keycloak.keycloak_admin
The keycloak admin module.
Classes
Keycloak Admin client. |
Module Contents
- class keycloak.keycloak_admin.KeycloakAdmin(server_url=None, grant_type=None, username=None, password=None, token=None, totp=None, realm_name='master', client_id='admin-cli', verify=True, client_secret_key=None, custom_headers=None, user_realm_name=None, timeout=60, cert=None, max_retries=1, connection: keycloak.openid_connection.KeycloakOpenIDConnection | None = None)[source]
Keycloak Admin client.
- Parameters:
server_url (str) – Keycloak server url
username (str) – admin username
password (str) – admin password
token (dict) – access and refresh tokens
totp (str) – Time based OTP
realm_name (str) – realm name
client_id (str) – client id
verify (Union[bool,str]) – Boolean value to enable or disable certificate validation or a string containing a path to a CA bundle to use
client_secret_key (str) – client secret key (optional, required only for access type confidential)
custom_headers (dict) – dict of custom header to pass to each HTML request
user_realm_name (str) – The realm name of the user, if different from realm_name
timeout (int) – connection timeout in seconds
cert (Union[str,Tuple[str,str]]) – An SSL certificate used by the requested host to authenticate the client. Either a path to an SSL certificate file, or two-tuple of (certificate file, key file).
max_retries (int) – The total number of times to retry HTTP requests.
connection (KeycloakOpenIDConnection) – A KeycloakOpenIDConnection as an alternative to individual params.
- property connection: keycloak.openid_connection.KeycloakOpenIDConnection[source]
Get connection.
- Returns:
Connection manager
- Return type:
- __fetch_all(url, query=None)[source]
Paginate over get requests.
Wrapper function to paginate GET requests.
- Parameters:
url (str) – The url on which the query is executed
query (dict) – Existing query parameters (optional)
- Returns:
Combined results of paginated queries
- Return type:
list
- __fetch_paginated(url, query=None)[source]
Make a specific paginated request.
- Parameters:
url (str) – The url on which the query is executed
query (dict) – Pagination settings
- Returns:
Response
- Return type:
dict
- get_current_realm() str [source]
Return the currently configured realm.
- Returns:
Currently configured realm name
- Return type:
str
- change_current_realm(realm_name: str) None [source]
Change the current realm.
- Parameters:
realm_name (str) – The name of the realm to be configured as current
- import_realm(payload)[source]
Import a new realm from a RealmRepresentation.
Realm name must be unique.
RealmRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_realmrepresentation
- Parameters:
payload (dict) – RealmRepresentation
- Returns:
RealmRepresentation
- Return type:
dict
- partial_import_realm(realm_name, payload)[source]
Partial import realm configuration from PartialImportRepresentation.
Realm partialImport is used for modifying configuration of existing realm.
PartialImportRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/#_partialimportrepresentation
- Parameters:
realm_name (str) – Realm name (not the realm id)
payload (dict) – PartialImportRepresentation
- Returns:
PartialImportResponse
- Return type:
dict
- export_realm(export_clients=False, export_groups_and_role=False)[source]
Export the realm configurations in the json format.
RealmRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_partialexport
- Parameters:
export_clients (bool) – Skip if not want to export realm clients
export_groups_and_role (bool) – Skip if not want to export realm groups and roles
- Returns:
realm configurations JSON
- Return type:
dict
- get_realms()[source]
List all realms in Keycloak deployment.
- Returns:
realms list
- Return type:
list
- get_realm(realm_name)[source]
Get a specific realm.
RealmRepresentation: https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_realmrepresentation
- Parameters:
realm_name (str) – Realm name (not the realm id)
- Returns:
RealmRepresentation
- Return type:
dict
- create_realm(payload, skip_exists=False)[source]
Create a realm.
RealmRepresentation: https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_realmrepresentation
- Parameters:
payload (dict) – RealmRepresentation
skip_exists (bool) – Skip if Realm already exist.
- Returns:
Keycloak server response (RealmRepresentation)
- Return type:
dict
- update_realm(realm_name, payload)[source]
Update a realm.
This will only update top level attributes and will ignore any user, role, or client information in the payload.
RealmRepresentation: https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_realmrepresentation
- Parameters:
realm_name (str) – Realm name (not the realm id)
payload (dict) – RealmRepresentation
- Returns:
Http response
- Return type:
dict
- delete_realm(realm_name)[source]
Delete a realm.
- Parameters:
realm_name (str) – Realm name (not the realm id)
- Returns:
Http response
- Return type:
dict
- get_users(query=None)[source]
Get all users.
Return a list of users, filtered according to query parameters
UserRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_userrepresentation
- Parameters:
query (dict) – Query parameters (optional)
- Returns:
users list
- Return type:
list
- create_idp(payload)[source]
Create an ID Provider.
IdentityProviderRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_identityproviderrepresentation
- Param:
payload: IdentityProviderRepresentation
- Returns:
Keycloak server response
- Return type:
dict
- update_idp(idp_alias, payload)[source]
Update an ID Provider.
IdentityProviderRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_identity_providers_resource
- Param:
idp_alias: alias for IdP to update
- Param:
payload: The IdentityProviderRepresentation
- Returns:
Keycloak server response
- Return type:
dict
- add_mapper_to_idp(idp_alias, payload)[source]
Create an ID Provider.
IdentityProviderRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_identityprovidermapperrepresentation
- Param:
idp_alias: alias for Idp to add mapper in
- Param:
payload: IdentityProviderMapperRepresentation
- Returns:
Keycloak server response
- Return type:
dict
- update_mapper_in_idp(idp_alias, mapper_id, payload)[source]
Update an IdP mapper.
IdentityProviderMapperRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_update
- Param:
idp_alias: alias for Idp to fetch mappers
- Param:
mapper_id: Mapper Id to update
- Param:
payload: IdentityProviderMapperRepresentation
- Returns:
Http response
- Return type:
dict
- get_idp_mappers(idp_alias)[source]
Get IDP mappers.
Returns a list of ID Providers mappers
IdentityProviderMapperRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_getmappers
- Param:
idp_alias: alias for Idp to fetch mappers
- Returns:
array IdentityProviderMapperRepresentation
- Return type:
list
- get_idps()[source]
Get IDPs.
Returns a list of ID Providers,
IdentityProviderRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_identityproviderrepresentation
- Returns:
array IdentityProviderRepresentation
- Return type:
list
- get_idp(idp_alias)[source]
Get IDP provider.
Get the representation of a specific IDP Provider.
IdentityProviderRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_identityproviderrepresentation
- Param:
idp_alias: alias for IdP to get
- Returns:
IdentityProviderRepresentation
- Return type:
dict
- delete_idp(idp_alias)[source]
Delete an ID Provider.
- Param:
idp_alias: idp alias name
- Returns:
Keycloak server response
- Return type:
dict
- create_user(payload, exist_ok=False)[source]
Create a new user.
Username must be unique
UserRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_userrepresentation
- Parameters:
payload (dict) – UserRepresentation
exist_ok (bool) – If False, raise KeycloakGetError if username already exists. Otherwise, return existing user ID.
- Returns:
user_id
- Return type:
str
- users_count(query=None)[source]
Count users.
https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_users_resource
- Parameters:
query (dict) – (dict) Query parameters for users count
- Returns:
counter
- Return type:
int
- get_user_id(username)[source]
Get internal keycloak user id from username.
This is required for further actions against this user.
UserRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_userrepresentation
- Parameters:
username (str) – id in UserRepresentation
- Returns:
user_id
- Return type:
str
- get_user(user_id)[source]
Get representation of the user.
UserRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_userrepresentation
- Parameters:
user_id (str) – User id
- Returns:
UserRepresentation
- get_user_groups(user_id, query=None, brief_representation=True)[source]
Get user groups.
Returns a list of groups of which the user is a member
- Parameters:
user_id (str) – User id
query (dict) – Additional query options
brief_representation (bool) – whether to omit attributes in the response
- Returns:
user groups list
- Return type:
list
- update_user(user_id, payload)[source]
Update the user.
- Parameters:
user_id (str) – User id
payload (dict) – UserRepresentation
- Returns:
Http response
- Return type:
bytes
- disable_user(user_id)[source]
Disable the user from the realm. Disabled users can not log in.
- Parameters:
user_id (str) – User id
- Returns:
Http response
- Return type:
bytes
- enable_user(user_id)[source]
Enable the user from the realm.
- Parameters:
user_id (str) – User id
- Returns:
Http response
- Return type:
bytes
- delete_user(user_id)[source]
Delete the user.
- Parameters:
user_id (str) – User id
- Returns:
Http response
- Return type:
bytes
- set_user_password(user_id, password, temporary=True)[source]
Set up a password for the user.
If temporary is True, the user will have to reset the temporary password next time they log in.
https://www.keycloak.org/docs-api/24.0.2/rest-api/#_users_resource https://www.keycloak.org/docs-api/24.0.2/rest-api/#_credentialrepresentation
- Parameters:
user_id (str) – User id
password (str) – New password
temporary (bool) – True if password is temporary
- Returns:
Response
- Return type:
dict
- get_credentials(user_id)[source]
Get user credentials.
Returns a list of credential belonging to the user.
CredentialRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_credentialrepresentation
- Param:
user_id: user id
- Returns:
Keycloak server response (CredentialRepresentation)
- Return type:
dict
- delete_credential(user_id, credential_id)[source]
Delete credential of the user.
CredentialRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_credentialrepresentation
- Param:
user_id: user id
- Param:
credential_id: credential id
- Returns:
Keycloak server response (ClientRepresentation)
- Return type:
bytes
- user_logout(user_id)[source]
Log out the user.
https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_logout
- Parameters:
user_id (str) – User id
- Returns:
Keycloak server response
- Return type:
bytes
- user_consents(user_id)[source]
Get consents granted by the user.
UserConsentRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_userconsentrepresentation
- Parameters:
user_id (str) – User id
- Returns:
List of UserConsentRepresentations
- Return type:
list
- get_user_social_logins(user_id)[source]
Get user social logins.
Returns a list of federated identities/social logins of which the user has been associated with :param user_id: User id :type user_id: str :returns: Federated identities list :rtype: list
- add_user_social_login(user_id, provider_id, provider_userid, provider_username)[source]
Add a federated identity / social login provider to the user.
- Parameters:
user_id (str) – User id
provider_id (str) – Social login provider id
provider_userid (str) – userid specified by the provider
provider_username (str) – username specified by the provider
- Returns:
Keycloak server response
- Return type:
bytes
- delete_user_social_login(user_id, provider_id)[source]
Delete a federated identity / social login provider from the user.
- Parameters:
user_id (str) – User id
provider_id (str) – Social login provider id
- Returns:
Keycloak server response
- Return type:
bytes
- send_update_account(user_id, payload, client_id=None, lifespan=None, redirect_uri=None)[source]
Send an update account email to the user.
An email contains a link the user can click to perform a set of required actions.
- Parameters:
user_id (str) – User id
payload (list) – A list of actions for the user to complete
client_id (str) – Client id (optional)
lifespan (int) – Number of seconds after which the generated token expires (optional)
redirect_uri (str) – The redirect uri (optional)
- Returns:
Keycloak server response
- Return type:
bytes
- send_verify_email(user_id, client_id=None, redirect_uri=None)[source]
Send a update account email to the user.
An email contains a link the user can click to perform a set of required actions.
- Parameters:
user_id (str) – User id
client_id (str) – Client id (optional)
redirect_uri (str) – Redirect uri (optional)
- Returns:
Keycloak server response
- Return type:
bytes
- get_sessions(user_id)[source]
Get sessions associated with the user.
UserSessionRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_usersessionrepresentation
- Parameters:
user_id (str) – Id of user
- Returns:
UserSessionRepresentation
- Return type:
dict
- get_server_info()[source]
Get themes, social providers, etc. on this server.
ServerInfoRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_serverinforepresentation
- Returns:
ServerInfoRepresentation
- Return type:
dict
- get_groups(query=None, full_hierarchy=False)[source]
Get groups.
Returns a list of groups belonging to the realm
GroupRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/#_grouprepresentation
Notice that when using full_hierarchy=True, the response will be a nested structure containing all the children groups. If used with query parameters, the full_hierarchy will be applied to the received groups only.
- Parameters:
query (dict) – Additional query options
full_hierarchy (bool) – If True, return all of the nested children groups, otherwise only the first level children are returned
- Returns:
array GroupRepresentation
- Return type:
list
- get_group(group_id, full_hierarchy=False)[source]
Get group by id.
Returns full group details
GroupRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/#_grouprepresentation
- Parameters:
group_id (str) – The group id
full_hierarchy (bool) – If True, return all of the nested children groups, otherwise only the first level children are returned
- Returns:
Keycloak server response (GroupRepresentation)
- Return type:
dict
- get_subgroups(group, path)[source]
Get subgroups.
Utility function to iterate through nested group structures
GroupRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/#_grouprepresentation
- Parameters:
group (dict) – group (GroupRepresentation)
path (str) – group path (string)
- Returns:
Keycloak server response (GroupRepresentation)
- Return type:
dict
- get_group_children(group_id, query=None, full_hierarchy=False)[source]
Get group children by parent id.
Returns full group children details
- Parameters:
group_id (str) – The parent group id
query (dict) – Additional query options
full_hierarchy (bool) – If True, return all of the nested children groups
- Returns:
Keycloak server response (GroupRepresentation)
- Return type:
dict
- Raises:
ValueError – If both query and full_hierarchy parameters are used
- get_group_members(group_id, query=None)[source]
Get members by group id.
Returns group members
GroupRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/#_userrepresentation
- Parameters:
group_id (str) – The group id
query (dict) – Additional query parameters (see https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_getmembers)
- Returns:
Keycloak server response (UserRepresentation)
- Return type:
list
- get_group_by_path(path)[source]
Get group id based on name or path.
Returns full group details for a group defined by path
GroupRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/#_grouprepresentation
- Parameters:
path (str) – group path
- Returns:
Keycloak server response (GroupRepresentation)
- Return type:
dict
- create_group(payload, parent=None, skip_exists=False)[source]
Create a group in the Realm.
GroupRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/#_grouprepresentation
- Parameters:
payload (dict) – GroupRepresentation
parent (str) – parent group’s id. Required to create a sub-group.
skip_exists (bool) – If true then do not raise an error if it already exists
- Returns:
Group id for newly created group or None for an existing group
- Return type:
str
- update_group(group_id, payload)[source]
Update group, ignores subgroups.
GroupRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/#_grouprepresentation
- Parameters:
group_id (str) – id of group
payload (dict) – GroupRepresentation with updated information.
- Returns:
Http response
- Return type:
bytes
- groups_count(query=None)[source]
Count groups.
https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_groups
- Parameters:
query (dict) – (dict) Query parameters for groups count
- Returns:
Keycloak Server Response
- Return type:
dict
- group_set_permissions(group_id, enabled=True)[source]
Enable/Disable permissions for a group.
Cannot delete group if disabled
- Parameters:
group_id (str) – id of group
enabled (bool) – Enabled flag
- Returns:
Keycloak server response
- Return type:
bytes
- group_user_add(user_id, group_id)[source]
Add user to group (user_id and group_id).
- Parameters:
user_id (str) – id of user
group_id (str) – id of group to add to
- Returns:
Keycloak server response
- Return type:
bytes
- group_user_remove(user_id, group_id)[source]
Remove user from group (user_id and group_id).
- Parameters:
user_id (str) – id of user
group_id (str) – id of group to remove from
- Returns:
Keycloak server response
- Return type:
bytes
- delete_group(group_id)[source]
Delete a group in the Realm.
- Parameters:
group_id (str) – id of group to delete
- Returns:
Keycloak server response
- Return type:
bytes
- get_clients()[source]
Get clients.
Returns a list of clients belonging to the realm
ClientRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_clientrepresentation
- Returns:
Keycloak server response (ClientRepresentation)
- Return type:
list
- get_client(client_id)[source]
Get representation of the client.
ClientRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_clientrepresentation
- Parameters:
client_id (str) – id of client (not client-id)
- Returns:
Keycloak server response (ClientRepresentation)
- Return type:
dict
- get_client_id(client_id)[source]
Get internal keycloak client id from client-id.
This is required for further actions against this client.
- Parameters:
client_id (str) – clientId in ClientRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_clientrepresentation
- Returns:
client_id (uuid as string)
- Return type:
str
- get_client_authz_settings(client_id)[source]
Get authorization json from client.
- Parameters:
client_id (str) – id in ClientRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_clientrepresentation
- Returns:
Keycloak server response
- Return type:
dict
- create_client_authz_resource(client_id, payload, skip_exists=False)[source]
Create resources of client.
- Parameters:
client_id (str) – id in ClientRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_clientrepresentation
payload (dict) – ResourceRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_resourcerepresentation
skip_exists (bool) – Skip the creation in case the resource exists
- Returns:
Keycloak server response
- Return type:
bytes
- update_client_authz_resource(client_id, resource_id, payload)[source]
Update resource of client.
Any parameter missing from the ResourceRepresentation in the payload WILL be set to default by the Keycloak server.
- Parameters:
client_id (str) – id in ClientRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_clientrepresentation
payload (dict) – ResourceRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_resourcerepresentation
client_id – id in ClientRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_clientrepresentation
resource_id (str) – id in ResourceRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_resourcerepresentation
- Returns:
Keycloak server response
- Return type:
bytes
- delete_client_authz_resource(client_id: str, resource_id: str)[source]
Delete a client resource.
- Parameters:
client_id (str) – id in ClientRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_clientrepresentation
resource_id (str) – id in ResourceRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_resourcerepresentation
- Returns:
Keycloak server response
- Return type:
bytes
- get_client_authz_resources(client_id)[source]
Get resources from client.
- Parameters:
client_id (str) – id in ClientRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_clientrepresentation
- Returns:
Keycloak server response (ResourceRepresentation)
- Return type:
list
- get_client_authz_resource(client_id: str, resource_id: str)[source]
Get a client resource.
- Parameters:
client_id (str) – id in ClientRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_clientrepresentation
resource_id (str) – id in ResourceRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_resourcerepresentation
- Returns:
Keycloak server response (ResourceRepresentation)
- Return type:
dict
- create_client_authz_role_based_policy(client_id, payload, skip_exists=False)[source]
Create role-based policy of client.
Payload example:
payload={ "type": "role", "logic": "POSITIVE", "decisionStrategy": "UNANIMOUS", "name": "Policy-1", "roles": [ { "id": id } ] }
- Parameters:
client_id (str) – id in ClientRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_clientrepresentation
payload (dict) – No Document
skip_exists (bool) – Skip creation in case the object exists
- Returns:
Keycloak server response
- Return type:
bytes
- create_client_authz_policy(client_id, payload, skip_exists=False)[source]
Create an authz policy of client.
Payload example:
payload={ "name": "Policy-time-based", "type": "time", "logic": "POSITIVE", "decisionStrategy": "UNANIMOUS", "config": { "hourEnd": "18", "hour": "9" } }
- Parameters:
client_id (str) – id in ClientRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_clientrepresentation
payload (dict) – No Document
skip_exists (bool) – Skip creation in case the object exists
- Returns:
Keycloak server response
- Return type:
bytes
- create_client_authz_resource_based_permission(client_id, payload, skip_exists=False)[source]
Create resource-based permission of client.
Payload example:
payload={ "type": "resource", "logic": "POSITIVE", "decisionStrategy": "UNANIMOUS", "name": "Permission-Name", "resources": [ resource_id ], "policies": [ policy_id ]
- Parameters:
client_id (str) – id in ClientRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_clientrepresentation
payload (dict) – PolicyRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_policyrepresentation
skip_exists (bool) – Skip creation in case the object already exists
- Returns:
Keycloak server response
- Return type:
bytes
- get_client_authz_scopes(client_id)[source]
Get scopes from client.
- Parameters:
client_id (str) – id in ClientRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_clientrepresentation
- Returns:
Keycloak server response
- Return type:
list
- create_client_authz_scopes(client_id, payload)[source]
Create scopes for client.
- Parameters:
client_id (str) – id in ClientRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_clientrepresentation
payload (dict) – ScopeRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_ScopeRepresentation
- Returns:
Keycloak server response
- Return type:
bytes
- get_client_authz_permissions(client_id)[source]
Get permissions from client.
- Parameters:
client_id (str) – id in ClientRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_clientrepresentation
- Returns:
Keycloak server response
- Return type:
list
- get_client_authz_policies(client_id)[source]
Get policies from client.
- Parameters:
client_id (str) – id in ClientRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_clientrepresentation
- Returns:
Keycloak server response
- Return type:
list
- delete_client_authz_policy(client_id, policy_id)[source]
Delete a policy from client.
- Parameters:
client_id (str) – id in ClientRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_clientrepresentation
policy_id (str) – id in PolicyRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_policyrepresentation
- Returns:
Keycloak server response
- Return type:
dict
- get_client_authz_policy(client_id, policy_id)[source]
Get a policy from client.
- Parameters:
client_id (str) – id in ClientRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_clientrepresentation
policy_id (str) – id in PolicyRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_policyrepresentation
- Returns:
Keycloak server response
- Return type:
dict
- get_client_service_account_user(client_id)[source]
Get service account user from client.
- Parameters:
client_id (str) – id in ClientRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_clientrepresentation
- Returns:
UserRepresentation
- Return type:
dict
- get_client_default_client_scopes(client_id)[source]
Get all default client scopes from client.
- Parameters:
client_id (str) – id of the client in which the new default client scope should be added
- Returns:
list of client scopes with id and name
- Return type:
list
- add_client_default_client_scope(client_id, client_scope_id, payload)[source]
Add a client scope to the default client scopes from client.
Payload example:
payload={ "realm":"testrealm", "client":"aaaaaaaa-aaaa-aaaa-aaaa-aaaaaaaaaaaa", "clientScopeId":"bbbbbbbb-bbbb-bbbb-bbbb-bbbbbbbbbbbb" }
- Parameters:
client_id (str) – id of the client in which the new default client scope should be added
client_scope_id (str) – id of the new client scope that should be added
payload (dict) – dictionary with realm, client and clientScopeId
- Returns:
Http response
- Return type:
bytes
- delete_client_default_client_scope(client_id, client_scope_id)[source]
Delete a client scope from the default client scopes of the client.
- Parameters:
client_id (str) – id of the client in which the default client scope should be deleted
client_scope_id (str) – id of the client scope that should be deleted
- Returns:
list of client scopes with id and name
- Return type:
list
- get_client_optional_client_scopes(client_id)[source]
Get all optional client scopes from client.
- Parameters:
client_id (str) – id of the client in which the new optional client scope should be added
- Returns:
list of client scopes with id and name
- Return type:
list
- add_client_optional_client_scope(client_id, client_scope_id, payload)[source]
Add a client scope to the optional client scopes from client.
Payload example:
payload={ "realm":"testrealm", "client":"aaaaaaaa-aaaa-aaaa-aaaa-aaaaaaaaaaaa", "clientScopeId":"bbbbbbbb-bbbb-bbbb-bbbb-bbbbbbbbbbbb" }
- Parameters:
client_id (str) – id of the client in which the new optional client scope should be added
client_scope_id (str) – id of the new client scope that should be added
payload (dict) – dictionary with realm, client and clientScopeId
- Returns:
Http response
- Return type:
bytes
- delete_client_optional_client_scope(client_id, client_scope_id)[source]
Delete a client scope from the optional client scopes of the client.
- Parameters:
client_id (str) – id of the client in which the optional client scope should be deleted
client_scope_id (str) – id of the client scope that should be deleted
- Returns:
list of client scopes with id and name
- Return type:
list
- create_initial_access_token(count: int = 1, expiration: int = 1)[source]
Create an initial access token.
- Parameters:
count (int) – Number of clients that can be registered
expiration (int) – Days until expireation
- Returns:
initial access token
- Return type:
str
- create_client(payload, skip_exists=False)[source]
Create a client.
ClientRepresentation: https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_clientrepresentation
- Parameters:
skip_exists (bool) – If true then do not raise an error if client already exists
payload (dict) – ClientRepresentation
- Returns:
Client ID
- Return type:
str
- update_client(client_id, payload)[source]
Update a client.
- Parameters:
client_id (str) – Client id
payload (dict) – ClientRepresentation
- Returns:
Http response
- Return type:
bytes
- delete_client(client_id)[source]
Get representation of the client.
ClientRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_clientrepresentation
- Parameters:
client_id (str) – keycloak client id (not oauth client-id)
- Returns:
Keycloak server response (ClientRepresentation)
- Return type:
bytes
- get_client_installation_provider(client_id, provider_id)[source]
Get content for given installation provider.
Related documentation: https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_clients_resource
Possible provider_id list available in the ServerInfoRepresentation#clientInstallations https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_serverinforepresentation
- Parameters:
client_id (str) – Client id
provider_id (str) – provider id to specify response format
- Returns:
Installation providers
- Return type:
list
- get_realm_roles(brief_representation=True, search_text='')[source]
Get all roles for the realm or client.
RoleRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_rolerepresentation
- Parameters:
brief_representation (bool) – whether to omit role attributes in the response
search_text (str) – optional search text to limit the returned result.
- Returns:
Keycloak server response (RoleRepresentation)
- Return type:
list
- get_realm_role_groups(role_name, query=None, brief_representation=True)[source]
Get role groups of realm by role name.
- Parameters:
role_name (str) – Name of the role.
query (dict) – Additional Query parameters (see https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_parameters_226)
brief_representation (bool) – whether to omit role attributes in the response
- Returns:
Keycloak Server Response (GroupRepresentation)
- Return type:
list
- get_realm_role_members(role_name, query=None)[source]
Get role members of realm by role name.
- Parameters:
role_name (str) – Name of the role.
query (dict) – Additional Query parameters (see https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_roles_resource)
- Returns:
Keycloak Server Response (UserRepresentation)
- Return type:
list
- get_default_realm_role_id()[source]
Get the ID of the default realm role.
- Returns:
Realm role ID
- Return type:
str
- get_realm_default_roles()[source]
Get all the default realm roles.
- Returns:
Keycloak Server Response (UserRepresentation)
- Return type:
list
- remove_realm_default_roles(payload)[source]
Remove a set of default realm roles.
- Parameters:
payload (list) – List of RoleRepresentations
- Returns:
Keycloak Server Response
- Return type:
dict
- add_realm_default_roles(payload)[source]
Add a set of default realm roles.
- Parameters:
payload (list) – List of RoleRepresentations
- Returns:
Keycloak Server Response
- Return type:
dict
- get_client_roles(client_id, brief_representation=True)[source]
Get all roles for the client.
RoleRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_rolerepresentation
- Parameters:
client_id (str) – id of client (not client-id)
brief_representation (bool) – whether to omit role attributes in the response
- Returns:
Keycloak server response (RoleRepresentation)
- Return type:
list
- get_client_role(client_id, role_name)[source]
Get client role id by name.
This is required for further actions with this role.
RoleRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_rolerepresentation
- Parameters:
client_id (str) – id of client (not client-id)
role_name (str) – role’s name (not id!)
- Returns:
role_id
- Return type:
str
- get_client_role_id(client_id, role_name)[source]
Get client role id by name.
This is required for further actions with this role.
RoleRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_rolerepresentation
- Parameters:
client_id (str) – id of client (not client-id)
role_name (str) – role’s name (not id!)
- Returns:
role_id
- Return type:
str
- create_client_role(client_role_id, payload, skip_exists=False)[source]
Create a client role.
RoleRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_rolerepresentation
- Parameters:
client_role_id (str) – id of client (not client-id)
payload (dict) – RoleRepresentation
skip_exists (bool) – If true then do not raise an error if client role already exists
- Returns:
Client role name
- Return type:
str
- add_composite_client_roles_to_role(client_role_id, role_name, roles)[source]
Add composite roles to client role.
- Parameters:
client_role_id (str) – id of client (not client-id)
role_name (str) – The name of the role
roles (list) – roles list or role (use RoleRepresentation) to be updated
- Returns:
Keycloak server response
- Return type:
bytes
- remove_composite_client_roles_from_role(client_role_id, role_name, roles)[source]
Remove composite roles from a client role.
- Parameters:
client_role_id (str) – id of client (not client-id)
role_name (str) – The name of the role
roles (list) – roles list or role (use RoleRepresentation) to be removed
- Returns:
Keycloak server response
- Return type:
bytes
- update_client_role(client_id, role_name, payload)[source]
Update a client role.
RoleRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_rolerepresentation
- Parameters:
client_id (str) – id of client (not client-id)
role_name (str) – role’s name (not id!)
payload (dict) – RoleRepresentation
- Returns:
Keycloak server response
- Return type:
bytes
- delete_client_role(client_role_id, role_name)[source]
Delete a client role.
RoleRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_rolerepresentation
- Parameters:
client_role_id (str) – id of client (not client-id)
role_name (str) – role’s name (not id!)
- Returns:
Keycloak server response
- Return type:
bytes
- assign_client_role(user_id, client_id, roles)[source]
Assign a client role to a user.
- Parameters:
user_id (str) – id of user
client_id (str) – id of client (not client-id)
roles (list) – roles list or role (use RoleRepresentation)
- Returns:
Keycloak server response
- Return type:
bytes
- get_client_role_members(client_id, role_name, **query)[source]
Get members by client role.
- Parameters:
client_id (str) – The client id
role_name (str) – the name of role to be queried.
query (dict) – Additional query parameters (see https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_clients_resource)
- Returns:
Keycloak server response (UserRepresentation)
- Return type:
list
- get_client_role_groups(client_id, role_name, **query)[source]
Get group members by client role.
- Parameters:
client_id (str) – The client id
role_name (str) – the name of role to be queried.
query (dict) – Additional query parameters (see https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_clients_resource)
- Returns:
Keycloak server response
- Return type:
list
- get_role_by_id(role_id)[source]
Get a specific role’s representation.
RoleRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_rolerepresentation
- Parameters:
role_id (str) – id of role
- Returns:
Keycloak server response (RoleRepresentation)
- Return type:
bytes
- update_role_by_id(role_id, payload)[source]
Update the role.
RoleRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_rolerepresentation
- Parameters:
payload (dict) – RoleRepresentation
role_id (str) – id of role
- Returns:
Keycloak server response
- Return type:
bytes
- delete_role_by_id(role_id)[source]
Delete a role by its id.
RoleRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_rolerepresentation
- Parameters:
role_id (str) – id of role
- Returns:
Keycloak server response
- Return type:
bytes
- create_realm_role(payload, skip_exists=False)[source]
Create a new role for the realm or client.
- Parameters:
payload (dict) – The role (use RoleRepresentation)
skip_exists (bool) – If true then do not raise an error if realm role already exists
- Returns:
Realm role name
- Return type:
str
- get_realm_role(role_name)[source]
Get realm role by role name.
RoleRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_rolerepresentation
- Parameters:
role_name (str) – role’s name, not id!
- Returns:
role
- Return type:
dict
- get_realm_role_by_id(role_id: str)[source]
Get realm role by role id.
RoleRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_rolerepresentation
- Parameters:
role_id (str) – role’s id, not name!
- Returns:
role
- Return type:
dict
- update_realm_role(role_name, payload)[source]
Update a role for the realm by name.
- Parameters:
role_name (str) – The name of the role to be updated
payload (dict) – The role (use RoleRepresentation)
- Returns:
Keycloak server response
- Return type:
bytes
- delete_realm_role(role_name)[source]
Delete a role for the realm by name.
- Parameters:
role_name (str) – The role name
- Returns:
Keycloak server response
- Return type:
bytes
- add_composite_realm_roles_to_role(role_name, roles)[source]
Add composite roles to the role.
- Parameters:
role_name (str) – The name of the role
roles (list) – roles list or role (use RoleRepresentation) to be updated
- Returns:
Keycloak server response
- Return type:
bytes
- remove_composite_realm_roles_to_role(role_name, roles)[source]
Remove composite roles from the role.
- Parameters:
role_name (str) – The name of the role
roles (list) – roles list or role (use RoleRepresentation) to be removed
- Returns:
Keycloak server response
- Return type:
bytes
- get_composite_realm_roles_of_role(role_name)[source]
Get composite roles of the role.
- Parameters:
role_name (str) – The name of the role
- Returns:
Keycloak server response (array RoleRepresentation)
- Return type:
list
- assign_realm_roles_to_client_scope(client_id, roles)[source]
Assign realm roles to a client’s scope.
- Parameters:
client_id (str) – id of client (not client-id)
roles (list) – roles list or role (use RoleRepresentation)
- Returns:
Keycloak server response
- Return type:
dict
- delete_realm_roles_of_client_scope(client_id, roles)[source]
Delete realm roles of a client’s scope.
- Parameters:
client_id (str) – id of client (not client-id)
roles (list) – roles list or role (use RoleRepresentation)
- Returns:
Keycloak server response
- Return type:
dict
- get_realm_roles_of_client_scope(client_id)[source]
Get all realm roles for a client’s scope.
- Parameters:
client_id (str) – id of client (not client-id)
- Returns:
Keycloak server response (array RoleRepresentation)
- Return type:
dict
- assign_client_roles_to_client_scope(client_id, client_roles_owner_id, roles)[source]
Assign client roles to a client’s dedicated scope.
To assign roles to a client scope, use add_client_specific_roles_to_client_scope.
- Parameters:
client_id (str) – id of client (not client-id) who is assigned the roles
client_roles_owner_id (str) – id of client (not client-id) who has the roles
roles (list) – roles list or role (use RoleRepresentation)
- Returns:
Keycloak server response
- Return type:
dict
- delete_client_roles_of_client_scope(client_id, client_roles_owner_id, roles)[source]
Delete client roles of a client’s dedicated scope.
To delete roles from a client scope, use remove_client_specific_roles_of_client_scope.
- Parameters:
client_id (str) – id of client (not client-id) who is assigned the roles
client_roles_owner_id (str) – id of client (not client-id) who has the roles
roles (list) – roles list or role (use RoleRepresentation)
- Returns:
Keycloak server response
- Return type:
dict
- get_client_roles_of_client_scope(client_id, client_roles_owner_id)[source]
Get all client roles for a client’s dedicated scope.
To get roles for a client scope, use get_client_specific_roles_of_client_scope.
- Parameters:
client_id (str) – id of client (not client-id)
client_roles_owner_id (str) – id of client (not client-id) who has the roles
- Returns:
Keycloak server response (array RoleRepresentation)
- Return type:
dict
- assign_realm_roles(user_id, roles)[source]
Assign realm roles to a user.
- Parameters:
user_id (str) – id of user
roles (list) – roles list or role (use RoleRepresentation)
- Returns:
Keycloak server response
- Return type:
bytes
- delete_realm_roles_of_user(user_id, roles)[source]
Delete realm roles of a user.
- Parameters:
user_id (str) – id of user
roles (list) – roles list or role (use RoleRepresentation)
- Returns:
Keycloak server response
- Return type:
bytes
- get_realm_roles_of_user(user_id)[source]
Get all realm roles for a user.
- Parameters:
user_id (str) – id of user
- Returns:
Keycloak server response (array RoleRepresentation)
- Return type:
list
- get_available_realm_roles_of_user(user_id)[source]
Get all available (i.e. unassigned) realm roles for a user.
- Parameters:
user_id (str) – id of user
- Returns:
Keycloak server response (array RoleRepresentation)
- Return type:
list
- get_composite_realm_roles_of_user(user_id, brief_representation=True)[source]
Get all composite (i.e. implicit) realm roles for a user.
- Parameters:
user_id (str) – id of user
brief_representation (bool) – whether to omit role attributes in the response
- Returns:
Keycloak server response (array RoleRepresentation)
- Return type:
list
- assign_group_realm_roles(group_id, roles)[source]
Assign realm roles to a group.
- Parameters:
group_id (str) – id of group
roles (list) – roles list or role (use GroupRoleRepresentation)
- Returns:
Keycloak server response
- Return type:
bytes
- delete_group_realm_roles(group_id, roles)[source]
Delete realm roles of a group.
- Parameters:
group_id (str) – id of group
roles (list) – roles list or role (use GroupRoleRepresentation)
- Returns:
Keycloak server response
- Return type:
bytes
- get_group_realm_roles(group_id, brief_representation=True)[source]
Get all realm roles for a group.
- Parameters:
group_id (str) – id of the group
brief_representation (bool) – whether to omit role attributes in the response
- Returns:
Keycloak server response (array RoleRepresentation)
- Return type:
list
- assign_group_client_roles(group_id, client_id, roles)[source]
Assign client roles to a group.
- Parameters:
group_id (str) – id of group
client_id (str) – id of client (not client-id)
roles (list) – roles list or role (use GroupRoleRepresentation)
- Returns:
Keycloak server response
- Return type:
bytes
- get_group_client_roles(group_id, client_id)[source]
Get client roles of a group.
- Parameters:
group_id (str) – id of group
client_id (str) – id of client (not client-id)
- Returns:
Keycloak server response
- Return type:
list
- delete_group_client_roles(group_id, client_id, roles)[source]
Delete client roles of a group.
- Parameters:
group_id (str) – id of group
client_id (str) – id of client (not client-id)
roles (list) – roles list or role (use GroupRoleRepresentation)
- Returns:
Keycloak server response (array RoleRepresentation)
- Return type:
bytes
- get_all_roles_of_user(user_id)[source]
Get all level roles for a user.
- Parameters:
user_id (str) – id of user
- Returns:
Keycloak server response (array RoleRepresentation)
- Return type:
list
- get_client_roles_of_user(user_id, client_id)[source]
Get all client roles for a user.
- Parameters:
user_id (str) – id of user
client_id (str) – id of client (not client-id)
- Returns:
Keycloak server response (array RoleRepresentation)
- Return type:
list
- get_available_client_roles_of_user(user_id, client_id)[source]
Get available client role-mappings for a user.
- Parameters:
user_id (str) – id of user
client_id (str) – id of client (not client-id)
- Returns:
Keycloak server response (array RoleRepresentation)
- Return type:
list
- get_composite_client_roles_of_user(user_id, client_id, brief_representation=False)[source]
Get composite client role-mappings for a user.
- Parameters:
user_id (str) – id of user
client_id (str) – id of client (not client-id)
brief_representation (bool) – whether to omit attributes in the response
- Returns:
Keycloak server response (array RoleRepresentation)
- Return type:
list
- _get_client_roles_of_user(client_level_role_mapping_url, user_id, client_id, **params)[source]
Get client roles of a single user helper.
- Parameters:
client_level_role_mapping_url (str) – Url for the client role mapping
user_id (str) – User id
client_id (str) – Client id
params (dict) – Additional parameters
- Returns:
Client roles of a user
- Return type:
list
- delete_client_roles_of_user(user_id, client_id, roles)[source]
Delete client roles from a user.
- Parameters:
user_id (str) – id of user
client_id (str) – id of client containing role (not client-id)
roles (list) – roles list or role to delete (use RoleRepresentation)
- Returns:
Keycloak server response
- Return type:
bytes
- get_authentication_flows()[source]
Get authentication flows.
Returns all flow details
AuthenticationFlowRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_authenticationflowrepresentation
- Returns:
Keycloak server response (AuthenticationFlowRepresentation)
- Return type:
list
- get_authentication_flow_for_id(flow_id)[source]
Get one authentication flow by it’s id.
Returns all flow details
AuthenticationFlowRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_authenticationflowrepresentation
- Parameters:
flow_id (str) – the id of a flow NOT it’s alias
- Returns:
Keycloak server response (AuthenticationFlowRepresentation)
- Return type:
dict
- create_authentication_flow(payload, skip_exists=False)[source]
Create a new authentication flow.
AuthenticationFlowRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_authenticationflowrepresentation
- Parameters:
payload (dict) – AuthenticationFlowRepresentation
skip_exists (bool) – Do not raise an error if authentication flow already exists
- Returns:
Keycloak server response (RoleRepresentation)
- Return type:
bytes
- copy_authentication_flow(payload, flow_alias)[source]
Copy existing authentication flow under a new name.
The new name is given as ‘newName’ attribute of the passed payload.
- Parameters:
payload (dict) – JSON containing ‘newName’ attribute
flow_alias (str) – the flow alias
- Returns:
Keycloak server response (RoleRepresentation)
- Return type:
bytes
- delete_authentication_flow(flow_id)[source]
Delete authentication flow.
AuthenticationInfoRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_authenticationinforepresentation
- Parameters:
flow_id (str) – authentication flow id
- Returns:
Keycloak server response
- Return type:
bytes
- get_authentication_flow_executions(flow_alias)[source]
Get authentication flow executions.
Returns all execution steps
- Parameters:
flow_alias (str) – the flow alias
- Returns:
Response(json)
- Return type:
list
- update_authentication_flow_executions(payload, flow_alias)[source]
Update an authentication flow execution.
AuthenticationExecutionInfoRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_authenticationexecutioninforepresentation
- Parameters:
payload (dict) – AuthenticationExecutionInfoRepresentation
flow_alias (str) – The flow alias
- Returns:
Keycloak server response
- Return type:
bytes
- get_authentication_flow_execution(execution_id)[source]
Get authentication flow execution.
AuthenticationExecutionInfoRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_authenticationexecutioninforepresentation
- Parameters:
execution_id (str) – the execution ID
- Returns:
Response(json)
- Return type:
dict
- create_authentication_flow_execution(payload, flow_alias)[source]
Create an authentication flow execution.
AuthenticationExecutionInfoRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_authenticationexecutioninforepresentation
- Parameters:
payload (dict) – AuthenticationExecutionInfoRepresentation
flow_alias (str) – The flow alias
- Returns:
Keycloak server response
- Return type:
bytes
- delete_authentication_flow_execution(execution_id)[source]
Delete authentication flow execution.
AuthenticationExecutionInfoRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_authenticationexecutioninforepresentation
- Parameters:
execution_id (str) – keycloak client id (not oauth client-id)
- Returns:
Keycloak server response (json)
- Return type:
bytes
- create_authentication_flow_subflow(payload, flow_alias, skip_exists=False)[source]
Create a new sub authentication flow for a given authentication flow.
AuthenticationFlowRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_authenticationflowrepresentation
- Parameters:
payload (dict) – AuthenticationFlowRepresentation
flow_alias (str) – The flow alias
skip_exists (bool) – Do not raise an error if authentication flow already exists
- Returns:
Keycloak server response (RoleRepresentation)
- Return type:
bytes
- get_authenticator_providers()[source]
Get authenticator providers list.
- Returns:
Authenticator providers
- Return type:
list
- get_authenticator_provider_config_description(provider_id)[source]
Get authenticator’s provider configuration description.
AuthenticatorConfigInfoRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_authenticatorconfiginforepresentation
- Parameters:
provider_id (str) – Provider Id
- Returns:
AuthenticatorConfigInfoRepresentation
- Return type:
dict
- get_authenticator_config(config_id)[source]
Get authenticator configuration.
Returns all configuration details.
- Parameters:
config_id (str) – Authenticator config id
- Returns:
Response(json)
- Return type:
dict
- update_authenticator_config(payload, config_id)[source]
Update an authenticator configuration.
AuthenticatorConfigRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_authenticatorconfigrepresentation
- Parameters:
payload (dict) – AuthenticatorConfigRepresentation
config_id (str) – Authenticator config id
- Returns:
Response(json)
- Return type:
bytes
- delete_authenticator_config(config_id)[source]
Delete a authenticator configuration.
https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_authentication_management_resource
- Parameters:
config_id (str) – Authenticator config id
- Returns:
Keycloak server Response
- Return type:
bytes
- sync_users(storage_id, action)[source]
Trigger user sync from provider.
- Parameters:
storage_id (str) – The id of the user storage provider
action (str) – Action can be “triggerFullSync” or “triggerChangedUsersSync”
- Returns:
Keycloak server response
- Return type:
bytes
- get_client_scopes()[source]
Get client scopes.
Get representation of the client scopes for the realm where we are connected to https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_getclientscopes
- Returns:
Keycloak server response Array of (ClientScopeRepresentation)
- Return type:
list
- get_client_scope(client_scope_id)[source]
Get client scope.
Get representation of the client scopes for the realm where we are connected to https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_getclientscopes
- Parameters:
client_scope_id (str) – The id of the client scope
- Returns:
Keycloak server response (ClientScopeRepresentation)
- Return type:
dict
- get_client_scope_by_name(client_scope_name)[source]
Get client scope by name.
Get representation of the client scope identified by the client scope name.
https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_getclientscopes :param client_scope_name: (str) Name of the client scope :type client_scope_name: str :returns: ClientScopeRepresentation or None :rtype: dict
- create_client_scope(payload, skip_exists=False)[source]
Create a client scope.
ClientScopeRepresentation: https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_getclientscopes
- Parameters:
payload (dict) – ClientScopeRepresentation
skip_exists (bool) – If true then do not raise an error if client scope already exists
- Returns:
Client scope id
- Return type:
str
- update_client_scope(client_scope_id, payload)[source]
Update a client scope.
ClientScopeRepresentation: https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_client_scopes_resource
- Parameters:
client_scope_id (str) – The id of the client scope
payload (dict) – ClientScopeRepresentation
- Returns:
Keycloak server response (ClientScopeRepresentation)
- Return type:
bytes
- delete_client_scope(client_scope_id)[source]
Delete existing client scope.
