Microservices.al/auth
Template
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
40eb1da3798a742e6534a5b4bb84610af2e8189c
auth/backend/keycloak/openapi.specs.yml

9369 lines
223 KiB
YAML
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
---
openapi: 3.0.2
info:
title: Keycloak Admin REST API
description: This is a REST API reference for the Keycloak Admin
version: '1'
paths:
# Login Manualisht
# "/auth/realms/{realm}":
# get:
# tags:
# - Login
# summary: Login
# responses:
# 2XX:
# description: success
# content:
# application/json:
# schema:
# "$ref": "#/components/schemas/LoginResponse"
# post:
# tags:
# - Login to Realm
# summary: Login with Username/Email and password
# requestBody:
# description: JSON representation of the realm
# content:
# application/json:
# schema:
# "$ref": "#/components/schemas/RealmRepresentation"
# required: true
# responses:
# 2XX:
# description: success
#end Login
"/":
get:
tags:
- Root
summary: Get themes, social providers, auth providers, and event listeners available
on this server
responses:
2XX:
description: success
content:
application/json:
schema:
"$ref": "#/components/schemas/ServerInfoRepresentation"
post:
tags:
- Realms Admin
summary: Import a realm Imports a realm from a full representation of that
realm.
requestBody:
description: JSON representation of the realm
content:
application/json:
schema:
"$ref": "#/components/schemas/RealmRepresentation"
required: true
responses:
2XX:
description: success
"/{id}/name":
get:
tags:
- User Storage Provider
summary: Need this for admin console to display simple name of provider when
displaying client detail KEYCLOAK-4328
responses:
2XX:
description: success
content:
application/json:
schema:
type: object
additionalProperties: true
parameters:
- in: path
name: id
required: true
schema:
type: string
style: simple
"/{realm}":
get:
tags:
- Realms Admin
summary: Get the top-level representation of the realm It will not include
nested information like User and Client representations.
responses:
2XX:
description: success
content:
application/json:
schema:
"$ref": "#/components/schemas/RealmRepresentation"
put:
tags:
- Realms Admin
summary: Update the top-level information of the realm Any user, roles or
client information in the representation will be ignored.
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/RealmRepresentation"
required: true
responses:
2XX:
description: success
delete:
tags:
- Realms Admin
summary: Delete the realm
responses:
2XX:
description: success
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
"/{realm}/admin-events":
get:
tags:
- Realms Admin
summary: Get admin events Returns all admin events, or filters events based
on URL query parameters listed here
parameters:
- in: query
name: authClient
schema:
type: string
style: form
- in: query
name: authIpAddress
schema:
type: string
style: form
- in: query
name: authRealm
schema:
type: string
style: form
- in: query
name: authUser
description: user id
schema:
type: string
style: form
- in: query
name: dateFrom
schema:
type: string
style: form
- in: query
name: dateTo
schema:
type: string
style: form
- in: query
name: first
schema:
type: integer
format: int32
style: form
- in: query
name: max
description: Maximum results size (defaults to 100)
schema:
type: integer
format: int32
style: form
- in: query
name: operationTypes
schema:
type: array
items:
type: string
style: form
- in: query
name: resourcePath
schema:
type: string
style: form
- in: query
name: resourceTypes
schema:
type: array
items:
type: string
style: form
responses:
2XX:
description: success
content:
application/json:
schema:
type: array
items:
type: object
additionalProperties: true
delete:
tags:
- Realms Admin
summary: Delete all admin events
responses:
2XX:
description: success
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
"/{realm}/attack-detection/brute-force/users":
delete:
tags:
- Attack Detection
summary: Clear any user login failures for all users This can release temporary
disabled users
responses:
2XX:
description: success
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
"/{realm}/attack-detection/brute-force/users/{userId}":
get:
tags:
- Attack Detection
summary: Get status of a username in brute force detection
responses:
2XX:
description: success
content:
application/json:
schema:
type: object
additionalProperties: true
delete:
tags:
- Attack Detection
summary: Clear any user login failures for the user This can release temporary
disabled user
responses:
2XX:
description: success
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: userId
required: true
schema:
type: string
style: simple
"/{realm}/authentication/authenticator-providers":
get:
tags:
- Authentication Management
summary: Get authenticator providers Returns a stream of authenticator providers.
responses:
2XX:
description: success
content:
application/json:
schema:
type: array
items:
type: object
additionalProperties: true
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
"/{realm}/authentication/client-authenticator-providers":
get:
tags:
- Authentication Management
summary: Get client authenticator providers Returns a stream of client authenticator
providers.
responses:
2XX:
description: success
content:
application/json:
schema:
type: array
items:
type: object
additionalProperties: true
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
"/{realm}/authentication/config-description/{providerId}":
get:
tags:
- Authentication Management
summary: Get authenticator providers configuration description
responses:
2XX:
description: success
content:
application/json:
schema:
"$ref": "#/components/schemas/AuthenticatorConfigInfoRepresentation"
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: providerId
required: true
schema:
type: string
style: simple
"/{realm}/authentication/config/{id}":
get:
tags:
- Authentication Management
summary: Get authenticator configuration
responses:
2XX:
description: success
content:
application/json:
schema:
"$ref": "#/components/schemas/AuthenticatorConfigRepresentation"
put:
tags:
- Authentication Management
summary: Update authenticator configuration
requestBody:
description: JSON describing new state of authenticator configuration
content:
application/json:
schema:
"$ref": "#/components/schemas/AuthenticatorConfigRepresentation"
required: true
responses:
2XX:
description: success
delete:
tags:
- Authentication Management
summary: Delete authenticator configuration
responses:
2XX:
description: success
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: id
description: Configuration id
required: true
schema:
type: string
style: simple
"/{realm}/authentication/executions":
post:
tags:
- Authentication Management
summary: Add new authentication execution
requestBody:
description: JSON model describing authentication execution
content:
application/json:
schema:
"$ref": "#/components/schemas/AuthenticationExecutionRepresentation"
required: true
responses:
2XX:
description: success
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
"/{realm}/authentication/executions/{executionId}":
get:
tags:
- Authentication Management
summary: Get Single Execution
responses:
2XX:
description: success
delete:
tags:
- Authentication Management
summary: Delete execution
responses:
2XX:
description: success
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: executionId
description: Execution id
required: true
schema:
type: string
style: simple
"/{realm}/authentication/executions/{executionId}/config":
post:
tags:
- Authentication Management
summary: Update execution with new configuration
requestBody:
description: JSON with new configuration
content:
application/json:
schema:
"$ref": "#/components/schemas/AuthenticatorConfigRepresentation"
required: true
responses:
2XX:
description: success
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: executionId
description: Execution id
required: true
schema:
type: string
style: simple
"/{realm}/authentication/executions/{executionId}/lower-priority":
post:
tags:
- Authentication Management
summary: Lower executions priority
responses:
2XX:
description: success
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: executionId
description: Execution id
required: true
schema:
type: string
style: simple
"/{realm}/authentication/executions/{executionId}/raise-priority":
post:
tags:
- Authentication Management
summary: Raise executions priority
responses:
2XX:
description: success
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: executionId
description: Execution id
required: true
schema:
type: string
style: simple
"/{realm}/authentication/flows":
get:
tags:
- Authentication Management
summary: Get authentication flows Returns a stream of authentication flows.
responses:
2XX:
description: success
content:
application/json:
schema:
type: array
items:
type: object
additionalProperties: true
post:
tags:
- Authentication Management
summary: Create a new authentication flow
requestBody:
description: Authentication flow representation
content:
application/json:
schema:
"$ref": "#/components/schemas/AuthenticationFlowRepresentation"
required: true
responses:
2XX:
description: success
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
"/{realm}/authentication/flows/{flowAlias}/copy":
post:
tags:
- Authentication Management
summary: Copy existing authentication flow under a new name The new name is
given as 'newName' attribute of the passed JSON object
requestBody:
description: JSON containing 'newName' attribute
content:
application/json:
schema:
type: object
additionalProperties: true
required: true
responses:
2XX:
description: success
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: flowAlias
description: Name of the existing authentication flow
required: true
schema:
type: string
style: simple
"/{realm}/authentication/flows/{flowAlias}/executions":
get:
tags:
- Authentication Management
summary: Get authentication executions for a flow
responses:
2XX:
description: success
put:
tags:
- Authentication Management
summary: Update authentication executions of a Flow
requestBody:
description: AuthenticationExecutionInfoRepresentation
content:
application/json:
schema:
"$ref": "#/components/schemas/AuthenticationExecutionInfoRepresentation"
required: true
responses:
2XX:
description: success
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: flowAlias
description: Flow alias
required: true
schema:
type: string
style: simple
"/{realm}/authentication/flows/{flowAlias}/executions/execution":
post:
tags:
- Authentication Management
summary: Add new authentication execution to a flow
requestBody:
description: New execution JSON data containing 'provider' attribute
content:
application/json:
schema:
type: object
additionalProperties: true
required: true
responses:
2XX:
description: success
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: flowAlias
description: Alias of parent flow
required: true
schema:
type: string
style: simple
"/{realm}/authentication/flows/{flowAlias}/executions/flow":
post:
tags:
- Authentication Management
summary: Add new flow with new execution to existing flow
requestBody:
description: New authentication flow / execution JSON data containing 'alias',
'type', 'provider', and 'description' attributes
content:
application/json:
schema:
type: object
additionalProperties: true
required: true
responses:
2XX:
description: success
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: flowAlias
description: Alias of parent authentication flow
required: true
schema:
type: string
style: simple
"/{realm}/authentication/flows/{id}":
get:
tags:
- Authentication Management
summary: Get authentication flow for id
responses:
2XX:
description: success
content:
application/json:
schema:
"$ref": "#/components/schemas/AuthenticationFlowRepresentation"
put:
tags:
- Authentication Management
summary: Update an authentication flow
requestBody:
description: Authentication flow representation
content:
application/json:
schema:
"$ref": "#/components/schemas/AuthenticationFlowRepresentation"
required: true
responses:
2XX:
description: success
delete:
tags:
- Authentication Management
summary: Delete an authentication flow
responses:
2XX:
description: success
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: id
description: Flow id
required: true
schema:
type: string
style: simple
"/{realm}/authentication/form-action-providers":
get:
tags:
- Authentication Management
summary: Get form action providers Returns a stream of form action providers.
responses:
2XX:
description: success
content:
application/json:
schema:
type: array
items:
type: object
additionalProperties: true
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
"/{realm}/authentication/form-providers":
get:
tags:
- Authentication Management
summary: Get form providers Returns a stream of form providers.
responses:
2XX:
description: success
content:
application/json:
schema:
type: array
items:
type: object
additionalProperties: true
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
"/{realm}/authentication/per-client-config-description":
get:
tags:
- Authentication Management
summary: Get configuration descriptions for all clients
responses:
2XX:
description: success
content:
application/json:
schema:
type: object
additionalProperties: true
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
"/{realm}/authentication/register-required-action":
post:
tags:
- Authentication Management
summary: Register a new required actions
requestBody:
description: JSON containing 'providerId', and 'name' attributes.
content:
application/json:
schema:
type: object
additionalProperties: true
required: true
responses:
2XX:
description: success
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
"/{realm}/authentication/required-actions":
get:
tags:
- Authentication Management
summary: Get required actions Returns a stream of required actions.
responses:
2XX:
description: success
content:
application/json:
schema:
type: array
items:
type: object
additionalProperties: true
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
"/{realm}/authentication/required-actions/{alias}":
get:
tags:
- Authentication Management
summary: Get required action for alias
responses:
2XX:
description: success
content:
application/json:
schema:
"$ref": "#/components/schemas/RequiredActionProviderRepresentation"
put:
tags:
- Authentication Management
summary: Update required action
requestBody:
description: JSON describing new state of required action
content:
application/json:
schema:
"$ref": "#/components/schemas/RequiredActionProviderRepresentation"
required: true
responses:
2XX:
description: success
delete:
tags:
- Authentication Management
summary: Delete required action
responses:
2XX:
description: success
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: alias
description: Alias of required action
required: true
schema:
type: string
style: simple
"/{realm}/authentication/required-actions/{alias}/lower-priority":
post:
tags:
- Authentication Management
summary: Lower required actions priority
responses:
2XX:
description: success
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: alias
description: Alias of required action
required: true
schema:
type: string
style: simple
"/{realm}/authentication/required-actions/{alias}/raise-priority":
post:
tags:
- Authentication Management
summary: Raise required actions priority
responses:
2XX:
description: success
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: alias
description: Alias of required action
required: true
schema:
type: string
style: simple
"/{realm}/authentication/unregistered-required-actions":
get:
tags:
- Authentication Management
summary: Get unregistered required actions Returns a stream of unregistered
required actions.
responses:
2XX:
description: success
content:
application/json:
schema:
type: array
items:
type: object
additionalProperties: true
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
"/{realm}/clear-keys-cache":
post:
tags:
- Realms Admin
summary: Clear cache of external public keys (Public keys of clients or Identity
providers)
responses:
2XX:
description: success
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
"/{realm}/clear-realm-cache":
post:
tags:
- Realms Admin
summary: Clear realm cache
responses:
2XX:
description: success
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
"/{realm}/clear-user-cache":
post:
tags:
- Realms Admin
summary: Clear user cache
responses:
2XX:
description: success
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
"/{realm}/client-description-converter":
post:
tags:
- Realms Admin
summary: Base path for importing clients under this realm.
requestBody:
content:
text/plain:
schema:
type: string
required: true
responses:
2XX:
description: success
content:
application/json:
schema:
"$ref": "#/components/schemas/ClientRepresentation"
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
"/{realm}/client-policies/policies":
get:
tags:
- Realms Admin
responses:
2XX:
description: success
content:
application/json:
schema:
"$ref": "#/components/schemas/ClientPoliciesRepresentation"
put:
tags:
- Realms Admin
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/ClientPoliciesRepresentation"
required: true
responses:
2XX:
description: success
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
"/{realm}/client-policies/profiles":
get:
tags:
- Realms Admin
parameters:
- in: query
name: include-global-profiles
schema:
type: boolean
style: form
responses:
2XX:
description: success
content:
application/json:
schema:
"$ref": "#/components/schemas/ClientProfilesRepresentation"
put:
tags:
- Realms Admin
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/ClientProfilesRepresentation"
required: true
responses:
2XX:
description: success
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
"/{realm}/client-registration-policy/providers":
get:
tags:
- Client Registration Policy
summary: Base path for retrieve providers with the configProperties properly
filled
responses:
2XX:
description: success
content:
application/json:
schema:
type: array
items:
type: object
additionalProperties: true
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
"/{realm}/client-scopes":
get:
tags:
- Client Scopes
summary: Get client scopes belonging to the realm Returns a list of client
scopes belonging to the realm
responses:
2XX:
description: success
content:
application/json:
schema:
type: array
items:
type: object
additionalProperties: true
post:
tags:
- Client Scopes
summary: Create a new client scope Client Scopes name must be unique!
