Class RealmAdminResource
java.lang.Object
org.keycloak.services.resources.admin.RealmAdminResource
Base resource class for the admin REST api of one realm
- Version:
- $Revision: 1 $
- Author:
- Bill Burke
-
Field Summary
Modifier and TypeFieldDescriptionprotected final AdminPermissionEvaluator
protected final ClientConnection
protected final jakarta.ws.rs.core.HttpHeaders
protected static final org.jboss.logging.Logger
protected final RealmModel
protected final KeycloakSession
-
Constructor Summary
ConstructorDescriptionRealmAdminResource
(KeycloakSession session, AdminPermissionEvaluator auth, AdminEventBuilder adminEvent) -
Method Summary
Modifier and TypeMethodDescriptionvoid
addDefaultDefaultClientScope
(String clientScopeId) void
addDefaultGroup
(String groupId) void
addDefaultOptionalClientScope
(String clientScopeId) void
Delete all admin eventsvoid
Delete all eventsconvertClientDescription
(String description) Base path for importing clients under this realm.void
Delete the realmvoid
deleteSession
(String sessionId) Remove a specific user session.flows()
Base path for managing attack detection.Base path for managing client initial access tokensBase path for managing clients under this realm.Base path for managing client scopes under this realm.Get client session stats Returns a JSON map.Deprecated.Base path for managing components under this realm.Get realm default client scopes.Get group hierarchy.Get realm optional client scopes.getEvents
(List<String> types, String client, String user, String dateFrom, String dateTo, String ipAddress, Integer firstResult, Integer maxResults) Get events Returns all events, or filters them based on URL query parameters listed heregetEvents
(List<String> operationTypes, String authRealm, String authClient, String authUser, String authIpAddress, String resourcePath, String dateFrom, String dateTo, Integer firstResult, Integer maxResults, List<String> resourceTypes) Get admin events Returns all admin events, or filters events based on URL query parameters listed heregetGroupByPath
(List<jakarta.ws.rs.core.PathSegment> pathSegments) Base path for managing localization under this realm.getRealm()
Get the top-level representation of the realm It will not include nested information like User and Client representations.Get the events provider configuration Returns JSON object with events provider configurationbase path for managing realm-level roles of this realmkeys()
Removes all user sessions.jakarta.ws.rs.core.Response
partialExport
(Boolean exportGroupsAndRoles, Boolean exportClients) Partial export of existing realm into a JSON file.jakarta.ws.rs.core.Response
partialImport
(InputStream requestBody) Partial import from a JSON file to an existing realm.Push the realm's revocation policy to any client that has an admin url associated with it.void
removeDefaultDefaultClientScope
(String clientScopeId) void
removeDefaultGroup
(String groupId) void
removeDefaultOptionalClientScope
(String clientScopeId) Path for managing all realm-level or client-level roles defined in this realm by its id.jakarta.ws.rs.core.Response
testSMTPConnection
(String config) Deprecated.jakarta.ws.rs.core.Response
testSMTPConnection
(Map<String, String> settings) toUsersMgmtRef
(AdminPermissionManagement permissions) jakarta.ws.rs.core.Response
Update the top-level information of the realm Any user, roles or client information in the representation will be ignored.void
Update the events provider Change the events provider and/or its configurationusers()
Base path for managing users in this realm.