ClientScopeRepresentation: https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_client_scopes_resource
- Parameters:
client_scope_id (str) – The id of the client scope
- Returns:
Keycloak server response
- Return type:
bytes
- get_mappers_from_client_scope(client_scope_id)[source]
Get a list of all mappers connected to the client scope.
https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_protocol_mappers_resource :param client_scope_id: Client scope id :type client_scope_id: str :returns: Keycloak server response (ProtocolMapperRepresentation) :rtype: list
- add_mapper_to_client_scope(client_scope_id, payload)[source]
Add a mapper to a client scope.
https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_create_mapper
- Parameters:
client_scope_id (str) – The id of the client scope
payload (dict) – ProtocolMapperRepresentation
- Returns:
Keycloak server Response
- Return type:
bytes
- delete_mapper_from_client_scope(client_scope_id, protocol_mapper_id)[source]
Delete a mapper from a client scope.
https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_delete_mapper
- Parameters:
client_scope_id (str) – The id of the client scope
protocol_mapper_id (str) – Protocol mapper id
- Returns:
Keycloak server Response
- Return type:
bytes
- update_mapper_in_client_scope(client_scope_id, protocol_mapper_id, payload)[source]
Update an existing protocol mapper in a client scope.
https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_protocol_mappers_resource
- Parameters:
client_scope_id (str) – The id of the client scope
protocol_mapper_id (str) – The id of the protocol mapper which exists in the client scope and should to be updated
payload (dict) – ProtocolMapperRepresentation
- Returns:
Keycloak server Response
- Return type:
bytes
- get_default_default_client_scopes()[source]
Get default default client scopes.
Return list of default default client scopes
- Returns:
Keycloak server response
- Return type:
list
- delete_default_default_client_scope(scope_id)[source]
Delete default default client scope.
- Parameters:
scope_id (str) – default default client scope id
- Returns:
Keycloak server response
- Return type:
list
- add_default_default_client_scope(scope_id)[source]
Add default default client scope.
- Parameters:
scope_id (str) – default default client scope id
- Returns:
Keycloak server response
- Return type:
bytes
- get_default_optional_client_scopes()[source]
Get default optional client scopes.
Return list of default optional client scopes
- Returns:
Keycloak server response
- Return type:
list
- delete_default_optional_client_scope(scope_id)[source]
Delete default optional client scope.
- Parameters:
scope_id (str) – default optional client scope id
- Returns:
Keycloak server response
- Return type:
bytes
- add_default_optional_client_scope(scope_id)[source]
Add default optional client scope.
- Parameters:
scope_id (str) – default optional client scope id
- Returns:
Keycloak server response
- Return type:
bytes
- add_client_specific_roles_to_client_scope(client_scope_id, client_roles_owner_id, roles)[source]
Assign client roles to a client scope.
To assign roles to a client’s dedicated scope, use assign_client_roles_to_client_scope.
- Parameters:
client_scope_id (str) – client scope id
client_roles_owner_id (str) – id of client (not client-id) who has the roles
roles (list) – roles list or role (use RoleRepresentation, must include id and name)
- Returns:
Keycloak server response
- Return type:
dict
- remove_client_specific_roles_of_client_scope(client_scope_id, client_roles_owner_id, roles)[source]
Delete client roles of a client scope.
To delete roles from a client’s dedicated scope, use delete_client_roles_of_client_scope.
- Parameters:
client_scope_id (str) – client scope id
client_roles_owner_id (str) – id of client (not client-id) who has the roles
roles (list) – roles list or role (use RoleRepresentation, must include id and name)
- Returns:
Keycloak server response
- Return type:
dict
- get_client_specific_roles_of_client_scope(client_scope_id, client_roles_owner_id)[source]
Get client roles for a client scope, for a specific client.
To get roles for a client’s dedicated scope, use get_client_roles_of_client_scope.
- Parameters:
client_scope_id (str) – client scope id
client_roles_owner_id (str) – id of client (not client-id) who has the roles
- Returns:
Keycloak server response (array RoleRepresentation)
- Return type:
dict
- get_all_roles_of_client_scope(client_scope_id)[source]
Get all client roles for a client scope.
To get roles for a client’s dedicated scope, use get_client_roles_of_client_scope.
- Parameters:
client_scope_id (str) – client scope id
- Returns:
Keycloak server response (array RoleRepresentation)
- Return type:
dict
- get_mappers_from_client(client_id)[source]
List of all client mappers.
https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_protocolmapperrepresentation
- Parameters:
client_id (str) – Client id
- Returns:
KeycloakServerResponse (list of ProtocolMapperRepresentation)
- Return type:
list
- add_mapper_to_client(client_id, payload)[source]
Add a mapper to a client.
https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_create_mapper
- Parameters:
client_id (str) – The id of the client
payload (dict) – ProtocolMapperRepresentation
- Returns:
Keycloak server Response
- Return type:
bytes
- update_client_mapper(client_id, mapper_id, payload)[source]
Update client mapper.
- Parameters:
client_id (str) – The id of the client
mapper_id (str) – The id of the mapper to be deleted
payload (dict) – ProtocolMapperRepresentation
- Returns:
Keycloak server response
- Return type:
bytes
- remove_client_mapper(client_id, client_mapper_id)[source]
Remove a mapper from the client.
https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_protocol_mappers_resource
- Parameters:
client_id (str) – The id of the client
client_mapper_id (str) – The id of the mapper to be deleted
- Returns:
Keycloak server response
- Return type:
bytes
- generate_client_secrets(client_id)[source]
Generate a new secret for the client.
https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_regeneratesecret
- Parameters:
client_id (str) – id of client (not client-id)
- Returns:
Keycloak server response (ClientRepresentation)
- Return type:
bytes
- get_client_secrets(client_id)[source]
Get representation of the client secrets.
https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_getclientsecret
- Parameters:
client_id (str) – id of client (not client-id)
- Returns:
Keycloak server response (ClientRepresentation)
- Return type:
list
- get_components(query=None)[source]
Get components.
Return a list of components, filtered according to query parameters
ComponentRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_componentrepresentation
- Parameters:
query (dict) – Query parameters (optional)
- Returns:
components list
- Return type:
list
- create_component(payload)[source]
Create a new component.
ComponentRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_componentrepresentation
- Parameters:
payload (dict) – ComponentRepresentation
- Returns:
Component id
- Return type:
str
- get_component(component_id)[source]
Get representation of the component.
- Parameters:
component_id – Component id
ComponentRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_componentrepresentation
- Parameters:
component_id (str) – Id of the component
- Returns:
ComponentRepresentation
- Return type:
dict
- update_component(component_id, payload)[source]
Update the component.
- Parameters:
component_id (str) – Component id
payload (dict) – ComponentRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_componentrepresentation
- Returns:
Http response
- Return type:
bytes
- delete_component(component_id)[source]
Delete the component.
- Parameters:
component_id (str) – Component id
- Returns:
Http response
- Return type:
bytes
- get_keys()[source]
Get keys.
Return a list of keys, filtered according to query parameters
KeysMetadataRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_key_resource
- Returns:
keys list
- Return type:
list
- get_admin_events(query=None)[source]
Get Administrative events.
Return a list of events, filtered according to query parameters
AdminEvents Representation array https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_getevents https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_get_adminrealmsrealmadmin_events
- Parameters:
query (dict) – Additional query parameters
- Returns:
events list
- Return type:
list
- get_events(query=None)[source]
Get events.
Return a list of events, filtered according to query parameters
EventRepresentation array https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_eventrepresentation
- Parameters:
query (dict) – Additional query parameters
- Returns:
events list
- Return type:
list
- set_events(payload)[source]
Set realm events configuration.
RealmEventsConfigRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_realmeventsconfigrepresentation
- Parameters:
payload (dict) – Payload object for the events configuration
- Returns:
Http response
- Return type:
bytes
- get_client_all_sessions(client_id)[source]
Get sessions associated with the client.
UserSessionRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_usersessionrepresentation
- Parameters:
client_id (str) – id of client
- Returns:
UserSessionRepresentation
- Return type:
list
- get_client_sessions_stats()[source]
Get current session count for all clients with active sessions.
https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_getclientsessionstats
- Returns:
Dict of clients and session count
- Return type:
dict
- get_client_management_permissions(client_id)[source]
Get management permissions for a client.
- Parameters:
client_id (str) – id in ClientRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_clientrepresentation
- Returns:
Keycloak server response
- Return type:
list
- update_client_management_permissions(payload, client_id)[source]
Update management permissions for a client.
ManagementPermissionReference https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_managementpermissionreference
Payload example:
payload={ "enabled": true }
- Parameters:
payload (dict) – ManagementPermissionReference
client_id (str) – id in ClientRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_clientrepresentation
- Returns:
Keycloak server response
- Return type:
bytes
- get_client_authz_policy_scopes(client_id, policy_id)[source]
Get scopes for a given policy.
- Parameters:
client_id (str) – id in ClientRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_clientrepresentation
policy_id (str) – No Document
- Returns:
Keycloak server response
- Return type:
list
- get_client_authz_policy_resources(client_id, policy_id)[source]
Get resources for a given policy.
- Parameters:
client_id (str) – id in ClientRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_clientrepresentation
policy_id (str) – No Document
- Returns:
Keycloak server response
- Return type:
list
- get_client_authz_scope_permission(client_id, scope_id)[source]
Get permissions for a given scope.
- Parameters:
client_id (str) – id in ClientRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_clientrepresentation
scope_id (str) – No Document
- Returns:
Keycloak server response
- Return type:
list
- create_client_authz_scope_permission(payload, client_id)[source]
Create permissions for a authz scope.
Payload example:
payload={ "name": "My Permission Name", "type": "scope", "logic": "POSITIVE", "decisionStrategy": "UNANIMOUS", "resources": [some_resource_id], "scopes": [some_scope_id], "policies": [some_policy_id], }
- Parameters:
payload (dict) – No Document
client_id (str) – id in ClientRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_clientrepresentation
- Returns:
Keycloak server response
- Return type:
bytes
- update_client_authz_scope_permission(payload, client_id, scope_id)[source]
Update permissions for a given scope.
Payload example:
payload={ "id": scope_id, "name": "My Permission Name", "type": "scope", "logic": "POSITIVE", "decisionStrategy": "UNANIMOUS", "resources": [some_resource_id], "scopes": [some_scope_id], "policies": [some_policy_id], }
- Parameters:
payload (dict) – No Document
client_id (str) – id in ClientRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_clientrepresentation
scope_id (str) – No Document
- Returns:
Keycloak server response
- Return type:
bytes
- update_client_authz_resource_permission(payload, client_id, resource_id)[source]
Update permissions for a given resource.
Payload example:
payload={ "id": resource_id, "name": "My Permission Name", "type": "resource", "logic": "POSITIVE", "decisionStrategy": "UNANIMOUS", "resources": [some_resource_id], "scopes": [], "policies": [some_policy_id], }
- Parameters:
payload (dict) – No Document
client_id (str) – id in ClientRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_clientrepresentation
resource_id (str) – No Document
- Returns:
Keycloak server response
- Return type:
bytes
- get_client_authz_client_policies(client_id)[source]
Get policies for a given client.
- Parameters:
client_id (str) – id in ClientRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_clientrepresentation
- Returns:
Keycloak server response (RoleRepresentation)
- Return type:
list
- get_client_authz_permission_associated_policies(client_id, policy_id)[source]
Get associated policies for a given client permission.
- Parameters:
client_id (str) – id in ClientRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_clientrepresentation
policy_id (str) – id in PolicyRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_policyrepresentation
- Returns:
Keycloak server response (RoleRepresentation)
- Return type:
list
- create_client_authz_client_policy(payload, client_id)[source]
Create a new policy for a given client.
Payload example:
payload={ "type": "client", "logic": "POSITIVE", "decisionStrategy": "UNANIMOUS", "name": "My Policy", "clients": [other_client_id], }
- Parameters:
payload (dict) – No Document
client_id (str) – id in ClientRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_clientrepresentation
- Returns:
Keycloak server response (RoleRepresentation)
- Return type:
bytes
- get_composite_client_roles_of_group(client_id, group_id, brief_representation=True)[source]
Get the composite client roles of the given group for the given client.
- Parameters:
client_id (str) – id of the client.
group_id (str) – id of the group.
brief_representation (bool) – whether to omit attributes in the response
- Returns:
the composite client roles of the group (list of RoleRepresentation).
- Return type:
list
- get_role_client_level_children(client_id, role_id)[source]
Get the child roles of which the given composite client role is composed of.
- Parameters:
client_id (str) – id of the client.
role_id (str) – id of the role.
- Returns:
the child roles (list of RoleRepresentation).
- Return type:
list
- upload_certificate(client_id, certcont)[source]
Upload a new certificate for the client.
- Parameters:
client_id (str) – id of the client.
certcont (str) – the content of the certificate.
- Returns:
dictionary {“certificate”: “<certcont>”}, where <certcont> is the content of the uploaded certificate.
- Return type:
dict
- get_required_action_by_alias(action_alias)[source]
Get a required action by its alias.
- Parameters:
action_alias (str) – the alias of the required action.
- Returns:
the required action (RequiredActionProviderRepresentation).
- Return type:
dict
- get_required_actions()[source]
Get the required actions for the realms.
- Returns:
the required actions (list of RequiredActionProviderRepresentation).
- Return type:
list
- update_required_action(action_alias, payload)[source]
Update a required action.
- Parameters:
action_alias (str) – the action alias.
payload (dict) – the new required action (RequiredActionProviderRepresentation).
- Returns:
empty dictionary.
- Return type:
dict
- get_bruteforce_detection_status(user_id)[source]
Get bruteforce detection status for user.
- Parameters:
user_id (str) – User id
- Returns:
Bruteforce status.
- Return type:
dict
- clear_bruteforce_attempts_for_user(user_id)[source]
Clear bruteforce attempts for user.
- Parameters:
user_id (str) – User id
- Returns:
empty dictionary.
- Return type:
dict
- clear_all_bruteforce_attempts()[source]
Clear bruteforce attempts for all users in realm.
- Returns:
empty dictionary.
- Return type:
dict
- async a___fetch_all(url, query=None)[source]
Paginate asynchronously over get requests .
Wrapper function to paginate GET requests.
- Parameters:
url (str) – The url on which the query is executed
query (dict) – Existing query parameters (optional)
- Returns:
Combined results of paginated queries
- Return type:
list
- async a___fetch_paginated(url, query=None)[source]
Make a specific paginated request asynchronously.
- Parameters:
url (str) – The url on which the query is executed
query (dict) – Pagination settings
- Returns:
Response
- Return type:
dict
- async a_get_current_realm() str [source]
Return the currently configured realm asynchronously.
- Returns:
Currently configured realm name
- Return type:
str
- async a_change_current_realm(realm_name: str) None [source]
Change the current realm asynchronously.
- Parameters:
realm_name (str) – The name of the realm to be configured as current
- async a_import_realm(payload)[source]
Import a new realm asynchronously from a RealmRepresentation.
Realm name must be unique.
RealmRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_realmrepresentation
- Parameters:
payload (dict) – RealmRepresentation
- Returns:
RealmRepresentation
- Return type:
dict
- async a_partial_import_realm(realm_name, payload)[source]
Partial import realm configuration asynchronously from PartialImportRepresentation.
Realm partialImport is used for modifying configuration of existing realm.
PartialImportRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/#_partialimportrepresentation
- Parameters:
realm_name (str) – Realm name (not the realm id)
payload (dict) – PartialImportRepresentation
- Returns:
PartialImportResponse
- Return type:
dict
- async a_export_realm(export_clients=False, export_groups_and_role=False)[source]
Export the realm configurations asynchronously in the json format.
RealmRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_partialexport
- Parameters:
export_clients (bool) – Skip if not want to export realm clients
export_groups_and_role (bool) – Skip if not want to export realm groups and roles
- Returns:
realm configurations JSON
- Return type:
dict
- async a_get_realms()[source]
List all realms in asynchronouslyKeycloak deployment.
- Returns:
realms list
- Return type:
list
- async a_get_realm(realm_name)[source]
Get a specific realm asynchronously.
RealmRepresentation: https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_realmrepresentation
- Parameters:
realm_name (str) – Realm name (not the realm id)
- Returns:
RealmRepresentation
- Return type:
dict
- async a_create_realm(payload, skip_exists=False)[source]
Create a realm asynchronously.
RealmRepresentation: https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_realmrepresentation
- Parameters:
payload (dict) – RealmRepresentation
skip_exists (bool) – Skip if Realm already exist.
- Returns:
Keycloak server response (RealmRepresentation)
- Return type:
dict
- async a_update_realm(realm_name, payload)[source]
Update a realm asynchronously.
This will only update top level attributes and will ignore any user, role, or client information in the payload.
RealmRepresentation: https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_realmrepresentation
- Parameters:
realm_name (str) – Realm name (not the realm id)
payload (dict) – RealmRepresentation
- Returns:
Http response
- Return type:
dict
- async a_delete_realm(realm_name)[source]
Delete a realm asynchronously.
- Parameters:
realm_name (str) – Realm name (not the realm id)
- Returns:
Http response
- Return type:
dict
- async a_get_users(query=None)[source]
Get all users asynchronously.
Return a list of users, filtered according to query parameters
UserRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_userrepresentation
- Parameters:
query (dict) – Query parameters (optional)
- Returns:
users list
- Return type:
list
- async a_create_idp(payload)[source]
Create an ID Provider asynchronously.
IdentityProviderRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_identityproviderrepresentation
- Param:
payload: IdentityProviderRepresentation
- Returns:
Keycloak server response
- Return type:
dict
- async a_update_idp(idp_alias, payload)[source]
Update an ID Provider asynchronously.
IdentityProviderRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_identity_providers_resource
- Param:
idp_alias: alias for IdP to update
- Param:
payload: The IdentityProviderRepresentation
- Returns:
Keycloak server response
- Return type:
dict
- async a_add_mapper_to_idp(idp_alias, payload)[source]
Create an ID Provider asynchronously.
IdentityProviderRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_identityprovidermapperrepresentation
- Param:
idp_alias: alias for Idp to add mapper in
- Param:
payload: IdentityProviderMapperRepresentation
- Returns:
Keycloak server response
- Return type:
dict
- async a_update_mapper_in_idp(idp_alias, mapper_id, payload)[source]
Update an IdP mapper asynchronously.
IdentityProviderMapperRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_update
- Param:
idp_alias: alias for Idp to fetch mappers
- Param:
mapper_id: Mapper Id to update
- Param:
payload: IdentityProviderMapperRepresentation
- Returns:
Http response
- Return type:
dict
- async a_get_idp_mappers(idp_alias)[source]
Get IDP mappers asynchronously.
Returns a list of ID Providers mappers
IdentityProviderMapperRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_getmappers
- Param:
idp_alias: alias for Idp to fetch mappers
- Returns:
array IdentityProviderMapperRepresentation
- Return type:
list
- async a_get_idps()[source]
Get IDPs asynchronously.
Returns a list of ID Providers,
IdentityProviderRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_identityproviderrepresentation
- Returns:
array IdentityProviderRepresentation
- Return type:
list
- async a_get_idp(idp_alias)[source]
Get IDP provider asynchronously.
Get the representation of a specific IDP Provider.
IdentityProviderRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_identityproviderrepresentation
- Param:
idp_alias: alias for IdP to get
- Returns:
IdentityProviderRepresentation
- Return type:
dict
- async a_delete_idp(idp_alias)[source]
Delete an ID Provider asynchronously.
- Param:
idp_alias: idp alias name
- Returns:
Keycloak server response
- Return type:
dict
- async a_create_user(payload, exist_ok=False)[source]
Create a new user asynchronously.
Username must be unique
UserRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_userrepresentation
- Parameters:
payload (dict) – UserRepresentation
exist_ok (bool) – If False, raise KeycloakGetError if username already exists. Otherwise, return existing user ID.
- Returns:
user_id
- Return type:
str
- async a_users_count(query=None)[source]
Count users asynchronously.
https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_users_resource
- Parameters:
query (dict) – (dict) Query parameters for users count
- Returns:
counter
- Return type:
int
- async a_get_user_id(username)[source]
Get internal keycloak user id from username asynchronously.
This is required for further actions against this user.
UserRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_userrepresentation
- Parameters:
username (str) – id in UserRepresentation
- Returns:
user_id
- Return type:
str
- async a_get_user(user_id)[source]
Get representation of the user asynchronously.
UserRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_userrepresentation
- Parameters:
user_id (str) – User id
- Returns:
UserRepresentation
- async a_get_user_groups(user_id, query=None, brief_representation=True)[source]
Get user groups asynchronously.
Returns a list of groups of which the user is a member
- Parameters:
user_id (str) – User id
query (dict) – Additional query options
brief_representation (bool) – whether to omit attributes in the response
- Returns:
user groups list
- Return type:
list
- async a_update_user(user_id, payload)[source]
Update the user asynchronously.
- Parameters:
user_id (str) – User id
payload (dict) – UserRepresentation
- Returns:
Http response
- Return type:
bytes
- async a_disable_user(user_id)[source]
Disable the user asynchronously from the realm. Disabled users can not log in.
- Parameters:
user_id (str) – User id
- Returns:
Http response
- Return type:
bytes
- async a_enable_user(user_id)[source]
Enable the user from the realm asynchronously.
- Parameters:
user_id (str) – User id
- Returns:
Http response
- Return type:
bytes
- async a_delete_user(user_id)[source]
Delete the user asynchronously.
- Parameters:
user_id (str) – User id
- Returns:
Http response
- Return type:
bytes
- async a_set_user_password(user_id, password, temporary=True)[source]
Set up a password for the user asynchronously.
If temporary is True, the user will have to reset the temporary password next time they log in.
https://www.keycloak.org/docs-api/24.0.2/rest-api/#_users_resource https://www.keycloak.org/docs-api/24.0.2/rest-api/#_credentialrepresentation
- Parameters:
user_id (str) – User id
password (str) – New password
temporary (bool) – True if password is temporary
- Returns:
Response
- Return type:
dict
- async a_get_credentials(user_id)[source]
Get user credentials asynchronously.
Returns a list of credential belonging to the user.
CredentialRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_credentialrepresentation
- Param:
user_id: user id
- Returns:
Keycloak server response (CredentialRepresentation)
- Return type:
dict
- async a_delete_credential(user_id, credential_id)[source]
Delete credential of the user asynchronously.
CredentialRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_credentialrepresentation
- Param:
user_id: user id
- Param:
credential_id: credential id
- Returns:
Keycloak server response (ClientRepresentation)
- Return type:
bytes
- async a_user_logout(user_id)[source]
Log out the user.
https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_logout
- Parameters:
user_id (str) – User id
- Returns:
Keycloak server response
- Return type:
bytes
- async a_user_consents(user_id)[source]
Get consents granted asynchronously by the user.
UserConsentRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_userconsentrepresentation
- Parameters:
user_id (str) – User id
- Returns:
List of UserConsentRepresentations
- Return type:
list
- async a_get_user_social_logins(user_id)[source]
Get user social logins asynchronously.
Returns a list of federated identities/social logins of which the user has been associated with :param user_id: User id :type user_id: str :returns: Federated identities list :rtype: list
- async a_add_user_social_login(user_id, provider_id, provider_userid, provider_username)[source]
Add a federated identity / social login provider asynchronously to the user.
- Parameters:
user_id (str) – User id
provider_id (str) – Social login provider id
provider_userid (str) – userid specified by the provider
provider_username (str) – username specified by the provider
- Returns:
Keycloak server response
- Return type:
bytes
- async a_delete_user_social_login(user_id, provider_id)[source]
Delete a federated identity / social login provider asynchronously from the user.
- Parameters:
user_id (str) – User id
provider_id (str) – Social login provider id
- Returns:
Keycloak server response
- Return type:
bytes
- async a_send_update_account(user_id, payload, client_id=None, lifespan=None, redirect_uri=None)[source]
Send an update account email to the user asynchronously.
An email contains a link the user can click to perform a set of required actions.
- Parameters:
user_id (str) – User id
payload (list) – A list of actions for the user to complete
client_id (str) – Client id (optional)
lifespan (int) – Number of seconds after which the generated token expires (optional)
redirect_uri (str) – The redirect uri (optional)
- Returns:
Keycloak server response
- Return type:
bytes
- async a_send_verify_email(user_id, client_id=None, redirect_uri=None)[source]
Send a update account email to the user asynchronously.
An email contains a link the user can click to perform a set of required actions.
- Parameters:
user_id (str) – User id
client_id (str) – Client id (optional)
redirect_uri (str) – Redirect uri (optional)
- Returns:
Keycloak server response
- Return type:
bytes
- async a_get_sessions(user_id)[source]
Get sessions associated with the user asynchronously.
UserSessionRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_usersessionrepresentation
- Parameters:
user_id (str) – Id of user
- Returns:
UserSessionRepresentation
- Return type:
dict
- async a_get_server_info()[source]
Get themes, social providers, etc. on this server asynchronously.
ServerInfoRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_serverinforepresentation
- Returns:
ServerInfoRepresentation
- Return type:
dict
- async a_get_groups(query=None, full_hierarchy=False)[source]
Get groups asynchronously.
Returns a list of groups belonging to the realm
GroupRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/#_grouprepresentation
Notice that when using full_hierarchy=True, the response will be a nested structure containing all the children groups. If used with query parameters, the full_hierarchy will be applied to the received groups only.
- Parameters:
query (dict) – Additional query options
full_hierarchy (bool) – If True, return all of the nested children groups, otherwise only the first level children are returned
- Returns:
array GroupRepresentation
- Return type:
list
- async a_get_group(group_id, full_hierarchy=False)[source]
Get group by id asynchronously.
Returns full group details
GroupRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/#_grouprepresentation
- Parameters:
group_id (str) – The group id
full_hierarchy (bool) – If True, return all of the nested children groups, otherwise only the first level children are returned
- Returns:
Keycloak server response (GroupRepresentation)
- Return type:
dict
- async a_get_subgroups(group, path)[source]
Get subgroups asynchronously.
Utility function to iterate through nested group structures
GroupRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/#_grouprepresentation
- Parameters:
group (dict) – group (GroupRepresentation)
path (str) – group path (string)
- Returns:
Keycloak server response (GroupRepresentation)
- Return type:
dict
- async a_get_group_children(group_id, query=None, full_hierarchy=False)[source]
Get group children by parent id asynchronously.
Returns full group children details
- Parameters:
group_id (str) – The parent group id
query (dict) – Additional query options
full_hierarchy (bool) – If True, return all of the nested children groups
- Returns:
Keycloak server response (GroupRepresentation)
- Return type:
dict
- Raises:
ValueError – If both query and full_hierarchy parameters are used
- async a_get_group_members(group_id, query=None)[source]
Get members by group id asynchronously.
Returns group members
GroupRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/#_userrepresentation
- Parameters:
group_id (str) – The group id
query (dict) – Additional query parameters (see https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_getmembers)
- Returns:
Keycloak server response (UserRepresentation)
- Return type:
list
- async a_get_group_by_path(path)[source]
Get group id based on name or path asynchronously .
Returns full group details for a group defined by path
GroupRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/#_grouprepresentation
- Parameters:
path (str) – group path
- Returns:
Keycloak server response (GroupRepresentation)
- Return type:
dict
- async a_create_group(payload, parent=None, skip_exists=False)[source]
Create a group in the Realm asynchronously.
GroupRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/#_grouprepresentation
- Parameters:
payload (dict) – GroupRepresentation
parent (str) – parent group’s id. Required to create a sub-group.
skip_exists (bool) – If true then do not raise an error if it already exists
- Returns:
Group id for newly created group or None for an existing group
- Return type:
str
- async a_update_group(group_id, payload)[source]
Update group, ignores subgroups asynchronously.
GroupRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/#_grouprepresentation
- Parameters:
group_id (str) – id of group
payload (dict) – GroupRepresentation with updated information.
- Returns:
Http response
- Return type:
bytes
- async a_groups_count(query=None)[source]
Count groups asynchronously.
https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_groups
- Parameters:
query (dict) – (dict) Query parameters for groups count
- Returns:
Keycloak Server Response
- Return type:
dict
- async a_group_set_permissions(group_id, enabled=True)[source]
Enable/Disable permissions for a group asynchronously.
Cannot delete group if disabled
- Parameters:
group_id (str) – id of group
enabled (bool) – Enabled flag
- Returns:
Keycloak server response
- Return type:
bytes
- async a_group_user_add(user_id, group_id)[source]
Add user to group (user_id and group_id) asynchronously.
- Parameters:
user_id (str) – id of user
group_id (str) – id of group to add to
- Returns:
Keycloak server response
- Return type:
bytes
- async a_group_user_remove(user_id, group_id)[source]
Remove user from group (user_id and group_id) asynchronously.
- Parameters:
user_id (str) – id of user
group_id (str) – id of group to remove from
- Returns:
Keycloak server response
- Return type:
bytes
- async a_delete_group(group_id)[source]
Delete a group in the Realm asynchronously.
- Parameters:
group_id (str) – id of group to delete
- Returns:
Keycloak server response
- Return type:
bytes
- async a_get_clients()[source]
Get clients asynchronously.
Returns a list of clients belonging to the realm
ClientRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_clientrepresentation
- Returns:
Keycloak server response (ClientRepresentation)
- Return type:
list
- async a_get_client(client_id)[source]
Get representation of the client asynchronously.
ClientRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_clientrepresentation
- Parameters:
client_id (str) – id of client (not client-id)
- Returns:
Keycloak server response (ClientRepresentation)
- Return type:
dict
- async a_get_client_id(client_id)[source]
Get internal keycloak client id from client-id asynchronously.
This is required for further actions against this client.
- Parameters:
client_id (str) – clientId in ClientRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_clientrepresentation
- Returns:
client_id (uuid as string)
- Return type:
str
- async a_get_client_authz_settings(client_id)[source]
Get authorization json from client asynchronously.
- Parameters:
client_id (str) – id in ClientRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_clientrepresentation
- Returns:
Keycloak server response
- Return type:
dict
- async a_create_client_authz_resource(client_id, payload, skip_exists=False)[source]
Create resources of client asynchronously.
- Parameters:
client_id (str) – id in ClientRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_clientrepresentation
payload (dict) – ResourceRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_resourcerepresentation
skip_exists (bool) – Skip the creation in case the resource exists
- Returns:
Keycloak server response
- Return type:
bytes
- async a_update_client_authz_resource(client_id, resource_id, payload)[source]
Update resource of client asynchronously.