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/ClientScopeRepresentation"
required: true
responses:
2XX:
description: success
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
"/{realm}/client-scopes/{id1}/protocol-mappers/models/{id2}":
get:
tags:
- Protocol Mappers
summary: Get mapper by id
responses:
2XX:
description: success
content:
application/json:
schema:
"$ref": "#/components/schemas/ProtocolMapperRepresentation"
put:
tags:
- Protocol Mappers
summary: Update the mapper
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/ProtocolMapperRepresentation"
required: true
responses:
2XX:
description: success
delete:
tags:
- Protocol Mappers
summary: Delete the mapper
responses:
2XX:
description: success
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: id1
required: true
schema:
type: string
style: simple
- in: path
name: id2
required: true
schema:
type: string
style: simple
"/{realm}/client-scopes/{id}":
get:
tags:
- Client Scopes
summary: Get representation of the client scope
responses:
2XX:
description: success
content:
application/json:
schema:
"$ref": "#/components/schemas/ClientScopeRepresentation"
put:
tags:
- Client Scopes
summary: Update the client scope
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/ClientScopeRepresentation"
required: true
responses:
2XX:
description: success
delete:
tags:
- Client Scopes
summary: Delete the client scope
responses:
2XX:
description: success
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: id
description: id of client scope (not name)
required: true
schema:
type: string
style: simple
"/{realm}/client-scopes/{id}/protocol-mappers/add-models":
post:
tags:
- Protocol Mappers
summary: Create multiple mappers
requestBody:
content:
application/json:
schema:
type: array
items:
"$ref": "#/components/schemas/ProtocolMapperRepresentation"
required: true
responses:
2XX:
description: success
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: id
description: id of client scope (not name)
required: true
schema:
type: string
style: simple
"/{realm}/client-scopes/{id}/protocol-mappers/models":
get:
tags:
- Protocol Mappers
summary: Get mappers
responses:
2XX:
description: success
content:
application/json:
schema:
type: array
items:
type: object
additionalProperties: true
post:
tags:
- Protocol Mappers
summary: Create a mapper
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/ProtocolMapperRepresentation"
required: true
responses:
2XX:
description: success
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: id
description: id of client scope (not name)
required: true
schema:
type: string
style: simple
"/{realm}/client-scopes/{id}/protocol-mappers/protocol/{protocol}":
get:
tags:
- Protocol Mappers
summary: Get mappers by name for a specific protocol
responses:
2XX:
description: success
content:
application/json:
schema:
type: array
items:
type: object
additionalProperties: true
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: id
description: id of client scope (not name)
required: true
schema:
type: string
style: simple
- in: path
name: protocol
required: true
schema:
type: string
style: simple
"/{realm}/client-scopes/{id}/scope-mappings/clients/{client}":
get:
tags:
- Scope Mappings
summary: Get the roles associated with a clients scope Returns roles for
the client.
responses:
2XX:
description: success
content:
application/json:
schema:
type: array
items:
type: object
additionalProperties: true
post:
tags:
- Scope Mappings
summary: Add client-level roles to the clients scope
requestBody:
content:
application/json:
schema:
type: array
items:
"$ref": "#/components/schemas/RoleRepresentation"
required: true
responses:
2XX:
description: success
delete:
tags:
- Scope Mappings
summary: Remove client-level roles from the clients scope.
requestBody:
content:
application/json:
schema:
type: array
items:
"$ref": "#/components/schemas/RoleRepresentation"
required: true
responses:
2XX:
description: success
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: id
description: id of client scope (not name)
required: true
schema:
type: string
style: simple
- in: path
name: client
required: true
schema:
type: string
style: simple
"/{realm}/client-scopes/{id}/scope-mappings/clients/{client}/available":
get:
tags:
- Scope Mappings
summary: The available client-level roles Returns the roles for the client
that can be associated with the clients scope
responses:
2XX:
description: success
content:
application/json:
schema:
type: array
items:
type: object
additionalProperties: true
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: id
description: id of client scope (not name)
required: true
schema:
type: string
style: simple
- in: path
name: client
required: true
schema:
type: string
style: simple
"/{realm}/client-scopes/{id}/scope-mappings/clients/{client}/composite":
get:
tags:
- Scope Mappings
summary: Get effective client roles Returns the roles for the client that
are associated with the clients scope.
parameters:
- in: query
name: briefRepresentation
description: if false, return roles with their attributes
schema:
type: boolean
style: form
responses:
2XX:
description: success
content:
application/json:
schema:
type: array
items:
type: object
additionalProperties: true
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: id
description: id of client scope (not name)
required: true
schema:
type: string
style: simple
- in: path
name: client
required: true
schema:
type: string
style: simple
"/{realm}/client-scopes/{id}/scope-mappings/realm":
get:
tags:
- Scope Mappings
summary: Get realm-level roles associated with the clients scope
responses:
2XX:
description: success
content:
application/json:
schema:
type: array
items:
type: object
additionalProperties: true
post:
tags:
- Scope Mappings
summary: Add a set of realm-level roles to the clients scope
requestBody:
content:
application/json:
schema:
type: array
items:
"$ref": "#/components/schemas/RoleRepresentation"
required: true
responses:
2XX:
description: success
delete:
tags:
- Scope Mappings
summary: Remove a set of realm-level roles from the clients scope
requestBody:
content:
application/json:
schema:
type: array
items:
"$ref": "#/components/schemas/RoleRepresentation"
required: true
responses:
2XX:
description: success
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: id
description: id of client scope (not name)
required: true
schema:
type: string
style: simple
"/{realm}/client-scopes/{id}/scope-mappings/realm/available":
get:
tags:
- Scope Mappings
summary: Get realm-level roles that are available to attach to this clients
scope
responses:
2XX:
description: success
content:
application/json:
schema:
type: array
items:
type: object
additionalProperties: true
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: id
description: id of client scope (not name)
required: true
schema:
type: string
style: simple
"/{realm}/client-scopes/{id}/scope-mappings/realm/composite":
get:
tags:
- Scope Mappings
summary: Get effective realm-level roles associated with the clients scope What
this does is recurse any composite roles associated with the clients scope
and adds the roles to this lists.
parameters:
- in: query
name: briefRepresentation
description: if false, return roles with their attributes
schema:
type: boolean
style: form
responses:
2XX:
description: success
content:
application/json:
schema:
type: array
items:
type: object
additionalProperties: true
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: id
description: id of client scope (not name)
required: true
schema:
type: string
style: simple
"/{realm}/client-session-stats":
get:
tags:
- Realms Admin
summary: Get client session stats Returns a JSON map.
responses:
2XX:
description: success
content:
application/json:
schema:
type: array
items:
type: object
additionalProperties: true
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
"/{realm}/clients":
get:
tags:
- Clients
summary: Get clients belonging to the realm.
parameters:
- in: query
name: clientId
description: filter by clientId
schema:
type: string
style: form
- in: query
name: first
description: the first result
schema:
type: integer
format: int32
style: form
- in: query
name: max
description: the max results to return
schema:
type: integer
format: int32
style: form
- in: query
name: q
schema:
type: string
style: form
- in: query
name: search
description: whether this is a search query or a getClientById query
schema:
type: boolean
style: form
- in: query
name: viewableOnly
description: filter clients that cannot be viewed in full by admin
schema:
type: boolean
style: form
responses:
2XX:
description: success
content:
application/json:
schema:
type: array
items:
type: object
additionalProperties: true
post:
tags:
- Clients
summary: Create a new client Clients client_id must be unique!
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/ClientRepresentation"
required: true
responses:
2XX:
description: success
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
"/{realm}/clients-initial-access":
get:
tags:
- Client Initial Access
responses:
2XX:
description: success
content:
application/json:
schema:
type: array
items:
type: object
additionalProperties: true
post:
tags:
- Client Initial Access
summary: Create a new initial access token.
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/ClientInitialAccessCreatePresentation"
required: true
responses:
2XX:
description: success
content:
application/json:
schema:
"$ref": "#/components/schemas/ClientInitialAccessPresentation"
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
"/{realm}/clients-initial-access/{id}":
delete:
tags:
- Client Initial Access
responses:
2XX:
description: success
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: id
required: true
schema:
type: string
style: simple
"/{realm}/clients/{id1}/protocol-mappers/models/{id2}":
get:
tags:
- Protocol Mappers
summary: Get mapper by id
responses:
2XX:
description: success
content:
application/json:
schema:
"$ref": "#/components/schemas/ProtocolMapperRepresentation"
put:
tags:
- Protocol Mappers
summary: Update the mapper
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/ProtocolMapperRepresentation"
required: true
responses:
2XX:
description: success
delete:
tags:
- Protocol Mappers
summary: Delete the mapper
responses:
2XX:
description: success
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: id1
required: true
schema:
type: string
style: simple
- in: path
name: id2
required: true
schema:
type: string
style: simple
"/{realm}/clients/{id}":
get:
tags:
- Clients
summary: Get representation of the client
responses:
2XX:
description: success
content:
application/json:
schema:
"$ref": "#/components/schemas/ClientRepresentation"
put:
tags:
- Clients
summary: Update the client
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/ClientRepresentation"
required: true
responses:
2XX:
description: success
delete:
tags:
- Clients
summary: Delete the client
responses:
2XX:
description: success
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: id
description: id of client (not client-id)
required: true
schema:
type: string
style: simple
"/{realm}/clients/{id}/certificates/{attr}":
get:
tags:
- Client Attribute Certificate
summary: Get key info
responses:
2XX:
description: success
content:
application/json:
schema:
"$ref": "#/components/schemas/CertificateRepresentation"
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: id
description: id of client (not client-id)
required: true
schema:
type: string
style: simple
- in: path
name: attr
required: true
schema:
type: string
style: simple
"/{realm}/clients/{id}/certificates/{attr}/download":
post:
tags:
- Client Attribute Certificate
summary: Get a keystore file for the client, containing private key and public
certificate
requestBody:
description: Keystore configuration as JSON
content:
application/json:
schema:
"$ref": "#/components/schemas/KeyStoreConfig"
required: true
responses:
2XX:
description: success
content:
application/octet-stream:
schema:
type: string
format: byte
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: id
description: id of client (not client-id)
required: true
schema:
type: string
style: simple
- in: path
name: attr
required: true
schema:
type: string
style: simple
"/{realm}/clients/{id}/certificates/{attr}/generate":
post:
tags:
- Client Attribute Certificate
summary: Generate a new certificate with new key pair
responses:
2XX:
description: success
content:
application/json:
schema:
"$ref": "#/components/schemas/CertificateRepresentation"
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: id
description: id of client (not client-id)
required: true
schema:
type: string
style: simple
- in: path
name: attr
required: true
schema:
type: string
style: simple
"/{realm}/clients/{id}/certificates/{attr}/generate-and-download":
post:
tags:
- Client Attribute Certificate
summary: Generate a new keypair and certificate, and get the private key file Generates
a keypair and certificate and serves the private key in a specified keystore
format.
requestBody:
description: Keystore configuration as JSON
content:
application/json:
schema:
"$ref": "#/components/schemas/KeyStoreConfig"
required: true
responses:
2XX:
description: success
content:
application/octet-stream:
schema:
type: string
format: byte
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: id
description: id of client (not client-id)
required: true
schema:
type: string
style: simple
- in: path
name: attr
required: true
schema:
type: string
style: simple
"/{realm}/clients/{id}/certificates/{attr}/upload":
post:
tags:
- Client Attribute Certificate
summary: Upload certificate and eventually private key
responses:
2XX:
description: success
content:
application/json:
schema:
"$ref": "#/components/schemas/CertificateRepresentation"
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: id
description: id of client (not client-id)
required: true
schema:
type: string
style: simple
- in: path
name: attr
required: true
schema:
type: string
style: simple
"/{realm}/clients/{id}/certificates/{attr}/upload-certificate":
post:
tags:
- Client Attribute Certificate
summary: Upload only certificate, not private key
responses:
2XX:
description: success
content:
application/json:
schema:
"$ref": "#/components/schemas/CertificateRepresentation"
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: id
description: id of client (not client-id)
required: true
schema:
type: string
style: simple
- in: path
name: attr
required: true
schema:
type: string
style: simple
"/{realm}/clients/{id}/client-secret":
get:
tags:
- Clients
summary: Get the client secret
responses:
2XX:
description: success
content:
application/json:
schema:
"$ref": "#/components/schemas/CredentialRepresentation"
post:
tags:
- Clients
summary: Generate a new secret for the client
responses:
2XX:
description: success
content:
application/json:
schema:
"$ref": "#/components/schemas/CredentialRepresentation"
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: id
description: id of client (not client-id)
required: true
schema:
type: string
style: simple
"/{realm}/clients/{id}/client-secret/rotated":
get:
tags:
- Clients
summary: Get the rotated client secret
responses:
2XX:
description: success
content:
application/json:
schema:
"$ref": "#/components/schemas/CredentialRepresentation"
delete:
tags:
- Clients
summary: Invalidate the rotated secret for the client
responses:
2XX:
description: success
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: id
description: id of client (not client-id)
required: true
schema:
type: string
style: simple
"/{realm}/clients/{id}/default-client-scopes":
get:
tags:
- Clients
summary: Get default client scopes.
responses:
2XX:
description: success
content:
application/json:
schema:
type: array
items:
type: object
additionalProperties: true
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: id
description: id of client (not client-id)
required: true
schema:
type: string
style: simple
"/{realm}/clients/{id}/default-client-scopes/{clientScopeId}":
put:
tags:
- Clients
responses:
2XX:
description: success
delete:
tags:
- Clients
responses:
2XX:
description: success
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: id
description: id of client (not client-id)
required: true
schema:
type: string
style: simple
- in: path
name: clientScopeId
required: true
schema:
type: string
style: simple
"/{realm}/clients/{id}/evaluate-scopes/generate-example-access-token":
get:
tags:
- Clients
summary: Create JSON with payload of example access token
parameters:
- in: query
name: scope
schema:
type: string
style: form
- in: query
name: userId
schema:
type: string
style: form
responses:
2XX:
description: success
content:
application/json:
schema:
"$ref": "#/components/schemas/AccessToken"
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: id
description: id of client (not client-id)
required: true
schema:
type: string
style: simple
"/{realm}/clients/{id}/evaluate-scopes/generate-example-id-token":
get:
tags:
- Clients
summary: Create JSON with payload of example id token
parameters:
- in: query
name: scope
schema:
type: string
style: form
- in: query
name: userId
schema:
type: string
style: form
responses:
2XX:
description: success
content:
application/json:
schema:
"$ref": "#/components/schemas/IDToken"
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: id
description: id of client (not client-id)
required: true
schema:
type: string
style: simple
"/{realm}/clients/{id}/evaluate-scopes/generate-example-userinfo":
get:
tags:
- Clients
summary: Create JSON with payload of example user info
parameters:
- in: query
name: scope
schema:
type: string
style: form
- in: query
name: userId
schema:
type: string
style: form
responses:
2XX:
description: success
content:
application/json:
schema:
type: object
additionalProperties: true
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: id
description: id of client (not client-id)
required: true
schema:
type: string
style: simple
"/{realm}/clients/{id}/evaluate-scopes/protocol-mappers":
get:
tags:
- Clients
summary: Return list of all protocol mappers, which will be used when generating
tokens issued for particular client.