-
Field Details
-
logger
protected static final org.jboss.logging.Logger logger -
auth
-
realm
-
session
-
connection
-
headers
protected final jakarta.ws.rs.core.HttpHeaders headers
-
-
Constructor Details
-
RealmAdminResource
public RealmAdminResource(KeycloakSession session, AdminPermissionEvaluator auth, AdminEventBuilder adminEvent)
-
-
Method Details
-
convertClientDescription
@Path("client-description-converter") @Consumes({"application/json","application/xml","text/plain"}) @POST @Produces("application/json") public ClientRepresentation convertClientDescription(String description) Base path for importing clients under this realm.- Returns:
-
getAttackDetection
Base path for managing attack detection.- Returns:
-
getClients
Base path for managing clients under this realm.- Returns:
-
getClientTemplates
Deprecated.This endpoint is deprecated. It's here just because of backwards compatibility. UsegetClientScopes()
instead- Returns:
-
getClientScopes
Base path for managing client scopes under this realm.- Returns:
-
getLocalization
Base path for managing localization under this realm. -
getDefaultDefaultClientScopes
@GET @Produces("application/json") @Path("default-default-client-scopes") public Stream<ClientScopeRepresentation> getDefaultDefaultClientScopes()Get realm default client scopes. Only name and ids are returned.- Returns:
-
addDefaultDefaultClientScope
@PUT @Path("default-default-client-scopes/{clientScopeId}") public void addDefaultDefaultClientScope(@PathParam("clientScopeId") String clientScopeId) -
removeDefaultDefaultClientScope
@DELETE @Path("default-default-client-scopes/{clientScopeId}") public void removeDefaultDefaultClientScope(@PathParam("clientScopeId") String clientScopeId) -
getDefaultOptionalClientScopes
@GET @Produces("application/json") @Path("default-optional-client-scopes") public Stream<ClientScopeRepresentation> getDefaultOptionalClientScopes()Get realm optional client scopes. Only name and ids are returned.- Returns:
-
addDefaultOptionalClientScope
@PUT @Path("default-optional-client-scopes/{clientScopeId}") public void addDefaultOptionalClientScope(@PathParam("clientScopeId") String clientScopeId) -
removeDefaultOptionalClientScope
@DELETE @Path("default-optional-client-scopes/{clientScopeId}") public void removeDefaultOptionalClientScope(@PathParam("clientScopeId") String clientScopeId) -
getClientInitialAccess
Base path for managing client initial access tokens- Returns:
-
getClientRegistrationPolicy
@Path("client-registration-policy") public ClientRegistrationPolicyResource getClientRegistrationPolicy() -
getComponents
Base path for managing components under this realm.- Returns:
-
getRoleContainerResource
base path for managing realm-level roles of this realm- Returns:
-
getRealm
Get the top-level representation of the realm It will not include nested information like User and Client representations.- Returns:
-
updateRealm
@PUT @Consumes("application/json") public jakarta.ws.rs.core.Response updateRealm(RealmRepresentation rep) Update the top-level information of the realm Any user, roles or client information in the representation will be ignored. This will only update top-level attributes of the realm.- Parameters:
rep
-- Returns:
-
deleteRealm
@DELETE public void deleteRealm()Delete the realm -
users
Base path for managing users in this realm.- Returns:
-
getUserMgmtPermissions
@GET @Produces("application/json") @Path("users-management-permissions") public ManagementPermissionReference getUserMgmtPermissions() -
setUsersManagementPermissionsEnabled
@PUT @Produces("application/json") @Consumes("application/json") @Path("users-management-permissions") public ManagementPermissionReference setUsersManagementPermissionsEnabled(ManagementPermissionReference ref) -
toUsersMgmtRef
-
extension
-
flows
-
rolesById
Path for managing all realm-level or client-level roles defined in this realm by its id.- Returns:
-
pushRevocation
@Path("push-revocation") @Produces("application/json") @POST public GlobalRequestResult pushRevocation()Push the realm's revocation policy to any client that has an admin url associated with it. -
logoutAll
Removes all user sessions. Any client that has an admin url will also be told to invalidate any sessions they have. -
deleteSession
@Path("sessions/{session}") @DELETE public void deleteSession(@PathParam("session") String sessionId) Remove a specific user session. Any client that has an admin url will also be told to invalidate this particular session.- Parameters:
sessionId
-
-
getClientSessionStats
