Package org.keycloak.services.resources.admin

Class RealmAdminResource

java.lang.Object
org.keycloak.services.resources.admin.RealmAdminResource
public class RealmAdminResource extends Object
Base resource class for the admin REST api of one realm
Version:
$Revision: 1 $
Author:
Bill Burke

  • Field Details

    • logger

      protected static final org.jboss.logging.Logger logger

    • auth

      protected final AdminPermissionEvaluator auth

    • realm

      protected final RealmModel realm

    • session

      protected final KeycloakSession session

    • connection

      protected final ClientConnection connection

    • headers

      protected final jakarta.ws.rs.core.HttpHeaders headers

  • Constructor Details

  • Method Details

    • convertClientDescription

      @Path("client-description-converter") @Consumes({"application/json","application/xml","text/plain"}) @POST @Produces("application/json") public ClientRepresentation convertClientDescription(String description)
      Base path for importing clients under this realm.
      Returns:

    • getAttackDetection

      @Path("attack-detection") public AttackDetectionResource getAttackDetection()
      Base path for managing attack detection.
      Returns:

    • getClients

      @Path("clients") public ClientsResource getClients()
      Base path for managing clients under this realm.
      Returns:

    • getClientTemplates

      @Deprecated @Path("client-templates") public ClientScopesResource getClientTemplates()
      Deprecated.
      This endpoint is deprecated. It's here just because of backwards compatibility. Use getClientScopes() instead
      Returns:

    • getClientScopes

      @Path("client-scopes") public ClientScopesResource getClientScopes()
      Base path for managing client scopes under this realm.
      Returns:

    • getLocalization

      @Path("localization") public RealmLocalizationResource getLocalization()
      Base path for managing localization under this realm.

    • getDefaultDefaultClientScopes

      @GET @Produces("application/json") @Path("default-default-client-scopes") public Stream<ClientScopeRepresentation> getDefaultDefaultClientScopes()
      Get realm default client scopes. Only name and ids are returned.
      Returns:

    • addDefaultDefaultClientScope

      @PUT @Path("default-default-client-scopes/{clientScopeId}") public void addDefaultDefaultClientScope(@PathParam("clientScopeId") String clientScopeId)

    • removeDefaultDefaultClientScope

      @DELETE @Path("default-default-client-scopes/{clientScopeId}") public void removeDefaultDefaultClientScope(@PathParam("clientScopeId") String clientScopeId)

    • getDefaultOptionalClientScopes

      @GET @Produces("application/json") @Path("default-optional-client-scopes") public Stream<ClientScopeRepresentation> getDefaultOptionalClientScopes()
      Get realm optional client scopes. Only name and ids are returned.
      Returns:

    • addDefaultOptionalClientScope

      @PUT @Path("default-optional-client-scopes/{clientScopeId}") public void addDefaultOptionalClientScope(@PathParam("clientScopeId") String clientScopeId)

    • removeDefaultOptionalClientScope

      @DELETE @Path("default-optional-client-scopes/{clientScopeId}") public void removeDefaultOptionalClientScope(@PathParam("clientScopeId") String clientScopeId)

    • getClientInitialAccess

      @Path("clients-initial-access") public ClientInitialAccessResource getClientInitialAccess()
      Base path for managing client initial access tokens
      Returns:

    • getClientRegistrationPolicy

      @Path("client-registration-policy") public ClientRegistrationPolicyResource getClientRegistrationPolicy()

    • getComponents

      @Path("components") public ComponentResource getComponents()
      Base path for managing components under this realm.
      Returns:

    • getRoleContainerResource

      @Path("roles") public RoleContainerResource getRoleContainerResource()
      base path for managing realm-level roles of this realm
      Returns:

    • getRealm

      @GET @Produces("application/json") public RealmRepresentation getRealm()
      Get the top-level representation of the realm It will not include nested information like User and Client representations.
      Returns:

    • updateRealm

      @PUT @Consumes("application/json") public jakarta.ws.rs.core.Response updateRealm(RealmRepresentation rep)
      Update the top-level information of the realm Any user, roles or client information in the representation will be ignored. This will only update top-level attributes of the realm.
      Parameters:
      rep -
      Returns:

    • deleteRealm

      @DELETE public void deleteRealm()
      Delete the realm

    • users

      @Path("users") public UsersResource users()
      Base path for managing users in this realm.
      Returns:

    • getUserMgmtPermissions

      @GET @Produces("application/json") @Path("users-management-permissions") public ManagementPermissionReference getUserMgmtPermissions()

    • setUsersManagementPermissionsEnabled

      @PUT @Produces("application/json") @Consumes("application/json") @Path("users-management-permissions") public ManagementPermissionReference setUsersManagementPermissionsEnabled(ManagementPermissionReference ref)

    • toUsersMgmtRef

      public static ManagementPermissionReference toUsersMgmtRef(AdminPermissionManagement permissions)

    • extension

      @Path("{extension}") public Object extension(@PathParam("extension") String extension)

    • flows

      @Path("authentication") public AuthenticationManagementResource flows()

    • rolesById

      @Path("roles-by-id") public RoleByIdResource rolesById()
      Path for managing all realm-level or client-level roles defined in this realm by its id.
      Returns:

    • pushRevocation

      @Path("push-revocation") @Produces("application/json") @POST public GlobalRequestResult pushRevocation()
      Push the realm's revocation policy to any client that has an admin url associated with it.

    • logoutAll

      @Path("logout-all") @POST @Produces("application/json") public GlobalRequestResult logoutAll()
      Removes all user sessions. Any client that has an admin url will also be told to invalidate any sessions they have.

