin/realms/{realm}/applications-by-id/{app-name}/roles/{role-name}/compositesList composites of this role
DELETE/admin/realms/{realm}/applications-by-id/{app-name}/roles/{role-name}/compositesRemove roles from this role's composite
GET/admin/realms/{realm}/applications-by-id/{app-name}/roles/{role-name}/composites/application/{app}An app-level roles for a specific app for this role's composite
GET/admin/realms/{realm}/applications-by-id/{app-name}/roles/{role-name}/composites/application-by-id/{appId}An app-level roles for a specific app for this role's composite
GET/admin/realms/{realm}/applications-by-id/{app-name}/roles/{role-name}/composites/realmGet realm-level roles of this role's composite
GET/admin/realms/{realm}/applications-by-id/{app-name}/scope-mappingsGet all scope mappings for this client
GET/admin/realms/{realm}/applications-by-id/{app-name}/scope-mappings/applications/{app}Get the roles associated with a client's scope for a specific application.
POST/admin/realms/{realm}/applications-by-id/{app-name}/scope-mappings/applications/{app}Add application-level roles to the client's scope
DELETE/admin/realms/{realm}/applications-by-id/{app-name}/scope-mappings/applications/{app}Remove application-level roles from the client's scope.
GET/admin/realms/{realm}/applications-by-id/{app-name}/scope-mappings/applications/{app}/availableThe available application-level roles that can be associated with the client's scope
GET/admin/realms/{realm}/applications-by-id/{app-name}/scope-mappings/applications/{app}/compositeGet effective application roles that are associated with the client's scope for a specific application.
GET/admin/realms/{realm}/applications-by-id/{app-name}/scope-mappings/applications-by-id/{appId}Get the roles associated with a client's scope for a specific application.
POST/admin/realms/{realm}/applications-by-id/{app-name}/scope-mappings/applications-by-id/{appId}Add application-level roles to the client's scope
DELETE/admin/realms/{realm}/applications-by-id/{app-name}/scope-mappings/applications-by-id/{appId}Remove application-level roles from the client's scope.
GET/admin/realms/{realm}/applications-by-id/{app-name}/scope-mappings/applications-by-id/{appId}/availableThe available application-level roles that can be associated with the client's scope
GET/admin/realms/{realm}/applications-by-id/{app-name}/scope-mappings/applications-by-id/{appId}/compositeGet effective application roles that are associated with the client's scope for a specific application.
GET/admin/realms/{realm}/applications-by-id/{app-name}/scope-mappings/realmGet list of realm-level roles associated with this client's scope.
POST/admin/realms/{realm}/applications-by-id/{app-name}/scope-mappings/realmAdd a set of realm-level roles to the client's scope
DELETE/admin/realms/{realm}/applications-by-id/{app-name}/scope-mappings/realmRemove a set of realm-level roles from the client's scope
GET/admin/realms/{realm}/applications-by-id/{app-name}/scope-mappings/realm/availableGet list of realm-level roles that are available to attach to this client's scope.
GET/admin/realms/{realm}/applications-by-id/{app-name}/scope-mappings/realm/compositeGet all effective realm-level roles that are associated with this client's scope.
GET/admin/realms/{realm}/applications-by-id/{app-name}/session-countNumber of user sessions associated with this application { "count": number }
GET/admin/realms/{realm}/applications-by-id/{app-name}/test-nodes-availableTest if registered cluster nodes are available by sending 'ping' request to all of them
GET/admin/realms/{realm}/applications-by-id/{app-name}/user-sessions?first=…&max=…Return a list of user sessions associated with this application
GET/admin/realms/{realm}/events?client=…&type=…&user=…&ipAddress=…&first=…&max=…Query events.
DELETE/admin/realms/{realm}/eventsDelete all events.
GET/admin/realms/{realm}/events/configView the events provider and how it is configured.
PUT/admin/realms/{realm}/events/configChange the events provider and/or it's configuration
POST/admin/realms/{realm}/logout-allRemoves all user sessions.
GET/admin/realms/{realm}/oauth-clientsGet a list of oauth clients in this realm.