parameters:
- in: query
name: scope
schema:
type: string
style: form
responses:
2XX:
description: success
content:
application/json:
schema:
type: array
items:
type: object
additionalProperties: true
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: id
description: id of client (not client-id)
required: true
schema:
type: string
style: simple
"/{realm}/clients/{id}/evaluate-scopes/scope-mappings/{roleContainerId}/granted":
get:
tags:
- Clients
summary: Get effective scope mapping of all roles of particular role container,
which this client is defacto allowed to have in the accessToken issued for
him.
parameters:
- in: query
name: scope
schema:
type: string
style: form
responses:
2XX:
description: success
content:
application/json:
schema:
type: array
items:
type: object
additionalProperties: true
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: id
description: id of client (not client-id)
required: true
schema:
type: string
style: simple
- in: path
name: roleContainerId
description: either realm name OR client UUID
required: true
schema:
type: string
style: simple
"/{realm}/clients/{id}/evaluate-scopes/scope-mappings/{roleContainerId}/not-granted":
get:
tags:
- Clients
summary: Get roles, which this client doesnt have scope for and cant have
them in the accessToken issued for him.
parameters:
- in: query
name: scope
schema:
type: string
style: form
responses:
2XX:
description: success
content:
application/json:
schema:
type: array
items:
type: object
additionalProperties: true
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: id
description: id of client (not client-id)
required: true
schema:
type: string
style: simple
- in: path
name: roleContainerId
description: either realm name OR client UUID
required: true
schema:
type: string
style: simple
"/{realm}/clients/{id}/installation/providers/{providerId}":
get:
tags:
- Clients
responses:
2XX:
description: success
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: id
description: id of client (not client-id)
required: true
schema:
type: string
style: simple
- in: path
name: providerId
required: true
schema:
type: string
style: simple
"/{realm}/clients/{id}/management/permissions":
get:
tags:
- Clients
summary: Return object stating whether client Authorization permissions have
been initialized or not and a reference
responses:
2XX:
description: success
content:
application/json:
schema:
"$ref": "#/components/schemas/ManagementPermissionReference"
put:
tags:
- Clients
summary: Return object stating whether client Authorization permissions have
been initialized or not and a reference
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/ManagementPermissionReference"
required: true
responses:
2XX:
description: success
content:
application/json:
schema:
"$ref": "#/components/schemas/ManagementPermissionReference"
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: id
description: id of client (not client-id)
required: true
schema:
type: string
style: simple
"/{realm}/clients/{id}/nodes":
post:
tags:
- Clients
summary: Register a cluster node with the client Manually register cluster
node to this client - usually its not needed to call this directly as adapter
should handle by sending registration request to Keycloak
requestBody:
content:
application/json:
schema:
type: object
additionalProperties: true
required: true
responses:
2XX:
description: success
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: id
description: id of client (not client-id)
required: true
schema:
type: string
style: simple
"/{realm}/clients/{id}/nodes/{node}":
delete:
tags:
- Clients
summary: Unregister a cluster node from the client
responses:
2XX:
description: success
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: id
description: id of client (not client-id)
required: true
schema:
type: string
style: simple
- in: path
name: node
required: true
schema:
type: string
style: simple
"/{realm}/clients/{id}/offline-session-count":
get:
tags:
- Clients
summary: 'Get application offline session count Returns a number of offline
user sessions associated with this client { "count": number }'
responses:
2XX:
description: success
content:
application/json:
schema:
type: object
additionalProperties: true
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: id
description: id of client (not client-id)
required: true
schema:
type: string
style: simple
"/{realm}/clients/{id}/offline-sessions":
get:
tags:
- Clients
summary: Get offline sessions for client Returns a list of offline user sessions
associated with this client
parameters:
- in: query
name: first
description: Paging offset
schema:
type: integer
format: int32
style: form
- in: query
name: max
description: Maximum results size (defaults to 100)
schema:
type: integer
format: int32
style: form
responses:
2XX:
description: success
content:
application/json:
schema:
type: array
items:
type: object
additionalProperties: true
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: id
description: id of client (not client-id)
required: true
schema:
type: string
style: simple
"/{realm}/clients/{id}/optional-client-scopes":
get:
tags:
- Clients
summary: Get optional client scopes.
responses:
2XX:
description: success
content:
application/json:
schema:
type: array
items:
type: object
additionalProperties: true
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: id
description: id of client (not client-id)
required: true
schema:
type: string
style: simple
"/{realm}/clients/{id}/optional-client-scopes/{clientScopeId}":
put:
tags:
- Clients
responses:
2XX:
description: success
delete:
tags:
- Clients
responses:
2XX:
description: success
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: id
description: id of client (not client-id)
required: true
schema:
type: string
style: simple
- in: path
name: clientScopeId
required: true
schema:
type: string
style: simple
"/{realm}/clients/{id}/protocol-mappers/add-models":
post:
tags:
- Protocol Mappers
summary: Create multiple mappers
requestBody:
content:
application/json:
schema:
type: array
items:
"$ref": "#/components/schemas/ProtocolMapperRepresentation"
required: true
responses:
2XX:
description: success
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: id
description: id of client (not client-id)
required: true
schema:
type: string
style: simple
"/{realm}/clients/{id}/protocol-mappers/models":
get:
tags:
- Protocol Mappers
summary: Get mappers
responses:
2XX:
description: success
content:
application/json:
schema:
type: array
items:
type: object
additionalProperties: true
post:
tags:
- Protocol Mappers
summary: Create a mapper
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/ProtocolMapperRepresentation"
required: true
responses:
2XX:
description: success
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: id
description: id of client (not client-id)
required: true
schema:
type: string
style: simple
"/{realm}/clients/{id}/protocol-mappers/protocol/{protocol}":
get:
tags:
- Protocol Mappers
summary: Get mappers by name for a specific protocol
responses:
2XX:
description: success
content:
application/json:
schema:
type: array
items:
type: object
additionalProperties: true
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: id
description: id of client (not client-id)
required: true
schema:
type: string
style: simple
- in: path
name: protocol
required: true
schema:
type: string
style: simple
"/{realm}/clients/{id}/push-revocation":
post:
tags:
- Clients
summary: Push the clients revocation policy to its admin URL If the client
has an admin URL, push revocation policy to it.
responses:
2XX:
description: success
content:
application/json:
schema:
"$ref": "#/components/schemas/GlobalRequestResult"
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: id
description: id of client (not client-id)
required: true
schema:
type: string
style: simple
"/{realm}/clients/{id}/registration-access-token":
post:
tags:
- Clients
summary: Generate a new registration access token for the client
responses:
2XX:
description: success
content:
application/json:
schema:
"$ref": "#/components/schemas/ClientRepresentation"
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: id
description: id of client (not client-id)
required: true
schema:
type: string
style: simple
"/{realm}/clients/{id}/roles":
get:
tags:
- Roles
summary: Get all roles for the realm or client
parameters:
- in: query
name: briefRepresentation
schema:
type: boolean
style: form
- in: query
name: first
schema:
type: integer
format: int32
style: form
- in: query
name: max
schema:
type: integer
format: int32
style: form
- in: query
name: search
schema:
type: string
style: form
responses:
2XX:
description: success
content:
application/json:
schema:
type: array
items:
type: object
additionalProperties: true
post:
tags:
- Roles
summary: Create a new role for the realm or client
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/RoleRepresentation"
required: true
responses:
2XX:
description: success
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: id
description: id of client (not client-id)
required: true
schema:
type: string
style: simple
"/{realm}/clients/{id}/roles/{role-name}":
get:
tags:
- Roles
summary: Get a role by name
responses:
2XX:
description: success
content:
application/json:
schema:
"$ref": "#/components/schemas/RoleRepresentation"
put:
tags:
- Roles
summary: Update a role by name
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/RoleRepresentation"
required: true
responses:
2XX:
description: success
delete:
tags:
- Roles
summary: Delete a role by name
responses:
2XX:
description: success
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: id
description: id of client (not client-id)
required: true
schema:
type: string
style: simple
- in: path
name: role-name
description: roles name (not id!)
required: true
schema:
type: string
style: simple
"/{realm}/clients/{id}/roles/{role-name}/composites":
get:
tags:
- Roles
summary: Get composites of the role
responses:
2XX:
description: success
content:
application/json:
schema:
type: array
items:
type: object
additionalProperties: true
post:
tags:
- Roles
summary: Add a composite to the role
requestBody:
content:
application/json:
schema:
type: array
items:
"$ref": "#/components/schemas/RoleRepresentation"
required: true
responses:
2XX:
description: success
delete:
tags:
- Roles
summary: Remove roles from the roles composite
requestBody:
description: roles to remove
content:
application/json:
schema:
type: array
items:
"$ref": "#/components/schemas/RoleRepresentation"
required: true
responses:
2XX:
description: success
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: id
description: id of client (not client-id)
required: true
schema:
type: string
style: simple
- in: path
name: role-name
description: roles name (not id!)
required: true
schema:
type: string
style: simple
"/{realm}/clients/{id}/roles/{role-name}/composites/clients/{clientUuid}":
get:
tags:
- Roles
summary: Get client-level roles for the client that are in the roles composite
responses:
2XX:
description: success
content:
application/json:
schema:
type: array
items:
type: object
additionalProperties: true
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: id
description: id of client (not client-id)
required: true
schema:
type: string
style: simple
- in: path
name: role-name
description: roles name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: clientUuid
required: true
schema:
type: string
style: simple
"/{realm}/clients/{id}/roles/{role-name}/composites/realm":
get:
tags:
- Roles
summary: Get realm-level roles of the roles composite
responses:
2XX:
description: success
content:
application/json:
schema:
type: array
items:
type: object
additionalProperties: true
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: id
description: id of client (not client-id)
required: true
schema:
type: string
style: simple
- in: path
name: role-name
description: roles name (not id!)
required: true
schema:
type: string
style: simple
"/{realm}/clients/{id}/roles/{role-name}/groups":
get:
tags:
- Roles
summary: Returns a stream of groups that have the specified role name
parameters:
- in: query
name: briefRepresentation
description: if false, return a full representation of the {@code GroupRepresentation}
objects.
schema:
type: boolean
style: form
- in: query
name: first
description: first result to return. Ignored if negative or {@code null}.
schema:
type: integer
format: int32
style: form
- in: query
name: max
description: maximum number of results to return. Ignored if negative or {@code
null}.
schema:
type: integer
format: int32
style: form
responses:
2XX:
description: success
content:
application/json:
schema:
type: array
items:
type: object
additionalProperties: true
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: id
description: id of client (not client-id)
required: true
schema:
type: string
style: simple
- in: path
name: role-name
description: the role name.
required: true
schema:
type: string
style: simple
"/{realm}/clients/{id}/roles/{role-name}/management/permissions":
get:
tags:
- Roles
summary: Return object stating whether role Authorization permissions have been
initialized or not and a reference
responses:
2XX:
description: success
content:
application/json:
schema:
"$ref": "#/components/schemas/ManagementPermissionReference"
put:
tags:
- Roles
summary: Return object stating whether role Authorization permissions have been
initialized or not and a reference
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/ManagementPermissionReference"
required: true
responses:
2XX:
description: success
content:
application/json:
schema:
"$ref": "#/components/schemas/ManagementPermissionReference"
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: id
description: id of client (not client-id)
required: true
schema:
type: string
style: simple
- in: path
name: role-name
required: true
schema:
type: string
style: simple
"/{realm}/clients/{id}/roles/{role-name}/users":
get:
tags:
- Roles
summary: Returns a stream of users that have the specified role name.
parameters:
- in: query
name: first
description: first result to return. Ignored if negative or {@code null}.
schema:
type: integer
format: int32
style: form
- in: query
name: max
description: maximum number of results to return. Ignored if negative or {@code
null}.
schema:
type: integer
format: int32
style: form
responses:
2XX:
description: success
content:
application/json:
schema:
type: array
items:
type: object
additionalProperties: true
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: id
description: id of client (not client-id)
required: true
schema:
type: string
style: simple
- in: path
name: role-name
description: the role name.
required: true
schema:
type: string
style: simple
"/{realm}/clients/{id}/scope-mappings/clients/{client}":
get:
tags:
- Scope Mappings
summary: Get the roles associated with a clients scope Returns roles for
the client.
responses:
2XX:
description: success
content:
application/json:
schema:
type: array
items:
type: object
additionalProperties: true
post:
tags:
- Scope Mappings
summary: Add client-level roles to the clients scope
requestBody:
content:
application/json:
schema:
type: array
items:
"$ref": "#/components/schemas/RoleRepresentation"
required: true
responses:
2XX:
description: success
delete:
tags:
- Scope Mappings
summary: Remove client-level roles from the clients scope.
requestBody:
content:
application/json:
schema:
type: array
items:
"$ref": "#/components/schemas/RoleRepresentation"
required: true
responses:
2XX:
description: success
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: id
description: id of client (not client-id)
required: true
schema:
type: string
style: simple
- in: path
name: client
required: true
schema:
type: string
style: simple
"/{realm}/clients/{id}/scope-mappings/clients/{client}/available":
get:
tags:
- Scope Mappings
summary: The available client-level roles Returns the roles for the client
that can be associated with the clients scope
responses:
2XX:
description: success
content:
application/json:
schema:
type: array
items:
type: object
additionalProperties: true
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: id
description: id of client (not client-id)
required: true
schema:
type: string
style: simple
- in: path
name: client
required: true
schema:
type: string
style: simple
"/{realm}/clients/{id}/scope-mappings/clients/{client}/composite":
get:
tags:
- Scope Mappings
summary: Get effective client roles Returns the roles for the client that
are associated with the clients scope.
parameters:
- in: query
name: briefRepresentation
description: if false, return roles with their attributes
schema:
type: boolean
style: form
responses:
2XX:
description: success
content:
application/json:
schema:
type: array
items:
type: object
additionalProperties: true
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: id
description: id of client (not client-id)
required: true
schema:
type: string
style: simple
- in: path
name: client
required: true
schema:
type: string
style: simple
"/{realm}/clients/{id}/scope-mappings/realm":
get:
tags:
- Scope Mappings
summary: Get realm-level roles associated with the clients scope
responses:
2XX:
description: success
content:
application/json:
schema:
type: array
items:
type: object
additionalProperties: true
post:
tags:
- Scope Mappings
summary: Add a set of realm-level roles to the clients scope
requestBody:
content:
application/json:
schema:
type: array
items:
"$ref": "#/components/schemas/RoleRepresentation"
required: true
responses:
2XX:
description: success
delete:
tags:
- Scope Mappings
summary: Remove a set of realm-level roles from the clients scope
requestBody:
content:
application/json:
schema:
type: array
items:
"$ref": "#/components/schemas/RoleRepresentation"
required: true
responses:
2XX:
description: success
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: id
description: id of client (not client-id)
required: true
schema:
type: string
style: simple
"/{realm}/clients/{id}/scope-mappings/realm/available":
get:
tags:
- Scope Mappings
summary: Get realm-level roles that are available to attach to this clients
scope
responses:
2XX:
description: success
content:
application/json:
schema:
type: array
items:
type: object
additionalProperties: true
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: id
description: id of client (not client-id)
required: true
schema:
type: string
style: simple
"/{realm}/clients/{id}/scope-mappings/realm/composite":
get:
tags:
- Scope Mappings
summary: Get effective realm-level roles associated with the clients scope What
this does is recurse any composite roles associated with the clients scope
and adds the roles to this lists.