Any parameter missing from the ResourceRepresentation in the payload WILL be set to default by the Keycloak server.
- Parameters:
client_id (str) – id in ClientRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_clientrepresentation
payload (dict) – ResourceRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_resourcerepresentation
client_id – id in ClientRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_clientrepresentation
resource_id (str) – id in ResourceRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_resourcerepresentation
- Returns:
Keycloak server response
- Return type:
bytes
- async a_delete_client_authz_resource(client_id: str, resource_id: str)[source]
Delete a client resource asynchronously.
- Parameters:
client_id (str) – id in ClientRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_clientrepresentation
resource_id (str) – id in ResourceRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_resourcerepresentation
- Returns:
Keycloak server response
- Return type:
bytes
- async a_get_client_authz_resources(client_id)[source]
Get resources from client asynchronously.
- Parameters:
client_id (str) – id in ClientRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_clientrepresentation
- Returns:
Keycloak server response (ResourceRepresentation)
- Return type:
list
- async a_get_client_authz_resource(client_id: str, resource_id: str)[source]
Get a client resource asynchronously.
- Parameters:
client_id (str) – id in ClientRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_clientrepresentation
resource_id (str) – id in ResourceRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_resourcerepresentation
- Returns:
Keycloak server response (ResourceRepresentation)
- Return type:
dict
- async a_create_client_authz_role_based_policy(client_id, payload, skip_exists=False)[source]
Create role-based policy of client asynchronously.
Payload example:
payload={ "type": "role", "logic": "POSITIVE", "decisionStrategy": "UNANIMOUS", "name": "Policy-1", "roles": [ { "id": id } ] }
- Parameters:
client_id (str) – id in ClientRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_clientrepresentation
payload (dict) – No Document
skip_exists (bool) – Skip creation in case the object exists
- Returns:
Keycloak server response
- Return type:
bytes
- async a_create_client_authz_policy(client_id, payload, skip_exists=False)[source]
Create an authz policy of client asynchronously.
Payload example:
payload={ "name": "Policy-time-based", "type": "time", "logic": "POSITIVE", "decisionStrategy": "UNANIMOUS", "config": { "hourEnd": "18", "hour": "9" } }
- Parameters:
client_id (str) – id in ClientRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_clientrepresentation
payload (dict) – No Document
skip_exists (bool) – Skip creation in case the object exists
- Returns:
Keycloak server response
- Return type:
bytes
- async a_create_client_authz_resource_based_permission(client_id, payload, skip_exists=False)[source]
Create resource-based permission of client asynchronously.
Payload example:
payload={ "type": "resource", "logic": "POSITIVE", "decisionStrategy": "UNANIMOUS", "name": "Permission-Name", "resources": [ resource_id ], "policies": [ policy_id ]
- Parameters:
client_id (str) – id in ClientRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_clientrepresentation
payload (dict) – PolicyRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_policyrepresentation
skip_exists (bool) – Skip creation in case the object already exists
- Returns:
Keycloak server response
- Return type:
bytes
- async a_get_client_authz_scopes(client_id)[source]
Get scopes from client asynchronously.
- Parameters:
client_id (str) – id in ClientRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_clientrepresentation
- Returns:
Keycloak server response
- Return type:
list
- async a_create_client_authz_scopes(client_id, payload)[source]
Create scopes for client asynchronously.
- Parameters:
client_id (str) – id in ClientRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_clientrepresentation
payload (dict) – ScopeRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_ScopeRepresentation
- Returns:
Keycloak server response
- Return type:
bytes
- async a_get_client_authz_permissions(client_id)[source]
Get permissions from client asynchronously.
- Parameters:
client_id (str) – id in ClientRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_clientrepresentation
- Returns:
Keycloak server response
- Return type:
list
- async a_get_client_authz_policies(client_id)[source]
Get policies from client asynchronously.
- Parameters:
client_id (str) – id in ClientRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_clientrepresentation
- Returns:
Keycloak server response
- Return type:
list
- async a_delete_client_authz_policy(client_id, policy_id)[source]
Delete a policy from client asynchronously.
- Parameters:
client_id (str) – id in ClientRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_clientrepresentation
policy_id (str) – id in PolicyRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_policyrepresentation
- Returns:
Keycloak server response
- Return type:
dict
- async a_get_client_authz_policy(client_id, policy_id)[source]
Get a policy from client asynchronously.
- Parameters:
client_id (str) – id in ClientRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_clientrepresentation
policy_id (str) – id in PolicyRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_policyrepresentation
- Returns:
Keycloak server response
- Return type:
dict
- async a_get_client_service_account_user(client_id)[source]
Get service account user from client asynchronously.
- Parameters:
client_id (str) – id in ClientRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_clientrepresentation
- Returns:
UserRepresentation
- Return type:
dict
- async a_get_client_default_client_scopes(client_id)[source]
Get all default client scopes from client asynchronously.
- Parameters:
client_id (str) – id of the client in which the new default client scope should be added
- Returns:
list of client scopes with id and name
- Return type:
list
- async a_add_client_default_client_scope(client_id, client_scope_id, payload)[source]
Add a client scope to the default client scopes from client asynchronously.
Payload example:
payload={ "realm":"testrealm", "client":"aaaaaaaa-aaaa-aaaa-aaaa-aaaaaaaaaaaa", "clientScopeId":"bbbbbbbb-bbbb-bbbb-bbbb-bbbbbbbbbbbb" }
- Parameters:
client_id (str) – id of the client in which the new default client scope should be added
client_scope_id (str) – id of the new client scope that should be added
payload (dict) – dictionary with realm, client and clientScopeId
- Returns:
Http response
- Return type:
bytes
- async a_delete_client_default_client_scope(client_id, client_scope_id)[source]
Delete a client scope from the default client scopes of the client asynchronously.
- Parameters:
client_id (str) – id of the client in which the default client scope should be deleted
client_scope_id (str) – id of the client scope that should be deleted
- Returns:
list of client scopes with id and name
- Return type:
list
- async a_get_client_optional_client_scopes(client_id)[source]
Get all optional client scopes from client asynchronously.
- Parameters:
client_id (str) – id of the client in which the new optional client scope should be added
- Returns:
list of client scopes with id and name
- Return type:
list
- async a_add_client_optional_client_scope(client_id, client_scope_id, payload)[source]
Add a client scope to the optional client scopes from client asynchronously.
Payload example:
payload={ "realm":"testrealm", "client":"aaaaaaaa-aaaa-aaaa-aaaa-aaaaaaaaaaaa", "clientScopeId":"bbbbbbbb-bbbb-bbbb-bbbb-bbbbbbbbbbbb" }
- Parameters:
client_id (str) – id of the client in which the new optional client scope should be added
client_scope_id (str) – id of the new client scope that should be added
payload (dict) – dictionary with realm, client and clientScopeId
- Returns:
Http response
- Return type:
bytes
- async a_delete_client_optional_client_scope(client_id, client_scope_id)[source]
Delete a client scope from the optional client scopes of the client asynchronously.
- Parameters:
client_id (str) – id of the client in which the optional client scope should be deleted
client_scope_id (str) – id of the client scope that should be deleted
- Returns:
list of client scopes with id and name
- Return type:
list
- async a_create_initial_access_token(count: int = 1, expiration: int = 1)[source]
Create an initial access token asynchronously.
- Parameters:
count (int) – Number of clients that can be registered
expiration (int) – Days until expireation
- Returns:
initial access token
- Return type:
str
- async a_create_client(payload, skip_exists=False)[source]
Create a client asynchronously.
ClientRepresentation: https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_clientrepresentation
- Parameters:
skip_exists (bool) – If true then do not raise an error if client already exists
payload (dict) – ClientRepresentation
- Returns:
Client ID
- Return type:
str
- async a_update_client(client_id, payload)[source]
Update a client asynchronously.
- Parameters:
client_id (str) – Client id
payload (dict) – ClientRepresentation
- Returns:
Http response
- Return type:
bytes
- async a_delete_client(client_id)[source]
Get representation of the client asynchronously.
ClientRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_clientrepresentation
- Parameters:
client_id (str) – keycloak client id (not oauth client-id)
- Returns:
Keycloak server response (ClientRepresentation)
- Return type:
bytes
- async a_get_client_installation_provider(client_id, provider_id)[source]
Get content for given installation provider asynchronously.
Related documentation: https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_clients_resource
Possible provider_id list available in the ServerInfoRepresentation#clientInstallations https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_serverinforepresentation
- Parameters:
client_id (str) – Client id
provider_id (str) – provider id to specify response format
- Returns:
Installation providers
- Return type:
list
- async a_get_realm_roles(brief_representation=True, search_text='')[source]
Get all roles for the realm or client asynchronously.
RoleRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_rolerepresentation
- Parameters:
brief_representation (bool) – whether to omit role attributes in the response
search_text (str) – optional search text to limit the returned result.
- Returns:
Keycloak server response (RoleRepresentation)
- Return type:
list
- async a_get_realm_role_groups(role_name, query=None, brief_representation=True)[source]
Get role groups of realm by role name asynchronously.
- Parameters:
role_name (str) – Name of the role.
query (dict) – Additional Query parameters (see https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_parameters_226)
brief_representation (bool) – whether to omit role attributes in the response
- Returns:
Keycloak Server Response (GroupRepresentation)
- Return type:
list
- async a_get_realm_role_members(role_name, query=None)[source]
Get role members of realm by role name asynchronously.
- Parameters:
role_name (str) – Name of the role.
query (dict) – Additional Query parameters (see https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_roles_resource)
- Returns:
Keycloak Server Response (UserRepresentation)
- Return type:
list
- async a_get_default_realm_role_id()[source]
Get the ID of the default realm role asynchronously.
- Returns:
Realm role ID
- Return type:
str
- async a_get_realm_default_roles()[source]
Get all the default realm roles asyncho asynchronously.
- Returns:
Keycloak Server Response (UserRepresentation)
- Return type:
list
- async a_remove_realm_default_roles(payload)[source]
Remove a set of default realm roles asynchronously.
- Parameters:
payload (list) – List of RoleRepresentations
- Returns:
Keycloak Server Response
- Return type:
dict
- async a_add_realm_default_roles(payload)[source]
Add a set of default realm roles asynchronously.
- Parameters:
payload (list) – List of RoleRepresentations
- Returns:
Keycloak Server Response
- Return type:
dict
- async a_get_client_roles(client_id, brief_representation=True)[source]
Get all roles for the client asynchronously.
RoleRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_rolerepresentation
- Parameters:
client_id (str) – id of client (not client-id)
brief_representation (bool) – whether to omit role attributes in the response
- Returns:
Keycloak server response (RoleRepresentation)
- Return type:
list
- async a_get_client_role(client_id, role_name)[source]
Get client role id by name asynchronously.
This is required for further actions with this role.
RoleRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_rolerepresentation
- Parameters:
client_id (str) – id of client (not client-id)
role_name (str) – role’s name (not id!)
- Returns:
role_id
- Return type:
str
- async a_get_client_role_id(client_id, role_name)[source]
Get client role id by name asynchronously.
This is required for further actions with this role.
RoleRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_rolerepresentation
- Parameters:
client_id (str) – id of client (not client-id)
role_name (str) – role’s name (not id!)
- Returns:
role_id
- Return type:
str
- async a_create_client_role(client_role_id, payload, skip_exists=False)[source]
Create a client role asynchronously.
RoleRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_rolerepresentation
- Parameters:
client_role_id (str) – id of client (not client-id)
payload (dict) – RoleRepresentation
skip_exists (bool) – If true then do not raise an error if client role already exists
- Returns:
Client role name
- Return type:
str
- async a_add_composite_client_roles_to_role(client_role_id, role_name, roles)[source]
Add composite roles to client role asynchronously.
- Parameters:
client_role_id (str) – id of client (not client-id)
role_name (str) – The name of the role
roles (list) – roles list or role (use RoleRepresentation) to be updated
- Returns:
Keycloak server response
- Return type:
bytes
- async a_remove_composite_client_roles_from_role(client_role_id, role_name, roles)[source]
Remove composite roles from a client role asynchronously.
- Parameters:
client_role_id (str) – id of client (not client-id)
role_name (str) – The name of the role
roles (list) – roles list or role (use RoleRepresentation) to be removed
- Returns:
Keycloak server response
- Return type:
bytes
- async a_update_client_role(client_id, role_name, payload)[source]
Update a client role asynchronously.
RoleRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_rolerepresentation
- Parameters:
client_id (str) – id of client (not client-id)
role_name (str) – role’s name (not id!)
payload (dict) – RoleRepresentation
- Returns:
Keycloak server response
- Return type:
bytes
- async a_delete_client_role(client_role_id, role_name)[source]
Delete a client role asynchronously.
RoleRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_rolerepresentation
- Parameters:
client_role_id (str) – id of client (not client-id)
role_name (str) – role’s name (not id!)
- Returns:
Keycloak server response
- Return type:
bytes
- async a_assign_client_role(user_id, client_id, roles)[source]
Assign a client role to a user asynchronously.
- Parameters:
user_id (str) – id of user
client_id (str) – id of client (not client-id)
roles (list) – roles list or role (use RoleRepresentation)
- Returns:
Keycloak server response
- Return type:
bytes
- async a_get_client_role_members(client_id, role_name, **query)[source]
Get members by client role asynchronously.
- Parameters:
client_id (str) – The client id
role_name (str) – the name of role to be queried.
query (dict) – Additional query parameters (see https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_clients_resource)
- Returns:
Keycloak server response (UserRepresentation)
- Return type:
list
- async a_get_client_role_groups(client_id, role_name, **query)[source]
Get group members by client role asynchronously.
- Parameters:
client_id (str) – The client id
role_name (str) – the name of role to be queried.
query (dict) – Additional query parameters (see https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_clients_resource)
- Returns:
Keycloak server response
- Return type:
list
- async a_get_role_by_id(role_id)[source]
Get a specific role’s representation asynchronously.
RoleRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_rolerepresentation
- Parameters:
role_id (str) – id of role
- Returns:
Keycloak server response (RoleRepresentation)
- Return type:
bytes
- async a_update_role_by_id(role_id, payload)[source]
Update the role asynchronously.
RoleRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_rolerepresentation
- Parameters:
payload (dict) – RoleRepresentation
role_id (str) – id of role
- Returns:
Keycloak server response
- Return type:
bytes
- async a_delete_role_by_id(role_id)[source]
Delete a role by its id asynchronously.
RoleRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_rolerepresentation
- Parameters:
role_id (str) – id of role
- Returns:
Keycloak server response
- Return type:
bytes
- async a_create_realm_role(payload, skip_exists=False)[source]
Create a new role for the realm or client asynchronously.
- Parameters:
payload (dict) – The role (use RoleRepresentation)
skip_exists (bool) – If true then do not raise an error if realm role already exists
- Returns:
Realm role name
- Return type:
str
- async a_get_realm_role(role_name)[source]
Get realm role by role name asynchronously.
RoleRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_rolerepresentation
- Parameters:
role_name (str) – role’s name, not id!
- Returns:
role
- Return type:
dict
- async a_get_realm_role_by_id(role_id: str)[source]
Get realm role by role id.
RoleRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_rolerepresentation
- Parameters:
role_id (str) – role’s id, not name!
- Returns:
role
- Return type:
dict
- async a_update_realm_role(role_name, payload)[source]
Update a role for the realm by name asynchronously.