POST/admin/realms/{realm}/oauth-clientsCreate an oauth client
PUT/admin/realms/{realm}/oauth-clients/{clientId}Update the oauth client
GET/admin/realms/{realm}/oauth-clients/{clientId}Get a representation of the oauth client
DELETE/admin/realms/{realm}/oauth-clients/{clientId}Remove the OAuth Client
GET/admin/realms/{realm}/oauth-clients/{clientId}/certificates/{attr} 
POST/admin/realms/{realm}/oauth-clients/{clientId}/certificates/{attr}/download 
POST/admin/realms/{realm}/oauth-clients/{clientId}/certificates/{attr}/generate 
POST/admin/realms/{realm}/oauth-clients/{clientId}/certificates/{attr}/upload 
GET/admin/realms/{realm}/oauth-clients/{clientId}/claimsGet the claims a client is allowed to ask for
PUT/admin/realms/{realm}/oauth-clients/{clientId}/claimsSet the cliams a client is allowed to ask for.
POST/admin/realms/{realm}/oauth-clients/{clientId}/client-secretGenerate a new client secret for the oauth client
GET/admin/realms/{realm}/oauth-clients/{clientId}/client-secretGet the secret of the oauth client
GET/admin/realms/{realm}/oauth-clients/{clientId}/installationGet an example keycloak.json file to use to configure the oauth client
GET/admin/realms/{realm}/oauth-clients/{clientId}/scope-mappingsGet all scope mappings for this client
GET/admin/realms/{realm}/oauth-clients/{clientId}/scope-mappings/applications/{app}Get the roles associated with a client's scope for a specific application.
POST/admin/realms/{realm}/oauth-clients/{clientId}/scope-mappings/applications/{app}Add application-level roles to the client's scope
DELETE/admin/realms/{realm}/oauth-clients/{clientId}/scope-mappings/applications/{app}Remove application-level roles from the client's scope.
GET/admin/realms/{realm}/oauth-clients/{clientId}/scope-mappings/applications/{app}/availableThe available application-level roles that can be associated with the client's scope
GET/admin/realms/{realm}/oauth-clients/{clientId}/scope-mappings/applications/{app}/compositeGet effective application roles that are associated with the client's scope for a specific application.
GET/admin/realms/{realm}/oauth-clients/{clientId}/scope-mappings/applications-by-id/{appId}Get the roles associated with a client's scope for a specific application.
POST/admin/realms/{realm}/oauth-clients/{clientId}/scope-mappings/applications-by-id/{appId}Add application-level roles to the client's scope
DELETE/admin/realms/{realm}/oauth-clients/{clientId}/scope-mappings/applications-by-id/{appId}Remove application-level roles from the client's scope.
GET/admin/realms/{realm}/oauth-clients/{clientId}/scope-mappings/applications-by-id/{appId}/availableThe available application-level roles that can be associated with the client's scope
GET/admin/realms/{realm}/oauth-clients/{clientId}/scope-mappings/applications-by-id/{appId}/compositeGet effective application roles that are associated with the client's scope for a specific application.
GET/admin/realms/{realm}/oauth-clients/{clientId}/scope-mappings/realmGet list of realm-level roles associated with this client's scope.
POST/admin/realms/{realm}/oauth-clients/{clientId}/scope-mappings/realmAdd a set of realm-level roles to the client's scope
DELETE/admin/realms/{realm}/oauth-clients/{clientId}/scope-mappings/realmRemove a set of realm-level roles from the client's scope
GET/admin/realms/{realm}/oauth-clients/{clientId}/scope-mappings/realm/availableGet list of realm-level roles that are available to attach to this client's scope.
GET/admin/realms/{realm}/oauth-clients/{clientId}/scope-mappings/realm/compositeGet all effective realm-level roles that are associated with this client's scope.
GET/admin/realms/{realm}/oauth-clients-by-idGet a list of oauth clients in this realm.
