Package org.keycloak.services.resources.admin

Class ClientResource

java.lang.Object
org.keycloak.services.resources.admin.ClientResource
public class ClientResource extends Object
Base resource class for managing one particular client of a realm.
Version:
$Revision: 1 $
Author:
Bill Burke

  • Field Details

  • Constructor Details

  • Method Details

    • getProtocolMappers

      @Path("protocol-mappers") public ProtocolMappersResource getProtocolMappers()

    • update

      @PUT @Consumes("application/json") public jakarta.ws.rs.core.Response update(org.keycloak.representations.idm.ClientRepresentation rep)
      Update the client
      Parameters:
      rep -
      Returns:

    • getClient

      @GET @Produces("application/json") public org.keycloak.representations.idm.ClientRepresentation getClient()
      Get representation of the client
      Returns:

    • getCertficateResource

      @Path("certificates/{attr}") public ClientAttributeCertificateResource getCertficateResource(@PathParam("attr") String attributePrefix)
      Get representation of certificate resource
      Parameters:
      attributePrefix -
      Returns:

    • getInstallationProvider

      @GET @Path("installation/providers/{providerId}") public jakarta.ws.rs.core.Response getInstallationProvider(@PathParam("providerId") String providerId)

    • deleteClient

      @DELETE public void deleteClient()
      Delete the client

    • regenerateSecret

      @Path("client-secret") @POST @Produces("application/json") @Consumes("application/json") public org.keycloak.representations.idm.CredentialRepresentation regenerateSecret()
      Generate a new secret for the client
      Returns:

    • regenerateRegistrationAccessToken

      @Path("registration-access-token") @POST @Produces("application/json") @Consumes("application/json") public org.keycloak.representations.idm.ClientRepresentation regenerateRegistrationAccessToken()
      Generate a new registration access token for the client
      Returns:

    • getClientSecret

      @Path("client-secret") @GET @Produces("application/json") public org.keycloak.representations.idm.CredentialRepresentation getClientSecret()
      Get the client secret
      Returns:

    • getScopeMappedResource

      @Path("scope-mappings") public ScopeMappedResource getScopeMappedResource()
      Base path for managing the scope mappings for the client
      Returns:

    • getRoleContainerResource

      @Path("roles") public RoleContainerResource getRoleContainerResource()

    • getDefaultClientScopes

      @GET @Produces("application/json") @Path("default-client-scopes") public Stream<org.keycloak.representations.idm.ClientScopeRepresentation> getDefaultClientScopes()
      Get default client scopes. Only name and ids are returned.
      Returns:

    • addDefaultClientScope

      @PUT @Path("default-client-scopes/{clientScopeId}") public void addDefaultClientScope(@PathParam("clientScopeId") String clientScopeId)

    • removeDefaultClientScope

      @DELETE @Path("default-client-scopes/{clientScopeId}") public void removeDefaultClientScope(@PathParam("clientScopeId") String clientScopeId)

    • getOptionalClientScopes

      @GET @Produces("application/json") @Path("optional-client-scopes") public Stream<org.keycloak.representations.idm.ClientScopeRepresentation> getOptionalClientScopes()
      Get optional client scopes. Only name and ids are returned.
      Returns:

    • addOptionalClientScope

      @PUT @Path("optional-client-scopes/{clientScopeId}") public void addOptionalClientScope(@PathParam("clientScopeId") String clientScopeId)

    • removeOptionalClientScope

      @DELETE @Path("optional-client-scopes/{clientScopeId}") public void removeOptionalClientScope(@PathParam("clientScopeId") String clientScopeId)

    • clientScopeEvaluateResource

      @Path("evaluate-scopes") public ClientScopeEvaluateResource clientScopeEvaluateResource()

    • getServiceAccountUser

      @Path("service-account-user") @GET @Produces("application/json") public org.keycloak.representations.idm.UserRepresentation getServiceAccountUser()
      Get a user dedicated to the service account
      Returns:

    • pushRevocation

      @Path("push-revocation") @POST @Produces("application/json") public org.keycloak.representations.adapters.action.GlobalRequestResult pushRevocation()
      Push the client's revocation policy to its admin URL If the client has an admin URL, push revocation policy to it.

    • getApplicationSessionCount

      @Path("session-count") @GET @Produces("application/json") public Map<String,Long> getApplicationSessionCount()
      Get application session count Returns a number of user sessions associated with this client { "count": number }
      Returns:

    • getUserSessions

      @Path("user-sessions") @GET @Produces("application/json") public Stream<org.keycloak.representations.idm.UserSessionRepresentation> getUserSessions(@QueryParam("first") Integer firstResult, @QueryParam("max") Integer maxResults)
      Get user sessions for client Returns a list of user sessions associated with this client
      Parameters:
      firstResult - Paging offset
      maxResults - Maximum results size (defaults to 100)
      Returns:

    • getOfflineSessionCount

      @Path("offline-session-count") @GET @Produces("application/json") public Map<String,Long> getOfflineSessionCount()
      Get application offline session count Returns a number of offline user sessions associated with this client { "count": number }
      Returns:

    • getOfflineUserSessions

      @Path("offline-sessions") @GET @Produces("application/json") public Stream<org.keycloak.representations.idm.UserSessionRepresentation> getOfflineUserSessions(@QueryParam("first") Integer firstResult, @QueryParam("max") Integer maxResults)
      Get offline sessions for client Returns a list of offline user sessions associated with this client
      Parameters:
      firstResult - Paging offset
      maxResults - Maximum results size (defaults to 100)
      Returns:

    • registerNode

      @Path("nodes") @POST @Consumes("application/json") public void registerNode(Map<String,String> formParams)
      Register a cluster node with the client Manually register cluster node to this client - usually it's not needed to call this directly as adapter should handle by sending registration request to Keycloak
      Parameters:
      formParams -

    • unregisterNode

      @Path("nodes/{node}") @DELETE public void unregisterNode(@PathParam("node") String node)
      Unregister a cluster node from the client
      Parameters:
      node -

    • testNodesAvailable

      @Path("test-nodes-available") @GET @Produces("application/json") public org.keycloak.representations.adapters.action.GlobalRequestResult testNodesAvailable()
      Test if registered cluster nodes are available Tests availability by sending 'ping' request to all cluster nodes.
      Returns:

    • authorization

      @Path("/authz") public AuthorizationService authorization()

    • getManagementPermissions

      @Path("management/permissions") @GET @Produces("application/json") public org.keycloak.representations.idm.ManagementPermissionReference getManagementPermissions()
      Return object stating whether client Authorization permissions have been initialized or not and a reference
      Returns:

    • setManagementPermissionsEnabled

      @Path("management/permissions") @PUT @Produces("application/json") @Consumes("application/json") public org.keycloak.representations.idm.ManagementPermissionReference setManagementPermissionsEnabled(org.keycloak.representations.idm.ManagementPermissionReference ref)
      Return object stating whether client Authorization permissions have been initialized or not and a reference
      Returns:
      initialized manage permissions reference

    • invalidateRotatedSecret

      @Path("client-secret/rotated") @DELETE @Produces("application/json") @Consumes("application/json") public jakarta.ws.rs.core.Response invalidateRotatedSecret()
      Invalidate the rotated secret for the client
      Returns:

    • getClientRotatedSecret

      @Path("client-secret/rotated") @GET @Produces("application/json") public org.keycloak.representations.idm.CredentialRepresentation getClientRotatedSecret()
      Get the rotated client secret
      Returns: