Security News
JavaScript Leaders Demand Oracle Release the JavaScript Trademark
In an open letter, JavaScript community leaders urge Oracle to give up the JavaScript trademark, arguing that it has been effectively abandoned through nonuse.
@keycloak/keycloak-admin-client
Advanced tools
A client to interact with Keycloak's Administration API
npm install @keycloak/keycloak-admin-client
import KcAdminClient from '@keycloak/keycloak-admin-client';
// To configure the client, pass an object to override any of these options:
// {
// baseUrl: 'http://127.0.0.1:8080',
// realmName: 'master',
// requestOptions: {
// /* Fetch request options https://developer.mozilla.org/en-US/docs/Web/API/fetch#options */
// },
// }
const kcAdminClient = new KcAdminClient();
// Authorize with username / password
await kcAdminClient.auth({
username: 'admin',
password: 'admin',
grantType: 'password',
clientId: 'admin-cli',
totp: '123456', // optional Time-based One-time Password if OTP is required in authentication flow
});
// List first page of users
const users = await kcAdminClient.users.find({ first: 0, max: 10 });
// find users by attributes
const users = await kcAdminClient.users.find({ q: "phone:123" });
// Override client configuration for all further requests:
kcAdminClient.setConfig({
realmName: 'another-realm',
});
// This operation will now be performed in 'another-realm' if the user has access.
const groups = await kcAdminClient.groups.find();
// Set a `realm` property to override the realm for only a single operation.
// For example, creating a user in another realm:
await this.kcAdminClient.users.create({
realm: 'a-third-realm',
username: 'username',
email: 'user@example.com',
});
To refresh the access token provided by Keycloak, an OpenID client like panva/node-openid-client can be used like this:
import {Issuer} from 'openid-client';
const keycloakIssuer = await Issuer.discover(
'http://localhost:8080/realms/master',
);
const client = new keycloakIssuer.Client({
client_id: 'admin-cli', // Same as `clientId` passed to client.auth()
token_endpoint_auth_method: 'none', // to send only client_id in the header
});
// Use the grant type 'password'
let tokenSet = await client.grant({
grant_type: 'password',
username: 'admin',
password: 'admin',
});
// Periodically using refresh_token grant flow to get new access token here
setInterval(async () => {
const refreshToken = tokenSet.refresh_token;
tokenSet = await client.refresh(refreshToken);
kcAdminClient.setAccessToken(tokenSet.access_token);
}, 58 * 1000); // 58 seconds
In cases where you don't have a refresh token, eg. in a client credentials flow, you can simply call kcAdminClient.auth
to get a new access token, like this:
const credentials = {
grantType: 'client_credentials',
clientId: 'clientId',
clientSecret: 'some-client-secret-uuid',
};
await kcAdminClient.auth(credentials);
setInterval(() => kcAdminClient.auth(credentials), 58 * 1000); // 58 seconds
To build the source do a build:
pnpm run build
Start the Keycloak server:
pnpm run server:start
If you started your container manually make sure there is an admin user named 'admin' with password 'admin'. Then start the tests with:
pnpm test
Demo code: https://github.com/keycloak/keycloak/blob/main/js/libs/keycloak-admin-client/test/realms.spec.ts
POST /
)GET /{realm}
)PUT /{realm}
)DELETE /{realm}
)POST /{realm}/partial-export
)GET /{realm}/users-management-permissions
)PUT /{realm}/users-management-permissions
)GET /{realm}/events
)GET /{realm}/admin-events
)POST /{realm}/logout-all
)DELETE /{realm}/sessions/{session}
)GET /{realm}/client-policies/policies
)PUT /{realm}/client-policies/policies
)GET /{realm}/client-policies/profiles
)PUT /{realm}/client-policies/profiles
)GET /{realm}/group-by-path/{path}
)Demo code: https://github.com/keycloak/keycloak/blob/main/js/libs/keycloak-admin-client/test/roles.spec.ts
