Class RealmAdminResource
- java.lang.Object
-
- org.keycloak.services.resources.admin.RealmAdminResource
-
public class RealmAdminResource extends Object
Base resource class for the admin REST api of one realm- Version:
- $Revision: 1 $
- Author:
- Bill Burke
-
-
Field Summary
Fields Modifier and Type Field Description protected AdminPermissionEvaluatorauthprotected ClientConnectionconnectionprotected javax.ws.rs.core.HttpHeadersheadersprotected static org.jboss.logging.Loggerloggerprotected RealmModelrealmprotected KeycloakSessionsession
-
Constructor Summary
Constructors Constructor Description RealmAdminResource(KeycloakSession session, AdminPermissionEvaluator auth, AdminEventBuilder adminEvent)
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Deprecated Methods Modifier and Type Method Description voidaddDefaultDefaultClientScope(String clientScopeId)voidaddDefaultGroup(String groupId)voidaddDefaultOptionalClientScope(String clientScopeId)voidclearAdminEvents()Delete all admin eventsvoidclearEvents()Delete all eventsClientRepresentationconvertClientDescription(String description)Base path for importing clients under this realm.voiddeleteRealm()Delete the realmvoiddeleteSession(String sessionId)Remove a specific user session.Objectextension(String extension)AuthenticationManagementResourceflows()AttackDetectionResourcegetAttackDetection()Base path for managing attack detection.ClientInitialAccessResourcegetClientInitialAccess()Base path for managing client initial access tokensClientPoliciesResourcegetClientPoliciesResource()ClientProfilesResourcegetClientProfilesResource()ClientRegistrationPolicyResourcegetClientRegistrationPolicy()ClientsResourcegetClients()Base path for managing clients under this realm.ClientScopesResourcegetClientScopes()Base path for managing client scopes under this realm.Stream<Map<String,String>>getClientSessionStats()Get client session stats Returns a JSON map.ClientScopesResourcegetClientTemplates()Deprecated.ComponentResourcegetComponents()Base path for managing components under this realm.Stream<String>getCredentialRegistrators()Stream<ClientScopeRepresentation>getDefaultDefaultClientScopes()Get realm default client scopes.Stream<GroupRepresentation>getDefaultGroups()Get group hierarchy.Stream<ClientScopeRepresentation>getDefaultOptionalClientScopes()Get realm optional client scopes.Stream<EventRepresentation>getEvents(List<String> types, String client, String user, String dateFrom, String dateTo, String ipAddress, Integer firstResult, Integer maxResults)Get events Returns all events, or filters them based on URL query parameters listed hereStream<AdminEventRepresentation>getEvents(List<String> operationTypes, String authRealm, String authClient, String authUser, String authIpAddress, String resourcePath, String dateFrom, String dateTo, Integer firstResult, Integer maxResults, List<String> resourceTypes)Get admin events Returns all admin events, or filters events based on URL query parameters listed hereGroupRepresentationgetGroupByPath(String path)GroupsResourcegetGroups()IdentityProvidersResourcegetIdentityProviderResource()RealmLocalizationResourcegetLocalization()Base path for managing localization under this realm.RealmRepresentationgetRealm()Get the top-level representation of the realm It will not include nested information like User and Client representations.RealmEventsConfigRepresentationgetRealmEventsConfig()Get the events provider configuration Returns JSON object with events provider configurationRoleContainerResourcegetRoleContainerResource()base path for managing realm-level roles of this realmManagementPermissionReferencegetUserMgmtPermissions()KeyResourcekeys()GlobalRequestResultlogoutAll()Removes all user sessions.javax.ws.rs.core.ResponsepartialExport(Boolean exportGroupsAndRoles, Boolean exportClients)Partial export of existing realm into a JSON file.javax.ws.rs.core.ResponsepartialImport(InputStream requestBody)Partial import from a JSON file to an existing realm.GlobalRequestResultpushRevocation()Push the realm's revocation policy to any client that has an admin url associated with it.voidremoveDefaultDefaultClientScope(String clientScopeId)voidremoveDefaultGroup(String groupId)voidremoveDefaultOptionalClientScope(String clientScopeId)RoleByIdResourcerolesById()Path for managing all realm-level or client-level roles defined in this realm by its id.ManagementPermissionReferencesetUsersManagementPermissionsEnabled(ManagementPermissionReference ref)javax.ws.rs.core.ResponsetestSMTPConnection(String config)Deprecated.javax.ws.rs.core.ResponsetestSMTPConnection(Map<String,String> settings)static ManagementPermissionReferencetoUsersMgmtRef(AdminPermissionManagement permissions)javax.ws.rs.core.ResponseupdateRealm(RealmRepresentation rep)Update the top-level information of the realm Any user, roles or client information in the representation will be ignored.voidupdateRealmEventsConfig(RealmEventsConfigRepresentation rep)Update the events provider Change the events provider and/or its configurationUsersResourceusers()Base path for managing users in this realm.
-
-
-
Field Detail
-
logger
protected static final org.jboss.logging.Logger logger
-
auth
protected final AdminPermissionEvaluator auth
-
realm
protected final RealmModel realm
-
session
protected final KeycloakSession session
-
connection
protected final ClientConnection connection
-
headers
protected final javax.ws.rs.core.HttpHeaders headers
-
-
Constructor Detail
-
RealmAdminResource
public RealmAdminResource(KeycloakSession session, AdminPermissionEvaluator auth, AdminEventBuilder adminEvent)
-
-
Method Detail
-
convertClientDescription
@Path("client-description-converter") @Consumes({"application/json","application/xml","text/plain"}) @POST @Produces("application/json") public ClientRepresentation convertClientDescription(String description)Base path for importing clients under this realm.- Returns:
-
getAttackDetection
@Path("attack-detection") public AttackDetectionResource getAttackDetection()Base path for managing attack detection.- Returns:
-
getClients
@Path("clients") public ClientsResource getClients()Base path for managing clients under this realm.- Returns:
-
getClientTemplates
@Deprecated @Path("client-templates") public ClientScopesResource getClientTemplates()
Deprecated.This endpoint is deprecated. It's here just because of backwards compatibility. UsegetClientScopes()instead- Returns:
-
getClientScopes
@Path("client-scopes") public ClientScopesResource getClientScopes()Base path for managing client scopes under this realm.- Returns:
-
getLocalization
@Path("localization") public RealmLocalizationResource getLocalization()Base path for managing localization under this realm.
-
getDefaultDefaultClientScopes
@GET @Produces("application/json") @Path("default-default-client-scopes") public Stream<ClientScopeRepresentation> getDefaultDefaultClientScopes()Get realm default client scopes. Only name and ids are returned.- Returns:
-
addDefaultDefaultClientScope
@PUT @Path("default-default-client-scopes/{clientScopeId}") public void addDefaultDefaultClientScope(@PathParam("clientScopeId") String clientScopeId)
-
removeDefaultDefaultClientScope
@DELETE @Path("default-default-client-scopes/{clientScopeId}") public void removeDefaultDefaultClientScope(@PathParam("clientScopeId") String clientScopeId)
-
getDefaultOptionalClientScopes
@GET @Produces("application/json") @Path("default-optional-client-scopes") public Stream<ClientScopeRepresentation> getDefaultOptionalClientScopes()Get realm optional client scopes. Only name and ids are returned.- Returns:
-
addDefaultOptionalClientScope
@PUT @Path("default-optional-client-scopes/{clientScopeId}") public void addDefaultOptionalClientScope(@PathParam("clientScopeId") String clientScopeId)
-
removeDefaultOptionalClientScope
@DELETE @Path("default-optional-client-scopes/{clientScopeId}") public void removeDefaultOptionalClientScope(@PathParam("clientScopeId") String clientScopeId)
-
getClientInitialAccess
@Path("clients-initial-access") public ClientInitialAccessResource getClientInitialAccess()Base path for managing client initial access tokens- Returns:
-
getClientRegistrationPolicy
@Path("client-registration-policy") public ClientRegistrationPolicyResource getClientRegistrationPolicy()
-
getComponents
@Path("components") public ComponentResource getComponents()Base path for managing components under this realm.- Returns:
-
getRoleContainerResource
@Path("roles") public RoleContainerResource getRoleContainerResource()base path for managing realm-level roles of this realm- Returns:
-
getRealm
@GET @Produces("application/json") public RealmRepresentation getRealm()Get the top-level representation of the realm It will not include nested information like User and Client representations.- Returns:
-
updateRealm
@PUT @Consumes("application/json") public javax.ws.rs.core.Response updateRealm(RealmRepresentation rep)Update the top-level information of the realm Any user, roles or client information in the representation will be ignored. This will only update top-level attributes of the realm.- Parameters:
rep-- Returns:
-
deleteRealm
@DELETE public void deleteRealm()
Delete the realm
-
users
@Path("users") public UsersResource users()Base path for managing users in this realm.- Returns:
-
getUserMgmtPermissions
@GET @Produces("application/json") @Path("users-management-permissions") public ManagementPermissionReference getUserMgmtPermissions()
-
setUsersManagementPermissionsEnabled
@PUT @Produces("application/json") @Consumes("application/json") @Path("users-management-permissions") public ManagementPermissionReference setUsersManagementPermissionsEnabled(ManagementPermissionReference ref)
-
toUsersMgmtRef
public static ManagementPermissionReference toUsersMgmtRef(AdminPermissionManagement permissions)
-
flows
@Path("authentication") public AuthenticationManagementResource flows()
-
rolesById
@Path("roles-by-id") public RoleByIdResource rolesById()Path for managing all realm-level or client-level roles defined in this realm by its id.- Returns:
-
pushRevocation
@Path("push-revocation") @Produces("application/json") @POST public GlobalRequestResult pushRevocation()Push the realm's revocation policy to any client that has an admin url associated with it.
-
logoutAll
@Path("logout-all") @POST @Produces("application/json") public GlobalRequestResult logoutAll()Removes all user sessions. Any client that has an admin url will also be told to invalidate any sessions they have.
-
deleteSession
@Path("sessions/{session}") @DELETE public void deleteSession(@PathParam("session") String sessionId)Remove a specific user session. Any client that has an admin url will also be told to invalidate this particular session.- Parameters:
sessionId-
-
getClientSessionStats
@Path("client-session-stats") @GET @Produces("application/json") public Stream<Map<String,String>> getClientSessionStats()Get client session stats Returns a JSON map. The key is the client id, the value is the number of sessions that currently are active with that client. Only clients that actually have a session associated with them will be in this map.- Returns:
-
getRealmEventsConfig
@GET @Path("events/config") @Produces("application/json") public RealmEventsConfigRepresentation getRealmEventsConfig()Get the events provider configuration Returns JSON object with events provider configuration- Returns:
-
updateRealmEventsConfig
@PUT @Path("events/config") @Consumes("application/json") public void updateRealmEventsConfig(RealmEventsConfigRepresentation rep)Update the events provider Change the events provider and/or its configuration- Parameters:
rep-
-
getEvents
@Path("events") @GET @Produces("application/json") public Stream<EventRepresentation> getEvents(@QueryParam("type") List<String> types, @QueryParam("client") String client, @QueryParam("user") String user, @QueryParam("dateFrom") String dateFrom, @QueryParam("dateTo") String dateTo, @QueryParam("ipAddress") String ipAddress, @QueryParam("first") Integer firstResult, @QueryParam("max") Integer maxResults)Get events Returns all events, or filters them based on URL query parameters listed here- Parameters:
