UsersResource (Keycloak 1.0-beta-2 API)

java.lang.Object
- org.keycloak.services.resources.admin.UsersResource

```
public class UsersResource
extends Object
```
Base resource for managing users

Version:

$Revision: 1 $

Author:

Bill Burke

Field Summary

Fields
Modifier and Type	Field and Description
`protected static org.jboss.logging.Logger`	`logger`
`protected RealmModel`	`realm`
`protected KeycloakSession`	`session`
`protected javax.ws.rs.core.UriInfo`	`uriInfo`

Constructor Summary

Constructors
Constructor and Description
`UsersResource(ProviderSession providerSession, RealmModel realm, RealmAuth auth, TokenManager tokenManager)`

Method Summary

Methods
Modifier and Type	Method and Description
`void`	`addApplicationRoleMapping(String username, String appName, List<RoleRepresentation> roles)` Add applicaiton-level roles to the user role mapping.
`void`	`addRealmRoleMappings(String username, List<RoleRepresentation> roles)` Add realm-level role mappings
`javax.ws.rs.core.Response`	`createUser(javax.ws.rs.core.UriInfo uriInfo, UserRepresentation rep)` Create a new user.
`void`	`deleteApplicationRoleMapping(String username, String appName, List<RoleRepresentation> roles)` Delete application-level roles from user role mapping.
`void`	`deleteRealmRoleMappings(String username, List<RoleRepresentation> roles)` Delete realm-level role mappings
`void`	`deleteUser(String username)` delete this user
`List<RoleRepresentation>`	`getApplicationRoleMappings(String username, String appName)` Get application-level role mappings for this user for a specific app
`List<RoleRepresentation>`	`getAvailableApplicationRoleMappings(String username, String appName)` Get available application-level roles that can be mapped to the user
`List<RoleRepresentation>`	`getAvailableRealmRoleMappings(String username)` Realm-level roles that can be mapped to this user
`protected List<RoleRepresentation>`	`getAvailableRoles(UserModel user, Set<RoleModel> available)`
`List<RoleRepresentation>`	`getCompositeApplicationRoleMappings(String username, String appName)` Get effective application-level role mappings.
`List<RoleRepresentation>`	`getCompositeRealmRoleMappings(String username)` Effective realm-level role mappings for this user.
`List<RoleRepresentation>`	`getRealmRoleMappings(String username)` Get realm-level role mappings for this user
`MappingsRepresentation`	`getRoleMappings(String username)` Get role mappings for this user
`List<UserSessionRepresentation>`	`getSessions(String username)` List set of sessions associated with this user.
`Map<String,UserStats>`	`getSessionStats(String username)` For each application with an admin URL, query them for the set of users logged in.
`List<SocialLinkRepresentation>`	`getSocialLinks(String username)` List set of social logins associated with this user.
`UserRepresentation`	`getUser(String username)` Get represenation of the user
`List<UserRepresentation>`	`getUsers(String search, String last, String first, String email, String username)` Query list of users.
`void`	`logout(String username)` Remove all user sessions associated with this user.
`void`	`removeTotp(String username)`
`void`	`resetPassword(String username, CredentialRepresentation pass)` Set up a temporary password for this user.
`javax.ws.rs.core.Response`	`resetPasswordEmail(String username)` Send an email to the user with a link they can click to reset their password
`javax.ws.rs.core.Response`	`updateUser(String username, UserRepresentation rep)` Update the user

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

logger

protected static final org.jboss.logging.Logger logger

realm
```
protected RealmModel realm
```

uriInfo

@Context
protected javax.ws.rs.core.UriInfo uriInfo

session

@Context
protected KeycloakSession session

Constructor Detail

UsersResource

public UsersResource(ProviderSession providerSession,
             RealmModel realm,
             RealmAuth auth,
             TokenManager tokenManager)

Method Detail

updateUser

@Path(value="{username}")
@PUT
@Consumes(value="application/json")
public javax.ws.rs.core.Response updateUser(@PathParam(value="username")
                                                     String username,
                                                     UserRepresentation rep)

Update the user

Parameters:: username - user name (not id!); rep -
Returns:

createUser

@POST
@Consumes(value="application/json")
public javax.ws.rs.core.Response createUser(@Context
                                                 javax.ws.rs.core.UriInfo uriInfo,
                                                 UserRepresentation rep)

Create a new user. Must be a unique username!

Parameters:: uriInfo -; rep -
Returns:

getUser

@Path(value="{username}")
@GET
@Produces(value="application/json")
public UserRepresentation getUser(@PathParam(value="username")
                                           String username)

Get represenation of the user

Parameters:: username - username (not id!)
Returns:

getSessionStats

@Path(value="{username}/session-stats")
@GET
@Produces(value="application/json")
public Map<String,UserStats> getSessionStats(@PathParam(value="username")
                                                      String username)

For each application with an admin URL, query them for the set of users logged in. This not as reliable as getSessions().

Parameters:: username -
Returns:

getSessions

@Path(value="{username}/sessions")
@GET
@Produces(value="application/json")
public List<UserSessionRepresentation> getSessions(@PathParam(value="username")
                                                            String username)

List set of sessions associated with this user.

Parameters:: username -
Returns:

getSocialLinks

@Path(value="{username}/social-links")
@GET
@Produces(value="application/json")
public List<SocialLinkRepresentation> getSocialLinks(@PathParam(value="username")
                                                              String username)

List set of social logins associated with this user.

Parameters:: username -
Returns:

logout
```
@Path(value="{username}/logout")
@POST
public void logout(@PathParam(value="username")
                    String username)
```
Remove all user sessions associated with this user. And, for all applications that have an admin URL, tell them to invalidate the sessions for this particular user.

Parameters:
username - username (not id!)

deleteUser

@Path(value="{username}")
@DELETE
public void deleteUser(@PathParam(value="username")
                          String username)

delete this user

Parameters:: username - username (not id!)

getUsers

@GET
@Produces(value="application/json")
public List<UserRepresentation> getUsers(@QueryParam(value="search")
                                             String search,
                                             @QueryParam(value="lastName")
                                             String last,
                                             @QueryParam(value="firstName")
                                             String first,
                                             @QueryParam(value="email")
                                             String email,
                                             @QueryParam(value="username")
                                             String username)

Query list of users. May pass in query criteria

Parameters:: search - string contained in username, first or last name, or email; last -; first -; email -; username -
Returns:

getRoleMappings

@Path(value="{username}/role-mappings")
@GET
@Produces(value="application/json")
public MappingsRepresentation getRoleMappings(@PathParam(value="username")
                                                       String username)

Get role mappings for this user

Parameters:: username - username (not id!)
Returns:

getRealmRoleMappings

@Path(value="{username}/role-mappings/realm")
@GET
@Produces(value="application/json")
public List<RoleRepresentation> getRealmRoleMappings(@PathParam(value="username")
                                                              String username)

Get realm-level role mappings for this user

Parameters:: username - username (not id!)
Returns:

getCompositeRealmRoleMappings

@Path(value="{username}/role-mappings/realm/composite")
@GET
@Produces(value="application/json")
public List<RoleRepresentation> getCompositeRealmRoleMappings(@PathParam(value="username")
                                                                       String username)

Effective realm-level role mappings for this user. Will recurse all composite roles to get this list.

Parameters:: username - username (not id!)
Returns:

getAvailableRealmRoleMappings

@Path(value="{username}/role-mappings/realm/available")
@GET
@Produces(value="application/json")
public List<RoleRepresentation> getAvailableRealmRoleMappings(@PathParam(value="username")
                                                                       String username)

Realm-level roles that can be mapped to this user

Parameters:: username - username (not id!)
Returns:

addRealmRoleMappings

@Path(value="{username}/role-mappings/realm")
@POST
@Consumes(value="application/json")
public void addRealmRoleMappings(@PathParam(value="username")
                                           String username,
                                           List<RoleRepresentation> roles)

Add realm-level role mappings

Parameters:: username - username (not id!); roles -

deleteRealmRoleMappings

@Path(value="{username}/role-mappings/realm")
@DELETE
@Consumes(value="application/json")
public void deleteRealmRoleMappings(@PathParam(value="username")
                                                String username,
                                                List<RoleRepresentation> roles)

Delete realm-level role mappings

Parameters:: username - username (not id!); roles -

getApplicationRoleMappings

@Path(value="{username}/role-mappings/applications/{app}")
@GET
@Produces(value="application/json")
public List<RoleRepresentation> getApplicationRoleMappings(@PathParam(value="username")
                                                                    String username,
                                                                    @PathParam(value="app")
                                                                    String appName)

Get application-level role mappings for this user for a specific app

Parameters:: username - username (not id!); appName - app name (not id!)
Returns:

getCompositeApplicationRoleMappings

@Path(value="{username}/role-mappings/applications/{app}/composite")
@GET
@Produces(value="application/json")
public List<RoleRepresentation> getCompositeApplicationRoleMappings(@PathParam(value="username")
                                                                             String username,
                                                                             @PathParam(value="app")
                                                                             String appName)

Get effective application-level role mappings. This recurses any composite roles

Parameters:: username - username (not id!); appName - app name (not id!)
Returns:

getAvailableApplicationRoleMappings

@Path(value="{username}/role-mappings/applications/{app}/available")
@GET
@Produces(value="application/json")
public List<RoleRepresentation> getAvailableApplicationRoleMappings(@PathParam(value="username")
                                                                             String username,
                                                                             @PathParam(value="app")
                                                                             String appName)

Get available application-level roles that can be mapped to the user

Parameters:: username - username (not id!); appName - app name (not id!)
Returns:

getAvailableRoles

protected List<RoleRepresentation> getAvailableRoles(UserModel user,
                                         Set<RoleModel> available)

addApplicationRoleMapping

@Path(value="{username}/role-mappings/applications/{app}")
@POST
@Consumes(value="application/json")
public void addApplicationRoleMapping(@PathParam(value="username")
                                                String username,
                                                @PathParam(value="app")
                                                String appName,
                                                List<RoleRepresentation> roles)

Add applicaiton-level roles to the user role mapping.

Parameters:: username - username (not id!); appName - app name (not id!); roles -

deleteApplicationRoleMapping

@Path(value="{username}/role-mappings/applications/{app}")
@DELETE
@Consumes(value="application/json")
public void deleteApplicationRoleMapping(@PathParam(value="username")
                                                     String username,
                                                     @PathParam(value="app")
                                                     String appName,
                                                     List<RoleRepresentation> roles)

Delete application-level roles from user role mapping.

Parameters:: username - username (not id!); appName - app name (not id!); roles -

resetPassword

@Path(value="{username}/reset-password")
@PUT
@Consumes(value="application/json")
public void resetPassword(@PathParam(value="username")
                                   String username,
                                   CredentialRepresentation pass)

Set up a temporary password for this user. User will have to reset this temporary password when they log in next.

Parameters:: username - username (not id!); pass - temporary password

removeTotp

@Path(value="{username}/remove-totp")
@PUT
@Consumes(value="application/json")
public void removeTotp(@PathParam(value="username")
                                String username)

Parameters:: username - username (not id!)

resetPasswordEmail

@Path(value="{username}/reset-password-email")
@PUT
@Consumes(value="application/json")
public javax.ws.rs.core.Response resetPasswordEmail(@PathParam(value="username")
                                                             String username)

Send an email to the user with a link they can click to reset their password

Parameters:: username - username (not id!)
Returns:

Class UsersResource