- Parameters:
role_name (str) – The name of the role to be updated
payload (dict) – The role (use RoleRepresentation)
- Returns:
Keycloak server response
- Return type:
bytes
- async a_delete_realm_role(role_name)[source]
Delete a role for the realm by name asynchronously.
- Parameters:
role_name (str) – The role name
- Returns:
Keycloak server response
- Return type:
bytes
- async a_add_composite_realm_roles_to_role(role_name, roles)[source]
Add composite roles to the role asynchronously.
- Parameters:
role_name (str) – The name of the role
roles (list) – roles list or role (use RoleRepresentation) to be updated
- Returns:
Keycloak server response
- Return type:
bytes
- async a_remove_composite_realm_roles_to_role(role_name, roles)[source]
Remove composite roles from the role asynchronously.
- Parameters:
role_name (str) – The name of the role
roles (list) – roles list or role (use RoleRepresentation) to be removed
- Returns:
Keycloak server response
- Return type:
bytes
- async a_get_composite_realm_roles_of_role(role_name)[source]
Get composite roles of the role asynchronously.
- Parameters:
role_name (str) – The name of the role
- Returns:
Keycloak server response (array RoleRepresentation)
- Return type:
list
- async a_assign_realm_roles_to_client_scope(client_id, roles)[source]
Assign realm roles to a client’s scope asynchronously.
- Parameters:
client_id (str) – id of client (not client-id)
roles (list) – roles list or role (use RoleRepresentation)
- Returns:
Keycloak server response
- Return type:
dict
- async a_delete_realm_roles_of_client_scope(client_id, roles)[source]
Delete realm roles of a client’s scope asynchronously.
- Parameters:
client_id (str) – id of client (not client-id)
roles (list) – roles list or role (use RoleRepresentation)
- Returns:
Keycloak server response
- Return type:
dict
- async a_get_realm_roles_of_client_scope(client_id)[source]
Get all realm roles for a client’s scope.
- Parameters:
client_id (str) – id of client (not client-id)
- Returns:
Keycloak server response (array RoleRepresentation)
- Return type:
dict
- async a_assign_client_roles_to_client_scope(client_id, client_roles_owner_id, roles)[source]
Assign client roles to a client’s dedicated scope asynchronously.
To assign roles to a client scope, use a_add_client_specific_roles_to_client_scope.
- Parameters:
client_id (str) – id of client (not client-id) who is assigned the roles
client_roles_owner_id (str) – id of client (not client-id) who has the roles
roles (list) – roles list or role (use RoleRepresentation)
- Returns:
Keycloak server response
- Return type:
dict
- async a_delete_client_roles_of_client_scope(client_id, client_roles_owner_id, roles)[source]
Delete client roles of a client’s dedicated scope asynchronously.
To remove roles from a client scope, use a_remove_client_specific_roles_of_client_scope.
- Parameters:
client_id (str) – id of client (not client-id) who is assigned the roles
client_roles_owner_id (str) – id of client (not client-id) who has the roles
roles (list) – roles list or role (use RoleRepresentation)
- Returns:
Keycloak server response
- Return type:
dict
- async a_get_client_roles_of_client_scope(client_id, client_roles_owner_id)[source]
Get all client roles for a client’s scope asynchronously.
To get roles from a client scope, use a_get_client_roles_of_client_scope.
- Parameters:
client_id (str) – id of client (not client-id)
client_roles_owner_id (str) – id of client (not client-id) who has the roles
- Returns:
Keycloak server response (array RoleRepresentation)
- Return type:
dict
- async a_assign_realm_roles(user_id, roles)[source]
Assign realm roles to a user asynchronously.
- Parameters:
user_id (str) – id of user
roles (list) – roles list or role (use RoleRepresentation)
- Returns:
Keycloak server response
- Return type:
bytes
- async a_delete_realm_roles_of_user(user_id, roles)[source]
Delete realm roles of a user asynchronously.
- Parameters:
user_id (str) – id of user
roles (list) – roles list or role (use RoleRepresentation)
- Returns:
Keycloak server response
- Return type:
bytes
- async a_get_realm_roles_of_user(user_id)[source]
Get all realm roles for a user asynchronously.
- Parameters:
user_id (str) – id of user
- Returns:
Keycloak server response (array RoleRepresentation)
- Return type:
list
- async a_get_available_realm_roles_of_user(user_id)[source]
Get all available (i.e. unassigned) realm roles for a user asynchronously.
- Parameters:
user_id (str) – id of user
- Returns:
Keycloak server response (array RoleRepresentation)
- Return type:
list
- async a_get_composite_realm_roles_of_user(user_id, brief_representation=True)[source]
Get all composite (i.e. implicit) realm roles for a user asynchronously.
- Parameters:
user_id (str) – id of user
brief_representation (bool) – whether to omit role attributes in the response
- Returns:
Keycloak server response (array RoleRepresentation)
- Return type:
list
- async a_assign_group_realm_roles(group_id, roles)[source]
Assign realm roles to a group asynchronously.
- Parameters:
group_id (str) – id of group
roles (list) – roles list or role (use GroupRoleRepresentation)
- Returns:
Keycloak server response
- Return type:
bytes
- async a_delete_group_realm_roles(group_id, roles)[source]
Delete realm roles of a group asynchronously.
- Parameters:
group_id (str) – id of group
roles (list) – roles list or role (use GroupRoleRepresentation)
- Returns:
Keycloak server response
- Return type:
bytes
- async a_get_group_realm_roles(group_id, brief_representation=True)[source]
Get all realm roles for a group asynchronously.
- Parameters:
group_id (str) – id of the group
brief_representation (bool) – whether to omit role attributes in the response
- Returns:
Keycloak server response (array RoleRepresentation)
- Return type:
list
- async a_assign_group_client_roles(group_id, client_id, roles)[source]
Assign client roles to a group asynchronously.
- Parameters:
group_id (str) – id of group
client_id (str) – id of client (not client-id)
roles (list) – roles list or role (use GroupRoleRepresentation)
- Returns:
Keycloak server response
- Return type:
bytes
- async a_get_group_client_roles(group_id, client_id)[source]
Get client roles of a group asynchronously.
- Parameters:
group_id (str) – id of group
client_id (str) – id of client (not client-id)
- Returns:
Keycloak server response
- Return type:
list
- async a_delete_group_client_roles(group_id, client_id, roles)[source]
Delete client roles of a group asynchronously.
- Parameters:
group_id (str) – id of group
client_id (str) – id of client (not client-id)
roles (list) – roles list or role (use GroupRoleRepresentation)
- Returns:
Keycloak server response (array RoleRepresentation)
- Return type:
bytes
- async a_get_all_roles_of_user(user_id)[source]
Get all level roles for a user asynchronously.
- Parameters:
user_id (str) – id of user
- Returns:
Keycloak server response (array RoleRepresentation)
- Return type:
list
- async a_get_client_roles_of_user(user_id, client_id)[source]
Get all client roles for a user asynchronously.
- Parameters:
user_id (str) – id of user
client_id (str) – id of client (not client-id)
- Returns:
Keycloak server response (array RoleRepresentation)
- Return type:
list
- async a_get_available_client_roles_of_user(user_id, client_id)[source]
Get available client role-mappings for a user asynchronously.
- Parameters:
user_id (str) – id of user
client_id (str) – id of client (not client-id)
- Returns:
Keycloak server response (array RoleRepresentation)
- Return type:
list
- async a_get_composite_client_roles_of_user(user_id, client_id, brief_representation=False)[source]
Get composite client role-mappings for a user asynchronously.
- Parameters:
user_id (str) – id of user
client_id (str) – id of client (not client-id)
brief_representation (bool) – whether to omit attributes in the response
- Returns:
Keycloak server response (array RoleRepresentation)
- Return type:
list
- async a__get_client_roles_of_user(client_level_role_mapping_url, user_id, client_id, **params)[source]
Get client roles of a single user helper asynchronously.
- Parameters:
client_level_role_mapping_url (str) – Url for the client role mapping
user_id (str) – User id
client_id (str) – Client id
params (dict) – Additional parameters
- Returns:
Client roles of a user
- Return type:
list
- async a_delete_client_roles_of_user(user_id, client_id, roles)[source]
Delete client roles from a user asynchronously.
- Parameters:
user_id (str) – id of user
client_id (str) – id of client containing role (not client-id)
roles (list) – roles list or role to delete (use RoleRepresentation)
- Returns:
Keycloak server response
- Return type:
bytes
- async a_get_authentication_flows()[source]
Get authentication flows asynchronously.
Returns all flow details
AuthenticationFlowRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_authenticationflowrepresentation
- Returns:
Keycloak server response (AuthenticationFlowRepresentation)
- Return type:
list
- async a_get_authentication_flow_for_id(flow_id)[source]
Get one authentication flow by it’s id asynchronously.
Returns all flow details
AuthenticationFlowRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_authenticationflowrepresentation
- Parameters:
flow_id (str) – the id of a flow NOT it’s alias
- Returns:
Keycloak server response (AuthenticationFlowRepresentation)
- Return type:
dict
- async a_create_authentication_flow(payload, skip_exists=False)[source]
Create a new authentication flow asynchronously.
AuthenticationFlowRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_authenticationflowrepresentation
- Parameters:
payload (dict) – AuthenticationFlowRepresentation
skip_exists (bool) – Do not raise an error if authentication flow already exists
- Returns:
Keycloak server response (RoleRepresentation)
- Return type:
bytes
- async a_copy_authentication_flow(payload, flow_alias)[source]
Copy existing authentication flow under a new name asynchronously.
The new name is given as ‘newName’ attribute of the passed payload.
- Parameters:
payload (dict) – JSON containing ‘newName’ attribute
flow_alias (str) – the flow alias
- Returns:
Keycloak server response (RoleRepresentation)
- Return type:
bytes
- async a_delete_authentication_flow(flow_id)[source]
Delete authentication flow asynchronously.
AuthenticationInfoRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_authenticationinforepresentation
- Parameters:
flow_id (str) – authentication flow id
- Returns:
Keycloak server response
- Return type:
bytes
- async a_get_authentication_flow_executions(flow_alias)[source]
Get authentication flow executions asynchronously.
Returns all execution steps
- Parameters:
flow_alias (str) – the flow alias
- Returns:
Response(json)
- Return type:
list
- async a_update_authentication_flow_executions(payload, flow_alias)[source]
Update an authentication flow execution asynchronously.
AuthenticationExecutionInfoRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_authenticationexecutioninforepresentation
- Parameters:
payload (dict) – AuthenticationExecutionInfoRepresentation
flow_alias (str) – The flow alias
- Returns:
Keycloak server response
- Return type:
bytes
- async a_get_authentication_flow_execution(execution_id)[source]
Get authentication flow execution asynchronously.
AuthenticationExecutionInfoRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_authenticationexecutioninforepresentation
- Parameters:
execution_id (str) – the execution ID
- Returns:
Response(json)
- Return type:
dict
- async a_create_authentication_flow_execution(payload, flow_alias)[source]
Create an authentication flow execution asynchronously.
AuthenticationExecutionInfoRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_authenticationexecutioninforepresentation
- Parameters:
payload (dict) – AuthenticationExecutionInfoRepresentation
flow_alias (str) – The flow alias
- Returns:
Keycloak server response
- Return type:
bytes
- async a_delete_authentication_flow_execution(execution_id)[source]
Delete authentication flow execution asynchronously.
AuthenticationExecutionInfoRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_authenticationexecutioninforepresentation
- Parameters:
execution_id (str) – keycloak client id (not oauth client-id)
- Returns:
Keycloak server response (json)
- Return type:
bytes
- async a_create_authentication_flow_subflow(payload, flow_alias, skip_exists=False)[source]
Create a new sub authentication flow for a given authentication flow asynchronously.
AuthenticationFlowRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_authenticationflowrepresentation
- Parameters:
payload (dict) – AuthenticationFlowRepresentation
flow_alias (str) – The flow alias
skip_exists (bool) – Do not raise an error if authentication flow already exists
- Returns:
Keycloak server response (RoleRepresentation)
- Return type:
bytes
- async a_get_authenticator_providers()[source]
Get authenticator providers list asynchronously.
- Returns:
Authenticator providers
- Return type:
list
- async a_get_authenticator_provider_config_description(provider_id)[source]
Get authenticator’s provider configuration description asynchronously.
AuthenticatorConfigInfoRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_authenticatorconfiginforepresentation
- Parameters:
provider_id (str) – Provider Id
- Returns:
AuthenticatorConfigInfoRepresentation
- Return type:
dict
- async a_get_authenticator_config(config_id)[source]
Get authenticator configuration asynchronously.
Returns all configuration details.
- Parameters:
config_id (str) – Authenticator config id
- Returns:
Response(json)
- Return type:
dict
- async a_update_authenticator_config(payload, config_id)[source]
Update an authenticator configuration asynchronously.
AuthenticatorConfigRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_authenticatorconfigrepresentation
- Parameters:
payload (dict) – AuthenticatorConfigRepresentation
config_id (str) – Authenticator config id
- Returns:
Response(json)
- Return type:
bytes
- async a_delete_authenticator_config(config_id)[source]
Delete a authenticator configuration asynchronously.
https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_authentication_management_resource
- Parameters:
config_id (str) – Authenticator config id
- Returns:
Keycloak server Response
- Return type:
bytes
- async a_sync_users(storage_id, action)[source]
Trigger user sync from provider asynchronously.
- Parameters:
storage_id (str) – The id of the user storage provider
action (str) – Action can be “triggerFullSync” or “triggerChangedUsersSync”
- Returns:
Keycloak server response
- Return type:
bytes
- async a_get_client_scopes()[source]
Get client scopes asynchronously.
Get representation of the client scopes for the realm where we are connected to https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_getclientscopes
- Returns:
Keycloak server response Array of (ClientScopeRepresentation)
- Return type:
list
- async a_get_client_scope(client_scope_id)[source]
Get client scope asynchronously.
Get representation of the client scopes for the realm where we are connected to https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_getclientscopes
- Parameters:
client_scope_id (str) – The id of the client scope
- Returns:
Keycloak server response (ClientScopeRepresentation)
- Return type:
dict
- async a_get_client_scope_by_name(client_scope_name)[source]
Get client scope by name asynchronously.
Get representation of the client scope identified by the client scope name.
https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_getclientscopes :param client_scope_name: (str) Name of the client scope :type client_scope_name: str :returns: ClientScopeRepresentation or None :rtype: dict
- async a_create_client_scope(payload, skip_exists=False)[source]
Create a client scope asynchronously.
ClientScopeRepresentation: https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_getclientscopes
- Parameters:
payload (dict) – ClientScopeRepresentation
skip_exists (bool) – If true then do not raise an error if client scope already exists
- Returns:
Client scope id
- Return type:
str
- async a_update_client_scope(client_scope_id, payload)[source]
Update a client scope asynchronously.
ClientScopeRepresentation: https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_client_scopes_resource
- Parameters:
client_scope_id (str) – The id of the client scope
payload (dict) – ClientScopeRepresentation
- Returns:
Keycloak server response (ClientScopeRepresentation)
- Return type:
bytes
- async a_delete_client_scope(client_scope_id)[source]
Delete existing client scope asynchronously.
ClientScopeRepresentation: https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_client_scopes_resource
- Parameters:
client_scope_id (str) – The id of the client scope
- Returns:
Keycloak server response
- Return type:
bytes
- async a_get_mappers_from_client_scope(client_scope_id)[source]
Get a list of all mappers connected to the client scope asynchronously.
https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_protocol_mappers_resource :param client_scope_id: Client scope id :type client_scope_id: str :returns: Keycloak server response (ProtocolMapperRepresentation) :rtype: list
- async a_add_mapper_to_client_scope(client_scope_id, payload)[source]
Add a mapper to a client scope asynchronously.
https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_create_mapper
- Parameters:
client_scope_id (str) – The id of the client scope
payload (dict) – ProtocolMapperRepresentation
- Returns:
Keycloak server Response
- Return type:
bytes
- async a_delete_mapper_from_client_scope(client_scope_id, protocol_mapper_id)[source]
Delete a mapper from a client scope asynchronously.
https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_delete_mapper
- Parameters:
client_scope_id (str) – The id of the client scope
protocol_mapper_id (str) – Protocol mapper id
- Returns:
Keycloak server Response
- Return type:
bytes
- async a_update_mapper_in_client_scope(client_scope_id, protocol_mapper_id, payload)[source]
Update an existing protocol mapper in a client scope asynchronously.
https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_protocol_mappers_resource
- Parameters:
client_scope_id (str) – The id of the client scope
protocol_mapper_id (str) – The id of the protocol mapper which exists in the client scope and should to be updated
payload (dict) – ProtocolMapperRepresentation
- Returns:
Keycloak server Response
- Return type:
bytes
- async a_get_default_default_client_scopes()[source]
Get default default client scopes asynchronously.
Return list of default default client scopes
- Returns:
Keycloak server response
- Return type:
list
- async a_delete_default_default_client_scope(scope_id)[source]
Delete default default client scope asynchronously.
- Parameters:
scope_id (str) – default default client scope id
- Returns:
Keycloak server response
- Return type:
list
- async a_add_default_default_client_scope(scope_id)[source]
Add default default client scope asynchronously.
- Parameters:
scope_id (str) – default default client scope id
- Returns:
Keycloak server response
- Return type:
bytes
- async a_get_default_optional_client_scopes()[source]
Get default optional client scopes asynchronously.
Return list of default optional client scopes
- Returns:
Keycloak server response
- Return type:
list
- async a_delete_default_optional_client_scope(scope_id)[source]
Delete default optional client scope asynchronously.
- Parameters:
scope_id (str) – default optional client scope id
- Returns:
Keycloak server response
- Return type:
bytes
- async a_add_default_optional_client_scope(scope_id)[source]
Add default optional client scope asynchronously.
- Parameters:
scope_id (str) – default optional client scope id
- Returns:
Keycloak server response
- Return type:
bytes
- async a_add_client_specific_roles_to_client_scope(client_scope_id, client_roles_owner_id, roles)[source]
Assign client roles to a client scope asynchronously.
To assign roles to a client’s dedicated scope, use a_assign_client_roles_to_client_scope.
- Parameters:
client_scope_id (str) – client scope id
client_roles_owner_id (str) – id of client (not client-id) who has the roles
roles (list) – roles list or role (use RoleRepresentation, must include id and name)
- Returns:
Keycloak server response
- Return type:
dict
- async a_remove_client_specific_roles_of_client_scope(client_scope_id, client_roles_owner_id, roles)[source]
Delete client roles of a client scope asynchronously.
To delete roles from a client’s dedicated scope, use a_delete_client_roles_of_client_scope.
- Parameters:
client_scope_id (str) – client scope id
client_roles_owner_id (str) – id of client (not client-id) who has the roles
roles (list) – roles list or role (use RoleRepresentation, must include id and name)
- Returns:
Keycloak server response
- Return type:
dict
- async a_get_client_specific_roles_of_client_scope(client_scope_id, client_roles_owner_id)[source]
Get all client roles for a client scope asynchronously.
To get roles for a client’s dedicated scope, use a_get_client_roles_of_client_scope.
- Parameters:
client_scope_id (str) – client scope id
client_roles_owner_id (str) – id of client (not client-id) who has the roles
- Returns:
Keycloak server response (array RoleRepresentation)
- Return type:
dict
- async a_get_all_roles_of_client_scope(client_scope_id)[source]
Get all client roles for a client scope.
To get roles for a client’s dedicated scope, use a_get_client_roles_of_client_scope.
- Parameters:
client_scope_id (str) – client scope id
- Returns:
Keycloak server response (array RoleRepresentation)
- Return type:
dict
- async a_get_mappers_from_client(client_id)[source]
List of all client mappers asynchronously.
https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_protocolmapperrepresentation
- Parameters:
client_id (str) – Client id
- Returns:
KeycloakServerResponse (list of ProtocolMapperRepresentation)
- Return type:
list
- async a_add_mapper_to_client(client_id, payload)[source]
Add a mapper to a client asynchronously.
https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_create_mapper
- Parameters:
client_id (str) – The id of the client
payload (dict) – ProtocolMapperRepresentation
- Returns:
Keycloak server Response
- Return type:
bytes
- async a_update_client_mapper(client_id, mapper_id, payload)[source]
Update client mapper asynchronously.
- Parameters:
client_id (str) – The id of the client
mapper_id (str) – The id of the mapper to be deleted
payload (dict) – ProtocolMapperRepresentation
- Returns:
Keycloak server response
- Return type:
bytes
- async a_remove_client_mapper(client_id, client_mapper_id)[source]
Remove a mapper from the client asynchronously.
https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_protocol_mappers_resource
- Parameters:
client_id (str) – The id of the client
client_mapper_id (str) – The id of the mapper to be deleted
- Returns:
Keycloak server response
- Return type:
bytes
- async a_generate_client_secrets(client_id)[source]
Generate a new secret for the client asynchronously.
https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_regeneratesecret
- Parameters:
client_id (str) – id of client (not client-id)
- Returns:
Keycloak server response (ClientRepresentation)
- Return type:
bytes
- async a_get_client_secrets(client_id)[source]
Get representation of the client secrets asynchronously.
https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_getclientsecret
- Parameters:
client_id (str) – id of client (not client-id)
- Returns:
Keycloak server response (ClientRepresentation)
- Return type:
list
- async a_get_components(query=None)[source]
Get components asynchronously.
Return a list of components, filtered according to query parameters
ComponentRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_componentrepresentation
- Parameters:
query (dict) – Query parameters (optional)
- Returns:
components list
- Return type:
list
- async a_create_component(payload)[source]
Create a new component asynchronously.
ComponentRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_componentrepresentation
- Parameters:
payload (dict) – ComponentRepresentation
- Returns:
Component id
- Return type:
str
- async a_get_component(component_id)[source]
Get representation of the component asynchronously.
- Parameters:
component_id – Component id
ComponentRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_componentrepresentation
- Parameters:
component_id (str) – Id of the component
- Returns:
ComponentRepresentation
- Return type:
dict
- async a_update_component(component_id, payload)[source]
Update the component asynchronously.
- Parameters:
component_id (str) – Component id
payload (dict) – ComponentRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_componentrepresentation
- Returns:
Http response
- Return type:
bytes
- async a_delete_component(component_id)[source]
Delete the component asynchronously.
- Parameters:
component_id (str) – Component id
- Returns:
Http response
- Return type:
bytes
- async a_get_keys()[source]
Get keys asynchronously.
Return a list of keys, filtered according to query parameters
KeysMetadataRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_key_resource
- Returns:
keys list
- Return type:
list
- async a_get_admin_events(query=None)[source]
Get Administrative events asynchronously.
Return a list of events, filtered according to query parameters
AdminEvents Representation array https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_getevents https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_get_adminrealmsrealmadmin_events
- Parameters:
query (dict) – Additional query parameters
- Returns:
events list
- Return type:
list
- async a_get_events(query=None)[source]
Get events asynchronously.
Return a list of events, filtered according to query parameters
EventRepresentation array https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_eventrepresentation
- Parameters:
query (dict) – Additional query parameters
- Returns:
events list
- Return type:
list
- async a_set_events(payload)[source]
Set realm events configuration asynchronously.
RealmEventsConfigRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_realmeventsconfigrepresentation
- Parameters:
payload (dict) – Payload object for the events configuration
- Returns:
Http response
- Return type:
bytes
- async a_get_client_all_sessions(client_id)[source]
Get sessions associated with the client asynchronously.
UserSessionRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_usersessionrepresentation
- Parameters:
client_id (str) – id of client
- Returns:
UserSessionRepresentation
- Return type:
list
- async a_get_client_sessions_stats()[source]
Get current session count for all clients with active sessions asynchronously.
https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_getclientsessionstats
- Returns:
Dict of clients and session count
- Return type:
dict
- async a_get_client_management_permissions(client_id)[source]
Get management permissions for a client asynchronously.
- Parameters:
client_id (str) – id in ClientRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_clientrepresentation
- Returns:
Keycloak server response
- Return type:
list
- async a_update_client_management_permissions(payload, client_id)[source]
Update management permissions for a client asynchronously.
ManagementPermissionReference https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_managementpermissionreference
Payload example:
payload={ "enabled": true }
- Parameters:
payload (dict) – ManagementPermissionReference
client_id (str) – id in ClientRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_clientrepresentation
- Returns:
Keycloak server response
- Return type:
bytes
- async a_get_client_authz_policy_scopes(client_id, policy_id)[source]
Get scopes for a given policy asynchronously.
- Parameters:
client_id (str) – id in ClientRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_clientrepresentation
policy_id (str) – No Document
- Returns:
Keycloak server response
- Return type:
list
- async a_get_client_authz_policy_resources(client_id, policy_id)[source]
Get resources for a given policy asynchronously.
- Parameters:
client_id (str) – id in ClientRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_clientrepresentation
policy_id (str) – No Document
- Returns:
Keycloak server response
- Return type:
list
- async a_get_client_authz_scope_permission(client_id, scope_id)[source]
Get permissions for a given scope asynchronously.
- Parameters:
client_id (str) – id in ClientRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_clientrepresentation
scope_id (str) – No Document
- Returns:
Keycloak server response
- Return type:
list
- async a_create_client_authz_scope_permission(payload, client_id)[source]
Create permissions for a authz scope asynchronously.
Payload example:
payload={ "name": "My Permission Name", "type": "scope", "logic": "POSITIVE", "decisionStrategy": "UNANIMOUS", "resources": [some_resource_id], "scopes": [some_scope_id], "policies": [some_policy_id], }
- Parameters:
payload (dict) – No Document
client_id (str) – id in ClientRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_clientrepresentation
- Returns:
Keycloak server response
- Return type:
bytes
- async a_update_client_authz_scope_permission(payload, client_id, scope_id)[source]
Update permissions for a given scope asynchronously.
Payload example:
payload={ "id": scope_id, "name": "My Permission Name", "type": "scope", "logic": "POSITIVE", "decisionStrategy": "UNANIMOUS", "resources": [some_resource_id], "scopes": [some_scope_id], "policies": [some_policy_id], }
- Parameters:
payload (dict) – No Document
client_id (str) – id in ClientRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_clientrepresentation
scope_id (str) – No Document
- Returns:
Keycloak server response
- Return type:
bytes
- async a_update_client_authz_resource_permission(payload, client_id, resource_id)[source]
Update permissions for a given resource asynchronously.
Payload example:
payload={ "id": resource_id, "name": "My Permission Name", "type": "resource", "logic": "POSITIVE", "decisionStrategy": "UNANIMOUS", "resources": [some_resource_id], "scopes": [], "policies": [some_policy_id], }
- Parameters:
payload (dict) – No Document
client_id (str) – id in ClientRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_clientrepresentation
resource_id (str) – No Document
- Returns:
Keycloak server response
- Return type:
bytes
- async a_get_client_authz_client_policies(client_id)[source]
Get policies for a given client asynchronously.
- Parameters:
client_id (str) – id in ClientRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_clientrepresentation
- Returns:
Keycloak server response (RoleRepresentation)
- Return type:
list
- async a_get_client_authz_permission_associated_policies(client_id, policy_id)[source]
Get associated policies for a given client permission asynchronously.
- Parameters:
client_id (str) – id in ClientRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_clientrepresentation
policy_id (str) – id in PolicyRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_policyrepresentation
- Returns:
Keycloak server response (RoleRepresentation)
- Return type:
list
- async a_create_client_authz_client_policy(payload, client_id)[source]
Create a new policy for a given client asynchronously.
Payload example:
payload={ "type": "client", "logic": "POSITIVE", "decisionStrategy": "UNANIMOUS", "name": "My Policy", "clients": [other_client_id], }
- Parameters:
payload (dict) – No Document
client_id (str) – id in ClientRepresentation https://www.keycloak.org/docs-api/24.0.2/rest-api/index.html#_clientrepresentation
- Returns:
Keycloak server response (RoleRepresentation)
- Return type:
bytes
- async a_get_composite_client_roles_of_group(client_id, group_id, brief_representation=True)[source]
Get the composite client roles of the given group for the given client asynchronously.
- Parameters:
client_id (str) – id of the client.
group_id (str) – id of the group.
brief_representation (bool) – whether to omit attributes in the response
- Returns:
the composite client roles of the group (list of RoleRepresentation).
- Return type:
list
- async a_get_role_client_level_children(client_id, role_id)[source]
Get the child roles async of which the given composite client role is composed of.
- Parameters:
client_id (str) – id of the client.
role_id (str) – id of the role.
- Returns:
the child roles (list of RoleRepresentation).
- Return type:
list
- async a_upload_certificate(client_id, certcont)[source]
Upload a new certificate for the client asynchronously.
- Parameters:
client_id (str) – id of the client.
certcont (str) – the content of the certificate.
- Returns:
dictionary {“certificate”: “<certcont>”}, where <certcont> is the content of the uploaded certificate.
- Return type:
dict
- async a_get_required_action_by_alias(action_alias)[source]
Get a required action by its alias asynchronously.
- Parameters:
action_alias (str) – the alias of the required action.
- Returns:
the required action (RequiredActionProviderRepresentation).
- Return type:
dict
- async a_get_required_actions()[source]
Get the required actions for the realms asynchronously.
- Returns:
the required actions (list of RequiredActionProviderRepresentation).
- Return type:
list
- async a_update_required_action(action_alias, payload)[source]
Update a required action asynchronously.
- Parameters:
action_alias (str) – the action alias.
payload (dict) – the new required action (RequiredActionProviderRepresentation).
- Returns:
empty dictionary.
- Return type:
dict
- async a_get_bruteforce_detection_status(user_id)[source]
Get bruteforce detection status for user asynchronously.
- Parameters:
user_id (str) – User id
- Returns:
Bruteforce status.
- Return type:
dict
- async a_clear_bruteforce_attempts_for_user(user_id)[source]
Clear bruteforce attempts for user asynchronously.
- Parameters:
user_id (str) – User id
- Returns:
empty dictionary.
- Return type:
dict
- async a_clear_all_bruteforce_attempts()[source]
Clear bruteforce attempts for all users in realm asynchronously.
- Returns:
empty dictionary.
- Return type:
dict
- async a_clear_keys_cache()[source]
Clear keys cache asynchronously.
- Returns:
empty dictionary.
- Return type:
dict