types- The types of events to returnclient- App or oauth client nameuser- User idipAddress- IP addressdateTo- To datedateFrom- From datefirstResult- Paging offsetmaxResults- Maximum results size (defaults to 100)- Returns:
-
getEvents
@Path("admin-events") @GET @Produces("application/json") public Stream<AdminEventRepresentation> getEvents(@QueryParam("operationTypes") List<String> operationTypes, @QueryParam("authRealm") String authRealm, @QueryParam("authClient") String authClient, @QueryParam("authUser") String authUser, @QueryParam("authIpAddress") String authIpAddress, @QueryParam("resourcePath") String resourcePath, @QueryParam("dateFrom") String dateFrom, @QueryParam("dateTo") String dateTo, @QueryParam("first") Integer firstResult, @QueryParam("max") Integer maxResults, @QueryParam("resourceTypes") List<String> resourceTypes)Get admin events Returns all admin events, or filters events based on URL query parameters listed here- Parameters:
operationTypes-authRealm-authClient-authUser- user idauthIpAddress-resourcePath-dateTo-dateFrom-firstResult-maxResults- Maximum results size (defaults to 100)- Returns:
-
clearEvents
@Path("events") @DELETE public void clearEvents()Delete all events
-
clearAdminEvents
@Path("admin-events") @DELETE public void clearAdminEvents()Delete all admin events
-
testSMTPConnection
@Path("testSMTPConnection") @POST @Consumes("application/x-www-form-urlencoded") @Deprecated public javax.ws.rs.core.Response testSMTPConnection(@FormParam("config") String config) throws ExceptionDeprecated.Test SMTP connection with current logged in user- Parameters:
config- SMTP server configuration- Returns:
- Throws:
Exception
-
testSMTPConnection
@Path("testSMTPConnection") @POST @Consumes("application/json") public javax.ws.rs.core.Response testSMTPConnection(Map<String,String> settings) throws Exception- Throws:
Exception
-
getIdentityProviderResource
@Path("identity-provider") public IdentityProvidersResource getIdentityProviderResource()
-
getDefaultGroups
@GET @Produces("application/json") @Path("default-groups") public Stream<GroupRepresentation> getDefaultGroups()Get group hierarchy. Only name and ids are returned.- Returns:
-
addDefaultGroup
@PUT @Path("default-groups/{groupId}") public void addDefaultGroup(@PathParam("groupId") String groupId)
-
removeDefaultGroup
@DELETE @Path("default-groups/{groupId}") public void removeDefaultGroup(@PathParam("groupId") String groupId)
-
getGroups
@Path("groups") public GroupsResource getGroups()
-
getGroupByPath
@GET @Path("group-by-path/{path: .*}") @Produces("application/json") public GroupRepresentation getGroupByPath(@PathParam("path") String path)
-
partialImport
@Path("partialImport") @POST @Produces("application/json") @Consumes("application/json") public javax.ws.rs.core.Response partialImport(InputStream requestBody)Partial import from a JSON file to an existing realm.
-
partialExport
@Path("partial-export") @Produces("application/json") @POST public javax.ws.rs.core.Response partialExport(@QueryParam("exportGroupsAndRoles") Boolean exportGroupsAndRoles, @QueryParam("exportClients") Boolean exportClients)Partial export of existing realm into a JSON file.- Parameters:
exportGroupsAndRoles-exportClients-- Returns:
-
keys
@Path("keys") public KeyResource keys()
-
getCredentialRegistrators
@GET @Path("credential-registrators") @Produces("application/json") public Stream<String> getCredentialRegistrators()
-
getClientPoliciesResource
@Path("client-policies/policies") public ClientPoliciesResource getClientPoliciesResource()
-
getClientProfilesResource
@Path("client-policies/profiles") public ClientProfilesResource getClientProfilesResource()
-
-