Resources
ResourceDescriptionMethods
/Welcome page of KeycloakGET
/adminConvenience path to master realm admin consoleGET
/admin/index.{html}Convenience path to master realm admin consoleGET
/admin/realmsReturns a list of realms.GET, POST, POST
/admin/realms/{realm}Get the top-level representation of the realm.GET, PUT, DELETE
/admin/realms/{realm}/application-by-id-session-statsReturns a JSON map.GET
/admin/realms/{realm}/application-session-statsReturns a JSON map.GET
/admin/realms/{realm}/applicationsList of applications belonging to this realm.GET, POST
/admin/realms/{realm}/applications/{app-name}Get representation of the application.PUT, GET, DELETE
/admin/realms/{realm}/applications/{app-name}/allowed-originsReturns set of allowed origin.GET, PUT, DELETE
/admin/realms/{realm}/applications/{app-name}/certificates/{attr}GET
/admin/realms/{realm}/applications/{app-name}/certificates/{attr}/downloadPOST
/admin/realms/{realm}/applications/{app-name}/certificates/{attr}/generatePOST
/admin/realms/{realm}/applications/{app-name}/certificates/{attr}/uploadPOST
/admin/realms/{realm}/applications/{app-name}/claimsGet the claims a client is allowed to ask forGET, PUT
/admin/realms/{realm}/applications/{app-name}/client-secretGet the secret of this applicationPOST, GET
/admin/realms/{realm}/applications/{app-name}/installation/jbossReturn XML that can be included in the JBoss/Wildfly Keycloak subsystem to configure the adapter of that application.GET
/admin/realms/{realm}/applications/{app-name}/installation/jsonReturn keycloak.json file for this application to be used to configure the adapter of that application.GET
/admin/realms/{realm}/applications/{app-name}/logout-allIf the application has an admin URL, invalidate all sessions associated with that application directly.POST
/admin/realms/{realm}/applications/{app-name}/logout-user/{username}If the application has an admin URL, invalidate the sessions for a particular user directly.POST
/admin/realms/{realm}/applications/{app-name}/nodesManually register cluster node to this application - usually it's not needed to call this directly as adapter should handle by sending registration request to KeycloakPOST
/admin/realms/{realm}/applications/{app-name}/nodes/{node}Unregister cluster node from this applicationDELETE
/admin/realms/{realm}/applications/{app-name}/push-revocationIf the application has an admin URL, push the application's revocation policy to it.POST
/admin/realms/{realm}/applications/{app-name}/rolesList all roles for this realm or applicationGET, POST
/admin/realms/{realm}/applications/{app-name}/roles/{role-name}Get a role by nameGET, DELETE, PUT
/admin/realms/{realm}/applications/{app-name}/roles/{role-name}/compositesList composites of this rolePOST, GET, DELETE
/admin/realms/{realm}/applications/{app-name}/roles/{role-name}/composites/application/{app}An app-level roles for a specific app for this role's compositeGET
/admin/realms/{realm}/applications/{app-name}/roles/{role-name}/composites/application-by-id/{appId}An app-level roles for a specific app for this role's compositeGET
/admin/realms/{realm}/applications/{app-name}/roles/{role-name}/composites/realmGet realm-level roles of this role's compositeGET
/admin/realms/{realm}/applications/{app-name}/scope-mappingsGet all scope mappings for this clientGET
/admin/realms/{realm}/applications/{app-name}/scope-mappings/applications/{app}Get the roles associated with a client's scope for a specific application.GET, POST, DELETE
/admin/realms/{realm}/applications/{app-name}/scope-mappings/applications/{app}/availableThe available application-level roles that can be associated with the client's scopeGET
/admin/realms/{realm}/applications/{app-name}/scope-mappings/applications/{app}/compositeGet effective application roles that are associated with the client's scope for a specific application.GET
/admin/realms/{realm}/applications/{app-name}/scope-mappings/applications-by-id/{appId}Get the roles associated with a client's scope for a specific application.GET, POST, DELETE
/admin/realms/{realm}/applications/{app-name}/scope-mappings/applications-by-id/{appId}/availableThe available application-level roles that can be associated with the client's scopeGET
/admin/realms/{realm}/applications/{app-name}/scope-mappings/applications-by-id/{appId}/compositeGet effective application roles that are associated with the client's scope for a specific application.GET