POST/admin/realms/{realm}/oauth-clients-by-idCreate an oauth client
PUT/admin/realms/{realm}/oauth-clients-by-id/{clientId}Update the oauth client
GET/admin/realms/{realm}/oauth-clients-by-id/{clientId}Get a representation of the oauth client
DELETE/admin/realms/{realm}/oauth-clients-by-id/{clientId}Remove the OAuth Client
GET/admin/realms/{realm}/oauth-clients-by-id/{clientId}/certificates/{attr} 
POST/admin/realms/{realm}/oauth-clients-by-id/{clientId}/certificates/{attr}/download 
POST/admin/realms/{realm}/oauth-clients-by-id/{clientId}/certificates/{attr}/generate 
POST/admin/realms/{realm}/oauth-clients-by-id/{clientId}/certificates/{attr}/upload 
GET/admin/realms/{realm}/oauth-clients-by-id/{clientId}/claimsGet the claims a client is allowed to ask for
PUT/admin/realms/{realm}/oauth-clients-by-id/{clientId}/claimsSet the cliams a client is allowed to ask for.
POST/admin/realms/{realm}/oauth-clients-by-id/{clientId}/client-secretGenerate a new client secret for the oauth client
GET/admin/realms/{realm}/oauth-clients-by-id/{clientId}/client-secretGet the secret of the oauth client
GET/admin/realms/{realm}/oauth-clients-by-id/{clientId}/installationGet an example keycloak.json file to use to configure the oauth client
GET/admin/realms/{realm}/oauth-clients-by-id/{clientId}/scope-mappingsGet all scope mappings for this client
GET/admin/realms/{realm}/oauth-clients-by-id/{clientId}/scope-mappings/applications/{app}Get the roles associated with a client's scope for a specific application.
POST/admin/realms/{realm}/oauth-clients-by-id/{clientId}/scope-mappings/applications/{app}Add application-level roles to the client's scope
DELETE/admin/realms/{realm}/oauth-clients-by-id/{clientId}/scope-mappings/applications/{app}Remove application-level roles from the client's scope.
GET/admin/realms/{realm}/oauth-clients-by-id/{clientId}/scope-mappings/applications/{app}/availableThe available application-level roles that can be associated with the client's scope
GET/admin/realms/{realm}/oauth-clients-by-id/{clientId}/scope-mappings/applications/{app}/compositeGet effective application roles that are associated with the client's scope for a specific application.
GET/admin/realms/{realm}/oauth-clients-by-id/{clientId}/scope-mappings/applications-by-id/{appId}Get the roles associated with a client's scope for a specific application.
POST/admin/realms/{realm}/oauth-clients-by-id/{clientId}/scope-mappings/applications-by-id/{appId}Add application-level roles to the client's scope
DELETE/admin/realms/{realm}/oauth-clients-by-id/{clientId}/scope-mappings/applications-by-id/{appId}Remove application-level roles from the client's scope.
GET/admin/realms/{realm}/oauth-clients-by-id/{clientId}/scope-mappings/applications-by-id/{appId}/availableThe available application-level roles that can be associated with the client's scope
GET/admin/realms/{realm}/oauth-clients-by-id/{clientId}/scope-mappings/applications-by-id/{appId}/compositeGet effective application roles that are associated with the client's scope for a specific application.
GET/admin/realms/{realm}/oauth-clients-by-id/{clientId}/scope-mappings/realmGet list of realm-level roles associated with this client's scope.
POST/admin/realms/{realm}/oauth-clients-by-id/{clientId}/scope-mappings/realmAdd a set of realm-level roles to the client's scope
DELETE/admin/realms/{realm}/oauth-clients-by-id/{clientId}/scope-mappings/realmRemove a set of realm-level roles from the client's scope
GET/admin/realms/{realm}/oauth-clients-by-id/{clientId}/scope-mappings/realm/availableGet list of realm-level roles that are available to attach to this client's scope.
GET/admin/realms/{realm}/oauth-clients-by-id/{clientId}/scope-mappings/realm/compositeGet all effective realm-level roles that are associated with this client's scope.
POST/admin/realms/{realm}/push-revocationPush the realm's revocation policy to any application that has an admin url associated with it.
GET/admin/realms/{realm}/rolesList all roles for this realm or application
POST/admin/realms/{realm}/rolesCreate a new role for this realm or application
GET/admin/realms/{realm}/roles/{role-name}Get a role by name
DELETE/admin/realms/{realm}/roles/{role-name}Delete a role by name
PUT/admin/realms/{realm}/roles/{role-name}Update a role by name
POST/admin/realms/{realm}/roles/{role-name}/compositesAdd a composite to this role
GET/admin/realms/{realm}/roles/{role-name}/compositesList composites of this role
DELETE/admin/realms/{realm}/roles/{role-name}/compositesRemove roles from this role's composite
GET/admin/realms/{realm}/roles/{role-name}/composites/application/{app}An app-level roles for a specific app for this role's composite
GET/admin/realms/{realm}/roles/{role-name}/composites/application-by-id/{appId}An app-level roles for a specific app for this role's composite
GET/admin/realms/{realm}/roles/{role-name}/composites/realmGet realm-level roles of this role's composite
GET/admin/realms/{realm}/roles-by-id/{role-id}Get a specific role's representation
DELETE/admin/realms/{realm}/roles-by-id/{role-id}Delete this role
PUT/admin/realms/{realm}/roles-by-id/{role-id}Update this role
POST/admin/realms/{realm}/roles-by-id/{role-id}/compositesMake this role a composite role by associating some child roles to it.
GET/admin/realms/{realm}/roles-by-id/{role-id}/compositesIf this role is a composite, return a set of its children
DELETE/admin/realms/{realm}/roles-by-id/{role-id}/compositesRemove the listed set of roles from this role's composite
GET/admin/realms/{realm}/roles-by-id/{role-id}/composites/applications/{app}Return a set of application-level roles for a specific app that are in the role's composite
GET/admin/realms/{realm}/roles-by-id/{role-id}/composites/applications-by-id/{appId}Return a set of application-level roles for a specific app that are in the role's composite
GET/admin/realms/{realm}/roles-by-id/{role-id}/composites/realmReturn a set of realm-level roles that are in the role's composite
DELETE/admin/realms/{realm}/sessions/{session}Remove a specific user session.
GET/admin/realms/{realm}/testLDAPConnection?action=…&connectionUrl=…&bindDn=…&bindCredential=… 
POST/admin/realms/{realm}/user-federation/instancesCreate a provider
GET/admin/realms/{realm}/user-federation/instanceslist configured providers
PUT/admin/realms/{realm}/user-federation/instances/{id}Update a provider
GET/admin/realms/{realm}/user-federation/instances/{id}get a provider
DELETE/admin/realms/{realm}/user-federation/instances/{id}Delete a provider
GET/admin/realms/{realm}/user-federation/providersGet List of available provider factories
GET/admin/realms/{realm}/user-federation/providers/{id}Get List of available provider factories
GET/admin/realms/{realm}/user-federation/sync/{id}?action=…trigger sync of users
POST/admin/realms/{realm}/usersCreate a new user.
GET/admin/realms/{realm}/users?search=…&lastName=…&firstName=…&email=…&username=…&first=…&max=…Query list of users.
PUT/admin/realms/{realm}/users/{username}Update the user
GET/admin/realms/{realm}/users/{username}Get represenation of the user
DELETE/admin/realms/{realm}/users/{username}delete this user
POST/admin/realms/{realm}/users/{username}/logoutRemove all user sessions associated with this user.
PUT/admin/realms/{realm}/users/{username}/remove-totp 
PUT/admin/realms/{realm}/users/{username}/reset-passwordSet up a temporary password for this user.
PUT/admin/realms/{realm}/users/{username}/reset-password-emailSend an email to the user with a link they can click to reset their password
GET/admin/realms/{realm}/users/{username}/role-mappingsGet role mappings for this user
GET/admin/realms/{realm}/users/{username}/role-mappings/applications/{app}Get application-level role mappings for this user for a specific app
POST/admin/realms/{realm}/users/{username}/role-mappings/applications/{app}Add application-level roles to the user role mapping.
DELETE/admin/realms/{realm}/users/{username}/role-mappings/applications/{app}Delete application-level roles from user role mapping.
GET/admin/realms/{realm}/users/{username}/role-mappings/applications/{app}/availableGet available application-level roles that can be mapped to the user
GET/admin/realms/{realm}/users/{username}/role-mappings/applications/{app}/compositeGet effective application-level role mappings.
GET/admin/realms/{realm}/users/{username}/role-mappings/applications-by-id/{appId}Get application-level role mappings for this user for a specific app
POST/admin/realms/{realm}/users/{username}/role-mappings/applications-by-id/{appId}Add application-level roles to the user role mapping.
