This is a php client to connect to keycloak admin rest apis with no headache.
Features:
1- Easy to use
2- No need to get token or generate it it's already handled by the client
3- No need to specify any urls other than the base uri
4- No encode/decode for json just data as you expect
works with Keycloak 7.0 admin rest api
https://www.keycloak.org/docs-api/7.0/rest-api/index.html
1- Create new client
$client = Keycloak\Admin\KeycloakClient::factory([
'realm'=>'master',
'username'=>'admin',
'password'=>'1234',
'client_id'=>'admin-cli',
'baseUri'=>'http://127.0.0.1:8180'
]);2- Use it
$client->getUsers();
//Result
// Array of users
/*
[
[
"id" => "39839a9b-de08-4d2c-b91a-a6ce2595b1f3",
"createdTimestamp" => 1571663375749,
"username" => "admin",
"enabled" => true,
"totp" => false,
"emailVerified" => false,
"disableableCredentialTypes" => [
"password",
],
"requiredActions" => [],
"notBefore" => 0,
"access" => [
"manageGroupMembership" => true,
"view" => true,
"mapRoles" => true,
"impersonate" => true,
"manage" => true,
],
],
]
*/
$client->createUser([
'username'=>'test',
'email'=>'test@test.com',
'enabled'=>true,
'credentials'=>[
[
'type'=>'password',
'value'=>'1234'
]
]
]);
| API |
Function Name |
Supported |
| Clear any user login failures for all users This can release temporary disabled users |
clearAllLoginFailures |
✔️ |
| Get status of a username in brute force detection |
getBruteForceUserStatus |
✔️ |
| Clear any user login failures for the user This can release temporary disabled user |
clearUserLoginFailures |
✔️ |
| API |
Function Name |
Supported |
| Get authenticator providers Returns a list of authenticator providers. |
getAuthenticatorProviders |
✔️ |
| Get client authenticator providers Returns a list of client authenticator providers. |
getClientAuthenticatorProviders |
✔️ |
| Get authenticator provider’s configuration description |
getAuthenticatorConfigInfo |
✔️ |
| Get authenticator configuration |
getAuthenticatorConfig |
✔️ |
| Update authenticator configuration |
updateAuthenticatorConfig |
✔️ |
| Delete authenticator configuration |
deleteAuthenticatorConfig |
✔️ |
| Add new authentication execution |
createAuthenticationExecution |
✔️ |
| Get Single Execution |
getAuthenticationExecution |
✔️ |
| Delete execution |
deleteAuthenticationExecution |
✔️ |
| Update execution with new configuration |
updateAuthenticationExecution |
✔️ |
| Lower execution’s priority |
lowerAuthenticationExecutionPriority |
✔️ |
| Raise execution’s priority |
raiseAuthenticationExecutionPriority |
✔️ |
| Create a new authentication flow |
createAuthenticationFlow |
✔️ |
| Get authentication flows Returns a list of authentication flows. |
getAuthenticationFlows |
✔️ |
| Copy existing authentication flow under a new name The new name is given as 'newName' attribute of the passed JSON object |
copyAuthenticationFlow |
✔️ |
| Get authentication executions for a flow |
getAuthenticationFlowExecutions |
✔️ |
| Update authentication executions for a flow |
updateAuthenticationFlowExecutions |
✔️ |
| Add new authentication execution to a flow |
createAuthenticationFlowExecution |
✔️ |
| Add new flow with new execution to existing flow |
addAuthenticationFlowExecution |
✔️ |
| Get authentication flow for id |
getAuthenticationFlow |
✔️ |
| Update authentication flow for id |
updateAuthenticationFlow |
✔️ |
| Delete an authentication flow |
deleteAuthenticationFlow |
✔️ |
| Get form action providers Returns a list of form action providers. |
getFormActionProviders |
✔️ |
| Get form providers Returns a list of form providers. |
getFormProviders |
✔️ |
| Get configuration descriptions for all clients |
getClientsConfigDescriptions |
✔️ |
| Register a new required actions |
createRequiredAction |