    • deleteSession

      @Path("sessions/{session}") @DELETE public void deleteSession(@PathParam("session") String sessionId, @DefaultValue("false") @QueryParam("isOffline") boolean offline)
      Remove a specific user session. Any client that has an admin url will also be told to invalidate this particular session.
      Parameters:
      sessionId -

    • getClientSessionStats

      @Path("client-session-stats") @GET @Produces("application/json") public Stream<Map<String,String>> getClientSessionStats()
      Get client session stats Returns a JSON map. The key is the client id, the value is the number of sessions that currently are active with that client. Only clients that actually have a session associated with them will be in this map.
      Returns:

    • getRealmEventsConfig

      @GET @Path("events/config") @Produces("application/json") public RealmEventsConfigRepresentation getRealmEventsConfig()
      Get the events provider configuration Returns JSON object with events provider configuration
      Returns:

    • updateRealmEventsConfig

      @PUT @Path("events/config") @Consumes("application/json") public void updateRealmEventsConfig(RealmEventsConfigRepresentation rep)
      Update the events provider Change the events provider and/or its configuration
      Parameters:
      rep -

    • getEvents

      @Path("events") @GET @Produces("application/json") public Stream<EventRepresentation> getEvents(@QueryParam("type") List<String> types, @QueryParam("client") String client, @QueryParam("user") String user, @QueryParam("dateFrom") String dateFrom, @QueryParam("dateTo") String dateTo, @QueryParam("ipAddress") String ipAddress, @QueryParam("first") Integer firstResult, @QueryParam("max") Integer maxResults)
      Get events Returns all events, or filters them based on URL query parameters listed here
      Parameters:
      types - The types of events to return
      client - App or oauth client name
      user - User id
      ipAddress - IP address
      dateTo - To date
      dateFrom - From date
      firstResult - Paging offset
      maxResults - Maximum results size (defaults to 100)
      Returns:

    • getEvents

      @Path("admin-events") @GET @Produces("application/json") public Stream<AdminEventRepresentation> getEvents(@QueryParam("operationTypes") List<String> operationTypes, @QueryParam("authRealm") String authRealm, @QueryParam("authClient") String authClient, @QueryParam("authUser") String authUser, @QueryParam("authIpAddress") String authIpAddress, @QueryParam("resourcePath") String resourcePath, @QueryParam("dateFrom") String dateFrom, @QueryParam("dateTo") String dateTo, @QueryParam("first") Integer firstResult, @QueryParam("max") Integer maxResults, @QueryParam("resourceTypes") List<String> resourceTypes)
      Get admin events Returns all admin events, or filters events based on URL query parameters listed here
      Parameters:
      operationTypes -
      authRealm -
      authClient -
      authUser - user id
      authIpAddress -
      resourcePath -
      dateTo -
      dateFrom -
      firstResult -
      maxResults - Maximum results size (defaults to 100)
      Returns:

    • clearEvents

      @Path("events") @DELETE public void clearEvents()
      Delete all events

    • clearAdminEvents

      @Path("admin-events") @DELETE public void clearAdminEvents()
      Delete all admin events

    • testSMTPConnection

      @Path("testSMTPConnection") @POST @Consumes("application/x-www-form-urlencoded") @Deprecated public jakarta.ws.rs.core.Response testSMTPConnection(@FormParam("config") String config) throws Exception
      Deprecated.
      Test SMTP connection with current logged in user
      Parameters:
      config - SMTP server configuration
      Returns:
      Throws:
      Exception

    • testSMTPConnection

      @Path("testSMTPConnection") @POST @Consumes("application/json") public jakarta.ws.rs.core.Response testSMTPConnection(Map<String,String> settings) throws Exception
      Throws:
      Exception

    • getIdentityProviderResource

      @Path("identity-provider") public IdentityProvidersResource getIdentityProviderResource()

    • getDefaultGroups

      @GET @Produces("application/json") @Path("default-groups") public Stream<GroupRepresentation> getDefaultGroups()
      Get group hierarchy. Only name and ids are returned.
      Returns:

    • addDefaultGroup

      @PUT @Path("default-groups/{groupId}") public void addDefaultGroup(@PathParam("groupId") String groupId)

    • removeDefaultGroup

      @DELETE @Path("default-groups/{groupId}") public void removeDefaultGroup(@PathParam("groupId") String groupId)

    • getGroups

      @Path("groups") public GroupsResource getGroups()

    • getGroupByPath

      @GET @Path("group-by-path/{path: .*}") @Produces("application/json") public GroupRepresentation getGroupByPath(@PathParam("path") List<jakarta.ws.rs.core.PathSegment> pathSegments)

    • partialImport

      @Path("partialImport") @POST @Produces("application/json") @Consumes("application/json") public jakarta.ws.rs.core.Response partialImport(InputStream requestBody)
      Partial import from a JSON file to an existing realm.

    • partialExport

      @Path("partial-export") @Produces("application/json") @POST public jakarta.ws.rs.core.Response partialExport(@QueryParam("exportGroupsAndRoles") Boolean exportGroupsAndRoles, @QueryParam("exportClients") Boolean exportClients)
      Partial export of existing realm into a JSON file.
      Parameters:
      exportGroupsAndRoles -
      exportClients -
      Returns:

    • keys

      @Path("keys") public KeyResource keys()

    • getCredentialRegistrators

      @GET @Path("credential-registrators") @Produces("application/json") public Stream<String> getCredentialRegistrators()

    • getClientPoliciesResource

      @Path("client-policies/policies") public ClientPoliciesResource getClientPoliciesResource()

    • getClientProfilesResource

      @Path("client-policies/profiles") public ClientProfilesResource getClientProfilesResource()