parameters:
- in: query
name: briefRepresentation
description: if false, return roles with their attributes
schema:
type: boolean
style: form
responses:
2XX:
description: success
content:
application/json:
schema:
type: array
items:
type: object
additionalProperties: true
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: id
description: id of client (not client-id)
required: true
schema:
type: string
style: simple
"/{realm}/clients/{id}/service-account-user":
get:
tags:
- Clients
summary: Get a user dedicated to the service account
responses:
2XX:
description: success
content:
application/json:
schema:
"$ref": "#/components/schemas/UserRepresentation"
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: id
description: id of client (not client-id)
required: true
schema:
type: string
style: simple
"/{realm}/clients/{id}/session-count":
get:
tags:
- Clients
summary: 'Get application session count Returns a number of user sessions
associated with this client { "count": number }'
responses:
2XX:
description: success
content:
application/json:
schema:
type: object
additionalProperties: true
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: id
description: id of client (not client-id)
required: true
schema:
type: string
style: simple
"/{realm}/clients/{id}/test-nodes-available":
get:
tags:
- Clients
summary: Test if registered cluster nodes are available Tests availability
by sending 'ping' request to all cluster nodes.
responses:
2XX:
description: success
content:
application/json:
schema:
"$ref": "#/components/schemas/GlobalRequestResult"
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: id
description: id of client (not client-id)
required: true
schema:
type: string
style: simple
"/{realm}/clients/{id}/user-sessions":
get:
tags:
- Clients
summary: Get user sessions for client Returns a list of user sessions associated
with this client
parameters:
- in: query
name: first
description: Paging offset
schema:
type: integer
format: int32
style: form
- in: query
name: max
description: Maximum results size (defaults to 100)
schema:
type: integer
format: int32
style: form
responses:
2XX:
description: success
content:
application/json:
schema:
type: array
items:
type: object
additionalProperties: true
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: id
description: id of client (not client-id)
required: true
schema:
type: string
style: simple
"/{realm}/components":
get:
tags:
- Component
parameters:
- in: query
name: name
schema:
type: string
style: form
- in: query
name: parent
schema:
type: string
style: form
- in: query
name: type
schema:
type: string
style: form
responses:
2XX:
description: success
content:
application/json:
schema:
type: array
items:
type: object
additionalProperties: true
post:
tags:
- Component
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/ComponentRepresentation"
required: true
responses:
2XX:
description: success
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
"/{realm}/components/{id}":
get:
tags:
- Component
responses:
2XX:
description: success
content:
application/json:
schema:
"$ref": "#/components/schemas/ComponentRepresentation"
put:
tags:
- Component
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/ComponentRepresentation"
required: true
responses:
2XX:
description: success
delete:
tags:
- Component
responses:
2XX:
description: success
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: id
required: true
schema:
type: string
style: simple
"/{realm}/components/{id}/sub-component-types":
get:
tags:
- Component
summary: List of subcomponent types that are available to configure for a particular
parent component.
parameters:
- in: query
name: type
schema:
type: string
style: form
responses:
2XX:
description: success
content:
application/json:
schema:
type: array
items:
type: object
additionalProperties: true
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: id
required: true
schema:
type: string
style: simple
"/{realm}/credential-registrators":
get:
tags:
- Realms Admin
responses:
2XX:
description: success
content:
application/json:
schema:
type: array
items:
type: object
additionalProperties: true
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
"/{realm}/default-default-client-scopes":
get:
tags:
- Realms Admin
summary: Get realm default client scopes.
responses:
2XX:
description: success
content:
application/json:
schema:
type: array
items:
type: object
additionalProperties: true
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
"/{realm}/default-default-client-scopes/{clientScopeId}":
put:
tags:
- Realms Admin
responses:
2XX:
description: success
delete:
tags:
- Realms Admin
responses:
2XX:
description: success
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: clientScopeId
required: true
schema:
type: string
style: simple
"/{realm}/default-groups":
get:
tags:
- Realms Admin
summary: Get group hierarchy.
responses:
2XX:
description: success
content:
application/json:
schema:
type: array
items:
type: object
additionalProperties: true
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
"/{realm}/default-groups/{groupId}":
put:
tags:
- Realms Admin
responses:
2XX:
description: success
delete:
tags:
- Realms Admin
responses:
2XX:
description: success
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: groupId
required: true
schema:
type: string
style: simple
"/{realm}/default-optional-client-scopes":
get:
tags:
- Realms Admin
summary: Get realm optional client scopes.
responses:
2XX:
description: success
content:
application/json:
schema:
type: array
items:
type: object
additionalProperties: true
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
"/{realm}/default-optional-client-scopes/{clientScopeId}":
put:
tags:
- Realms Admin
responses:
2XX:
description: success
delete:
tags:
- Realms Admin
responses:
2XX:
description: success
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: clientScopeId
required: true
schema:
type: string
style: simple
"/{realm}/events":
get:
tags:
- Realms Admin
summary: Get events Returns all events, or filters them based on URL query
parameters listed here
parameters:
- in: query
name: client
description: App or oauth client name
schema:
type: string
style: form
- in: query
name: dateFrom
description: From date
schema:
type: string
style: form
- in: query
name: dateTo
description: To date
schema:
type: string
style: form
- in: query
name: first
description: Paging offset
schema:
type: integer
format: int32
style: form
- in: query
name: ipAddress
description: IP address
schema:
type: string
style: form
- in: query
name: max
description: Maximum results size (defaults to 100)
schema:
type: integer
format: int32
style: form
- in: query
name: type
description: The types of events to return
schema:
type: array
items:
type: string
style: form
- in: query
name: user
description: User id
schema:
type: string
style: form
responses:
2XX:
description: success
content:
application/json:
schema:
type: array
items:
type: object
additionalProperties: true
delete:
tags:
- Realms Admin
summary: Delete all events
responses:
2XX:
description: success
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
"/{realm}/events/config":
get:
tags:
- Realms Admin
summary: Get the events provider configuration Returns JSON object with events
provider configuration
responses:
2XX:
description: success
content:
application/json:
schema:
"$ref": "#/components/schemas/RealmEventsConfigRepresentation"
put:
tags:
- Realms Admin
summary: Update the events provider Change the events provider and/or its
configuration
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/RealmEventsConfigRepresentation"
required: true
responses:
2XX:
description: success
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
"/{realm}/group-by-path/{path}":
get:
tags:
- Realms Admin
responses:
2XX:
description: success
content:
application/json:
schema:
"$ref": "#/components/schemas/GroupRepresentation"
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: path
required: true
schema:
type: string
style: simple
"/{realm}/groups":
get:
tags:
- Groups
summary: Get group hierarchy.
parameters:
- in: query
name: briefRepresentation
schema:
type: boolean
style: form
- in: query
name: first
schema:
type: integer
format: int32
style: form
- in: query
name: max
schema:
type: integer
format: int32
style: form
- in: query
name: search
schema:
type: string
style: form
responses:
2XX:
description: success
content:
application/json:
schema:
type: array
items:
type: object
additionalProperties: true
post:
tags:
- Groups
summary: create or add a top level realm groupSet or create child.
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/GroupRepresentation"
required: true
responses:
2XX:
description: success
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
"/{realm}/groups/count":
get:
tags:
- Groups
summary: Returns the groups counts.
parameters:
- in: query
name: search
schema:
type: string
style: form
- in: query
name: top
schema:
type: boolean
style: form
responses:
2XX:
description: success
content:
application/json:
schema:
type: object
additionalProperties: true
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
"/{realm}/groups/{id}":
get:
tags:
- Groups
responses:
2XX:
description: success
content:
application/json:
schema:
"$ref": "#/components/schemas/GroupRepresentation"
put:
tags:
- Groups
summary: Update group, ignores subgroups.
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/GroupRepresentation"
required: true
responses:
2XX:
description: success
delete:
tags:
- Groups
responses:
2XX:
description: success
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: id
required: true
schema:
type: string
style: simple
"/{realm}/groups/{id}/children":
post:
tags:
- Groups
summary: Set or create child.
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/GroupRepresentation"
required: true
responses:
2XX:
description: success
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: id
required: true
schema:
type: string
style: simple
"/{realm}/groups/{id}/management/permissions":
get:
tags:
- Groups
summary: Return object stating whether client Authorization permissions have
been initialized or not and a reference
responses:
2XX:
description: success
content:
application/json:
schema:
"$ref": "#/components/schemas/ManagementPermissionReference"
put:
tags:
- Groups
summary: Return object stating whether client Authorization permissions have
been initialized or not and a reference
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/ManagementPermissionReference"
required: true
responses:
2XX:
description: success
content:
application/json:
schema:
"$ref": "#/components/schemas/ManagementPermissionReference"
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: id
required: true
schema:
type: string
style: simple
"/{realm}/groups/{id}/members":
get:
tags:
- Groups
summary: Get users Returns a stream of users, filtered according to query
parameters
parameters:
- in: query
name: briefRepresentation
description: |-
Only return basic information (only guaranteed to return id, username, created, first and last name,
email, enabled state, email verification state, federation link, and access.
Note that it means that namely user attributes, required actions, and not before are not returned.)
schema:
type: boolean
style: form
- in: query
name: first
description: Pagination offset
schema:
type: integer
format: int32
style: form
- in: query
name: max
description: Maximum results size (defaults to 100)
schema:
type: integer
format: int32
style: form
responses:
2XX:
description: success
content:
application/json:
schema:
type: array
items:
type: object
additionalProperties: true
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: id
required: true
schema:
type: string
style: simple
"/{realm}/groups/{id}/role-mappings":
get:
tags:
- Role Mapper
summary: Get role mappings
responses:
2XX:
description: success
content:
application/json:
schema:
"$ref": "#/components/schemas/MappingsRepresentation"
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: id
required: true
schema:
type: string
style: simple
"/{realm}/groups/{id}/role-mappings/clients/{client}":
get:
tags:
- Client Role Mappings
summary: Get client-level role mappings for the user, and the app
responses:
2XX:
description: success
content:
application/json:
schema:
type: array
items:
type: object
additionalProperties: true
post:
tags:
- Client Role Mappings
summary: Add client-level roles to the user role mapping
requestBody:
content:
application/json:
schema:
type: array
items:
"$ref": "#/components/schemas/RoleRepresentation"
required: true
responses:
2XX:
description: success
delete:
tags:
- Client Role Mappings
summary: Delete client-level roles from user role mapping
requestBody:
content:
application/json:
schema:
type: array
items:
"$ref": "#/components/schemas/RoleRepresentation"
required: true
responses:
2XX:
description: success
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: id
required: true
schema:
type: string
style: simple
- in: path
name: client
required: true
schema:
type: string
style: simple
"/{realm}/groups/{id}/role-mappings/clients/{client}/available":
get:
tags:
- Client Role Mappings
summary: Get available client-level roles that can be mapped to the user
responses:
2XX:
description: success
content:
application/json:
schema:
type: array
items:
type: object
additionalProperties: true
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: id
required: true
schema:
type: string
style: simple
- in: path
name: client
required: true
schema:
type: string
style: simple
"/{realm}/groups/{id}/role-mappings/clients/{client}/composite":
get:
tags:
- Client Role Mappings
summary: Get effective client-level role mappings This recurses any composite
roles
parameters:
- in: query
name: briefRepresentation
description: if false, return roles with their attributes
schema:
type: boolean
style: form
responses:
2XX:
description: success
content:
application/json:
schema:
type: array
items:
type: object
additionalProperties: true
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: id
required: true
schema:
type: string
style: simple
- in: path
name: client
required: true
schema:
type: string
style: simple
"/{realm}/groups/{id}/role-mappings/realm":
get:
tags:
- Role Mapper
summary: Get realm-level role mappings
responses:
2XX:
description: success
content:
application/json:
schema:
type: array
items:
type: object
additionalProperties: true
post:
tags:
- Role Mapper
summary: Add realm-level role mappings to the user
requestBody:
description: Roles to add
content:
application/json:
schema:
type: array
items:
"$ref": "#/components/schemas/RoleRepresentation"
required: true
responses:
2XX:
description: success
delete:
tags:
- Role Mapper
summary: Delete realm-level role mappings
requestBody:
content:
application/json:
schema:
type: array
items:
"$ref": "#/components/schemas/RoleRepresentation"
required: true
responses:
2XX:
description: success
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: id
required: true
schema:
type: string
style: simple
"/{realm}/groups/{id}/role-mappings/realm/available":
get:
tags:
- Role Mapper
summary: Get realm-level roles that can be mapped
responses:
2XX:
description: success
content:
application/json:
schema:
type: array
items:
type: object
additionalProperties: true
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: id
required: true
schema:
type: string
style: simple
"/{realm}/groups/{id}/role-mappings/realm/composite":
get:
tags:
- Role Mapper
summary: Get effective realm-level role mappings This will recurse all composite
roles to get the result.
parameters:
- in: query
name: briefRepresentation
description: if false, return roles with their attributes
schema:
type: boolean
style: form
responses:
2XX:
description: success
content:
application/json:
schema:
type: array
items:
type: object
additionalProperties: true
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: id
required: true
schema:
type: string
style: simple
"/{realm}/identity-provider/import-config":
post:
tags:
- Identity Providers
summary: Import identity provider from uploaded JSON file
responses:
2XX:
description: success
content:
application/json:
schema:
type: object
additionalProperties: true
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
"/{realm}/identity-provider/instances":
get:
tags:
- Identity Providers
summary: Get identity providers
responses:
2XX:
description: success
content:
application/json:
schema:
type: array
items:
type: object
additionalProperties: true
post:
tags:
- Identity Providers
summary: Create a new identity provider
requestBody:
description: JSON body
content:
application/json:
schema:
"$ref": "#/components/schemas/IdentityProviderRepresentation"
required: true
responses:
2XX:
description: success
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
"/{realm}/identity-provider/instances/{alias}":
get:
tags:
- Identity Providers
summary: Get the identity provider
responses:
2XX:
description: success
content:
application/json:
schema:
"$ref": "#/components/schemas/IdentityProviderRepresentation"
put:
tags:
- Identity Providers
summary: Update the identity provider
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/IdentityProviderRepresentation"
required: true
responses:
2XX:
description: success
delete:
tags:
- Identity Providers
summary: Delete the identity provider
responses:
2XX:
description: success
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: alias
required: true
schema:
type: string
style: simple
"/{realm}/identity-provider/instances/{alias}/export":
get:
tags:
- Identity Providers
summary: Export public broker configuration for identity provider
parameters:
- in: query
name: format
description: Format to use
schema:
type: string
style: form
responses:
2XX:
description: success
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: alias
required: true
schema:
type: string
style: simple
"/{realm}/identity-provider/instances/{alias}/management/permissions":
get:
tags:
- Identity Providers
summary: Return object stating whether client Authorization permissions have
been initialized or not and a reference
responses:
2XX:
description: success
content:
application/json:
schema:
"$ref": "#/components/schemas/ManagementPermissionReference"
put:
tags:
- Identity Providers
summary: Return object stating whether client Authorization permissions have
been initialized or not and a reference
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/ManagementPermissionReference"
required: true
responses:
2XX:
description: success
content:
application/json:
schema:
"$ref": "#/components/schemas/ManagementPermissionReference"
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: alias
required: true
schema:
type: string
style: simple
"/{realm}/identity-provider/instances/{alias}/mapper-types":
get:
tags:
- Identity Providers
summary: Get mapper types for identity provider
responses:
2XX:
description: success
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: alias
required: true
schema:
type: string
style: simple
"/{realm}/identity-provider/instances/{alias}/mappers":
get:
tags:
- Identity Providers
summary: Get mappers for identity provider
responses:
2XX:
description: success
content:
application/json:
schema:
type: array
items:
type: object
additionalProperties: true
post:
tags:
- Identity Providers
summary: Add a mapper to identity provider
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/IdentityProviderMapperRepresentation"
required: true
responses:
2XX:
description: success
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: alias
required: true
schema:
type: string
style: simple
"/{realm}/identity-provider/instances/{alias}/mappers/{id}":
get:
tags:
- Identity Providers
summary: Get mapper by id for the identity provider
responses:
2XX:
description: success
content:
application/json:
schema:
"$ref": "#/components/schemas/IdentityProviderMapperRepresentation"
put:
tags:
- Identity Providers
summary: Update a mapper for the identity provider
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/IdentityProviderMapperRepresentation"
required: true
responses:
2XX:
description: success
delete:
tags:
- Identity Providers
summary: Delete a mapper for the identity provider
responses:
2XX:
description: success
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: alias
required: true
schema:
type: string
style: simple
- in: path
name: id
description: Mapper id
required: true
schema:
type: string
style: simple
"/{realm}/identity-provider/providers/{provider_id}":
get:
tags:
- Identity Providers
summary: Get identity providers
responses:
2XX:
description: success
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: provider_id
description: Provider id
required: true
schema:
type: string
style: simple
"/{realm}/keys":
get:
tags:
- Key
responses:
2XX:
description: success
content:
application/json:
schema:
"$ref": "#/components/schemas/KeysMetadataRepresentation"
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
"/{realm}/ldap-server-capabilities":
post:
tags:
- Realms Admin
summary: Get LDAP supported extensions.
requestBody:
description: LDAP configuration
content:
application/json:
schema:
"$ref": "#/components/schemas/TestLdapConnectionRepresentation"
required: true
responses:
2XX:
description: success
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
"/{realm}/localization":
get:
tags:
- Realms Admin
responses:
2XX:
description: success
content:
application/json:
schema:
type: array
items:
type: object
additionalProperties: true
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
"/{realm}/localization/{locale}":
get:
tags:
- Realms Admin
responses:
2XX:
description: success
content:
application/json:
schema:
type: object
additionalProperties: true
post:
tags:
- Realms Admin
requestBody:
content:
application/json:
schema:
type: object
additionalProperties: true
required: true
responses:
2XX:
description: success
delete:
tags:
- Realms Admin
responses:
2XX:
description: success
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: locale
required: true
schema:
type: string
style: simple
"/{realm}/localization/{locale}/{key}":
get:
tags:
- Realms Admin
responses:
2XX:
description: success
content:
text/plain:
schema:
type: string
put:
tags:
- Realms Admin
requestBody:
content:
text/plain:
schema:
type: string
required: true
responses:
2XX:
description: success
delete:
tags:
- Realms Admin
responses:
2XX:
description: success
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: locale
required: true
schema:
type: string
style: simple
- in: path
name: key
required: true
schema:
type: string
style: simple
"/{realm}/logout-all":
post:
tags:
- Realms Admin
summary: Removes all user sessions.
responses:
2XX:
description: success
content:
application/json:
schema:
"$ref": "#/components/schemas/GlobalRequestResult"
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
"/{realm}/partial-export":
post:
tags:
- Realms Admin
summary: Partial export of existing realm into a JSON file.
parameters:
- in: query
name: exportClients
schema:
type: boolean
style: form
- in: query
name: exportGroupsAndRoles
schema:
type: boolean
style: form
responses:
2XX:
description: success
content:
application/json:
schema:
"$ref": "#/components/schemas/RealmRepresentation"
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
"/{realm}/partialImport":
post:
tags:
- Realms Admin
summary: Partial import from a JSON file to an existing realm.
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/PartialImportRepresentation"
required: true
responses:
2XX:
description: success
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
"/{realm}/push-revocation":
post:
tags:
- Realms Admin
summary: Push the realms revocation policy to any client that has an admin
url associated with it.
responses:
2XX:
description: success
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
"/{realm}/roles":
get:
tags:
- Roles
summary: Get all roles for the realm or client
parameters:
- in: query
name: briefRepresentation
schema:
type: boolean
style: form
- in: query
name: first
schema:
type: integer
format: int32
style: form
- in: query
name: max
schema:
type: integer
format: int32
style: form
- in: query
name: search
schema:
type: string
style: form
responses:
2XX:
description: success
content:
application/json:
schema:
type: array
items:
type: object
additionalProperties: true
post:
tags:
- Roles
summary: Create a new role for the realm or client
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/RoleRepresentation"
required: true
responses:
2XX:
description: success
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
"/{realm}/roles-by-id/{role-id}":
get:
tags:
- Roles (by ID)
summary: Get a specific roles representation
responses:
2XX:
description: success
content:
application/json:
schema:
"$ref": "#/components/schemas/RoleRepresentation"
put:
tags:
- Roles (by ID)
summary: Update the role
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/RoleRepresentation"
required: true
responses:
2XX:
description: success
delete:
tags:
- Roles (by ID)
summary: Delete the role
responses:
2XX:
description: success
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: role-id
description: id of role
required: true
schema:
type: string
style: simple
"/{realm}/roles-by-id/{role-id}/composites":
get:
tags:
- Roles (by ID)
summary: Get roles children Returns a set of roles children provided the
role is a composite.
parameters:
- in: query
name: first
schema:
type: integer
format: int32
style: form
- in: query
name: max
schema:
type: integer
format: int32
style: form
- in: query
name: search
schema:
type: string
style: form
responses:
2XX:
description: success
content:
application/json:
schema:
type: array
items:
type: object
additionalProperties: true
post:
tags:
- Roles (by ID)
summary: Make the role a composite role by associating some child roles
requestBody:
content:
application/json:
schema:
type: array
items:
"$ref": "#/components/schemas/RoleRepresentation"
required: true
responses:
2XX:
description: success
delete:
tags:
- Roles (by ID)
summary: Remove a set of roles from the roles composite
requestBody:
description: A set of roles to be removed
content:
application/json:
schema:
type: array
items:
"$ref": "#/components/schemas/RoleRepresentation"
required: true
responses:
2XX:
description: success
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: role-id
description: Role id
required: true
schema:
type: string
style: simple
"/{realm}/roles-by-id/{role-id}/composites/clients/{clientUuid}":
get:
tags:
- Roles (by ID)
summary: Get client-level roles for the client that are in the roles composite
responses:
2XX:
description: success
content:
application/json:
schema:
type: array
items:
type: object
additionalProperties: true
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: role-id
required: true
schema:
type: string
style: simple
- in: path
name: clientUuid
required: true
schema:
type: string
style: simple
"/{realm}/roles-by-id/{role-id}/composites/realm":
get:
tags:
- Roles (by ID)
summary: Get realm-level roles that are in the roles composite
responses:
2XX:
description: success
content:
application/json:
schema:
type: array
items:
type: object
additionalProperties: true
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: role-id
required: true
schema:
type: string
style: simple
"/{realm}/roles-by-id/{role-id}/management/permissions":
get:
tags:
- Roles (by ID)
summary: Return object stating whether role Authoirzation permissions have been
initialized or not and a reference
responses:
2XX:
description: success
content:
application/json:
schema:
"$ref": "#/components/schemas/ManagementPermissionReference"
put:
tags:
- Roles (by ID)
summary: Return object stating whether role Authoirzation permissions have been
initialized or not and a reference
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/ManagementPermissionReference"
required: true
responses:
2XX:
description: success
content:
application/json:
schema:
"$ref": "#/components/schemas/ManagementPermissionReference"
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: role-id
required: true
schema:
type: string
style: simple
"/{realm}/roles/{role-name}":
get:
tags:
- Roles
summary: Get a role by name
responses:
2XX:
description: success
content:
application/json:
schema:
"$ref": "#/components/schemas/RoleRepresentation"
put:
tags:
- Roles
summary: Update a role by name
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/RoleRepresentation"
required: true
responses:
2XX:
description: success
delete:
tags:
- Roles
summary: Delete a role by name
responses:
2XX:
description: success
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: role-name
description: roles name (not id!)
required: true
schema:
type: string
style: simple
"/{realm}/roles/{role-name}/composites":
get:
tags:
- Roles
summary: Get composites of the role
responses:
2XX:
description: success
content:
application/json:
schema:
type: array
items:
type: object
additionalProperties: true
post:
tags:
- Roles
summary: Add a composite to the role
requestBody:
content:
application/json:
schema:
type: array
items:
"$ref": "#/components/schemas/RoleRepresentation"
required: true
responses:
2XX:
description: success
delete:
tags:
- Roles
summary: Remove roles from the roles composite
requestBody:
description: roles to remove
content:
application/json:
schema:
type: array
items:
"$ref": "#/components/schemas/RoleRepresentation"
required: true
responses:
2XX:
description: success
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: role-name
description: roles name (not id!)
required: true
schema:
type: string
style: simple
"/{realm}/roles/{role-name}/composites/clients/{clientUuid}":
get:
tags:
- Roles
summary: Get client-level roles for the client that are in the roles composite
responses:
2XX:
description: success
content:
application/json:
schema:
type: array
items:
type: object
additionalProperties: true
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: role-name
description: roles name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: clientUuid
required: true
schema:
type: string
style: simple
"/{realm}/roles/{role-name}/composites/realm":
get:
tags:
- Roles
summary: Get realm-level roles of the roles composite
responses:
2XX:
description: success
content:
application/json:
schema:
type: array
items:
type: object
additionalProperties: true
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: role-name
description: roles name (not id!)
required: true
schema:
type: string
style: simple
"/{realm}/roles/{role-name}/groups":
get:
tags:
- Roles
summary: Returns a stream of groups that have the specified role name
parameters:
- in: query
name: briefRepresentation
description: if false, return a full representation of the {@code GroupRepresentation}
objects.
schema:
type: boolean
style: form
- in: query
name: first
description: first result to return. Ignored if negative or {@code null}.
schema:
type: integer
format: int32
style: form
- in: query
name: max
description: maximum number of results to return. Ignored if negative or {@code
null}.
schema:
type: integer
format: int32
style: form
responses:
2XX:
description: success
content:
application/json:
schema:
type: array
items:
type: object
additionalProperties: true
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: role-name
description: the role name.
required: true
schema:
type: string
style: simple
"/{realm}/roles/{role-name}/management/permissions":
get:
tags:
- Roles
summary: Return object stating whether role Authorization permissions have been
initialized or not and a reference
responses:
2XX:
description: success
content:
application/json:
schema:
"$ref": "#/components/schemas/ManagementPermissionReference"
put:
tags:
- Roles
summary: Return object stating whether role Authorization permissions have been
initialized or not and a reference
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/ManagementPermissionReference"
required: true
responses:
2XX:
description: success
content:
application/json:
schema:
"$ref": "#/components/schemas/ManagementPermissionReference"
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: role-name
required: true
schema:
type: string
style: simple
"/{realm}/roles/{role-name}/users":
get:
tags:
- Roles
summary: Returns a stream of users that have the specified role name.
parameters:
- in: query
name: first
description: first result to return. Ignored if negative or {@code null}.
schema:
type: integer
format: int32
style: form
- in: query
name: max
description: maximum number of results to return. Ignored if negative or {@code
null}.
schema:
type: integer
format: int32
style: form
responses:
2XX:
description: success
content:
application/json:
schema:
type: array
items:
type: object
additionalProperties: true
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: role-name
description: the role name.
required: true
schema:
type: string
style: simple
"/{realm}/sessions/{session}":
delete:
tags:
- Realms Admin
summary: Remove a specific user session.
responses:
2XX:
description: success
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: session
required: true
schema:
type: string
style: simple
"/{realm}/testLDAPConnection":
post:
tags:
- Realms Admin
summary: Test LDAP connection
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/TestLdapConnectionRepresentation"
required: true
responses:
2XX:
description: success
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
"/{realm}/testSMTPConnection":
post:
tags:
- Realms Admin
requestBody:
content:
application/json:
schema:
type: object
additionalProperties: true
required: true
responses:
2XX:
description: success
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
"/{realm}/user-storage/{id}/name":
get:
tags:
- User Storage Provider
summary: Need this for admin console to display simple name of provider when
displaying user detail KEYCLOAK-4328
responses:
2XX:
description: success
content:
application/json:
schema:
type: object
additionalProperties: true
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: id
required: true
schema:
type: string
style: simple
"/{realm}/user-storage/{id}/remove-imported-users":
post:
tags:
- User Storage Provider
summary: Remove imported users
responses:
2XX:
description: success
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: id
required: true
schema:
type: string
style: simple
"/{realm}/user-storage/{id}/sync":
post:
tags:
- User Storage Provider
summary: Trigger sync of users Action can be "triggerFullSync" or "triggerChangedUsersSync"
parameters:
- in: query
name: action
schema:
type: string
style: form
responses:
2XX:
description: success
content:
application/json:
schema:
"$ref": "#/components/schemas/SynchronizationResult"
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: id
required: true
schema:
type: string
style: simple
"/{realm}/user-storage/{id}/unlink-users":
post:
tags:
- User Storage Provider
summary: Unlink imported users from a storage provider
responses:
2XX:
description: success
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: id
required: true
schema:
type: string
style: simple
"/{realm}/user-storage/{parentId}/mappers/{id}/sync":
post:
tags:
- User Storage Provider
summary: Trigger sync of mapper data related to ldap mapper (roles, groups,
…​) direction is "fedToKeycloak" or "keycloakToFed"
parameters:
- in: query
name: direction
schema:
type: string
style: form
responses:
2XX:
description: success
content:
application/json:
schema:
"$ref": "#/components/schemas/SynchronizationResult"
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: parentId
required: true
schema:
type: string
style: simple
- in: path
name: id
required: true
schema:
type: string
style: simple
"/{realm}/users":
get:
tags:
- Users
summary: Get users Returns a stream of users, filtered according to query
parameters.
parameters:
- in: query
name: briefRepresentation
description: 'Boolean which defines whether brief representations are returned
(default: false)'
schema:
type: boolean
style: form
- in: query
name: email
description: A String contained in email, or the complete email, if param
"exact" is true
schema:
type: string
style: form
- in: query
name: emailVerified
description: whether the email has been verified
schema:
type: boolean
style: form
- in: query
name: enabled
description: Boolean representing if user is enabled or not
schema:
type: boolean
style: form
- in: query
name: exact
description: Boolean which defines whether the params "last", "first", "email"
and "username" must match exactly
schema:
type: boolean
style: form
- in: query
name: first
description: Pagination offset
schema:
type: integer
format: int32
style: form
- in: query
name: firstName
description: A String contained in firstName, or the complete firstName, if
param "exact" is true
schema:
type: string
style: form
- in: query
name: idpAlias
description: The alias of an Identity Provider linked to the user
schema:
type: string
style: form
- in: query
name: idpUserId
description: The userId at an Identity Provider linked to the user
schema:
type: string
style: form
- in: query
name: lastName
description: A String contained in lastName, or the complete lastName, if
param "exact" is true
schema:
type: string
style: form
- in: query
name: max
description: Maximum results size (defaults to 100)
schema:
type: integer
format: int32
style: form
- in: query
name: q
description: A query to search for custom attributes, in the format 'key1:value2
key2:value2'
schema:
type: string
style: form
- in: query
name: search
description: A String contained in username, first or last name, or email
schema:
type: string
style: form
- in: query
name: username
description: A String contained in username, or the complete username, if
param "exact" is true
schema:
type: string
style: form
responses:
2XX:
description: success
content:
application/json:
schema:
type: array
items:
type: object
additionalProperties: true
post:
tags:
- Users
summary: Create a new user Username must be unique.