✔️ |
| Get required actions Returns a list of required actions. |
getRequiredActions |
✔️ |
| Get required action for alias |
getAliasRequiredAction |
✔️ |
| Update required action |
updateRequiredAction |
✔️ |
| Delete required action |
deleteRequiredAction |
✔️ |
| Lower required action’s priority |
lowerRequiredActionPriority |
✔️ |
| Raise required action’s priority |
raiseRequiredActionPriority |
✔️ |
| Get unregistered required actions Returns a list of unregistered required actions. |
getUnregisteredRequiredActions |
✔️ |
| API |
Function Name |
Supported |
| Get key info (try with attr = "jwt.credential") |
getClientKeyInfo |
✔️ |
| Get a keystore file for the client, containing private key and public certificate (note: write response content to a file) |
getClientKeyStore |
✔️ |
| Generate a new certificate with new key pair |
generateClientCertificate |
✔️ |
| Generate a new keypair and certificate, and get the private key file Generates a keypair and certificate and serves the private key in a specified keystore format. |
generateDownloadClientCertificate |
✔️ |
| Upload certificate and eventually private key |
uploadClientCertificateAndPrivateKey |
✔️ |
| Upload only certificate, not private key |
uploadClientCertificateOnly |
✔️ |
| API |
Function Name |
Supported |
| Create a new initial access token. |
createClientInitialAccessToken |
✔️ |
| GET /{realm}/clients-initial-access |
getClientInitialAccessTokens |
✔️ |
| DELETE /{realm}/clients-initial-access/{id} |
deleteClientInitialAccessToken |
✔️ |
| API |
Function Name |
Supported |
| Base path for retrieve providers with the configProperties properly filled |
getClientRegistrationPolicyProviders |
✔️ |
| API |
Function Name |
Supported |
| Add client-level roles to the group role mapping |
addGroupClientRoleMappings |
✔️ |
| Get client-level role mappings for the group, and the app |
getGroupClientRoleMappings |
✔️ |
| Delete client-level roles from group role mapping |
deleteGroupClientRoleMappings |
✔️ |
| Get available client-level roles that can be mapped to the group |
getAvailableGroupClientRoleMappings |
✔️ |
| Get effective client-level role mappings This recurses any composite roles for groups |
getGroupClientRoleMappingsWithComposite |
✔️ |
| Add client-level roles to the user role mapping |
addUserClientRoleMappings |
✔️ |
| Get client-level role mappings for the user, and the app |
getUserClientRoleMappings |
✔️ |
| Delete client-level roles from user role mapping |
deleteUserClientRoleMappings |
✔️ |
| Get available client-level roles that can be mapped to the user |
getAvailableUserClientRoleMappings |
✔️ |
| Get effective client-level role mappings This recurses any composite roles for users |
getUserClientRoleMappingsWithComposite |
✔️ |
| API |
Function Name |
Supported |
| Create a new client scope Client Scope’s name must be unique! |
createClientScope |
✔️ |
| Get client scopes belonging to the realm Returns a list of client scopes belonging to the realm |
getClientScopes |
✔️ |
| Get representation of the client scope |
getClientScope |
✔️ |
| Update the client scope |
updateClientScope |
✔️ |
| Delete the client scope |
deleteClientScope |
✔️ |
| API |
Function Name |
Supported |
| Create a new client Client’s client_id must be unique! |
createClient |
✔️ |
| Get clients belonging to the realm Returns a list of clients belonging to the realm |
getClients |
✔️ |
| Get representation of the client |
getClient |
✔️ |
| Update the client |
updateClient |
✔️ |
| Delete the client |
deleteClient |
✔️ |
| Generate a new secret for the client |
generateClientSecret |
✔️ |
| Get the client secret |
getClientSecret |
✔️ |
| Get default client scopes. |
getClientDefaultScopes |
✔️ |
| Set client scope as default scope |
