@lap v0.3 # Machine-readable API spec. Each @endpoint block is one API call. @api Keycloak Admin REST API @version 1 @auth Bearer bearer @endpoints 281 @hint download_for_search @toc root(2), {id}(1), {realm}(278) @group root @endpoint GET / @returns(2XX) {builtinProtocolMappers: map, clientImporters: [map], clientInstallations: map, componentTypes: map, enums: map, identityProviders: [map], memoryInfo: map{free: int(int64), freeFormated: str, freePercentage: int(int64), total: int(int64), totalFormated: str, used: int(int64), usedFormated: str}, passwordPolicies: [map], profileInfo: map{disabledFeatures: [str], experimentalFeatures: [str], name: str, previewFeatures: [str]}, protocolMapperTypes: map, providers: map, socialProviders: [map], systemInfo: map{fileEncoding: str, javaHome: str, javaRuntime: str, javaVendor: str, javaVersion: str, javaVm: str, javaVmVersion: str, osArchitecture: str, osName: str, osVersion: str, serverTime: str, uptime: str, uptimeMillis: int(int64), userDir: str, userLocale: str, userName: str, userTimezone: str, version: str}, themes: map} @endpoint POST / @optional {accessCodeLifespan: int(int32), accessCodeLifespanLogin: int(int32), accessCodeLifespanUserAction: int(int32), accessTokenLifespan: int(int32), accessTokenLifespanForImplicitFlow: int(int32), accountTheme: str, actionTokenGeneratedByAdminLifespan: int(int32), actionTokenGeneratedByUserLifespan: int(int32), adminEventsDetailsEnabled: bool, adminEventsEnabled: bool, adminTheme: str, attributes: map, authenticationFlows: [map{alias: str, authenticationExecutions: [map], builtIn: bool, description: str, id: str, providerId: str, topLevel: bool}], authenticatorConfig: [map{alias: str, config: map, id: str}], browserFlow: str, browserSecurityHeaders: map, bruteForceProtected: bool, clientAuthenticationFlow: str, clientScopeMappings: map, clientScopes: [map{attributes: map, description: str, id: str, name: str, protocol: str, protocolMappers: [map]}], clientSessionIdleTimeout: int(int32), clientSessionMaxLifespan: int(int32), clients: [map{access: map, adminUrl: str, alwaysDisplayInConsole: bool, attributes: map, authenticationFlowBindingOverrides: map, authorizationServicesEnabled: bool, authorizationSettings: map, baseUrl: str, bearerOnly: bool, clientAuthenticatorType: str, clientId: str, consentRequired: bool, defaultClientScopes: [str], defaultRoles: [str], description: str, directAccessGrantsEnabled: bool, enabled: bool, frontchannelLogout: bool, fullScopeAllowed: bool, id: str, implicitFlowEnabled: bool, name: str, nodeReRegistrationTimeout: int(int32), notBefore: int(int32), optionalClientScopes: [str], origin: str, protocol: str, protocolMappers: [map], publicClient: bool, redirectUris: [str], registeredNodes: map, registrationAccessToken: str, rootUrl: str, secret: str, serviceAccountsEnabled: bool, standardFlowEnabled: bool, surrogateAuthRequired: bool, webOrigins: [str]}], components: map{empty: bool, loadFactor: num(float), threshold: int(int32)}, defaultDefaultClientScopes: [str], defaultGroups: [str], defaultLocale: str, defaultOptionalClientScopes: [str], defaultRoles: [str], defaultSignatureAlgorithm: str, directGrantFlow: str, displayName: str, displayNameHtml: str, dockerAuthenticationFlow: str, duplicateEmailsAllowed: bool, editUsernameAllowed: bool, emailTheme: str, enabled: bool, enabledEventTypes: [str], eventsEnabled: bool, eventsExpiration: int(int64), eventsListeners: [str], failureFactor: int(int32), federatedUsers: [map{access: map, attributes: map, clientConsents: [map], clientRoles: map, createdTimestamp: int(int64), credentials: [map], disableableCredentialTypes: [str], email: str, emailVerified: bool, enabled: bool, federatedIdentities: [map], federationLink: str, firstName: str, groups: [str], id: str, lastName: str, notBefore: int(int32), origin: str, realmRoles: [str], requiredActions: [str], self: str, serviceAccountClientId: str, username: str}], groups: [map{access: map, attributes: map, clientRoles: map, id: str, name: str, path: str, realmRoles: [str], subGroups: [map]}], id: str, identityProviderMappers: [map{config: map, id: str, identityProviderAlias: str, identityProviderMapper: str, name: str}], identityProviders: [map{addReadTokenRoleOnCreate: bool, alias: str, config: map, displayName: str, enabled: bool, firstBrokerLoginFlowAlias: str, internalId: str, linkOnly: bool, postBrokerLoginFlowAlias: str, providerId: str, storeToken: bool, trustEmail: bool}], internationalizationEnabled: bool, keycloakVersion: str, loginTheme: str, loginWithEmailAllowed: bool, maxDeltaTimeSeconds: int(int32), maxFailureWaitSeconds: int(int32), minimumQuickLoginWaitSeconds: int(int32), notBefore: int(int32), offlineSessionIdleTimeout: int(int32), offlineSessionMaxLifespan: int(int32), offlineSessionMaxLifespanEnabled: bool, otpPolicyAlgorithm: str, otpPolicyDigits: int(int32), otpPolicyInitialCounter: int(int32), otpPolicyLookAheadWindow: int(int32), otpPolicyPeriod: int(int32), otpPolicyType: str, otpSupportedApplications: [str], passwordPolicy: str, permanentLockout: bool, protocolMappers: [map{config: map, id: str, name: str, protocol: str, protocolMapper: str}], quickLoginCheckMilliSeconds: int(int64), realm: str, refreshTokenMaxReuse: int(int32), registrationAllowed: bool, registrationEmailAsUsername: bool, registrationFlow: str, rememberMe: bool, requiredActions: [map{alias: str, config: map, defaultAction: bool, enabled: bool, name: str, priority: int(int32), providerId: str}], resetCredentialsFlow: str, resetPasswordAllowed: bool, revokeRefreshToken: bool, roles: map{client: map, realm: [map]}, scopeMappings: [map{client: str, clientScope: str, roles: [str], self: str}], smtpServer: map, sslRequired: str, ssoSessionIdleTimeout: int(int32), ssoSessionIdleTimeoutRememberMe: int(int32), ssoSessionMaxLifespan: int(int32), ssoSessionMaxLifespanRememberMe: int(int32), supportedLocales: [str], userFederationMappers: [map{config: map, federationMapperType: str, federationProviderDisplayName: str, id: str, name: str}], userFederationProviders: [map{changedSyncPeriod: int(int32), config: map, displayName: str, fullSyncPeriod: int(int32), id: str, lastSync: int(int32), priority: int(int32), providerName: str}], userManagedAccessAllowed: bool, users: [map{access: map, attributes: map, clientConsents: [map], clientRoles: map, createdTimestamp: int(int64), credentials: [map], disableableCredentialTypes: [str], email: str, emailVerified: bool, enabled: bool, federatedIdentities: [map], federationLink: str, firstName: str, groups: [str], id: str, lastName: str, notBefore: int(int32), origin: str, realmRoles: [str], requiredActions: [str], self: str, serviceAccountClientId: str, username: str}], verifyEmail: bool, waitIncrementSeconds: int(int32), webAuthnPolicyAcceptableAaguids: [str], webAuthnPolicyAttestationConveyancePreference: str, webAuthnPolicyAuthenticatorAttachment: str, webAuthnPolicyAvoidSameAuthenticatorRegister: bool, webAuthnPolicyCreateTimeout: int(int32), webAuthnPolicyPasswordlessAcceptableAaguids: [str], webAuthnPolicyPasswordlessAttestationConveyancePreference: str, webAuthnPolicyPasswordlessAuthenticatorAttachment: str, webAuthnPolicyPasswordlessAvoidSameAuthenticatorRegister: bool, webAuthnPolicyPasswordlessCreateTimeout: int(int32), webAuthnPolicyPasswordlessRequireResidentKey: str, webAuthnPolicyPasswordlessRpEntityName: str, webAuthnPolicyPasswordlessRpId: str, webAuthnPolicyPasswordlessSignatureAlgorithms: [str], webAuthnPolicyPasswordlessUserVerificationRequirement: str, webAuthnPolicyRequireResidentKey: str, webAuthnPolicyRpEntityName: str, webAuthnPolicyRpId: str, webAuthnPolicySignatureAlgorithms: [str], webAuthnPolicyUserVerificationRequirement: str} @returns(2XX) @endgroup @group {id} @endpoint GET /{id}/name @returns(2XX) @endgroup @group {realm} @endpoint GET /{realm} @returns(2XX) {accessCodeLifespan: int(int32), accessCodeLifespanLogin: int(int32), accessCodeLifespanUserAction: int(int32), accessTokenLifespan: int(int32), accessTokenLifespanForImplicitFlow: int(int32), accountTheme: str, actionTokenGeneratedByAdminLifespan: int(int32), actionTokenGeneratedByUserLifespan: int(int32), adminEventsDetailsEnabled: bool, adminEventsEnabled: bool, adminTheme: str, attributes: map, authenticationFlows: [map], authenticatorConfig: [map], browserFlow: str, browserSecurityHeaders: map, bruteForceProtected: bool, clientAuthenticationFlow: str, clientScopeMappings: map, clientScopes: [map], clientSessionIdleTimeout: int(int32), clientSessionMaxLifespan: int(int32), clients: [map], components: map{empty: bool, loadFactor: num(float), threshold: int(int32)}, defaultDefaultClientScopes: [str], defaultGroups: [str], defaultLocale: str, defaultOptionalClientScopes: [str], defaultRoles: [str], defaultSignatureAlgorithm: str, directGrantFlow: str, displayName: str, displayNameHtml: str, dockerAuthenticationFlow: str, duplicateEmailsAllowed: bool, editUsernameAllowed: bool, emailTheme: str, enabled: bool, enabledEventTypes: [str], eventsEnabled: bool, eventsExpiration: int(int64), eventsListeners: [str], failureFactor: int(int32), federatedUsers: [map], groups: [map], id: str, identityProviderMappers: [map], identityProviders: [map], internationalizationEnabled: bool, keycloakVersion: str, loginTheme: str, loginWithEmailAllowed: bool, maxDeltaTimeSeconds: int(int32), maxFailureWaitSeconds: int(int32), minimumQuickLoginWaitSeconds: int(int32), notBefore: int(int32), offlineSessionIdleTimeout: int(int32), offlineSessionMaxLifespan: int(int32), offlineSessionMaxLifespanEnabled: bool, otpPolicyAlgorithm: str, otpPolicyDigits: int(int32), otpPolicyInitialCounter: int(int32), otpPolicyLookAheadWindow: int(int32), otpPolicyPeriod: int(int32), otpPolicyType: str, otpSupportedApplications: [str], passwordPolicy: str, permanentLockout: bool, protocolMappers: [map], quickLoginCheckMilliSeconds: int(int64), realm: str, refreshTokenMaxReuse: int(int32), registrationAllowed: bool, registrationEmailAsUsername: bool, registrationFlow: str, rememberMe: bool, requiredActions: [map], resetCredentialsFlow: str, resetPasswordAllowed: bool, revokeRefreshToken: bool, roles: map{client: map, realm: [map]}, scopeMappings: [map], smtpServer: map, sslRequired: str, ssoSessionIdleTimeout: int(int32), ssoSessionIdleTimeoutRememberMe: int(int32), ssoSessionMaxLifespan: int(int32), ssoSessionMaxLifespanRememberMe: int(int32), supportedLocales: [str], userFederationMappers: [map], userFederationProviders: [map], userManagedAccessAllowed: bool, users: [map], verifyEmail: bool, waitIncrementSeconds: int(int32), webAuthnPolicyAcceptableAaguids: [str], webAuthnPolicyAttestationConveyancePreference: str, webAuthnPolicyAuthenticatorAttachment: str, webAuthnPolicyAvoidSameAuthenticatorRegister: bool, webAuthnPolicyCreateTimeout: int(int32), webAuthnPolicyPasswordlessAcceptableAaguids: [str], webAuthnPolicyPasswordlessAttestationConveyancePreference: str, webAuthnPolicyPasswordlessAuthenticatorAttachment: str, webAuthnPolicyPasswordlessAvoidSameAuthenticatorRegister: bool, webAuthnPolicyPasswordlessCreateTimeout: int(int32), webAuthnPolicyPasswordlessRequireResidentKey: str, webAuthnPolicyPasswordlessRpEntityName: str, webAuthnPolicyPasswordlessRpId: str, webAuthnPolicyPasswordlessSignatureAlgorithms: [str], webAuthnPolicyPasswordlessUserVerificationRequirement: str, webAuthnPolicyRequireResidentKey: str, webAuthnPolicyRpEntityName: str, webAuthnPolicyRpId: str, webAuthnPolicySignatureAlgorithms: [str], webAuthnPolicyUserVerificationRequirement: str} @endpoint PUT /{realm} @optional {accessCodeLifespan: int(int32), accessCodeLifespanLogin: int(int32), accessCodeLifespanUserAction: int(int32), accessTokenLifespan: int(int32), accessTokenLifespanForImplicitFlow: int(int32), accountTheme: str, actionTokenGeneratedByAdminLifespan: int(int32), actionTokenGeneratedByUserLifespan: int(int32), adminEventsDetailsEnabled: bool, adminEventsEnabled: bool, adminTheme: str, attributes: map, authenticationFlows: [map{alias: str, authenticationExecutions: [map], builtIn: bool, description: str, id: str, providerId: str, topLevel: bool}], authenticatorConfig: [map{alias: str, config: map, id: str}], browserFlow: str, browserSecurityHeaders: map, bruteForceProtected: bool, clientAuthenticationFlow: str, clientScopeMappings: map, clientScopes: [map{attributes: map, description: str, id: str, name: str, protocol: str, protocolMappers: [map]}], clientSessionIdleTimeout: int(int32), clientSessionMaxLifespan: int(int32), clients: [map{access: map, adminUrl: str, alwaysDisplayInConsole: bool, attributes: map, authenticationFlowBindingOverrides: map, authorizationServicesEnabled: bool, authorizationSettings: map, baseUrl: str, bearerOnly: bool, clientAuthenticatorType: str, clientId: str, consentRequired: bool, defaultClientScopes: [str], defaultRoles: [str], description: str, directAccessGrantsEnabled: bool, enabled: bool, frontchannelLogout: bool, fullScopeAllowed: bool, id: str, implicitFlowEnabled: bool, name: str, nodeReRegistrationTimeout: int(int32), notBefore: int(int32), optionalClientScopes: [str], origin: str, protocol: str, protocolMappers: [map], publicClient: bool, redirectUris: [str], registeredNodes: map, registrationAccessToken: str, rootUrl: str, secret: str, serviceAccountsEnabled: bool, standardFlowEnabled: bool, surrogateAuthRequired: bool, webOrigins: [str]}], components: map{empty: bool, loadFactor: num(float), threshold: int(int32)}, defaultDefaultClientScopes: [str], defaultGroups: [str], defaultLocale: str, defaultOptionalClientScopes: [str], defaultRoles: [str], defaultSignatureAlgorithm: str, directGrantFlow: str, displayName: str, displayNameHtml: str, dockerAuthenticationFlow: str, duplicateEmailsAllowed: bool, editUsernameAllowed: bool, emailTheme: str, enabled: bool, enabledEventTypes: [str], eventsEnabled: bool, eventsExpiration: int(int64), eventsListeners: [str], failureFactor: int(int32), federatedUsers: [map{access: map, attributes: map, clientConsents: [map], clientRoles: map, createdTimestamp: int(int64), credentials: [map], disableableCredentialTypes: [str], email: str, emailVerified: bool, enabled: bool, federatedIdentities: [map], federationLink: str, firstName: str, groups: [str], id: str, lastName: str, notBefore: int(int32), origin: str, realmRoles: [str], requiredActions: [str], self: str, serviceAccountClientId: str, username: str}], groups: [map{access: map, attributes: map, clientRoles: map, id: str, name: str, path: str, realmRoles: [str], subGroups: [map]}], id: str, identityProviderMappers: [map{config: map, id: str, identityProviderAlias: str, identityProviderMapper: str, name: str}], identityProviders: [map{addReadTokenRoleOnCreate: bool, alias: str, config: map, displayName: str, enabled: bool, firstBrokerLoginFlowAlias: str, internalId: str, linkOnly: bool, postBrokerLoginFlowAlias: str, providerId: str, storeToken: bool, trustEmail: bool}], internationalizationEnabled: bool, keycloakVersion: str, loginTheme: str, loginWithEmailAllowed: bool, maxDeltaTimeSeconds: int(int32), maxFailureWaitSeconds: int(int32), minimumQuickLoginWaitSeconds: int(int32), notBefore: int(int32), offlineSessionIdleTimeout: int(int32), offlineSessionMaxLifespan: int(int32), offlineSessionMaxLifespanEnabled: bool, otpPolicyAlgorithm: str, otpPolicyDigits: int(int32), otpPolicyInitialCounter: int(int32), otpPolicyLookAheadWindow: int(int32), otpPolicyPeriod: int(int32), otpPolicyType: str, otpSupportedApplications: [str], passwordPolicy: str, permanentLockout: bool, protocolMappers: [map{config: map, id: str, name: str, protocol: str, protocolMapper: str}], quickLoginCheckMilliSeconds: int(int64), realm: str, refreshTokenMaxReuse: int(int32), registrationAllowed: bool, registrationEmailAsUsername: bool, registrationFlow: str, rememberMe: bool, requiredActions: [map{alias: str, config: map, defaultAction: bool, enabled: bool, name: str, priority: int(int32), providerId: str}], resetCredentialsFlow: str, resetPasswordAllowed: bool, revokeRefreshToken: bool, roles: map{client: map, realm: [map]}, scopeMappings: [map{client: str, clientScope: str, roles: [str], self: str}], smtpServer: map, sslRequired: str, ssoSessionIdleTimeout: int(int32), ssoSessionIdleTimeoutRememberMe: int(int32), ssoSessionMaxLifespan: int(int32), ssoSessionMaxLifespanRememberMe: int(int32), supportedLocales: [str], userFederationMappers: [map{config: map, federationMapperType: str, federationProviderDisplayName: str, id: str, name: str}], userFederationProviders: [map{changedSyncPeriod: int(int32), config: map, displayName: str, fullSyncPeriod: int(int32), id: str, lastSync: int(int32), priority: int(int32), providerName: str}], userManagedAccessAllowed: bool, users: [map{access: map, attributes: map, clientConsents: [map], clientRoles: map, createdTimestamp: int(int64), credentials: [map], disableableCredentialTypes: [str], email: str, emailVerified: bool, enabled: bool, federatedIdentities: [map], federationLink: str, firstName: str, groups: [str], id: str, lastName: str, notBefore: int(int32), origin: str, realmRoles: [str], requiredActions: [str], self: str, serviceAccountClientId: str, username: str}], verifyEmail: bool, waitIncrementSeconds: int(int32), webAuthnPolicyAcceptableAaguids: [str], webAuthnPolicyAttestationConveyancePreference: str, webAuthnPolicyAuthenticatorAttachment: str, webAuthnPolicyAvoidSameAuthenticatorRegister: bool, webAuthnPolicyCreateTimeout: int(int32), webAuthnPolicyPasswordlessAcceptableAaguids: [str], webAuthnPolicyPasswordlessAttestationConveyancePreference: str, webAuthnPolicyPasswordlessAuthenticatorAttachment: str, webAuthnPolicyPasswordlessAvoidSameAuthenticatorRegister: bool, webAuthnPolicyPasswordlessCreateTimeout: int(int32), webAuthnPolicyPasswordlessRequireResidentKey: str, webAuthnPolicyPasswordlessRpEntityName: str, webAuthnPolicyPasswordlessRpId: str, webAuthnPolicyPasswordlessSignatureAlgorithms: [str], webAuthnPolicyPasswordlessUserVerificationRequirement: str, webAuthnPolicyRequireResidentKey: str, webAuthnPolicyRpEntityName: str, webAuthnPolicyRpId: str, webAuthnPolicySignatureAlgorithms: [str], webAuthnPolicyUserVerificationRequirement: str} @returns(2XX) @endpoint DELETE /{realm} @returns(2XX) @endpoint GET /{realm}/admin-events @optional {authClient: str, authIpAddress: str, authRealm: str, authUser: str, dateFrom: str, dateTo: str, first: int(int32), max: int(int32), operationTypes: [str], resourcePath: str, resourceTypes: [str]} @returns(2XX) @endpoint DELETE /{realm}/admin-events @returns(2XX) @endpoint DELETE /{realm}/attack-detection/brute-force/users @returns(2XX) @endpoint GET /{realm}/attack-detection/brute-force/users/{userId} @returns(2XX) @endpoint DELETE /{realm}/attack-detection/brute-force/users/{userId} @returns(2XX) @endpoint GET /{realm}/authentication/authenticator-providers @returns(2XX) @endpoint GET /{realm}/authentication/client-authenticator-providers @returns(2XX) @endpoint GET /{realm}/authentication/config-description/{providerId} @returns(2XX) {helpText: str, name: str, properties: [map], providerId: str} @endpoint GET /{realm}/authentication/config/{id} @returns(2XX) {alias: str, config: map, id: str} @endpoint PUT /{realm}/authentication/config/{id} @optional {alias: str, config: map, id: str} @returns(2XX) @endpoint DELETE /{realm}/authentication/config/{id} @returns(2XX) @endpoint POST /{realm}/authentication/executions @optional {authenticator: str, authenticatorConfig: str, authenticatorFlow: bool, autheticatorFlow: bool, flowId: str, id: str, parentFlow: str, priority: int(int32), requirement: str} @returns(2XX) @endpoint GET /{realm}/authentication/executions/{executionId} @returns(2XX) @endpoint DELETE /{realm}/authentication/executions/{executionId} @returns(2XX) @endpoint POST /{realm}/authentication/executions/{executionId}/config @optional {alias: str, config: map, id: str} @returns(2XX) @endpoint POST /{realm}/authentication/executions/{executionId}/lower-priority @returns(2XX) @endpoint POST /{realm}/authentication/executions/{executionId}/raise-priority @returns(2XX) @endpoint GET /{realm}/authentication/flows @returns(2XX) @endpoint POST /{realm}/authentication/flows @optional {alias: str, authenticationExecutions: [map{authenticator: str, authenticatorConfig: str, authenticatorFlow: bool, autheticatorFlow: bool, flowAlias: str, priority: int(int32), requirement: str, userSetupAllowed: bool}], builtIn: bool, description: str, id: str, providerId: str, topLevel: bool} @returns(2XX) @endpoint POST /{realm}/authentication/flows/{flowAlias}/copy @returns(2XX) @endpoint GET /{realm}/authentication/flows/{flowAlias}/executions @returns(2XX) @endpoint PUT /{realm}/authentication/flows/{flowAlias}/executions @optional {alias: str, authenticationConfig: str, authenticationFlow: bool, configurable: bool, displayName: str, flowId: str, id: str, index: int(int32), level: int(int32), providerId: str, requirement: str, requirementChoices: [str]} @returns(2XX) @endpoint POST /{realm}/authentication/flows/{flowAlias}/executions/execution @returns(2XX) @endpoint POST /{realm}/authentication/flows/{flowAlias}/executions/flow @returns(2XX) @endpoint GET /{realm}/authentication/flows/{id} @returns(2XX) {alias: str, authenticationExecutions: [map], builtIn: bool, description: str, id: str, providerId: str, topLevel: bool} @endpoint PUT /{realm}/authentication/flows/{id} @optional {alias: str, authenticationExecutions: [map{authenticator: str, authenticatorConfig: str, authenticatorFlow: bool, autheticatorFlow: bool, flowAlias: str, priority: int(int32), requirement: str, userSetupAllowed: bool}], builtIn: bool, description: str, id: str, providerId: str, topLevel: bool} @returns(2XX) @endpoint DELETE /{realm}/authentication/flows/{id} @returns(2XX) @endpoint GET /{realm}/authentication/form-action-providers @returns(2XX) @endpoint GET /{realm}/authentication/form-providers @returns(2XX) @endpoint GET /{realm}/authentication/per-client-config-description @returns(2XX) @endpoint POST /{realm}/authentication/register-required-action @returns(2XX) @endpoint GET /{realm}/authentication/required-actions @returns(2XX) @endpoint GET /{realm}/authentication/required-actions/{alias} @returns(2XX) {alias: str, config: map, defaultAction: bool, enabled: bool, name: str, priority: int(int32), providerId: str} @endpoint PUT /{realm}/authentication/required-actions/{alias} @optional {alias: str, config: map, defaultAction: bool, enabled: bool, name: str, priority: int(int32), providerId: str} @returns(2XX) @endpoint DELETE /{realm}/authentication/required-actions/{alias} @returns(2XX) @endpoint POST /{realm}/authentication/required-actions/{alias}/lower-priority @returns(2XX) @endpoint POST /{realm}/authentication/required-actions/{alias}/raise-priority @returns(2XX) @endpoint GET /{realm}/authentication/unregistered-required-actions @returns(2XX) @endpoint POST /{realm}/clear-keys-cache @returns(2XX) @endpoint POST /{realm}/clear-realm-cache @returns(2XX) @endpoint POST /{realm}/clear-user-cache @returns(2XX) @endpoint POST /{realm}/client-description-converter @returns(2XX) {access: map, adminUrl: str, alwaysDisplayInConsole: bool, attributes: map, authenticationFlowBindingOverrides: map, authorizationServicesEnabled: bool, authorizationSettings: map{allowRemoteResourceManagement: bool, clientId: str, decisionStrategy: str, id: str, name: str, policies: [map], policyEnforcementMode: str, resources: [map], scopes: [map]}, baseUrl: str, bearerOnly: bool, clientAuthenticatorType: str, clientId: str, consentRequired: bool, defaultClientScopes: [str], defaultRoles: [str], description: str, directAccessGrantsEnabled: bool, enabled: bool, frontchannelLogout: bool, fullScopeAllowed: bool, id: str, implicitFlowEnabled: bool, name: str, nodeReRegistrationTimeout: int(int32), notBefore: int(int32), optionalClientScopes: [str], origin: str, protocol: str, protocolMappers: [map], publicClient: bool, redirectUris: [str], registeredNodes: map, registrationAccessToken: str, rootUrl: str, secret: str, serviceAccountsEnabled: bool, standardFlowEnabled: bool, surrogateAuthRequired: bool, webOrigins: [str]} @endpoint GET /{realm}/client-registration-policy/providers @returns(2XX) @endpoint GET /{realm}/client-scopes @returns(2XX) @endpoint POST /{realm}/client-scopes @optional {attributes: map, description: str, id: str, name: str, protocol: str, protocolMappers: [map{config: map, id: str, name: str, protocol: str, protocolMapper: str}]} @returns(2XX) @endpoint GET /{realm}/client-scopes/{id1}/protocol-mappers/models/{id2} @returns(2XX) {config: map, id: str, name: str, protocol: str, protocolMapper: str} @endpoint PUT /{realm}/client-scopes/{id1}/protocol-mappers/models/{id2} @optional {config: map, id: str, name: str, protocol: str, protocolMapper: str} @returns(2XX) @endpoint DELETE /{realm}/client-scopes/{id1}/protocol-mappers/models/{id2} @returns(2XX) @endpoint GET /{realm}/client-scopes/{id} @returns(2XX) {attributes: map, description: str, id: str, name: str, protocol: str, protocolMappers: [map]} @endpoint PUT /{realm}/client-scopes/{id} @optional {attributes: map, description: str, id: str, name: str, protocol: str, protocolMappers: [map{config: map, id: str, name: str, protocol: str, protocolMapper: str}]} @returns(2XX) @endpoint DELETE /{realm}/client-scopes/{id} @returns(2XX) @endpoint POST /{realm}/client-scopes/{id}/protocol-mappers/add-models @returns(2XX) @endpoint GET /{realm}/client-scopes/{id}/protocol-mappers/models @returns(2XX) @endpoint POST /{realm}/client-scopes/{id}/protocol-mappers/models @optional {config: map, id: str, name: str, protocol: str, protocolMapper: str} @returns(2XX) @endpoint GET /{realm}/client-scopes/{id}/protocol-mappers/protocol/{protocol} @returns(2XX) @endpoint GET /{realm}/client-scopes/{id}/scope-mappings @returns(2XX) {clientMappings: map, realmMappings: [map]} @endpoint GET /{realm}/client-scopes/{id}/scope-mappings/clients/{client} @returns(2XX) @endpoint POST /{realm}/client-scopes/{id}/scope-mappings/clients/{client} @returns(2XX) @endpoint DELETE /{realm}/client-scopes/{id}/scope-mappings/clients/{client} @returns(2XX) @endpoint GET /{realm}/client-scopes/{id}/scope-mappings/clients/{client}/available @returns(2XX) @endpoint GET /{realm}/client-scopes/{id}/scope-mappings/clients/{client}/composite @returns(2XX) @endpoint GET /{realm}/client-scopes/{id}/scope-mappings/realm @returns(2XX) @endpoint POST /{realm}/client-scopes/{id}/scope-mappings/realm @returns(2XX) @endpoint DELETE /{realm}/client-scopes/{id}/scope-mappings/realm @returns(2XX) @endpoint GET /{realm}/client-scopes/{id}/scope-mappings/realm/available @returns(2XX) @endpoint GET /{realm}/client-scopes/{id}/scope-mappings/realm/composite @returns(2XX) @endpoint GET /{realm}/client-session-stats @returns(2XX) @endpoint GET /{realm}/clients @optional {clientId: str, first: int(int32), max: int(int32), search: bool, viewableOnly: bool} @returns(2XX) @endpoint POST /{realm}/clients @optional {access: map, adminUrl: str, alwaysDisplayInConsole: bool, attributes: map, authenticationFlowBindingOverrides: map, authorizationServicesEnabled: bool, authorizationSettings: map{allowRemoteResourceManagement: bool, clientId: str, decisionStrategy: str, id: str, name: str, policies: [map], policyEnforcementMode: str, resources: [map], scopes: [map]}, baseUrl: str, bearerOnly: bool, clientAuthenticatorType: str, clientId: str, consentRequired: bool, defaultClientScopes: [str], defaultRoles: [str], description: str, directAccessGrantsEnabled: bool, enabled: bool, frontchannelLogout: bool, fullScopeAllowed: bool, id: str, implicitFlowEnabled: bool, name: str, nodeReRegistrationTimeout: int(int32), notBefore: int(int32), optionalClientScopes: [str], origin: str, protocol: str, protocolMappers: [map{config: map, id: str, name: str, protocol: str, protocolMapper: str}], publicClient: bool, redirectUris: [str], registeredNodes: map, registrationAccessToken: str, rootUrl: str, secret: str, serviceAccountsEnabled: bool, standardFlowEnabled: bool, surrogateAuthRequired: bool, webOrigins: [str]} @returns(2XX) @endpoint GET /{realm}/clients-initial-access @returns(2XX) @endpoint POST /{realm}/clients-initial-access @optional {count: int(int32), expiration: int(int32)} @returns(2XX) {count: int(int32), expiration: int(int32), id: str, remainingCount: int(int32), timestamp: int(int32), token: str} @endpoint DELETE /{realm}/clients-initial-access/{id} @returns(2XX) @endpoint GET /{realm}/clients/{id1}/protocol-mappers/models/{id2} @returns(2XX) {config: map, id: str, name: str, protocol: str, protocolMapper: str} @endpoint PUT /{realm}/clients/{id1}/protocol-mappers/models/{id2} @optional {config: map, id: str, name: str, protocol: str, protocolMapper: str} @returns(2XX) @endpoint DELETE /{realm}/clients/{id1}/protocol-mappers/models/{id2} @returns(2XX) @endpoint GET /{realm}/clients/{id} @returns(2XX) {access: map, adminUrl: str, alwaysDisplayInConsole: bool, attributes: map, authenticationFlowBindingOverrides: map, authorizationServicesEnabled: bool, authorizationSettings: map{allowRemoteResourceManagement: bool, clientId: str, decisionStrategy: str, id: str, name: str, policies: [map], policyEnforcementMode: str, resources: [map], scopes: [map]}, baseUrl: str, bearerOnly: bool, clientAuthenticatorType: str, clientId: str, consentRequired: bool, defaultClientScopes: [str], defaultRoles: [str], description: str, directAccessGrantsEnabled: bool, enabled: bool, frontchannelLogout: bool, fullScopeAllowed: bool, id: str, implicitFlowEnabled: bool, name: str, nodeReRegistrationTimeout: int(int32), notBefore: int(int32), optionalClientScopes: [str], origin: str, protocol: str, protocolMappers: [map], publicClient: bool, redirectUris: [str], registeredNodes: map, registrationAccessToken: str, rootUrl: str, secret: str, serviceAccountsEnabled: bool, standardFlowEnabled: bool, surrogateAuthRequired: bool, webOrigins: [str]} @endpoint PUT /{realm}/clients/{id} @optional {access: map, adminUrl: str, alwaysDisplayInConsole: bool, attributes: map, authenticationFlowBindingOverrides: map, authorizationServicesEnabled: bool, authorizationSettings: map{allowRemoteResourceManagement: bool, clientId: str, decisionStrategy: str, id: str, name: str, policies: [map], policyEnforcementMode: str, resources: [map], scopes: [map]}, baseUrl: str, bearerOnly: bool, clientAuthenticatorType: str, clientId: str, consentRequired: bool, defaultClientScopes: [str], defaultRoles: [str], description: str, directAccessGrantsEnabled: bool, enabled: bool, frontchannelLogout: bool, fullScopeAllowed: bool, id: str, implicitFlowEnabled: bool, name: str, nodeReRegistrationTimeout: int(int32), notBefore: int(int32), optionalClientScopes: [str], origin: str, protocol: str, protocolMappers: [map{config: map, id: str, name: str, protocol: str, protocolMapper: str}], publicClient: bool, redirectUris: [str], registeredNodes: map, registrationAccessToken: str, rootUrl: str, secret: str, serviceAccountsEnabled: bool, standardFlowEnabled: bool, surrogateAuthRequired: bool, webOrigins: [str]} @returns(2XX) @endpoint DELETE /{realm}/clients/{id} @returns(2XX) @endpoint GET /{realm}/clients/{id}/certificates/{attr} @returns(2XX) {certificate: str, kid: str, privateKey: str, publicKey: str} @endpoint POST /{realm}/clients/{id}/certificates/{attr}/download @optional {format: str, keyAlias: str, keyPassword: str, realmAlias: str, realmCertificate: bool, storePassword: str} @returns(2XX) @endpoint POST /{realm}/clients/{id}/certificates/{attr}/generate @returns(2XX) {certificate: str, kid: str, privateKey: str, publicKey: str} @endpoint POST /{realm}/clients/{id}/certificates/{attr}/generate-and-download @optional {format: str, keyAlias: str, keyPassword: str, realmAlias: str, realmCertificate: bool, storePassword: str} @returns(2XX) @endpoint POST /{realm}/clients/{id}/certificates/{attr}/upload @returns(2XX) {certificate: str, kid: str, privateKey: str, publicKey: str} @endpoint POST /{realm}/clients/{id}/certificates/{attr}/upload-certificate @returns(2XX) {certificate: str, kid: str, privateKey: str, publicKey: str} @endpoint GET /{realm}/clients/{id}/client-secret @returns(2XX) {createdDate: int(int64), credentialData: str, id: str, priority: int(int32), secretData: str, temporary: bool, type: str, userLabel: str, value: str} @endpoint POST /{realm}/clients/{id}/client-secret @returns(2XX) {createdDate: int(int64), credentialData: str, id: str, priority: int(int32), secretData: str, temporary: bool, type: str, userLabel: str, value: str} @endpoint GET /{realm}/clients/{id}/default-client-scopes @returns(2XX) @endpoint PUT /{realm}/clients/{id}/default-client-scopes/{clientScopeId} @returns(2XX) @endpoint DELETE /{realm}/clients/{id}/default-client-scopes/{clientScopeId} @returns(2XX) @endpoint GET /{realm}/clients/{id}/evaluate-scopes/generate-example-access-token @optional {scope: str, userId: str} @returns(2XX) {acr: str, address: map{country: str, formatted: str, locality: str, postal_code: str, region: str, street_address: str}, allowed-origins: [str], at_hash: str, auth_time: int(int64), authorization: map{permissions: [map]}, azp: str, birthdate: str, c_hash: str, category: str, claims_locales: str, cnf: map{x5t#S256: str}, email: str, email_verified: bool, exp: int(int64), family_name: str, gender: str, given_name: str, iat: int(int64), iss: str, jti: str, locale: str, middle_name: str, name: str, nbf: int(int64), nickname: str, nonce: str, otherClaims: map, phone_number: str, phone_number_verified: bool, picture: str, preferred_username: str, profile: str, realm_access: map{roles: [str], verify_caller: bool}, s_hash: str, scope: str, session_state: str, sub: str, trusted-certs: [str], typ: str, updated_at: int(int64), website: str, zoneinfo: str} @endpoint GET /{realm}/clients/{id}/evaluate-scopes/protocol-mappers @optional {scope: str} @returns(2XX) @endpoint GET /{realm}/clients/{id}/evaluate-scopes/scope-mappings/{roleContainerId}/granted @optional {scope: str} @returns(2XX) @endpoint GET /{realm}/clients/{id}/evaluate-scopes/scope-mappings/{roleContainerId}/not-granted @optional {scope: str} @returns(2XX) @endpoint GET /{realm}/clients/{id}/installation/providers/{providerId} @returns(2XX) @endpoint GET /{realm}/clients/{id}/management/permissions @returns(2XX) {enabled: bool, resource: str, scopePermissions: map} @endpoint PUT /{realm}/clients/{id}/management/permissions @optional {enabled: bool, resource: str, scopePermissions: map} @returns(2XX) {enabled: bool, resource: str, scopePermissions: map} @endpoint POST /{realm}/clients/{id}/nodes @returns(2XX) @endpoint DELETE /{realm}/clients/{id}/nodes/{node} @returns(2XX) @endpoint GET /{realm}/clients/{id}/offline-session-count @returns(2XX) @endpoint GET /{realm}/clients/{id}/offline-sessions @optional {first: int(int32), max: int(int32)} @returns(2XX) @endpoint GET /{realm}/clients/{id}/optional-client-scopes @returns(2XX) @endpoint PUT /{realm}/clients/{id}/optional-client-scopes/{clientScopeId} @returns(2XX) @endpoint DELETE /{realm}/clients/{id}/optional-client-scopes/{clientScopeId} @returns(2XX) @endpoint POST /{realm}/clients/{id}/protocol-mappers/add-models @returns(2XX) @endpoint GET /{realm}/clients/{id}/protocol-mappers/models @returns(2XX) @endpoint POST /{realm}/clients/{id}/protocol-mappers/models @optional {config: map, id: str, name: str, protocol: str, protocolMapper: str} @returns(2XX) @endpoint GET /{realm}/clients/{id}/protocol-mappers/protocol/{protocol} @returns(2XX) @endpoint POST /{realm}/clients/{id}/push-revocation @returns(2XX) {failedRequests: [str], successRequests: [str]} @endpoint POST /{realm}/clients/{id}/registration-access-token @returns(2XX) {access: map, adminUrl: str, alwaysDisplayInConsole: bool, attributes: map, authenticationFlowBindingOverrides: map, authorizationServicesEnabled: bool, authorizationSettings: map{allowRemoteResourceManagement: bool, clientId: str, decisionStrategy: str, id: str, name: str, policies: [map], policyEnforcementMode: str, resources: [map], scopes: [map]}, baseUrl: str, bearerOnly: bool, clientAuthenticatorType: str, clientId: str, consentRequired: bool, defaultClientScopes: [str], defaultRoles: [str], description: str, directAccessGrantsEnabled: bool, enabled: bool, frontchannelLogout: bool, fullScopeAllowed: bool, id: str, implicitFlowEnabled: bool, name: str, nodeReRegistrationTimeout: int(int32), notBefore: int(int32), optionalClientScopes: [str], origin: str, protocol: str, protocolMappers: [map], publicClient: bool, redirectUris: [str], registeredNodes: map, registrationAccessToken: str, rootUrl: str, secret: str, serviceAccountsEnabled: bool, standardFlowEnabled: bool, surrogateAuthRequired: bool, webOrigins: [str]} @endpoint GET /{realm}/clients/{id}/roles @optional {briefRepresentation: bool, first: int(int32), max: int(int32), search: str} @returns(2XX) @endpoint POST /{realm}/clients/{id}/roles @optional {attributes: map, clientRole: bool, composite: bool, composites: map{client: map, realm: [str]}, containerId: str, description: str, id: str, name: str} @returns(2XX) @endpoint GET /{realm}/clients/{id}/roles/{role-name} @returns(2XX) {attributes: map, clientRole: bool, composite: bool, composites: map{client: map, realm: [str]}, containerId: str, description: str, id: str, name: str} @endpoint PUT /{realm}/clients/{id}/roles/{role-name} @optional {attributes: map, clientRole: bool, composite: bool, composites: map{client: map, realm: [str]}, containerId: str, description: str, id: str, name: str} @returns(2XX) @endpoint DELETE /{realm}/clients/{id}/roles/{role-name} @returns(2XX) @endpoint GET /{realm}/clients/{id}/roles/{role-name}/composites @returns(2XX) @endpoint POST /{realm}/clients/{id}/roles/{role-name}/composites @returns(2XX) @endpoint DELETE /{realm}/clients/{id}/roles/{role-name}/composites @returns(2XX) @endpoint GET /{realm}/clients/{id}/roles/{role-name}/composites/clients/{client} @returns(2XX) @endpoint GET /{realm}/clients/{id}/roles/{role-name}/composites/realm @returns(2XX) @endpoint GET /{realm}/clients/{id}/roles/{role-name}/groups @optional {briefRepresentation: bool, first: int(int32), max: int(int32)} @returns(2XX) @endpoint GET /{realm}/clients/{id}/roles/{role-name}/management/permissions @returns(2XX) {enabled: bool, resource: str, scopePermissions: map} @endpoint PUT /{realm}/clients/{id}/roles/{role-name}/management/permissions @optional {enabled: bool, resource: str, scopePermissions: map} @returns(2XX) {enabled: bool, resource: str, scopePermissions: map} @endpoint GET /{realm}/clients/{id}/roles/{role-name}/users @optional {first: int(int32), max: int(int32)} @returns(2XX) @endpoint GET /{realm}/clients/{id}/scope-mappings @returns(2XX) {clientMappings: map, realmMappings: [map]} @endpoint GET /{realm}/clients/{id}/scope-mappings/clients/{client} @returns(2XX) @endpoint POST /{realm}/clients/{id}/scope-mappings/clients/{client} @returns(2XX) @endpoint DELETE /{realm}/clients/{id}/scope-mappings/clients/{client} @returns(2XX) @endpoint GET /{realm}/clients/{id}/scope-mappings/clients/{client}/available @returns(2XX) @endpoint GET /{realm}/clients/{id}/scope-mappings/clients/{client}/composite @returns(2XX) @endpoint GET /{realm}/clients/{id}/scope-mappings/realm @returns(2XX) @endpoint POST /{realm}/clients/{id}/scope-mappings/realm @returns(2XX) @endpoint DELETE /{realm}/clients/{id}/scope-mappings/realm @returns(2XX) @endpoint GET /{realm}/clients/{id}/scope-mappings/realm/available @returns(2XX) @endpoint GET /{realm}/clients/{id}/scope-mappings/realm/composite @returns(2XX) @endpoint GET /{realm}/clients/{id}/service-account-user @returns(2XX) {access: map, attributes: map, clientConsents: [map], clientRoles: map, createdTimestamp: int(int64), credentials: [map], disableableCredentialTypes: [str], email: str, emailVerified: bool, enabled: bool, federatedIdentities: [map], federationLink: str, firstName: str, groups: [str], id: str, lastName: str, notBefore: int(int32), origin: str, realmRoles: [str], requiredActions: [str], self: str, serviceAccountClientId: str, username: str} @endpoint GET /{realm}/clients/{id}/session-count @returns(2XX) @endpoint GET /{realm}/clients/{id}/test-nodes-available @returns(2XX) {failedRequests: [str], successRequests: [str]} @endpoint GET /{realm}/clients/{id}/user-sessions @optional {first: int(int32), max: int(int32)} @returns(2XX) @endpoint GET /{realm}/components @optional {name: str, parent: str, type: str} @returns(2XX) @endpoint POST /{realm}/components @optional {config: map{empty: bool, loadFactor: num(float), threshold: int(int32)}, id: str, name: str, parentId: str, providerId: str, providerType: str, subType: str} @returns(2XX) @endpoint GET /{realm}/components/{id} @returns(2XX) {config: map{empty: bool, loadFactor: num(float), threshold: int(int32)}, id: str, name: str, parentId: str, providerId: str, providerType: str, subType: str} @endpoint PUT /{realm}/components/{id} @optional {config: map{empty: bool, loadFactor: num(float), threshold: int(int32)}, id: str, name: str, parentId: str, providerId: str, providerType: str, subType: str} @returns(2XX) @endpoint DELETE /{realm}/components/{id} @returns(2XX) @endpoint GET /{realm}/components/{id}/sub-component-types @optional {type: str} @returns(2XX) @endpoint GET /{realm}/credential-registrators @returns(2XX) @endpoint GET /{realm}/default-default-client-scopes @returns(2XX) @endpoint PUT /{realm}/default-default-client-scopes/{clientScopeId} @returns(2XX) @endpoint DELETE /{realm}/default-default-client-scopes/{clientScopeId} @returns(2XX) @endpoint GET /{realm}/default-groups @returns(2XX) @endpoint PUT /{realm}/default-groups/{groupId} @returns(2XX) @endpoint DELETE /{realm}/default-groups/{groupId} @returns(2XX) @endpoint GET /{realm}/default-optional-client-scopes @returns(2XX) @endpoint PUT /{realm}/default-optional-client-scopes/{clientScopeId} @returns(2XX) @endpoint DELETE /{realm}/default-optional-client-scopes/{clientScopeId} @returns(2XX) @endpoint GET /{realm}/events @optional {client: str, dateFrom: str, dateTo: str, first: int(int32), ipAddress: str, max: int(int32), type: [str], user: str} @returns(2XX) @endpoint DELETE /{realm}/events @returns(2XX) @endpoint GET /{realm}/events/config @returns(2XX) {adminEventsDetailsEnabled: bool, adminEventsEnabled: bool, enabledEventTypes: [str], eventsEnabled: bool, eventsExpiration: int(int64), eventsListeners: [str]} @endpoint PUT /{realm}/events/config @optional {adminEventsDetailsEnabled: bool, adminEventsEnabled: bool, enabledEventTypes: [str], eventsEnabled: bool, eventsExpiration: int(int64), eventsListeners: [str]} @returns(2XX) @endpoint GET /{realm}/group-by-path/{path} @returns(2XX) {access: map, attributes: map, clientRoles: map, id: str, name: str, path: str, realmRoles: [str], subGroups: [map]} @endpoint GET /{realm}/groups @optional {briefRepresentation: bool, first: int(int32), max: int(int32), search: str} @returns(2XX) @endpoint POST /{realm}/groups @optional {access: map, attributes: map, clientRoles: map, id: str, name: str, path: str, realmRoles: [str], subGroups: [map{access: map, attributes: map, clientRoles: map, id: str, name: str, path: str, realmRoles: [str], subGroups: [map]}]} @returns(2XX) @endpoint GET /{realm}/groups/count @optional {search: str, top: bool} @returns(2XX) @endpoint GET /{realm}/groups/{id} @returns(2XX) {access: map, attributes: map, clientRoles: map, id: str, name: str, path: str, realmRoles: [str], subGroups: [map]} @endpoint PUT /{realm}/groups/{id} @optional {access: map, attributes: map, clientRoles: map, id: str, name: str, path: str, realmRoles: [str], subGroups: [map{access: map, attributes: map, clientRoles: map, id: str, name: str, path: str, realmRoles: [str], subGroups: [map]}]} @returns(2XX) @endpoint DELETE /{realm}/groups/{id} @returns(2XX) @endpoint POST /{realm}/groups/{id}/children @optional {access: map, attributes: map, clientRoles: map, id: str, name: str, path: str, realmRoles: [str], subGroups: [map{access: map, attributes: map, clientRoles: map, id: str, name: str, path: str, realmRoles: [str], subGroups: [map]}]} @returns(2XX) @endpoint GET /{realm}/groups/{id}/management/permissions @returns(2XX) {enabled: bool, resource: str, scopePermissions: map} @endpoint PUT /{realm}/groups/{id}/management/permissions @optional {enabled: bool, resource: str, scopePermissions: map} @returns(2XX) {enabled: bool, resource: str, scopePermissions: map} @endpoint GET /{realm}/groups/{id}/members @optional {briefRepresentation: bool, first: int(int32), max: int(int32)} @returns(2XX) @endpoint GET /{realm}/groups/{id}/role-mappings @returns(2XX) {clientMappings: map, realmMappings: [map]} @endpoint GET /{realm}/groups/{id}/role-mappings/clients/{client} @returns(2XX) @endpoint POST /{realm}/groups/{id}/role-mappings/clients/{client} @returns(2XX) @endpoint DELETE /{realm}/groups/{id}/role-mappings/clients/{client} @returns(2XX) @endpoint GET /{realm}/groups/{id}/role-mappings/clients/{client}/available @returns(2XX) @endpoint GET /{realm}/groups/{id}/role-mappings/clients/{client}/composite @returns(2XX) @endpoint GET /{realm}/groups/{id}/role-mappings/realm @returns(2XX) @endpoint POST /{realm}/groups/{id}/role-mappings/realm @returns(2XX) @endpoint DELETE /{realm}/groups/{id}/role-mappings/realm @returns(2XX) @endpoint GET /{realm}/groups/{id}/role-mappings/realm/available @returns(2XX) @endpoint GET /{realm}/groups/{id}/role-mappings/realm/composite @returns(2XX) @endpoint POST /{realm}/identity-provider/import-config @returns(2XX) @endpoint GET /{realm}/identity-provider/instances @returns(2XX) @endpoint POST /{realm}/identity-provider/instances @optional {addReadTokenRoleOnCreate: bool, alias: str, config: map, displayName: str, enabled: bool, firstBrokerLoginFlowAlias: str, internalId: str, linkOnly: bool, postBrokerLoginFlowAlias: str, providerId: str, storeToken: bool, trustEmail: bool} @returns(2XX) @endpoint GET /{realm}/identity-provider/instances/{alias} @returns(2XX) {addReadTokenRoleOnCreate: bool, alias: str, config: map, displayName: str, enabled: bool, firstBrokerLoginFlowAlias: str, internalId: str, linkOnly: bool, postBrokerLoginFlowAlias: str, providerId: str, storeToken: bool, trustEmail: bool} @endpoint PUT /{realm}/identity-provider/instances/{alias} @optional {addReadTokenRoleOnCreate: bool, alias: str, config: map, displayName: str, enabled: bool, firstBrokerLoginFlowAlias: str, internalId: str, linkOnly: bool, postBrokerLoginFlowAlias: str, providerId: str, storeToken: bool, trustEmail: bool} @returns(2XX) @endpoint DELETE /{realm}/identity-provider/instances/{alias} @returns(2XX) @endpoint GET /{realm}/identity-provider/instances/{alias}/export @optional {format: str} @returns(2XX) @endpoint GET /{realm}/identity-provider/instances/{alias}/management/permissions @returns(2XX) {enabled: bool, resource: str, scopePermissions: map} @endpoint PUT /{realm}/identity-provider/instances/{alias}/management/permissions @optional {enabled: bool, resource: str, scopePermissions: map} @returns(2XX) {enabled: bool, resource: str, scopePermissions: map} @endpoint GET /{realm}/identity-provider/instances/{alias}/mapper-types @returns(2XX) @endpoint GET /{realm}/identity-provider/instances/{alias}/mappers @returns(2XX) @endpoint POST /{realm}/identity-provider/instances/{alias}/mappers @optional {config: map, id: str, identityProviderAlias: str, identityProviderMapper: str, name: str} @returns(2XX) @endpoint GET /{realm}/identity-provider/instances/{alias}/mappers/{id} @returns(2XX) {config: map, id: str, identityProviderAlias: str, identityProviderMapper: str, name: str} @endpoint PUT /{realm}/identity-provider/instances/{alias}/mappers/{id} @optional {config: map, id: str, identityProviderAlias: str, identityProviderMapper: str, name: str} @returns(2XX) @endpoint DELETE /{realm}/identity-provider/instances/{alias}/mappers/{id} @returns(2XX) @endpoint GET /{realm}/identity-provider/providers/{provider_id} @returns(2XX) @endpoint GET /{realm}/keys @returns(2XX) {active: map, keys: [map]} @endpoint POST /{realm}/logout-all @returns(2XX) @endpoint POST /{realm}/partial-export @optional {exportClients: bool, exportGroupsAndRoles: bool} @returns(2XX) {accessCodeLifespan: int(int32), accessCodeLifespanLogin: int(int32), accessCodeLifespanUserAction: int(int32), accessTokenLifespan: int(int32), accessTokenLifespanForImplicitFlow: int(int32), accountTheme: str, actionTokenGeneratedByAdminLifespan: int(int32), actionTokenGeneratedByUserLifespan: int(int32), adminEventsDetailsEnabled: bool, adminEventsEnabled: bool, adminTheme: str, attributes: map, authenticationFlows: [map], authenticatorConfig: [map], browserFlow: str, browserSecurityHeaders: map, bruteForceProtected: bool, clientAuthenticationFlow: str, clientScopeMappings: map, clientScopes: [map], clientSessionIdleTimeout: int(int32), clientSessionMaxLifespan: int(int32), clients: [map], components: map{empty: bool, loadFactor: num(float), threshold: int(int32)}, defaultDefaultClientScopes: [str], defaultGroups: [str], defaultLocale: str, defaultOptionalClientScopes: [str], defaultRoles: [str], defaultSignatureAlgorithm: str, directGrantFlow: str, displayName: str, displayNameHtml: str, dockerAuthenticationFlow: str, duplicateEmailsAllowed: bool, editUsernameAllowed: bool, emailTheme: str, enabled: bool, enabledEventTypes: [str], eventsEnabled: bool, eventsExpiration: int(int64), eventsListeners: [str], failureFactor: int(int32), federatedUsers: [map], groups: [map], id: str, identityProviderMappers: [map], identityProviders: [map], internationalizationEnabled: bool, keycloakVersion: str, loginTheme: str, loginWithEmailAllowed: bool, maxDeltaTimeSeconds: int(int32), maxFailureWaitSeconds: int(int32), minimumQuickLoginWaitSeconds: int(int32), notBefore: int(int32), offlineSessionIdleTimeout: int(int32), offlineSessionMaxLifespan: int(int32), offlineSessionMaxLifespanEnabled: bool, otpPolicyAlgorithm: str, otpPolicyDigits: int(int32), otpPolicyInitialCounter: int(int32), otpPolicyLookAheadWindow: int(int32), otpPolicyPeriod: int(int32), otpPolicyType: str, otpSupportedApplications: [str], passwordPolicy: str, permanentLockout: bool, protocolMappers: [map], quickLoginCheckMilliSeconds: int(int64), realm: str, refreshTokenMaxReuse: int(int32), registrationAllowed: bool, registrationEmailAsUsername: bool, registrationFlow: str, rememberMe: bool, requiredActions: [map], resetCredentialsFlow: str, resetPasswordAllowed: bool, revokeRefreshToken: bool, roles: map{client: map, realm: [map]}, scopeMappings: [map], smtpServer: map, sslRequired: str, ssoSessionIdleTimeout: int(int32), ssoSessionIdleTimeoutRememberMe: int(int32), ssoSessionMaxLifespan: int(int32), ssoSessionMaxLifespanRememberMe: int(int32), supportedLocales: [str], userFederationMappers: [map], userFederationProviders: [map], userManagedAccessAllowed: bool, users: [map], verifyEmail: bool, waitIncrementSeconds: int(int32), webAuthnPolicyAcceptableAaguids: [str], webAuthnPolicyAttestationConveyancePreference: str, webAuthnPolicyAuthenticatorAttachment: str, webAuthnPolicyAvoidSameAuthenticatorRegister: bool, webAuthnPolicyCreateTimeout: int(int32), webAuthnPolicyPasswordlessAcceptableAaguids: [str], webAuthnPolicyPasswordlessAttestationConveyancePreference: str, webAuthnPolicyPasswordlessAuthenticatorAttachment: str, webAuthnPolicyPasswordlessAvoidSameAuthenticatorRegister: bool, webAuthnPolicyPasswordlessCreateTimeout: int(int32), webAuthnPolicyPasswordlessRequireResidentKey: str, webAuthnPolicyPasswordlessRpEntityName: str, webAuthnPolicyPasswordlessRpId: str, webAuthnPolicyPasswordlessSignatureAlgorithms: [str], webAuthnPolicyPasswordlessUserVerificationRequirement: str, webAuthnPolicyRequireResidentKey: str, webAuthnPolicyRpEntityName: str, webAuthnPolicyRpId: str, webAuthnPolicySignatureAlgorithms: [str], webAuthnPolicyUserVerificationRequirement: str} @endpoint POST /{realm}/partialImport @optional {clients: [map{access: map, adminUrl: str, alwaysDisplayInConsole: bool, attributes: map, authenticationFlowBindingOverrides: map, authorizationServicesEnabled: bool, authorizationSettings: map, baseUrl: str, bearerOnly: bool, clientAuthenticatorType: str, clientId: str, consentRequired: bool, defaultClientScopes: [str], defaultRoles: [str], description: str, directAccessGrantsEnabled: bool, enabled: bool, frontchannelLogout: bool, fullScopeAllowed: bool, id: str, implicitFlowEnabled: bool, name: str, nodeReRegistrationTimeout: int(int32), notBefore: int(int32), optionalClientScopes: [str], origin: str, protocol: str, protocolMappers: [map], publicClient: bool, redirectUris: [str], registeredNodes: map, registrationAccessToken: str, rootUrl: str, secret: str, serviceAccountsEnabled: bool, standardFlowEnabled: bool, surrogateAuthRequired: bool, webOrigins: [str]}], groups: [map{access: map, attributes: map, clientRoles: map, id: str, name: str, path: str, realmRoles: [str], subGroups: [map]}], identityProviders: [map{addReadTokenRoleOnCreate: bool, alias: str, config: map, displayName: str, enabled: bool, firstBrokerLoginFlowAlias: str, internalId: str, linkOnly: bool, postBrokerLoginFlowAlias: str, providerId: str, storeToken: bool, trustEmail: bool}], ifResourceExists: str, policy: str(SKIP/OVERWRITE/FAIL), roles: map{client: map, realm: [map]}, users: [map{access: map, attributes: map, clientConsents: [map], clientRoles: map, createdTimestamp: int(int64), credentials: [map], disableableCredentialTypes: [str], email: str, emailVerified: bool, enabled: bool, federatedIdentities: [map], federationLink: str, firstName: str, groups: [str], id: str, lastName: str, notBefore: int(int32), origin: str, realmRoles: [str], requiredActions: [str], self: str, serviceAccountClientId: str, username: str}]} @returns(2XX) @endpoint POST /{realm}/push-revocation @returns(2XX) @endpoint GET /{realm}/roles @optional {briefRepresentation: bool, first: int(int32), max: int(int32), search: str} @returns(2XX) @endpoint POST /{realm}/roles @optional {attributes: map, clientRole: bool, composite: bool, composites: map{client: map, realm: [str]}, containerId: str, description: str, id: str, name: str} @returns(2XX) @endpoint GET /{realm}/roles-by-id/{role-id} @returns(2XX) {attributes: map, clientRole: bool, composite: bool, composites: map{client: map, realm: [str]}, containerId: str, description: str, id: str, name: str} @endpoint PUT /{realm}/roles-by-id/{role-id} @optional {attributes: map, clientRole: bool, composite: bool, composites: map{client: map, realm: [str]}, containerId: str, description: str, id: str, name: str} @returns(2XX) @endpoint DELETE /{realm}/roles-by-id/{role-id} @returns(2XX) @endpoint GET /{realm}/roles-by-id/{role-id}/composites @returns(2XX) @endpoint POST /{realm}/roles-by-id/{role-id}/composites @returns(2XX) @endpoint DELETE /{realm}/roles-by-id/{role-id}/composites @returns(2XX) @endpoint GET /{realm}/roles-by-id/{role-id}/composites/clients/{client} @returns(2XX) @endpoint GET /{realm}/roles-by-id/{role-id}/composites/realm @returns(2XX) @endpoint GET /{realm}/roles-by-id/{role-id}/management/permissions @returns(2XX) {enabled: bool, resource: str, scopePermissions: map} @endpoint PUT /{realm}/roles-by-id/{role-id}/management/permissions @optional {enabled: bool, resource: str, scopePermissions: map} @returns(2XX) {enabled: bool, resource: str, scopePermissions: map} @endpoint GET /{realm}/roles/{role-name} @returns(2XX) {attributes: map, clientRole: bool, composite: bool, composites: map{client: map, realm: [str]}, containerId: str, description: str, id: str, name: str} @endpoint PUT /{realm}/roles/{role-name} @optional {attributes: map, clientRole: bool, composite: bool, composites: map{client: map, realm: [str]}, containerId: str, description: str, id: str, name: str} @returns(2XX) @endpoint DELETE /{realm}/roles/{role-name} @returns(2XX) @endpoint GET /{realm}/roles/{role-name}/composites @returns(2XX) @endpoint POST /{realm}/roles/{role-name}/composites @returns(2XX) @endpoint DELETE /{realm}/roles/{role-name}/composites @returns(2XX) @endpoint GET /{realm}/roles/{role-name}/composites/clients/{client} @returns(2XX) @endpoint GET /{realm}/roles/{role-name}/composites/realm @returns(2XX) @endpoint GET /{realm}/roles/{role-name}/groups @optional {briefRepresentation: bool, first: int(int32), max: int(int32)} @returns(2XX) @endpoint GET /{realm}/roles/{role-name}/management/permissions @returns(2XX) {enabled: bool, resource: str, scopePermissions: map} @endpoint PUT /{realm}/roles/{role-name}/management/permissions @optional {enabled: bool, resource: str, scopePermissions: map} @returns(2XX) {enabled: bool, resource: str, scopePermissions: map} @endpoint GET /{realm}/roles/{role-name}/users @optional {first: int(int32), max: int(int32)} @returns(2XX) @endpoint DELETE /{realm}/sessions/{session} @returns(2XX) @endpoint POST /{realm}/testLDAPConnection @optional {action: str, bindCredential: str, bindDn: str, componentId: str, connectionTimeout: str, connectionUrl: str, startTls: str, useTruststoreSpi: str} @returns(2XX) @endpoint POST /{realm}/testSMTPConnection @returns(2XX) @endpoint GET /{realm}/user-storage/{id}/name @returns(2XX) @endpoint POST /{realm}/user-storage/{id}/remove-imported-users @returns(2XX) @endpoint POST /{realm}/user-storage/{id}/sync @optional {action: str} @returns(2XX) {added: int(int32), failed: int(int32), ignored: bool, removed: int(int32), status: str, updated: int(int32)} @endpoint POST /{realm}/user-storage/{id}/unlink-users @returns(2XX) @endpoint POST /{realm}/user-storage/{parentId}/mappers/{id}/sync @optional {direction: str} @returns(2XX) {added: int(int32), failed: int(int32), ignored: bool, removed: int(int32), status: str, updated: int(int32)} @endpoint GET /{realm}/users @optional {briefRepresentation: bool, email: str, first: int(int32), firstName: str, lastName: str, max: int(int32), search: str, username: str} @returns(2XX) @endpoint POST /{realm}/users @optional {access: map, attributes: map, clientConsents: [map{clientId: str, createdDate: int(int64), grantedClientScopes: [str], lastUpdatedDate: int(int64)}], clientRoles: map, createdTimestamp: int(int64), credentials: [map{createdDate: int(int64), credentialData: str, id: str, priority: int(int32), secretData: str, temporary: bool, type: str, userLabel: str, value: str}], disableableCredentialTypes: [str], email: str, emailVerified: bool, enabled: bool, federatedIdentities: [map{identityProvider: str, userId: str, userName: str}], federationLink: str, firstName: str, groups: [str], id: str, lastName: str, notBefore: int(int32), origin: str, realmRoles: [str], requiredActions: [str], self: str, serviceAccountClientId: str, username: str} @returns(2XX) @endpoint GET /{realm}/users-management-permissions @returns(2XX) {enabled: bool, resource: str, scopePermissions: map} @endpoint PUT /{realm}/users-management-permissions @optional {enabled: bool, resource: str, scopePermissions: map} @returns(2XX) {enabled: bool, resource: str, scopePermissions: map} @endpoint GET /{realm}/users/count @optional {email: str, firstName: str, lastName: str, search: str, username: str} @returns(2XX) @endpoint GET /{realm}/users/{id} @returns(2XX) {access: map, attributes: map, clientConsents: [map], clientRoles: map, createdTimestamp: int(int64), credentials: [map], disableableCredentialTypes: [str], email: str, emailVerified: bool, enabled: bool, federatedIdentities: [map], federationLink: str, firstName: str, groups: [str], id: str, lastName: str, notBefore: int(int32), origin: str, realmRoles: [str], requiredActions: [str], self: str, serviceAccountClientId: str, username: str} @endpoint PUT /{realm}/users/{id} @optional {access: map, attributes: map, clientConsents: [map{clientId: str, createdDate: int(int64), grantedClientScopes: [str], lastUpdatedDate: int(int64)}], clientRoles: map, createdTimestamp: int(int64), credentials: [map{createdDate: int(int64), credentialData: str, id: str, priority: int(int32), secretData: str, temporary: bool, type: str, userLabel: str, value: str}], disableableCredentialTypes: [str], email: str, emailVerified: bool, enabled: bool, federatedIdentities: [map{identityProvider: str, userId: str, userName: str}], federationLink: str, firstName: str, groups: [str], id: str, lastName: str, notBefore: int(int32), origin: str, realmRoles: [str], requiredActions: [str], self: str, serviceAccountClientId: str, username: str} @returns(2XX) @endpoint DELETE /{realm}/users/{id} @returns(2XX) @endpoint GET /{realm}/users/{id}/configured-user-storage-credential-types @returns(2XX) @endpoint GET /{realm}/users/{id}/consents @returns(2XX) @endpoint DELETE /{realm}/users/{id}/consents/{client} @returns(2XX) @endpoint GET /{realm}/users/{id}/credentials @returns(2XX) @endpoint DELETE /{realm}/users/{id}/credentials/{credentialId} @returns(2XX) @endpoint POST /{realm}/users/{id}/credentials/{credentialId}/moveAfter/{newPreviousCredentialId} @returns(2XX) @endpoint POST /{realm}/users/{id}/credentials/{credentialId}/moveToFirst @returns(2XX) @endpoint PUT /{realm}/users/{id}/credentials/{credentialId}/userLabel @returns(2XX) @endpoint PUT /{realm}/users/{id}/disable-credential-types @returns(2XX) @endpoint PUT /{realm}/users/{id}/execute-actions-email @optional {client_id: str, lifespan: int(int32), redirect_uri: str} @returns(2XX) @endpoint GET /{realm}/users/{id}/federated-identity @returns(2XX) @endpoint POST /{realm}/users/{id}/federated-identity/{provider} @optional {identityProvider: str, userId: str, userName: str} @returns(2XX) @endpoint DELETE /{realm}/users/{id}/federated-identity/{provider} @returns(2XX) @endpoint GET /{realm}/users/{id}/groups @optional {briefRepresentation: bool, first: int(int32), max: int(int32), search: str} @returns(2XX) @endpoint GET /{realm}/users/{id}/groups/count @optional {search: str} @returns(2XX) @endpoint PUT /{realm}/users/{id}/groups/{groupId} @returns(2XX) @endpoint DELETE /{realm}/users/{id}/groups/{groupId} @returns(2XX) @endpoint POST /{realm}/users/{id}/impersonation @returns(2XX) @endpoint POST /{realm}/users/{id}/logout @returns(2XX) @endpoint GET /{realm}/users/{id}/offline-sessions/{clientId} @returns(2XX) @endpoint PUT /{realm}/users/{id}/reset-password @optional {createdDate: int(int64), credentialData: str, id: str, priority: int(int32), secretData: str, temporary: bool, type: str, userLabel: str, value: str} @returns(2XX) @endpoint GET /{realm}/users/{id}/role-mappings @returns(2XX) {clientMappings: map, realmMappings: [map]} @endpoint GET /{realm}/users/{id}/role-mappings/clients/{client} @returns(2XX) @endpoint POST /{realm}/users/{id}/role-mappings/clients/{client} @returns(2XX) @endpoint DELETE /{realm}/users/{id}/role-mappings/clients/{client} @returns(2XX) @endpoint GET /{realm}/users/{id}/role-mappings/clients/{client}/available @returns(2XX) @endpoint GET /{realm}/users/{id}/role-mappings/clients/{client}/composite @returns(2XX) @endpoint GET /{realm}/users/{id}/role-mappings/realm @returns(2XX) @endpoint POST /{realm}/users/{id}/role-mappings/realm @returns(2XX) @endpoint DELETE /{realm}/users/{id}/role-mappings/realm @returns(2XX) @endpoint GET /{realm}/users/{id}/role-mappings/realm/available @returns(2XX) @endpoint GET /{realm}/users/{id}/role-mappings/realm/composite @returns(2XX) @endpoint PUT /{realm}/users/{id}/send-verify-email @optional {client_id: str, redirect_uri: str} @returns(2XX) @endpoint GET /{realm}/users/{id}/sessions @returns(2XX) @endgroup @end