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/UserRepresentation"
required: true
responses:
2XX:
description: success
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
"/{realm}/users-management-permissions":
get:
tags:
- Realms Admin
responses:
2XX:
description: success
content:
application/json:
schema:
"$ref": "#/components/schemas/ManagementPermissionReference"
put:
tags:
- Realms Admin
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/ManagementPermissionReference"
required: true
responses:
2XX:
description: success
content:
application/json:
schema:
"$ref": "#/components/schemas/ManagementPermissionReference"
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
"/{realm}/users/count":
get:
tags:
- Users
summary: Returns the number of users that match the given criteria.
parameters:
- in: query
name: email
description: email filter
schema:
type: string
style: form
- in: query
name: emailVerified
schema:
type: boolean
style: form
- in: query
name: enabled
description: Boolean representing if user is enabled or not
schema:
type: boolean
style: form
- in: query
name: firstName
description: first name filter
schema:
type: string
style: form
- in: query
name: lastName
description: last name filter
schema:
type: string
style: form
- in: query
name: search
description: arbitrary search string for all the fields below
schema:
type: string
style: form
- in: query
name: username
description: username filter
schema:
type: string
style: form
responses:
2XX:
description: success
content:
application/json:
schema:
type: integer
format: int32
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
"/{realm}/users/profile":
get:
tags:
- Users
responses:
2XX:
description: success
content:
application/json:
schema:
type: string
put:
tags:
- Users
requestBody:
content:
application/json:
schema:
type: string
required: true
responses:
2XX:
description: success
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
"/{realm}/users/{id}":
get:
tags:
- Users
summary: Get representation of the user
responses:
2XX:
description: success
content:
application/json:
schema:
"$ref": "#/components/schemas/UserRepresentation"
put:
tags:
- Users
summary: Update the user
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/UserRepresentation"
required: true
responses:
2XX:
description: success
delete:
tags:
- Users
summary: Delete the user
responses:
2XX:
description: success
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: id
description: User id
required: true
schema:
type: string
style: simple
"/{realm}/users/{id}/configured-user-storage-credential-types":
get:
tags:
- Users
summary: Return credential types, which are provided by the user storage where
user is stored.
responses:
2XX:
description: success
content:
application/json:
schema:
type: array
items:
type: object
additionalProperties: true
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: id
description: User id
required: true
schema:
type: string
style: simple
"/{realm}/users/{id}/consents":
get:
tags:
- Users
summary: Get consents granted by the user
responses:
2XX:
description: success
content:
application/json:
schema:
type: array
items:
type: object
additionalProperties: true
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: id
description: User id
required: true
schema:
type: string
style: simple
"/{realm}/users/{id}/consents/{client}":
delete:
tags:
- Users
summary: Revoke consent and offline tokens for particular client from user
responses:
2XX:
description: success
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: id
description: User id
required: true
schema:
type: string
style: simple
- in: path
name: client
description: Client id
required: true
schema:
type: string
style: simple
"/{realm}/users/{id}/credentials":
get:
tags:
- Users
responses:
2XX:
description: success
content:
application/json:
schema:
type: array
items:
type: object
additionalProperties: true
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: id
description: User id
required: true
schema:
type: string
style: simple
"/{realm}/users/{id}/credentials/{credentialId}":
delete:
tags:
- Users
summary: Remove a credential for a user
responses:
2XX:
description: success
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: id
description: User id
required: true
schema:
type: string
style: simple
- in: path
name: credentialId
required: true
schema:
type: string
style: simple
"/{realm}/users/{id}/credentials/{credentialId}/moveAfter/{newPreviousCredentialId}":
post:
tags:
- Users
summary: Move a credential to a position behind another credential
responses:
2XX:
description: success
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: id
description: User id
required: true
schema:
type: string
style: simple
- in: path
name: credentialId
description: The credential to move
required: true
schema:
type: string
style: simple
- in: path
name: newPreviousCredentialId
description: The credential that will be the previous element in the list. If
set to null, the moved credential will be the first element in the list.
required: true
schema:
type: string
style: simple
"/{realm}/users/{id}/credentials/{credentialId}/moveToFirst":
post:
tags:
- Users
summary: Move a credential to a first position in the credentials list of the
user
responses:
2XX:
description: success
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: id
description: User id
required: true
schema:
type: string
style: simple
- in: path
name: credentialId
description: The credential to move
required: true
schema:
type: string
style: simple
"/{realm}/users/{id}/credentials/{credentialId}/userLabel":
put:
tags:
- Users
summary: Update a credential label for a user
requestBody:
content:
text/plain:
schema:
type: string
required: true
responses:
2XX:
description: success
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: id
description: User id
required: true
schema:
type: string
style: simple
- in: path
name: credentialId
required: true
schema:
type: string
style: simple
"/{realm}/users/{id}/disable-credential-types":
put:
tags:
- Users
summary: Disable all credentials for a user of a specific type
requestBody:
content:
application/json:
schema:
type: array
items:
type: string
required: true
responses:
2XX:
description: success
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: id
description: User id
required: true
schema:
type: string
style: simple
"/{realm}/users/{id}/execute-actions-email":
put:
tags:
- Users
summary: Send a update account email to the user An email contains a link
the user can click to perform a set of required actions.
parameters:
- in: query
name: client_id
description: Client id
schema:
type: string
style: form
- in: query
name: lifespan
description: Number of seconds after which the generated token expires
schema:
type: integer
format: int32
style: form
- in: query
name: redirect_uri
description: Redirect uri
schema:
type: string
style: form
requestBody:
description: required actions the user needs to complete
content:
application/json:
schema:
type: array
items:
type: string
required: true
responses:
2XX:
description: success
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: id
description: User id
required: true
schema:
type: string
style: simple
"/{realm}/users/{id}/federated-identity":
get:
tags:
- Users
summary: Get social logins associated with the user
responses:
2XX:
description: success
content:
application/json:
schema:
type: array
items:
type: object
additionalProperties: true
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: id
description: User id
required: true
schema:
type: string
style: simple
"/{realm}/users/{id}/federated-identity/{provider}":
post:
tags:
- Users
summary: Add a social login provider to the user
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/FederatedIdentityRepresentation"
required: true
responses:
2XX:
description: success
delete:
tags:
- Users
summary: Remove a social login provider from user
responses:
2XX:
description: success
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: id
description: User id
required: true
schema:
type: string
style: simple
- in: path
name: provider
description: Social login provider id
required: true
schema:
type: string
style: simple
"/{realm}/users/{id}/groups":
get:
tags:
- Users
parameters:
- in: query
name: briefRepresentation
schema:
type: boolean
style: form
- in: query
name: first
schema:
type: integer
format: int32
style: form
- in: query
name: max
schema:
type: integer
format: int32
style: form
- in: query
name: search
schema:
type: string
style: form
responses:
2XX:
description: success
content:
application/json:
schema:
type: array
items:
type: object
additionalProperties: true
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: id
description: User id
required: true
schema:
type: string
style: simple
"/{realm}/users/{id}/groups/count":
get:
tags:
- Users
parameters:
- in: query
name: search
schema:
type: string
style: form
responses:
2XX:
description: success
content:
application/json:
schema:
type: object
additionalProperties: true
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: id
description: User id
required: true
schema:
type: string
style: simple
"/{realm}/users/{id}/groups/{groupId}":
put:
tags:
- Users
responses:
2XX:
description: success
delete:
tags:
- Users
responses:
2XX:
description: success
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: id
description: User id
required: true
schema:
type: string
style: simple
- in: path
name: groupId
required: true
schema:
type: string
style: simple
"/{realm}/users/{id}/impersonation":
post:
tags:
- Users
summary: Impersonate the user
responses:
2XX:
description: success
content:
application/json:
schema:
type: object
additionalProperties: true
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: id
description: User id
required: true
schema:
type: string
style: simple
"/{realm}/users/{id}/logout":
post:
tags:
- Users
summary: Remove all user sessions associated with the user Also send notification
to all clients that have an admin URL to invalidate the sessions for the particular
user.
responses:
2XX:
description: success
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: id
description: User id
required: true
schema:
type: string
style: simple
"/{realm}/users/{id}/offline-sessions/{clientUuid}":
get:
tags:
- Users
summary: Get offline sessions associated with the user and client
responses:
2XX:
description: success
content:
application/json:
schema:
type: array
items:
type: object
additionalProperties: true
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: id
description: User id
required: true
schema:
type: string
style: simple
- in: path
name: clientUuid
required: true
schema:
type: string
style: simple
"/{realm}/users/{id}/reset-password":
put:
tags:
- Users
summary: Set up a new password for the user.
requestBody:
description: The representation must contain a rawPassword with the plain-text
password
content:
application/json:
schema:
"$ref": "#/components/schemas/CredentialRepresentation"
required: true
responses:
2XX:
description: success
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: id
description: User id
required: true
schema:
type: string
style: simple
"/{realm}/users/{id}/role-mappings":
get:
tags:
- Role Mapper
summary: Get role mappings
responses:
2XX:
description: success
content:
application/json:
schema:
"$ref": "#/components/schemas/MappingsRepresentation"
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: id
description: User id
required: true
schema:
type: string
style: simple
"/{realm}/users/{id}/role-mappings/clients/{client}":
get:
tags:
- Client Role Mappings
summary: Get client-level role mappings for the user, and the app
responses:
2XX:
description: success
content:
application/json:
schema:
type: array
items:
type: object
additionalProperties: true
post:
tags:
- Client Role Mappings
summary: Add client-level roles to the user role mapping
requestBody:
content:
application/json:
schema:
type: array
items:
"$ref": "#/components/schemas/RoleRepresentation"
required: true
responses:
2XX:
description: success
delete:
tags:
- Client Role Mappings
summary: Delete client-level roles from user role mapping
requestBody:
content:
application/json:
schema:
type: array
items:
"$ref": "#/components/schemas/RoleRepresentation"
required: true
responses:
2XX:
description: success
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: id
description: User id
required: true
schema:
type: string
style: simple
- in: path
name: client
required: true
schema:
type: string
style: simple
"/{realm}/users/{id}/role-mappings/clients/{client}/available":
get:
tags:
- Client Role Mappings
summary: Get available client-level roles that can be mapped to the user
responses:
2XX:
description: success
content:
application/json:
schema:
type: array
items:
type: object
additionalProperties: true
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: id
description: User id
required: true
schema:
type: string
style: simple
- in: path
name: client
required: true
schema:
type: string
style: simple
"/{realm}/users/{id}/role-mappings/clients/{client}/composite":
get:
tags:
- Client Role Mappings
summary: Get effective client-level role mappings This recurses any composite
roles
parameters:
- in: query
name: briefRepresentation
description: if false, return roles with their attributes
schema:
type: boolean
style: form
responses:
2XX:
description: success
content:
application/json:
schema:
type: array
items:
type: object
additionalProperties: true
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: id
description: User id
required: true
schema:
type: string
style: simple
- in: path
name: client
required: true
schema:
type: string
style: simple
"/{realm}/users/{id}/role-mappings/realm":
get:
tags:
- Role Mapper
summary: Get realm-level role mappings
responses:
2XX:
description: success
content:
application/json:
schema:
type: array
items:
type: object
additionalProperties: true
post:
tags:
- Role Mapper
summary: Add realm-level role mappings to the user
requestBody:
description: Roles to add
content:
application/json:
schema:
type: array
items:
"$ref": "#/components/schemas/RoleRepresentation"
required: true
responses:
2XX:
description: success
delete:
tags:
- Role Mapper
summary: Delete realm-level role mappings
requestBody:
content:
application/json:
schema:
type: array
items:
"$ref": "#/components/schemas/RoleRepresentation"
required: true
responses:
2XX:
description: success
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: id
description: User id
required: true
schema:
type: string
style: simple
"/{realm}/users/{id}/role-mappings/realm/available":
get:
tags:
- Role Mapper
summary: Get realm-level roles that can be mapped
responses:
2XX:
description: success
content:
application/json:
schema:
type: array
items:
type: object
additionalProperties: true
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: id
description: User id
required: true
schema:
type: string
style: simple
"/{realm}/users/{id}/role-mappings/realm/composite":
get:
tags:
- Role Mapper
summary: Get effective realm-level role mappings This will recurse all composite
roles to get the result.
parameters:
- in: query
name: briefRepresentation
description: if false, return roles with their attributes
schema:
type: boolean
style: form
responses:
2XX:
description: success
content:
application/json:
schema:
type: array
items:
type: object
additionalProperties: true
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: id
description: User id
required: true
schema:
type: string
style: simple
"/{realm}/users/{id}/send-verify-email":
put:
tags:
- Users
summary: Send an email-verification email to the user An email contains a
link the user can click to verify their email address.
parameters:
- in: query
name: client_id
description: Client id
schema:
type: string
style: form
- in: query
name: redirect_uri
description: Redirect uri
schema:
type: string
style: form
responses:
2XX:
description: success
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: id
description: User id
required: true
schema:
type: string
style: simple
"/{realm}/users/{id}/sessions":
get:
tags:
- Users
summary: Get sessions associated with the user
responses:
2XX:
description: success
content:
application/json:
schema:
type: array
items:
type: object
additionalProperties: true
parameters:
- in: path
name: realm
description: realm name (not id!)