setClientScopeAsDefault |
✔️ |
| Remove client scope from default scopes |
removeClientScopeAsDefault |
✔️ |
| Create JSON with payload of example access token |
getClientExampleAccessToken |
✔️ |
| Return list of all protocol mappers, which will be used when generating tokens issued for particular client. |
getClientProtocolMappers |
✔️ |
| Get effective scope mapping of all roles of particular role container, which this client is defacto allowed to have in the accessToken issued for him. |
getClientAllowedRoleMappingsInContainer |
✔️ |
| Get roles, which this client doesn’t have scope for and can’t have them in the accessToken issued for him. |
getClientNotAllowedRoleMappingsInContainer |
✔️ |
| Generate client adapter configuration takes one of these (keycloak-oidc-keycloak-json, keycloak-oidc-jboss-subsystem-cli, keycloak-oidc-jboss-subsystem, keycloak-saml, keycloak-saml-subsystem-cli, keycloak-saml-subsystem) |
getClientInstallationConfiguration |
✔️ |
| Return object stating whether client Authorization permissions have been initialized or not and a reference |
getClientAuthorizationPermissionsStatus |
✔️ |
| Update client Authorization permissions initialization and a reference |
updateClientAuthorizationPermissionsStatus |
✔️ |
| Register a cluster node with the client Manually register cluster node to this client - usually it’s not needed to call this directly as adapter should handle by sending registration request to Keycloak |
registerClientClusterNode |
✔️ |
| Unregister a cluster node from the client |
unregisterClientClusterNode |
✔️ |
| Get application offline session count Returns a number of offline user sessions associated with this client { "count": number } |
getClientOfflineSessionsCount |
✔️ |
| Get offline sessions for client Returns a list of offline user sessions associated with this client |
getClientOfflineSessions |
✔️ |
| Get optional client scopes. |
getClientOptionalScopes |
✔️ |
| Assign client optional scope |
assignClientOptionalScope |
✔️ |
| remove client optional scope assignment |
unassignClientOptionalScope |
✔️ |
| Push the client’s revocation policy to its admin URL If the client has an admin URL, push revocation policy to it. |
pushClientRevocationPolicy |
✔️ |
| Generate a new registration access token for the client |
generateClientRegistrationToken |
✔️ |
| Get a user dedicated to the service account |
getServiceAccountDedicatedUser |
✔️ |
| Get application session count Returns a number of user sessions associated with this client { "count": number } |
getClientSessionsCount |
✔️ |
| Test if registered cluster nodes are available Tests availability by sending 'ping' request to all cluster nodes. |
testClientNodesAvailability |
✔️ |
| Get user sessions for client Returns a list of user sessions associated with this client |
getClientSessions |
✔️ |
| API |
Function Name |
Supported |
| Create new component |
createComponent |
✔️ |
| Get components |
getComponents |
✔️ |
| Get component |
getComponent |
✔️ |
| Update component |
updateComponent |
✔️ |
| Delete component |
deleteComponent |
✔️ |
| List of subcomponent types that are available to configure for a particular parent component. |
getComponentSubTypes |
✔️ |
| API |
Function Name |
Supported |
| create or add a top level realm groupSet or create child. |
createGroup |
✔️ |
| Get group hierarchy. |
getGroups |
✔️ |
| Returns the groups counts. |
getGroupsCount |
✔️ |
| Get Group |
getGroup |
✔️ |
| Update group, ignores subgroups. |
updateGroup |
✔️ |
| Delete Group |
removeGroup |
✔️ |
| Set or create child. |
createChildGroup |
✔️ |
| Return object stating whether client Authorization permissions have been initialized or not and a reference |
getGroupManagementPermissions |