/admin/realms/{realm}/applications/{app-name}/scope-mappings/realmGet list of realm-level roles associated with this client's scope.GET, POST, DELETE
/admin/realms/{realm}/applications/{app-name}/scope-mappings/realm/availableGet list of realm-level roles that are available to attach to this client's scope.GET
/admin/realms/{realm}/applications/{app-name}/scope-mappings/realm/compositeGet all effective realm-level roles that are associated with this client's scope.GET
/admin/realms/{realm}/applications/{app-name}/session-countNumber of user sessions associated with this application { "count": number }GET
/admin/realms/{realm}/applications/{app-name}/test-nodes-availableTest if registered cluster nodes are available by sending 'ping' request to all of themGET
/admin/realms/{realm}/applications/{app-name}/user-sessionsReturn a list of user sessions associated with this applicationGET
/admin/realms/{realm}/applications-by-idList of applications belonging to this realm.GET, POST
/admin/realms/{realm}/applications-by-id/{app-name}Get representation of the application.PUT, GET, DELETE
/admin/realms/{realm}/applications-by-id/{app-name}/allowed-originsReturns set of allowed origin.GET, PUT, DELETE
/admin/realms/{realm}/applications-by-id/{app-name}/certificates/{attr}GET
/admin/realms/{realm}/applications-by-id/{app-name}/certificates/{attr}/downloadPOST
/admin/realms/{realm}/applications-by-id/{app-name}/certificates/{attr}/generatePOST
/admin/realms/{realm}/applications-by-id/{app-name}/certificates/{attr}/uploadPOST
/admin/realms/{realm}/applications-by-id/{app-name}/claimsGet the claims a client is allowed to ask forGET, PUT
/admin/realms/{realm}/applications-by-id/{app-name}/client-secretGet the secret of this applicationPOST, GET
/admin/realms/{realm}/applications-by-id/{app-name}/installation/jbossReturn XML that can be included in the JBoss/Wildfly Keycloak subsystem to configure the adapter of that application.GET
/admin/realms/{realm}/applications-by-id/{app-name}/installation/jsonReturn keycloak.json file for this application to be used to configure the adapter of that application.GET
/admin/realms/{realm}/applications-by-id/{app-name}/logout-allIf the application has an admin URL, invalidate all sessions associated with that application directly.POST
/admin/realms/{realm}/applications-by-id/{app-name}/logout-user/{username}If the application has an admin URL, invalidate the sessions for a particular user directly.POST
/admin/realms/{realm}/applications-by-id/{app-name}/nodesManually register cluster node to this application - usually it's not needed to call this directly as adapter should handle by sending registration request to KeycloakPOST
/admin/realms/{realm}/applications-by-id/{app-name}/nodes/{node}Unregister cluster node from this applicationDELETE
/admin/realms/{realm}/applications-by-id/{app-name}/push-revocationIf the application has an admin URL, push the application's revocation policy to it.POST
/admin/realms/{realm}/applications-by-id/{app-name}/rolesList all roles for this realm or applicationGET, POST
/admin/realms/{realm}/applications-by-id/{app-name}/roles/{role-name}Get a role by nameGET, DELETE, PUT
/admin/realms/{realm}/applications-by-id/{app-name}/roles/{role-name}/compositesList composites of this rolePOST, GET, DELETE
/admin/realms/{realm}/applications-by-id/{app-name}/roles/{role-name}/composites/application/{app}An app-level roles for a specific app for this role's compositeGET
/admin/realms/{realm}/applications-by-id/{app-name}/roles/{role-name}/composites/application-by-id/{appId}An app-level roles for a specific app for this role's compositeGET
/admin/realms/{realm}/applications-by-id/{app-name}/roles/{role-name}/composites/realmGet realm-level roles of this role's compositeGET
/admin/realms/{realm}/applications-by-id/{app-name}/scope-mappingsGet all scope mappings for this clientGET
/admin/realms/{realm}/applications-by-id/{app-name}/scope-mappings/applications/{app}Get the roles associated with a client's scope for a specific application.GET, POST, DELETE
/admin/realms/{realm}/applications-by-id/{app-name}/scope-mappings/applications/{app}/availableThe available application-level roles that can be associated with the client's scopeGET
/admin/realms/{realm}/applications-by-id/{app-name}/scope-mappings/applications/{app}/compositeGet effective application roles that are associated with the client's scope for a specific application.GET