required: true
schema:
type: string
style: simple
- in: path
name: id
description: User id
required: true
schema:
type: string
style: simple
components:
securitySchemes:
access_token:
type: http
scheme: bearer
bearerFormat:
schemas:
#LoginResponse Manual
# LoginResponse:
# type: object
# properties:
# access_token:
# type: string
# expires_in:
# type: integer
# format: int32
# refresh_token:
# type: string
# refresh_expires_in:
# type: integer
# format: int32
# token_type:
# type: string
# not-before-policy:
# type: integer
# format: int32
# session_state:
# type: string
# token_type:
# scope: string
#EndLoginResponse
AccessToken:
type: object
properties:
acr:
type: string
address:
"$ref": "#/components/schemas/AddressClaimSet"
allowed-origins:
type: array
items:
type: string
at_hash:
type: string
auth_time:
type: integer
format: int64
authorization:
"$ref": "#/components/schemas/AccessToken-Authorization"
azp:
type: string
birthdate:
type: string
c_hash:
type: string
category:
type: string
enum:
- INTERNAL
- ACCESS
- ID
- ADMIN
- USERINFO
- LOGOUT
- AUTHORIZATION_RESPONSE
claims_locales:
type: string
cnf:
"$ref": "#/components/schemas/AccessToken-CertConf"
email:
type: string
email_verified:
type: boolean
exp:
type: integer
format: int64
family_name:
type: string
gender:
type: string
given_name:
type: string
iat:
type: integer
format: int64
iss:
type: string
jti:
type: string
locale:
type: string
middle_name:
type: string
name:
type: string
nbf:
type: integer
format: int64
nickname:
type: string
nonce:
type: string
otherClaims:
type: object
additionalProperties: true
phone_number:
type: string
phone_number_verified:
type: boolean
picture:
type: string
preferred_username:
type: string
profile:
type: string
realm_access:
"$ref": "#/components/schemas/AccessToken-Access"
s_hash:
type: string
scope:
type: string
session_state:
type: string
sid:
type: string
sub:
type: string
trusted-certs:
type: array
items:
type: string
typ:
type: string
updated_at:
type: integer
format: int64
website:
type: string
zoneinfo:
type: string
AccessToken-Access:
type: object
properties:
roles:
type: array
items:
type: string
verify_caller:
type: boolean
AccessToken-Authorization:
type: object
properties:
permissions:
type: array
items:
"$ref": "#/components/schemas/Permission"
AccessToken-CertConf:
type: object
properties:
x5t#S256:
type: string
AddressClaimSet:
type: object
properties:
country:
type: string
formatted:
type: string
locality:
type: string
postal_code:
type: string
region:
type: string
street_address:
type: string
AuthenticationExecutionExportRepresentation:
type: object
properties:
authenticator:
type: string
authenticatorConfig:
type: string
authenticatorFlow:
type: boolean
flowAlias:
type: string
priority:
type: integer
format: int32
requirement:
type: string
userSetupAllowed:
type: boolean
AuthenticationExecutionInfoRepresentation:
type: object
properties:
alias:
type: string
authenticationConfig:
type: string
authenticationFlow:
type: boolean
configurable:
type: boolean
description:
type: string
displayName:
type: string
flowId:
type: string
id:
type: string
index:
type: integer
format: int32
level:
type: integer
format: int32
providerId:
type: string
requirement:
type: string
requirementChoices:
type: array
items:
type: string
AuthenticationExecutionRepresentation:
type: object
properties:
authenticator:
type: string
authenticatorConfig:
type: string
authenticatorFlow:
type: boolean
flowId:
type: string
id:
type: string
parentFlow:
type: string
priority:
type: integer
format: int32
requirement:
type: string
AuthenticationFlowRepresentation:
type: object
properties:
alias:
type: string
authenticationExecutions:
type: array
items:
"$ref": "#/components/schemas/AuthenticationExecutionExportRepresentation"
builtIn:
type: boolean
description:
type: string
id:
type: string
providerId:
type: string
topLevel:
type: boolean
AuthenticatorConfigInfoRepresentation:
type: object
properties:
helpText:
type: string
name:
type: string
properties:
type: array
items:
"$ref": "#/components/schemas/ConfigPropertyRepresentation"
providerId:
type: string
AuthenticatorConfigRepresentation:
type: object
properties:
alias:
type: string
config:
type: object
additionalProperties: true
id:
type: string
CertificateRepresentation:
type: object
properties:
certificate:
type: string
kid:
type: string
privateKey:
type: string
publicKey:
type: string
ClientInitialAccessCreatePresentation:
type: object
properties:
count:
type: integer
format: int32
expiration:
type: integer
format: int32
ClientInitialAccessPresentation:
type: object
properties:
count:
type: integer
format: int32
expiration:
type: integer
format: int32
id:
type: string
remainingCount:
type: integer
format: int32
timestamp:
type: integer
format: int32
token:
type: string
ClientMappingsRepresentation:
type: object
properties:
client:
type: string
id:
type: string
mappings:
type: array
items:
"$ref": "#/components/schemas/RoleRepresentation"
ClientPoliciesRepresentation:
type: object
properties:
policies:
type: array
items:
"$ref": "#/components/schemas/ClientPolicyRepresentation"
ClientPolicyConditionRepresentation:
type: object
properties:
condition:
type: string
configuration:
"$ref": "#/components/schemas/JsonNode"
ClientPolicyExecutorRepresentation:
type: object
properties:
configuration:
"$ref": "#/components/schemas/JsonNode"
executor:
type: string
ClientPolicyRepresentation:
type: object
properties:
conditions:
type: array
items:
"$ref": "#/components/schemas/ClientPolicyConditionRepresentation"
description:
type: string
enabled:
type: boolean
name:
type: string
profiles:
type: array
items:
type: string
ClientProfileRepresentation:
type: object
properties:
description:
type: string
executors:
type: array
items:
"$ref": "#/components/schemas/ClientPolicyExecutorRepresentation"
name:
type: string
ClientProfilesRepresentation:
type: object
properties:
globalProfiles:
type: array
items:
"$ref": "#/components/schemas/ClientProfileRepresentation"
profiles:
type: array
items:
"$ref": "#/components/schemas/ClientProfileRepresentation"
ClientRepresentation:
type: object
properties:
access:
type: object
additionalProperties: true
adminUrl:
type: string
alwaysDisplayInConsole:
type: boolean
attributes:
type: object
additionalProperties: true
authenticationFlowBindingOverrides:
type: object
additionalProperties: true
authorizationServicesEnabled:
type: boolean
authorizationSettings:
"$ref": "#/components/schemas/ResourceServerRepresentation"
baseUrl:
type: string
bearerOnly:
type: boolean
clientAuthenticatorType:
type: string
clientId:
type: string
consentRequired:
type: boolean
defaultClientScopes:
type: array
items:
type: string
description:
type: string
directAccessGrantsEnabled:
type: boolean
enabled:
type: boolean
frontchannelLogout:
type: boolean
fullScopeAllowed:
type: boolean
id:
type: string
implicitFlowEnabled:
type: boolean
name:
type: string
nodeReRegistrationTimeout:
type: integer
format: int32
notBefore:
type: integer
format: int32
oauth2DeviceAuthorizationGrantEnabled:
type: boolean
optionalClientScopes:
type: array
items:
type: string
origin:
type: string
protocol:
type: string
protocolMappers:
type: array
items:
"$ref": "#/components/schemas/ProtocolMapperRepresentation"
publicClient:
type: boolean
redirectUris:
type: array
items:
type: string
registeredNodes:
type: object
additionalProperties: true
registrationAccessToken:
type: string
rootUrl:
type: string
secret:
type: string
serviceAccountsEnabled:
type: boolean
standardFlowEnabled:
type: boolean
surrogateAuthRequired:
type: boolean
webOrigins:
type: array
items:
type: string
ClientScopeEvaluateResource-ProtocolMapperEvaluationRepresentation:
type: object
properties:
containerId:
type: string
containerName:
type: string
containerType:
type: string
mapperId:
type: string
mapperName:
type: string
protocolMapper:
type: string
ClientScopeRepresentation:
type: object
properties:
attributes:
type: object
additionalProperties: true
description:
type: string
id:
type: string
name:
type: string
protocol:
type: string
protocolMappers:
type: array
items:
"$ref": "#/components/schemas/ProtocolMapperRepresentation"
ComponentExportRepresentation:
type: object
properties:
config:
"$ref": "#/components/schemas/MultivaluedHashMap"
id:
type: string
name:
type: string
providerId:
type: string
subComponents:
"$ref": "#/components/schemas/MultivaluedHashMap"
subType:
type: string
ComponentRepresentation:
type: object
properties:
config:
"$ref": "#/components/schemas/MultivaluedHashMap"
id:
type: string
name:
type: string
parentId:
type: string
providerId:
type: string
providerType:
type: string
subType:
type: string
ConfigPropertyRepresentation:
type: object
properties:
defaultValue:
type: object
helpText:
type: string
label:
type: string
name:
type: string
options:
type: array
items:
type: string
readOnly:
type: boolean
secret:
type: boolean
type:
type: string
CredentialRepresentation:
type: object
properties:
createdDate:
type: integer
format: int64
credentialData:
type: string
id:
type: string
priority:
type: integer
format: int32
secretData:
type: string
temporary:
type: boolean
type:
type: string
userLabel:
type: string
value:
type: string
FederatedIdentityRepresentation:
type: object
properties:
identityProvider:
type: string
userId:
type: string
userName:
type: string
GlobalRequestResult:
type: object
properties:
failedRequests:
type: array
items:
type: string
successRequests:
type: array
items:
type: string
GroupRepresentation:
type: object
properties:
access:
type: object
additionalProperties: true
attributes:
type: object
additionalProperties: true
clientRoles:
type: object
additionalProperties: true
id:
type: string
name:
type: string
path:
type: string
realmRoles:
type: array
items:
type: string
subGroups:
type: array
items:
"$ref": "#/components/schemas/GroupRepresentation"
IDToken:
type: object
properties:
acr:
type: string
address:
"$ref": "#/components/schemas/AddressClaimSet"
at_hash:
type: string
auth_time:
type: integer
format: int64
azp:
type: string
birthdate:
type: string
c_hash:
type: string
category:
type: string
enum:
- INTERNAL
- ACCESS
- ID
- ADMIN
- USERINFO
- LOGOUT
- AUTHORIZATION_RESPONSE
claims_locales:
type: string
email:
type: string
email_verified:
type: boolean
exp:
type: integer
format: int64
family_name:
type: string
gender:
type: string
given_name:
type: string
iat:
type: integer
format: int64
iss:
type: string
jti:
type: string
locale:
type: string
middle_name:
type: string
name:
type: string
nbf:
type: integer
format: int64
nickname:
type: string
nonce:
type: string
otherClaims:
type: object
additionalProperties: true
phone_number:
type: string
phone_number_verified:
type: boolean
picture:
type: string
preferred_username:
type: string
profile:
type: string
s_hash:
type: string
session_state:
type: string
sid:
type: string
sub:
type: string
typ:
type: string
updated_at:
type: integer
format: int64
website:
type: string
zoneinfo:
type: string
IdentityProviderMapperRepresentation:
type: object
properties:
config:
type: object
additionalProperties: true
id:
type: string
identityProviderAlias:
type: string
identityProviderMapper:
type: string
name:
type: string
IdentityProviderRepresentation:
type: object
properties:
addReadTokenRoleOnCreate:
type: boolean
alias:
type: string
config:
type: object
additionalProperties: true
displayName:
type: string
enabled:
type: boolean
firstBrokerLoginFlowAlias:
type: string
internalId:
type: string
linkOnly:
type: boolean
postBrokerLoginFlowAlias:
type: string
providerId:
type: string
storeToken:
type: boolean
trustEmail:
type: boolean
JsonNode:
type: object
properties:
array:
type: boolean
bigDecimal:
type: boolean
bigInteger:
type: boolean
binary:
type: boolean
boolean:
type: boolean
containerNode:
type: boolean
double:
type: boolean
empty:
type: boolean
float:
type: boolean
floatingPointNumber:
type: boolean
int:
type: boolean
integralNumber:
type: boolean
long:
type: boolean
missingNode:
type: boolean
nodeType:
type: string
enum:
- ARRAY
- BINARY
- BOOLEAN
- MISSING
- 'NULL'
- NUMBER
- OBJECT
- POJO
- STRING
'null':
type: boolean
number:
type: boolean
object:
type: boolean
pojo:
type: boolean
short:
type: boolean
textual:
type: boolean
valueNode:
type: boolean
KeyStoreConfig:
type: object
properties:
format:
type: string
keyAlias:
type: string
keyPassword:
type: string
realmAlias:
type: string
realmCertificate:
type: boolean
storePassword:
type: string
KeysMetadataRepresentation:
type: object
properties:
active:
type: object
additionalProperties: true
keys:
type: array
items:
"$ref": "#/components/schemas/KeysMetadataRepresentation-KeyMetadataRepresentation"
KeysMetadataRepresentation-KeyMetadataRepresentation:
type: object
properties:
algorithm:
type: string
certificate:
type: string
kid:
type: string
providerId:
type: string
providerPriority:
type: integer
format: int64
publicKey:
type: string
status:
type: string
type:
type: string
use:
type: string
enum:
- SIG
- ENC
ManagementPermissionReference:
type: object
properties:
enabled:
type: boolean
resource:
type: string
scopePermissions:
type: object
additionalProperties: true
MappingsRepresentation:
type: object
properties:
clientMappings:
type: object
additionalProperties: true
realmMappings:
type: array
items:
"$ref": "#/components/schemas/RoleRepresentation"
MemoryInfoRepresentation:
type: object
properties:
free:
type: integer
format: int64
freeFormated:
type: string
freePercentage:
type: integer
format: int64
total:
type: integer
format: int64
totalFormated:
type: string
used:
type: integer
format: int64
usedFormated:
type: string
MultivaluedHashMap:
type: object
properties:
empty:
type: boolean
loadFactor:
type: number
format: float
threshold:
type: integer
format: int32
PartialImportRepresentation:
type: object
properties:
clients:
type: array
items:
"$ref": "#/components/schemas/ClientRepresentation"
groups:
type: array
items:
"$ref": "#/components/schemas/GroupRepresentation"
identityProviders:
type: array
items:
"$ref": "#/components/schemas/IdentityProviderRepresentation"
ifResourceExists:
type: string
policy:
type: string
enum:
- SKIP
- OVERWRITE
- FAIL
roles:
"$ref": "#/components/schemas/RolesRepresentation"
users:
type: array
items:
"$ref": "#/components/schemas/UserRepresentation"
PasswordPolicyTypeRepresentation:
type: object
properties:
configType:
type: string
defaultValue:
type: string
displayName:
type: string
id:
type: string
multipleSupported:
type: boolean
Permission:
type: object
properties:
claims:
type: object
additionalProperties: true