✔️ |
| Return object stating whether client Authorization permissions have been initialized or not and a reference |
updateGroupManagementPermissions |
✔️ |
| Get users Returns a list of users, filtered according to query parameters |
getGroupMembers |
✔️ |
| API |
Function Name |
Supported |
| Import identity provider from uploaded JSON file |
importIdentityProvider |
✔️ |
| Create a new identity provider |
createIdentityProvider |
✔️ |
| Get identity providers |
getIdentityProviders |
✔️ |
| Get the identity provider |
getIdentityProvider |
✔️ |
| Update the identity provider |
updateIdentityProvider |
✔️ |
| Delete the identity provider |
deleteIdentityProvider |
✔️ |
| Export public broker configuration for identity provider |
exportIdentityProviderBrokerConfig |
✔️ |
| Return object stating whether client Authorization permissions have been initialized or not and a reference |
getIdentityProviderManagementPermissions |
✔️ |
| Return object stating whether client Authorization permissions have been initialized or not and a reference |
updateIdentityProviderManagementPermissions |
✔️ |
| Get mapper types for identity provider (Keycloak gives exception report it) |
getIdentityProviderMapperTypes |
✔️ |
| Add a mapper to identity provider |
createIdentityProviderMapper |
✔️ |
| Get mappers for identity provider |
getIdentityProviderMappers |
✔️ |
| Get mapper by id for the identity provider |
getIdentityProviderMapper |
✔️ |
| Update a mapper for the identity provider (not working for some reason gives Null Pointer Exception) |
updateIdentityProviderMapper |
✔️ |
| Delete a mapper for the identity provider |
deleteIdentityProviderMapper |
✔️ |
| Get identity providers |
getIdentityProviderById |
✔️ |
| API |
Function Name |
Supported |
| Get Realm keys |
getRealmKeys |
✔️ |
Note: Ids are sent as clientScopeId or clientId and mapperId everything else is just as the keycloak documentation
| API |
Function Name |
Supported |
| Create multiple mappers |
createClientScopeProtocolMappers |
✔️ |
| Create a mapper |
createClientScopeProtocolMapper |
✔️ |
| Get mappers |
getClientScopeProtocolMappers |
✔️ |
| Get mapper by id |
getClientScopeProtocolMapperById |
✔️ |
| Update the mapper |
updateClientScopeProtocolMapper |
✔️ |
| Delete the mapper |
deleteClientScopeProtocolMapper |
✔️ |
| Get mappers by name for a specific protocol |
getClientScopeProtocolMappersByProtocolName |
✔️ |
| Create multiple mappers |
createClientProtocolMappers |
✔️ |
| Create a mapper |
createClientProtocolMapper |
✔️ |
| Get mappers |
getClientProtocolMappers |
✔️ |
| Get mapper by id |
getClientProtocolMapperById |
✔️ |
| Update the mapper |
updateClientProtocolMapper |
✔️ |
| Delete the mapper |
deleteClientProtocolMapper |
✔️ |
| Get mappers by name for a specific protocol |
getClientProtocolMappersByProtocolName |
✔️ |
| API |
Function Name |
Supported |
| Import a realm Imports a realm from a full representation of that realm. |
importRealm |
✔️ |
| Get the top-level representation of the realm It will not include nested information like User and Client representations. |
getRealm |
✔️ |
| Update the top-level information of the realm Any user, roles or client information in the representation will be ignored. |
updateRealm |
✔️ |
| Delete the realm |
deleteRealm |
✔️ |
| Get admin events Returns all admin events, or filters events based on URL query parameters listed here |
getAdminEvents |
✔️ |
| Delete all admin events |
deleteAdminEvents |
✔️ |
| Clear cache of external public keys (Public keys of clients or Identity providers) |
clearExternalPublicKeysCache |
✔️ |
| Clear realm cache |
clearRealmCache |
✔️ |
| Clear user cache |
clearUserCache |
✔️ |
| Base path for importing clients under this realm. |