/admin/realms/{realm}/applications-by-id/{app-name}/scope-mappings/applications-by-id/{appId}Get the roles associated with a client's scope for a specific application.GET, POST, DELETE
/admin/realms/{realm}/applications-by-id/{app-name}/scope-mappings/applications-by-id/{appId}/availableThe available application-level roles that can be associated with the client's scopeGET
/admin/realms/{realm}/applications-by-id/{app-name}/scope-mappings/applications-by-id/{appId}/compositeGet effective application roles that are associated with the client's scope for a specific application.GET
/admin/realms/{realm}/applications-by-id/{app-name}/scope-mappings/realmGet list of realm-level roles associated with this client's scope.GET, POST, DELETE
/admin/realms/{realm}/applications-by-id/{app-name}/scope-mappings/realm/availableGet list of realm-level roles that are available to attach to this client's scope.GET
/admin/realms/{realm}/applications-by-id/{app-name}/scope-mappings/realm/compositeGet all effective realm-level roles that are associated with this client's scope.GET
/admin/realms/{realm}/applications-by-id/{app-name}/session-countNumber of user sessions associated with this application { "count": number }GET
/admin/realms/{realm}/applications-by-id/{app-name}/test-nodes-availableTest if registered cluster nodes are available by sending 'ping' request to all of themGET
/admin/realms/{realm}/applications-by-id/{app-name}/user-sessionsReturn a list of user sessions associated with this applicationGET
/admin/realms/{realm}/eventsQuery events.GET, DELETE
/admin/realms/{realm}/events/configView the events provider and how it is configured.GET, PUT
/admin/realms/{realm}/logout-allRemoves all user sessions.POST
/admin/realms/{realm}/oauth-clientsGet a list of oauth clients in this realm.GET, POST
/admin/realms/{realm}/oauth-clients/{clientId}Get a representation of the oauth clientPUT, GET, DELETE
/admin/realms/{realm}/oauth-clients/{clientId}/certificates/{attr}GET
/admin/realms/{realm}/oauth-clients/{clientId}/certificates/{attr}/downloadPOST
/admin/realms/{realm}/oauth-clients/{clientId}/certificates/{attr}/generatePOST
/admin/realms/{realm}/oauth-clients/{clientId}/certificates/{attr}/uploadPOST
/admin/realms/{realm}/oauth-clients/{clientId}/claimsGet the claims a client is allowed to ask forGET, PUT
/admin/realms/{realm}/oauth-clients/{clientId}/client-secretGet the secret of the oauth clientPOST, GET
/admin/realms/{realm}/oauth-clients/{clientId}/installationGet an example keycloak.json file to use to configure the oauth clientGET
/admin/realms/{realm}/oauth-clients/{clientId}/scope-mappingsGet all scope mappings for this clientGET
/admin/realms/{realm}/oauth-clients/{clientId}/scope-mappings/applications/{app}Get the roles associated with a client's scope for a specific application.GET, POST, DELETE
/admin/realms/{realm}/oauth-clients/{clientId}/scope-mappings/applications/{app}/availableThe available application-level roles that can be associated with the client's scopeGET
/admin/realms/{realm}/oauth-clients/{clientId}/scope-mappings/applications/{app}/compositeGet effective application roles that are associated with the client's scope for a specific application.GET
/admin/realms/{realm}/oauth-clients/{clientId}/scope-mappings/applications-by-id/{appId}Get the roles associated with a client's scope for a specific application.GET, POST, DELETE
/admin/realms/{realm}/oauth-clients/{clientId}/scope-mappings/applications-by-id/{appId}/availableThe available application-level roles that can be associated with the client's scopeGET
/admin/realms/{realm}/oauth-clients/{clientId}/scope-mappings/applications-by-id/{appId}/compositeGet effective application roles that are associated with the client's scope for a specific application.GET
/admin/realms/{realm}/oauth-clients/{clientId}/scope-mappings/realmGet list of realm-level roles associated with this client's scope.GET, POST, DELETE
/admin/realms/{realm}/oauth-clients/{clientId}/scope-mappings/realm/availableGet list of realm-level roles that are available to attach to this client's scope.GET
/admin/realms/{realm}/oauth-clients/{clientId}/scope-mappings/realm/compositeGet all effective realm-level roles that are associated with this client's scope.GET
/admin/realms/{realm}/oauth-clients-by-idGet a list of oauth clients in this realm.GET, POST
/admin/realms/{realm}/oauth-clients-by-id/{clientId}Get a representation of the oauth clientPUT, GET, DELETE