@Path("client-session-stats") @GET @Produces("application/json") public Stream<Map<String,String>> getClientSessionStats()Get client session stats Returns a JSON map. The key is the client id, the value is the number of sessions that currently are active with that client. Only clients that actually have a session associated with them will be in this map.- Returns:
-
getRealmEventsConfig
@GET @Path("events/config") @Produces("application/json") public RealmEventsConfigRepresentation getRealmEventsConfig()Get the events provider configuration Returns JSON object with events provider configuration- Returns:
-
updateRealmEventsConfig
@PUT @Path("events/config") @Consumes("application/json") public void updateRealmEventsConfig(RealmEventsConfigRepresentation rep) Update the events provider Change the events provider and/or its configuration- Parameters:
rep
-
-
getEvents
@Path("events") @GET @Produces("application/json") public Stream<EventRepresentation> getEvents(@QueryParam("type") List<String> types, @QueryParam("client") String client, @QueryParam("user") String user, @QueryParam("dateFrom") String dateFrom, @QueryParam("dateTo") String dateTo, @QueryParam("ipAddress") String ipAddress, @QueryParam("first") Integer firstResult, @QueryParam("max") Integer maxResults) Get events Returns all events, or filters them based on URL query parameters listed here- Parameters:
types
- The types of events to returnclient
- App or oauth client nameuser
- User idipAddress
- IP addressdateTo
- To datedateFrom
- From datefirstResult
- Paging offsetmaxResults
- Maximum results size (defaults to 100)- Returns:
-
getEvents
@Path("admin-events") @GET @Produces("application/json") public Stream<AdminEventRepresentation> getEvents(@QueryParam("operationTypes") List<String> operationTypes, @QueryParam("authRealm") String authRealm, @QueryParam("authClient") String authClient, @QueryParam("authUser") String authUser, @QueryParam("authIpAddress") String authIpAddress, @QueryParam("resourcePath") String resourcePath, @QueryParam("dateFrom") String dateFrom, @QueryParam("dateTo") String dateTo, @QueryParam("first") Integer firstResult, @QueryParam("max") Integer maxResults, @QueryParam("resourceTypes") List<String> resourceTypes) Get admin events Returns all admin events, or filters events based on URL query parameters listed here- Parameters:
operationTypes
-authRealm
-authClient
-authUser
- user idauthIpAddress
-resourcePath
-dateTo
-dateFrom
-firstResult
-maxResults
- Maximum results size (defaults to 100)- Returns:
-
clearEvents
@Path("events") @DELETE public void clearEvents()Delete all events -
clearAdminEvents
@Path("admin-events") @DELETE public void clearAdminEvents()Delete all admin events -
testSMTPConnection
@Path("testSMTPConnection") @POST @Consumes("application/x-www-form-urlencoded") @Deprecated public jakarta.ws.rs.core.Response testSMTPConnection(@FormParam("config") String config) throws Exception Deprecated.Test SMTP connection with current logged in user- Parameters:
config
- SMTP server configuration- Returns:
- Throws:
Exception
-
testSMTPConnection
@Path("testSMTPConnection") @POST @Consumes("application/json") public jakarta.ws.rs.core.Response testSMTPConnection(Map<String, String> settings) throws Exception- Throws:
Exception
-
getIdentityProviderResource
-
getDefaultGroups
@GET @Produces("application/json") @Path("default-groups") public Stream<GroupRepresentation> getDefaultGroups()Get group hierarchy. Only name and ids are returned.- Returns:
-
addDefaultGroup
@PUT @Path("default-groups/{groupId}") public void addDefaultGroup(@PathParam("groupId") String groupId) -
removeDefaultGroup
@DELETE @Path("default-groups/{groupId}") public void removeDefaultGroup(@PathParam("groupId") String groupId) -
getGroups
-
getGroupByPath
@GET @Path("group-by-path/{path: .*}") @Produces("application/json") public GroupRepresentation getGroupByPath(@PathParam("path") List<jakarta.ws.rs.core.PathSegment> pathSegments) -
partialImport
@Path("partialImport") @POST @Produces("application/json") @Consumes("application/json") public jakarta.ws.rs.core.Response partialImport(InputStream requestBody) Partial import from a JSON file to an existing realm. -
partialExport
@Path("partial-export") @Produces("application/json") @POST public jakarta.ws.rs.core.Response partialExport(@QueryParam("exportGroupsAndRoles") Boolean exportGroupsAndRoles, @QueryParam("exportClients") Boolean exportClients) Partial export of existing realm into a JSON file.- Parameters:
exportGroupsAndRoles
-exportClients
-- Returns:
-
keys
-
getCredentialRegistrators
-
getClientPoliciesResource
-
getClientProfilesResource
-