importClient |
✔️ |
| Get client session stats Returns a JSON map. |
getClientsSessionStats |
✔️ |
| GET /{realm}/credential-registrators |
getCredentialRegistrators |
✔️ |
| Get realm default client scopes. |
getDefaultClientScopes |
✔️ |
| PUT /{realm}/default-default-client-scopes/{clientScopeId} |
setScopeAsDefaultClientScope |
✔️ |
| DELETE /{realm}/default-default-client-scopes/{clientScopeId} |
unsetScopeAsDefaultClientScope |
✔️ |
| Get group hierarchy. |
getDefaultGroupHierarchy |
✔️ |
| PUT /{realm}/default-groups/{groupId} |
setGroupAsDefaultGroup |
✔️ |
| DELETE /{realm}/default-groups/{groupId} |
unsetGroupAsDefaultGroup |
✔️ |
| Get realm optional client scopes. |
getOptionalClientScopes |
✔️ |
| PUT /{realm}/default-optional-client-scopes/{clientScopeId} |
setScopeAsOptionalClientScope |
✔️ |
| DELETE /{realm}/default-optional-client-scopes/{clientScopeId} |
unsetScopeAsOptionalClientScope |
✔️ |
| Get events Returns all events, or filters them based on URL query parameters listed here |
getAllEvents |
✔️ |
| Delete all events |
deleteAllEvents |
✔️ |
| Get the events provider configuration Returns JSON object with events provider configuration |
getEventsConfig |
✔️ |
| Update the events provider Change the events provider and/or its configuration |
updateEventsConfig |
✔️ |
| Get user group by path |
getGroupByPath |
✔️ |
| Removes all user sessions. (Keycloak throws an exception when this one is called) |
logoutAllUsers |
❌ |
| Partial export of existing realm into a JSON file. |
partialExportRealm |
✔️ |
| Partial import from a JSON file to an existing realm. |
partialImportRealm |
✔️ |
| Push the realm’s revocation policy to any client that has an admin url associated with it. (Keycloak throws an exception when this one is called) |
pushRevocationPolicy |
❌ |
| Remove a specific user session. |
revokeUserSession |
✔️ |
| Test LDAP connection |
testLDAPConnection |
✔️ |
| Test SMTP connection with current logged in user |
testSMTPConnection |
✔️ |
| Get User Management Permissions |
getUserManagementPermissions |
✔️ |
| Update User Management Permissions |
updateUserManagementPermissions |
✔️ |
| API |
Function Name |
Supported |
| Get role mappings |
getGroupRoleMappings |
✔️ |
| Add realm-level role mappings to the group |
addGlobalRolesToGroup |
✔️ |
| Get realm-level role mappings |
getGroupRealmRoleMappings |
✔️ |
| Delete realm-level role mappings |
deleteGroupRealmRoleMappings |
✔️ |
| Get realm-level roles that can be mapped |
getAvailableGroupRealmRoleMappings |
✔️ |
| Get effective realm-level role mappings This will recurse all composite roles to get the result. |
getEffectiveGroupRealmRoleMappings |
✔️ |
| Get role mappings |
getUserRoleMappings |
✔️ |
| Add realm-level role mappings to the user |
addGlobalRolesToUser |
✔️ |
| Get realm-level role mappings |
getUserRealmRoleMappings |
✔️ |
| Delete realm-level role mappings |
deleteUserRealmRoleMappings |
✔️ |
| Get realm-level roles that can be mapped |
getAvailableUserRealmRoleMappings |
✔️ |
| Get effective realm-level role mappings This will recurse all composite roles to get the result. |
getEffectiveUserRealmRoleMappings |
✔️ |
| API |
Function Name |
Supported |
| Create a new role for the realm or client (Client Specific) |
createClientRole |
✔️ |
| Get all roles for the realm or client (Client Specific) |
getClientRoles |
✔️ |
| Get a role by name (Client Specific) |
getClientRole |
✔️ |
| Update a role by name (Client Specific) |
updateClientRole |
✔️ |
| Delete a role by name (Client Specific) |
deleteClientRole |
✔️ |
| Add a composite to the role (Client Specific) |
addCompositeRoleToClientRole |
✔️ |
| Get composites of the role (Client Specific) |
getClientRoleCompositeRoles |