rsid:
type: string
rsname:
type: string
scopes:
type: array
items:
type: string
PolicyRepresentation:
type: object
properties:
config:
type: object
additionalProperties: true
decisionStrategy:
type: string
enum:
- AFFIRMATIVE
- UNANIMOUS
- CONSENSUS
description:
type: string
id:
type: string
logic:
type: string
enum:
- POSITIVE
- NEGATIVE
name:
type: string
owner:
type: string
policies:
type: array
items:
type: string
resources:
type: array
items:
type: string
resourcesData:
type: array
items:
"$ref": "#/components/schemas/ResourceRepresentation"
scopes:
type: array
items:
type: string
scopesData:
type: array
items:
"$ref": "#/components/schemas/ScopeRepresentation"
type:
type: string
ProfileInfoRepresentation:
type: object
properties:
disabledFeatures:
type: array
items:
type: string
experimentalFeatures:
type: array
items:
type: string
name:
type: string
previewFeatures:
type: array
items:
type: string
ProtocolMapperRepresentation:
type: object
properties:
config:
type: object
additionalProperties: true
id:
type: string
name:
type: string
protocol:
type: string
protocolMapper:
type: string
ProviderRepresentation:
type: object
properties:
operationalInfo:
type: object
additionalProperties: true
order:
type: integer
format: int32
RealmEventsConfigRepresentation:
type: object
properties:
adminEventsDetailsEnabled:
type: boolean
adminEventsEnabled:
type: boolean
enabledEventTypes:
type: array
items:
type: string
eventsEnabled:
type: boolean
eventsExpiration:
type: integer
format: int64
eventsListeners:
type: array
items:
type: string
RealmRepresentation:
type: object
properties:
accessCodeLifespan:
type: integer
format: int32
accessCodeLifespanLogin:
type: integer
format: int32
accessCodeLifespanUserAction:
type: integer
format: int32
accessTokenLifespan:
type: integer
format: int32
accessTokenLifespanForImplicitFlow:
type: integer
format: int32
accountTheme:
type: string
actionTokenGeneratedByAdminLifespan:
type: integer
format: int32
actionTokenGeneratedByUserLifespan:
type: integer
format: int32
adminEventsDetailsEnabled:
type: boolean
adminEventsEnabled:
type: boolean
adminTheme:
type: string
attributes:
type: object
additionalProperties: true
authenticationFlows:
type: array
items:
"$ref": "#/components/schemas/AuthenticationFlowRepresentation"
authenticatorConfig:
type: array
items:
"$ref": "#/components/schemas/AuthenticatorConfigRepresentation"
browserFlow:
type: string
browserSecurityHeaders:
type: object
additionalProperties: true
bruteForceProtected:
type: boolean
clientAuthenticationFlow:
type: string
clientOfflineSessionIdleTimeout:
type: integer
format: int32
clientOfflineSessionMaxLifespan:
type: integer
format: int32
clientPolicies:
"$ref": "#/components/schemas/JsonNode"
clientProfiles:
"$ref": "#/components/schemas/JsonNode"
clientScopeMappings:
type: object
additionalProperties: true
clientScopes:
type: array
items:
"$ref": "#/components/schemas/ClientScopeRepresentation"
clientSessionIdleTimeout:
type: integer
format: int32
clientSessionMaxLifespan:
type: integer
format: int32
clients:
type: array
items:
"$ref": "#/components/schemas/ClientRepresentation"
components:
"$ref": "#/components/schemas/MultivaluedHashMap"
defaultDefaultClientScopes:
type: array
items:
type: string
defaultGroups:
type: array
items:
type: string
defaultLocale:
type: string
defaultOptionalClientScopes:
type: array
items:
type: string
defaultRole:
"$ref": "#/components/schemas/RoleRepresentation"
defaultSignatureAlgorithm:
type: string
directGrantFlow:
type: string
displayName:
type: string
displayNameHtml:
type: string
dockerAuthenticationFlow:
type: string
duplicateEmailsAllowed:
type: boolean
editUsernameAllowed:
type: boolean
emailTheme:
type: string
enabled:
type: boolean
enabledEventTypes:
type: array
items:
type: string
eventsEnabled:
type: boolean
eventsExpiration:
type: integer
format: int64
eventsListeners:
type: array
items:
type: string
failureFactor:
type: integer
format: int32
federatedUsers:
type: array
items:
"$ref": "#/components/schemas/UserRepresentation"
groups:
type: array
items:
"$ref": "#/components/schemas/GroupRepresentation"
id:
type: string
identityProviderMappers:
type: array
items:
"$ref": "#/components/schemas/IdentityProviderMapperRepresentation"
identityProviders:
type: array
items:
"$ref": "#/components/schemas/IdentityProviderRepresentation"
internationalizationEnabled:
type: boolean
keycloakVersion:
type: string
loginTheme:
type: string
loginWithEmailAllowed:
type: boolean
maxDeltaTimeSeconds:
type: integer
format: int32
maxFailureWaitSeconds:
type: integer
format: int32
minimumQuickLoginWaitSeconds:
type: integer
format: int32
notBefore:
type: integer
format: int32
oAuth2DeviceCodeLifespan:
type: integer
format: int32
oAuth2DevicePollingInterval:
type: integer
format: int32
oauth2DeviceCodeLifespan:
type: integer
format: int32
oauth2DevicePollingInterval:
type: integer
format: int32
offlineSessionIdleTimeout:
type: integer
format: int32
offlineSessionMaxLifespan:
type: integer
format: int32
offlineSessionMaxLifespanEnabled:
type: boolean
otpPolicyAlgorithm:
type: string
otpPolicyDigits:
type: integer
format: int32
otpPolicyInitialCounter:
type: integer
format: int32
otpPolicyLookAheadWindow:
type: integer
format: int32
otpPolicyPeriod:
type: integer
format: int32
otpPolicyType:
type: string
otpSupportedApplications:
type: array
items:
type: string
passwordPolicy:
type: string
permanentLockout:
type: boolean
protocolMappers:
type: array
items:
"$ref": "#/components/schemas/ProtocolMapperRepresentation"
quickLoginCheckMilliSeconds:
type: integer
format: int64
realm:
type: string
refreshTokenMaxReuse:
type: integer
format: int32
registrationAllowed:
type: boolean
registrationEmailAsUsername:
type: boolean
registrationFlow:
type: string
rememberMe:
type: boolean
requiredActions:
type: array
items:
"$ref": "#/components/schemas/RequiredActionProviderRepresentation"
resetCredentialsFlow:
type: string
resetPasswordAllowed:
type: boolean
revokeRefreshToken:
type: boolean
roles:
"$ref": "#/components/schemas/RolesRepresentation"
scopeMappings:
type: array
items:
"$ref": "#/components/schemas/ScopeMappingRepresentation"
smtpServer:
type: object
additionalProperties: true
sslRequired:
type: string
ssoSessionIdleTimeout:
type: integer
format: int32
ssoSessionIdleTimeoutRememberMe:
type: integer
format: int32
ssoSessionMaxLifespan:
type: integer
format: int32
ssoSessionMaxLifespanRememberMe:
type: integer
format: int32
supportedLocales:
type: array
items:
type: string
userFederationMappers:
type: array
items:
"$ref": "#/components/schemas/UserFederationMapperRepresentation"
userFederationProviders:
type: array
items:
"$ref": "#/components/schemas/UserFederationProviderRepresentation"
userManagedAccessAllowed:
type: boolean
users:
type: array
items:
"$ref": "#/components/schemas/UserRepresentation"
verifyEmail:
type: boolean
waitIncrementSeconds:
type: integer
format: int32
webAuthnPolicyAcceptableAaguids:
type: array
items:
type: string
webAuthnPolicyAttestationConveyancePreference:
type: string
webAuthnPolicyAuthenticatorAttachment:
type: string
webAuthnPolicyAvoidSameAuthenticatorRegister:
type: boolean
webAuthnPolicyCreateTimeout:
type: integer
format: int32
webAuthnPolicyPasswordlessAcceptableAaguids:
type: array
items:
type: string
webAuthnPolicyPasswordlessAttestationConveyancePreference:
type: string
webAuthnPolicyPasswordlessAuthenticatorAttachment:
type: string
webAuthnPolicyPasswordlessAvoidSameAuthenticatorRegister:
type: boolean
webAuthnPolicyPasswordlessCreateTimeout:
type: integer
format: int32
webAuthnPolicyPasswordlessRequireResidentKey:
type: string
webAuthnPolicyPasswordlessRpEntityName:
type: string
webAuthnPolicyPasswordlessRpId:
type: string
webAuthnPolicyPasswordlessSignatureAlgorithms:
type: array
items:
type: string
webAuthnPolicyPasswordlessUserVerificationRequirement:
type: string
webAuthnPolicyRequireResidentKey:
type: string
webAuthnPolicyRpEntityName:
type: string
webAuthnPolicyRpId:
type: string
webAuthnPolicySignatureAlgorithms:
type: array
items:
type: string
webAuthnPolicyUserVerificationRequirement:
type: string
RequiredActionProviderRepresentation:
type: object
properties:
alias:
type: string
config:
type: object
additionalProperties: true
defaultAction:
type: boolean
enabled:
type: boolean
name:
type: string
priority:
type: integer
format: int32
providerId:
type: string
ResourceRepresentation:
type: object
properties:
id:
type: string
attributes:
type: object
additionalProperties: true
displayName:
type: string
icon_uri:
type: string
name:
type: string
ownerManagedAccess:
type: boolean
scopes:
type: array
items:
"$ref": "#/components/schemas/ScopeRepresentation"
type:
type: string
uris:
type: array
items:
type: string
ResourceServerRepresentation:
type: object
properties:
allowRemoteResourceManagement:
type: boolean
clientId:
type: string
decisionStrategy:
type: string
enum:
- AFFIRMATIVE
- UNANIMOUS
- CONSENSUS
id:
type: string
name:
type: string
policies:
type: array
items:
"$ref": "#/components/schemas/PolicyRepresentation"
policyEnforcementMode:
type: string
enum:
- ENFORCING
- PERMISSIVE
- DISABLED
resources:
type: array
items:
"$ref": "#/components/schemas/ResourceRepresentation"
scopes:
type: array
items:
"$ref": "#/components/schemas/ScopeRepresentation"
RoleRepresentation:
type: object
properties:
attributes:
type: object
additionalProperties: true
clientRole:
type: boolean
composite:
type: boolean
composites:
"$ref": "#/components/schemas/RoleRepresentation-Composites"
containerId:
type: string
description:
type: string
id:
type: string
name:
type: string
RoleRepresentation-Composites:
type: object
properties:
client:
type: object
additionalProperties: true
realm:
type: array
items:
type: string
RolesRepresentation:
type: object
properties:
client:
type: object
additionalProperties: true
realm:
type: array
items:
"$ref": "#/components/schemas/RoleRepresentation"
ScopeMappingRepresentation:
type: object
properties:
client:
type: string
clientScope:
type: string
roles:
type: array
items:
type: string
self:
type: string
ScopeRepresentation:
type: object
properties:
displayName:
type: string
iconUri:
type: string
id:
type: string
name:
type: string
policies:
type: array
items:
"$ref": "#/components/schemas/PolicyRepresentation"
resources:
type: array
items:
"$ref": "#/components/schemas/ResourceRepresentation"
ServerInfoRepresentation:
type: object
properties:
builtinProtocolMappers:
type: object
additionalProperties: true
clientImporters:
type: array
items:
type: object
additionalProperties: true
clientInstallations:
type: object
additionalProperties: true
componentTypes:
type: object
additionalProperties: true
enums:
type: object
additionalProperties: true
identityProviders:
type: array
items:
type: object
additionalProperties: true
memoryInfo:
"$ref": "#/components/schemas/MemoryInfoRepresentation"
passwordPolicies:
type: array
items:
"$ref": "#/components/schemas/PasswordPolicyTypeRepresentation"
profileInfo:
"$ref": "#/components/schemas/ProfileInfoRepresentation"
protocolMapperTypes:
type: object
additionalProperties: true
providers:
type: object
additionalProperties: true
socialProviders:
type: array
items:
type: object
additionalProperties: true
systemInfo:
"$ref": "#/components/schemas/SystemInfoRepresentation"
themes:
type: object
additionalProperties: true
SpiInfoRepresentation:
type: object
properties:
internal:
type: boolean
providers:
type: object
additionalProperties: true
SynchronizationResult:
type: object
properties:
added:
type: integer
format: int32
failed:
type: integer
format: int32
ignored:
type: boolean
removed:
type: integer
format: int32
status:
type: string
updated:
type: integer
format: int32
SystemInfoRepresentation:
type: object
properties:
fileEncoding:
type: string
javaHome:
type: string
javaRuntime:
type: string
javaVendor:
type: string
javaVersion:
type: string
javaVm:
type: string
javaVmVersion:
type: string
osArchitecture:
type: string
osName:
type: string
osVersion:
type: string
serverTime:
type: string
uptime:
type: string
uptimeMillis:
type: integer
format: int64
userDir:
type: string
userLocale:
type: string
userName:
type: string
userTimezone:
type: string
version:
type: string
TestLdapConnectionRepresentation:
type: object
properties:
action:
type: string
authType:
type: string
bindCredential:
type: string
bindDn:
type: string
componentId:
type: string
connectionTimeout:
type: string
connectionUrl:
type: string
startTls:
type: string
useTruststoreSpi:
type: string
UserConsentRepresentation:
type: object
properties:
clientId:
type: string
createdDate:
type: integer
format: int64
grantedClientScopes:
type: array
items:
type: string
lastUpdatedDate:
type: integer
format: int64
UserFederationMapperRepresentation:
type: object
properties:
config:
type: object
additionalProperties: true
federationMapperType:
type: string
federationProviderDisplayName:
type: string
id:
type: string
name:
type: string
UserFederationProviderRepresentation:
type: object
properties:
changedSyncPeriod:
type: integer
format: int32
config:
type: object
additionalProperties: true
displayName:
type: string
fullSyncPeriod:
type: integer
format: int32
id:
type: string
lastSync:
type: integer
format: int32
priority:
type: integer
format: int32
providerName:
type: string
UserRepresentation:
type: object
properties:
access:
type: object
additionalProperties: true
attributes:
type: object
additionalProperties: true
clientConsents:
type: array
items:
"$ref": "#/components/schemas/UserConsentRepresentation"
clientRoles:
type: object
additionalProperties: true
createdTimestamp:
type: integer
format: int64
credentials:
type: array
items:
"$ref": "#/components/schemas/CredentialRepresentation"
disableableCredentialTypes:
type: array
items:
type: string
email:
type: string
emailVerified:
type: boolean
enabled:
type: boolean
federatedIdentities:
type: array
items:
"$ref": "#/components/schemas/FederatedIdentityRepresentation"
federationLink:
type: string
firstName:
type: string
groups:
type: array
items:
type: string
id:
type: string
lastName:
type: string
notBefore:
type: integer
format: int32
origin:
type: string
realmRoles:
type: array
items:
type: string
requiredActions:
type: array
items:
type: string
self:
type: string
serviceAccountClientId:
type: string
username:
type: string
security:
- access_token: []
externalDocs:
description: Schema source code
url: https://github.com/keycloak/keycloak/tree/6.0.1/core/src/main/java/org/keycloak/representations
Reference in New Issue View Git Blame Copy Permalink