/admin/realms/{realm}/oauth-clients-by-id/{clientId}/certificates/{attr}GET
/admin/realms/{realm}/oauth-clients-by-id/{clientId}/certificates/{attr}/downloadPOST
/admin/realms/{realm}/oauth-clients-by-id/{clientId}/certificates/{attr}/generatePOST
/admin/realms/{realm}/oauth-clients-by-id/{clientId}/certificates/{attr}/uploadPOST
/admin/realms/{realm}/oauth-clients-by-id/{clientId}/claimsGet the claims a client is allowed to ask forGET, PUT
/admin/realms/{realm}/oauth-clients-by-id/{clientId}/client-secretGet the secret of the oauth clientPOST, GET
/admin/realms/{realm}/oauth-clients-by-id/{clientId}/installationGet an example keycloak.json file to use to configure the oauth clientGET
/admin/realms/{realm}/oauth-clients-by-id/{clientId}/scope-mappingsGet all scope mappings for this clientGET
/admin/realms/{realm}/oauth-clients-by-id/{clientId}/scope-mappings/applications/{app}Get the roles associated with a client's scope for a specific application.GET, POST, DELETE
/admin/realms/{realm}/oauth-clients-by-id/{clientId}/scope-mappings/applications/{app}/availableThe available application-level roles that can be associated with the client's scopeGET
/admin/realms/{realm}/oauth-clients-by-id/{clientId}/scope-mappings/applications/{app}/compositeGet effective application roles that are associated with the client's scope for a specific application.GET
/admin/realms/{realm}/oauth-clients-by-id/{clientId}/scope-mappings/applications-by-id/{appId}Get the roles associated with a client's scope for a specific application.GET, POST, DELETE
/admin/realms/{realm}/oauth-clients-by-id/{clientId}/scope-mappings/applications-by-id/{appId}/availableThe available application-level roles that can be associated with the client's scopeGET
/admin/realms/{realm}/oauth-clients-by-id/{clientId}/scope-mappings/applications-by-id/{appId}/compositeGet effective application roles that are associated with the client's scope for a specific application.GET
/admin/realms/{realm}/oauth-clients-by-id/{clientId}/scope-mappings/realmGet list of realm-level roles associated with this client's scope.GET, POST, DELETE
/admin/realms/{realm}/oauth-clients-by-id/{clientId}/scope-mappings/realm/availableGet list of realm-level roles that are available to attach to this client's scope.GET
/admin/realms/{realm}/oauth-clients-by-id/{clientId}/scope-mappings/realm/compositeGet all effective realm-level roles that are associated with this client's scope.GET
/admin/realms/{realm}/push-revocationPush the realm's revocation policy to any application that has an admin url associated with it.POST
/admin/realms/{realm}/rolesList all roles for this realm or applicationGET, POST
/admin/realms/{realm}/roles/{role-name}Get a role by nameGET, DELETE, PUT
/admin/realms/{realm}/roles/{role-name}/compositesList composites of this rolePOST, GET, DELETE
/admin/realms/{realm}/roles/{role-name}/composites/application/{app}An app-level roles for a specific app for this role's compositeGET
/admin/realms/{realm}/roles/{role-name}/composites/application-by-id/{appId}An app-level roles for a specific app for this role's compositeGET
/admin/realms/{realm}/roles/{role-name}/composites/realmGet realm-level roles of this role's compositeGET
/admin/realms/{realm}/roles-by-id/{role-id}Get a specific role's representationGET, DELETE, PUT
/admin/realms/{realm}/roles-by-id/{role-id}/compositesIf this role is a composite, return a set of its childrenPOST, GET, DELETE
/admin/realms/{realm}/roles-by-id/{role-id}/composites/applications/{app}Return a set of application-level roles for a specific app that are in the role's compositeGET
/admin/realms/{realm}/roles-by-id/{role-id}/composites/applications-by-id/{appId}Return a set of application-level roles for a specific app that are in the role's compositeGET
/admin/realms/{realm}/roles-by-id/{role-id}/composites/realmReturn a set of realm-level roles that are in the role's compositeGET
/admin/realms/{realm}/sessions/{session}Remove a specific user session.DELETE
/admin/realms/{realm}/testLDAPConnectionGET
/admin/realms/{realm}/user-federation/instanceslist configured providersPOST, GET
/admin/realms/{realm}/user-federation/instances/{id}get a providerPUT, GET, DELETE
/admin/realms/{realm}/user-federation/providersGet List of available provider factoriesGET
/admin/realms/{realm}/user-federation/providers/{id}Get List of available provider factoriesGET
/admin/realms/{realm}/user-federation/sync/{id}trigger sync of usersGET