✔️ |
| Remove roles from the role’s composite (Client Specific) |
deleteCompositeRoleFromClientRole |
✔️ |
| An app-level roles for the specified app for the role’s composite (Client Specific) |
getClientRoleCompositeRolesForClient |
✔️ |
| Get realm-level roles of the role’s composite (Client Specific) |
getClientRoleCompositeRolesForRealm |
✔️ |
| Return List of Groups that have the specified role name (Client Specific) |
getClientRoleGroups |
✔️ |
| Return object stating whether role Authoirzation permissions have been initialized or not and a reference (Client Specific) |
getClientRoleManagementPermissions |
✔️ |
| Update object stating whether role Authoirzation permissions have been initialized or not and a reference (Client Specific) |
updateClientRoleManagementPermissions |
✔️ |
| Return List of Users that have the specified role name (Client Specific) |
getClientRoleUsers |
✔️ |
| Create a new role for the realm or client |
createRealmRole |
✔️ |
| Get all roles for the realm or client |
getRealmRoles |
✔️ |
| Get a role by name |
getRealmRole |
✔️ |
| Update a role by name |
updateRealmRole |
✔️ |
| Delete a role by name |
deleteRealmRole |
✔️ |
| Add a composite to the role |
addCompositeRoleToRealmRole |
✔️ |
| Get composites of the role |
getRealmRoleCompositeRoles |
✔️ |
| Remove roles from the role’s composite |
deleteCompositeRoleFromRealmRole |
✔️ |
| An app-level roles for the specified app for the role’s composite |
getRealmRoleCompositeRolesForClient |
✔️ |
| Get realm-level roles of the role’s composite |
getRealmRoleCompositeRolesForRealm |
✔️ |
| Return List of Groups that have the specified role name |
getRealmRoleGroups |
✔️ |
| Return object stating whether role Authoirzation permissions have been initialized or not and a reference |
getRealmRoleManagementPermissions |
✔️ |
| Update object stating whether role Authoirzation permissions have been initialized or not and a reference |
updateRealmRoleManagementPermissions |
✔️ |
| Return List of Users that have the specified role name |
getRealmRoleUsers |
✔️ |
| API |
Function Name |
Supported |
| Get a specific role’s representation |
getRealmRoleById |
✔️ |
| Update the role |
updateRealmRoleById |
✔️ |
| Delete the role |
deleteRealmRoleById |
✔️ |
| Make the role a composite role by associating some child roles |
addCompositeRoleToRealmRoleByRoleId |
✔️ |
| Get role’s children Returns a set of role’s children provided the role is a composite. |
getRealmRoleCompositeRolesByRoleId |
✔️ |
| Remove a set of roles from the role’s composite |
deleteCompositeRoleFromRealmRoleByRoleId |
✔️ |
| Get client-level roles for the client that are in the role’s composite |
getRealmRoleCompositeRolesForClientByRoleId |
✔️ |
| Get realm-level roles that are in the role’s composite |
getRealmRoleCompositeRolesForRealmByRoleId |
✔️ |
| Return object stating whether role Authoirzation permissions have been initialized or not and a reference |
getRealmRoleManagementPermissionsByRoleId |
✔️ |
| Return object stating whether role Authoirzation permissions have been initialized or not and a reference |
updateRealmRoleManagementPermissionsByRoleId |
✔️ |
| API |
Function Name |
Supported |
| Get all scope mappings for the client |
|
❌ |
| Add client-level roles to the client’s scope |
|
❌ |
| Get the roles associated with a client’s scope Returns roles for the client. |
|
❌ |
| Remove client-level roles from the client’s scope. |
|
❌ |
| The available client-level roles Returns the roles for the client that can be associated with the client’s scope |
|
❌ |
| Get effective client roles Returns the roles for the client that are associated with the client’s scope. |
|
❌ |
| Add a set of realm-level roles to the client’s scope |