DELETE/admin/realms/{realm}/users/{username}/role-mappings/applications-by-id/{appId}Delete application-level roles from user role mapping.
GET/admin/realms/{realm}/users/{username}/role-mappings/applications-by-id/{appId}/availableGet available application-level roles that can be mapped to the user
GET/admin/realms/{realm}/users/{username}/role-mappings/applications-by-id/{appId}/compositeGet effective application-level role mappings.
GET/admin/realms/{realm}/users/{username}/role-mappings/realmGet realm-level role mappings for this user
POST/admin/realms/{realm}/users/{username}/role-mappings/realmAdd realm-level role mappings
DELETE/admin/realms/{realm}/users/{username}/role-mappings/realmDelete realm-level role mappings
GET/admin/realms/{realm}/users/{username}/role-mappings/realm/availableRealm-level roles that can be mapped to this user
GET/admin/realms/{realm}/users/{username}/role-mappings/realm/compositeEffective realm-level role mappings for this user.
GET/admin/realms/{realm}/users/{username}/sessionsList set of sessions associated with this user.
GET/admin/realms/{realm}/users/{username}/social-linksList set of social logins associated with this user.
POST/admin/realms/{realm}/users/{username}/social-links/{provider} 
DELETE/admin/realms/{realm}/users/{username}/social-links/{provider} 
GET/admin/serverinfoReturns a list of themes, social providers, auth providers, and event listeners available on this server
GET/admin/{realm}/consoleMain page of this realm's admin console
GET/admin/{realm}/console/configAdapter configuration for the admin console for this realm
GET/admin/{realm}/console/js/keycloak.jsJavascript used by admin console
GET/admin/{realm}/console/logoutLogout from the admin console
GET/admin/{realm}/console/whoamiPermission information
GET/admin/{realm}/console/{path}Theme resources for this realm's admin console.
GET/js/keycloak.jsGet keycloak.js file for javascript clients
GET/js/keycloak.min.js 
GET/qrcode?contents=…&size=…Create a bar code image
GET/realms/{realm}Public information about the realm.
GET/realms/{realm}/accountGet account information.
POST/realms/{realm}/accountUpdate account information.
GET/realms/{realm}/account/log 
GET/realms/{realm}/account/login-redirect?code=…&state=…&error=…&path=…&referrer=… 
GET/realms/{realm}/account/password 
POST/realms/{realm}/account/passwordUpdate account password Form params: password - old password password-new pasword-confirm
GET/realms/{realm}/account/sessions 
GET/realms/{realm}/account/sessions-logout?stateChecker=… 
GET/realms/{realm}/account/social 
GET/realms/{realm}/account/social-update?action=…&provider_id=…&stateChecker=… 
GET/realms/{realm}/account/totp 
POST/realms/{realm}/account/totpUpdate the TOTP for this account.
GET/realms/{realm}/account/totp-remove?stateChecker=… 
POST/realms/{realm}/clients-managements/register-nodeURL invoked by adapter to register new application cluster node.
POST/realms/{realm}/clients-managements/unregister-nodeURL invoked by adapter to register new application cluster node.
POST/realms/{realm}/login-actions/consentOAuth grant page.
GET/realms/{realm}/login-actions/email-verification?code=…&key=… 
GET/realms/{realm}/login-actions/login?code=…protocol independent login page entry point
POST/realms/{realm}/login-actions/password?code=… 
GET/realms/{realm}/login-actions/password-reset?code=…&key=… 
POST/realms/{realm}/login-actions/password-reset?code=… 
POST/realms/{realm}/login-actions/profile?code=… 
GET/realms/{realm}/login-actions/registration?code=…protocol independent registration page entry point
POST/realms/{realm}/login-actions/request/login?code=…URL called after login page.
POST/realms/{realm}/login-actions/request/registration?code=…Registration
POST/realms/{realm}/login-actions/totp?code=… 
GET/realms/{realm}/login-status-iframe.html?client_id=…&origin=… 
GET/social/callback?state=… 
GET/social/{realm}/login?provider_id=…&code=… 
GET/theme/{themeType}/{themeName}/{path}Get theme content
GET/version 
GET/welcome-content/{path}Resources for welcome page