/admin/realms/{realm}/usersQuery list of users.POST, GET
/admin/realms/{realm}/users/{username}Get represenation of the userPUT, GET, DELETE
/admin/realms/{realm}/users/{username}/logoutRemove all user sessions associated with this user.POST
/admin/realms/{realm}/users/{username}/remove-totpPUT
/admin/realms/{realm}/users/{username}/reset-passwordSet up a temporary password for this user.PUT
/admin/realms/{realm}/users/{username}/reset-password-emailSend an email to the user with a link they can click to reset their password.PUT
/admin/realms/{realm}/users/{username}/role-mappingsGet role mappings for this userGET
/admin/realms/{realm}/users/{username}/role-mappings/applications/{app}Get application-level role mappings for this user for a specific appGET, POST, DELETE
/admin/realms/{realm}/users/{username}/role-mappings/applications/{app}/availableGet available application-level roles that can be mapped to the userGET
/admin/realms/{realm}/users/{username}/role-mappings/applications/{app}/compositeGet effective application-level role mappings.GET
/admin/realms/{realm}/users/{username}/role-mappings/applications-by-id/{appId}Get application-level role mappings for this user for a specific appGET, POST, DELETE
/admin/realms/{realm}/users/{username}/role-mappings/applications-by-id/{appId}/availableGet available application-level roles that can be mapped to the userGET
/admin/realms/{realm}/users/{username}/role-mappings/applications-by-id/{appId}/compositeGet effective application-level role mappings.GET
/admin/realms/{realm}/users/{username}/role-mappings/realmGet realm-level role mappings for this userGET, POST, DELETE
/admin/realms/{realm}/users/{username}/role-mappings/realm/availableRealm-level roles that can be mapped to this userGET
/admin/realms/{realm}/users/{username}/role-mappings/realm/compositeEffective realm-level role mappings for this user.GET
/admin/realms/{realm}/users/{username}/sessionsList set of sessions associated with this user.GET
/admin/realms/{realm}/users/{username}/social-linksList set of social logins associated with this user.GET
/admin/realms/{realm}/users/{username}/social-links/{provider}POST, DELETE
/admin/serverinfoReturns a list of themes, social providers, auth providers, and event listeners available on this serverGET
/admin/{realm}/consoleMain page of this realm's admin consoleGET
/admin/{realm}/console/configAdapter configuration for the admin console for this realmGET
/admin/{realm}/console/js/keycloak.jsJavascript used by admin consoleGET
/admin/{realm}/console/logoutLogout from the admin consoleGET
/admin/{realm}/console/whoamiPermission informationGET
/admin/{realm}/console/{path}Theme resources for this realm's admin console.GET
/js/keycloak.jsGet keycloak.js file for javascript clientsGET
/js/keycloak.min.jsGET
/qrcodeCreate a bar code imageGET
/realms/{realm}Public information about the realm.GET
/realms/{realm}/accountGet account information.GET, POST
/realms/{realm}/account/logGET
/realms/{realm}/account/login-redirectGET
/realms/{realm}/account/passwordUpdate account password Form params: password - old password password-new pasword-confirmGET, POST
/realms/{realm}/account/sessionsGET
/realms/{realm}/account/sessions-logoutGET
/realms/{realm}/account/socialGET
/realms/{realm}/account/social-updateGET
/realms/{realm}/account/totpUpdate the TOTP for this account.GET, POST
/realms/{realm}/account/totp-removeGET
/realms/{realm}/clients-managements/register-nodeURL invoked by adapter to register new application cluster node.POST
/realms/{realm}/clients-managements/unregister-nodeURL invoked by adapter to register new application cluster node.POST
/realms/{realm}/login-actions/consentOAuth grant page.POST
/realms/{realm}/login-actions/email-verificationGET
/realms/{realm}/login-actions/loginprotocol independent login page entry pointGET
/realms/{realm}/login-actions/passwordPOST
/realms/{realm}/login-actions/password-resetGET, POST
/realms/{realm}/login-actions/profilePOST
/realms/{realm}/login-actions/registrationprotocol independent registration page entry pointGET
/realms/{realm}/login-actions/request/loginURL called after login page.POST
/realms/{realm}/login-actions/request/registrationRegistrationPOST
/realms/{realm}/login-actions/totpPOST
/realms/{realm}/login-status-iframe.htmlGET
/social/callbackGET
/social/{realm}/loginGET
/theme/{themeType}/{themeName}/{path}Get theme contentGET
/versionGET
/welcome-content/{path}Resources for welcome pageGET