|
❌ |
| Get realm-level roles associated with the client’s scope |
|
❌ |
| Remove a set of realm-level roles from the client’s scope |
|
❌ |
| Get realm-level roles that are available to attach to this client’s scope |
|
❌ |
| Get effective realm-level roles associated with the client’s scope What this does is recurse any composite roles associated with the client’s scope and adds the roles to this lists. |
|
❌ |
| Get all scope mappings for the client |
|
❌ |
| Add client-level roles to the client’s scope |
|
❌ |
| Get the roles associated with a client’s scope Returns roles for the client. |
|
❌ |
| Remove client-level roles from the client’s scope. |
|
❌ |
| The available client-level roles Returns the roles for the client that can be associated with the client’s scope |
|
❌ |
| Get effective client roles Returns the roles for the client that are associated with the client’s scope. |
|
❌ |
| Add a set of realm-level roles to the client’s scope |
|
❌ |
| Get realm-level roles associated with the client’s scope |
|
❌ |
| Remove a set of realm-level roles from the client’s scope |
|
❌ |
| Get realm-level roles that are available to attach to this client’s scope |
|
❌ |
| Get effective realm-level roles associated with the client’s scope What this does is recurse any composite roles associated with the client’s scope and adds the roles to this lists. |
|
❌ |
| API |
Function Name |
Supported |
| Need this for admin console to display simple name of provider when displaying client detail KEYCLOAK-4328 |
|
❌ |
| Need this for admin console to display simple name of provider when displaying user detail KEYCLOAK-4328 |
|
❌ |
| Remove imported users |
|
❌ |
| Trigger sync of users Action can be "triggerFullSync" or "triggerChangedUsersSync" |
|
❌ |
| Unlink imported users from a storage provider |
|
❌ |
| Trigger sync of mapper data related to ldap mapper (roles, groups, …) direction is "fedToKeycloak" or "keycloakToFed" |
|
❌ |
| API |
Function Name |
Supported |
| Create a new user Username must be unique. |
createUser |
✔️ |
| Get users Returns a list of users, filtered according to query parameters |
getUsers |
✔️ |
| GET /{realm}/users/count |
|
❌ |
| Get representation of the user |
getUser |
️️️✔️ |
| Update the user |
updateUser |
️️️✔️ |
| Delete the user |
deleteUser |
️️️✔️ |
| Get consents granted by the user |
|
❌ |
| Revoke consent and offline tokens for particular client from user |
|
❌ |
| Disable all credentials for a user of a specific type |
|
❌ |
| Send a update account email to the user An email contains a link the user can click to perform a set of required actions. |
|
❌ |
| Get social logins associated with the user |
|
❌ |
| Add a social login provider to the user |
|
❌ |
| Remove a social login provider from user |
|
❌ |
| GET /{realm}/users/{id}/groups |
getUserGroups |
✔️ |
| GET /{realm}/users/{id}/groups/count |
getUserGroupsCount |
✔️ |
| PUT /{realm}/users/{id}/groups/{groupId} |
addUserToGroup |
✔️ |
| DELETE /{realm}/users/{id}/groups/{groupId} |
deleteUserFromGroup |
✔️ |
| Impersonate the user |
|
❌ |
| Remove all user sessions associated with the user Also send notification to all clients that have an admin URL to invalidate the sessions for the particular user. |
|
❌ |
| Get offline sessions associated with the user and client |
|
❌ |
| Remove TOTP from the user |
|
❌ |
| Set up a new password for the user. |
|
❌ |
| Send an email-verification email to the user An email contains a link the user can click to verify their email address. |
|
❌ |
| Get sessions associated with the user |
|
❌ |
| API |
Function Name |
Supported |
| Get themes, social providers, auth providers, and event listeners available on this server |
|
❌ |
| CORS preflight |
|
❌ |