POST /{realm}/roles
)GET /{realm}/roles
)GET /{realm}/roles/{role-name}
)PUT /{realm}/roles/{role-name}
)DELETE /{realm}/roles/{role-name}
)GET /{realm}/roles/{role-name}/users
)GET /{realm}/roles-by-id/{role-id}
)PUT /{realm}/roles-by-id/{role-id}
)DELETE /{realm}/roles-by-id/{role-id}
)POST /{realm}/roles-by-id/{role-id}/composites
)GET /{realm}/roles-by-id/{role-id}/composites
)DELETE /{realm}/roles-by-id/{role-id}/composites
)GET /{realm}/roles-by-id/{role-id}/composites/clients/{client}
)GET /{realm}/roles-by-id/{role-id}/composites/realm
)Demo code: https://github.com/keycloak/keycloak/blob/main/js/libs/keycloak-admin-client/test/users.spec.ts
POST /{realm}/users
)GET /{realm}/users
)GET /{realm}/users/{id}
)PUT /{realm}/users/{id}
)DELETE /{realm}/users/{id}
)GET /{realm}/users/count
)PUT /{realm}/users/{id}/execute-actions-email
)GET /{realm}/users/{id}/groups
)PUT /{realm}/users/{id}/groups/{groupId}
)DELETE /{realm}/users/{id}/groups/{groupId}
)PUT /{realm}/users/{id}/remove-totp
)PUT /{realm}/users/{id}/reset-password
)PUT /{realm}/users/{id}/send-verify-email
)PUT /{realm}/users/{id}/credentials/{credentialId}/userLabel
)POST /{realm}/users/{id}/credentials/{credentialId}/moveAfter/{newPreviousCredentialId}
)PUT /{realm}/users/{id}/credentials/{credentialId}/moveToFirst
)Demo code: https://github.com/keycloak/keycloak/blob/main/js/libs/keycloak-admin-client/test/users.spec.ts#L178
PUT /{id}/groups/{groupId}
)GET /{id}/groups
)GET /{id}/groups/count
)DELETE /{id}/groups/{groupId}
)Demo code: https://github.com/keycloak/keycloak/blob/main/js/libs/keycloak-admin-client/test/users.spec.ts#L352
GET /{realm}/users/{id}/role-mappings
)POST /{realm}/users/{id}/role-mappings/realm
)GET /{realm}/users/{id}/role-mappings/realm
)DELETE /{realm}/users/{id}/role-mappings/realm
)GET /{realm}/users/{id}/role-mappings/realm/available
)GET /{realm}/users/{id}/role-mappings/realm/composite
)Demo code: https://github.com/keycloak/keycloak/blob/main/js/libs/keycloak-admin-client/test/groups.spec.ts
POST /{realm}/groups
)GET /{realm}/groups
)GET /{realm}/groups/{id}
)PUT /{realm}/groups/{id}
)DELETE /{realm}/groups/{id}
)GET /{realm}/groups/count
)GET /{realm}/groups/{id}/members
)POST /{realm}/groups/{id}/children
)GET /{realm}/groups/{id}/children
)GET /{realm}/groups/{id}/role-mappings
)POST /{realm}/groups/{id}/role-mappings/realm
)GET /{realm}/groups/{id}/role-mappings/realm
)DELETE /{realm}/groups/{id}/role-mappings/realm
)GET /{realm}/groups/{id}/role-mappings/realm/available
)GET /{realm}/groups/{id}/role-mappings/realm/composite
)Demo code: https://github.com/keycloak/keycloak/blob/main/js/libs/keycloak-admin-client/test/clients.spec.ts
POST /{realm}/clients
)GET /{realm}/clients
)GET /{realm}/clients/{id}
)PUT /{realm}/clients/{id}
)DELETE /{realm}/clients/{id}
)Demo code: https://github.com/keycloak/keycloak/blob/main/js/libs/keycloak-admin-client/test/clients.spec.ts
POST /{realm}/clients/{id}/roles
)GET /{realm}/clients/{id}/roles
)GET /{realm}/clients/{id}/roles/{role-name}
)PUT /{realm}/clients/{id}/roles/{role-name}
)DELETE /{realm}/clients/{id}/roles/{role-name}
)POST /{realm}/groups/{id}/role-mappings/clients/{client}
)GET /{realm}/groups/{id}/role-mappings/clients/{client}
)DELETE /{realm}/groups/{id}/role-mappings/clients/{client}
)GET /{realm}/groups/{id}/role-mappings/clients/{client}/available
)GET /{realm}/groups/{id}/role-mappings/clients/{client}/composite
)Demo code: https://github.com/keycloak/keycloak/blob/main/js/libs/keycloak-admin-client/test/users.spec.ts#L352
POST /{realm}/users/{id}/role-mappings/clients/{client}
)GET /{realm}/users/{id}/role-mappings/clients/{client}
)DELETE /{realm}/users/{id}/role-mappings/clients/{client}
)GET /{realm}/users/{id}/role-mappings/clients/{client}/available
)GET /{realm}/users/{id}/role-mappings/clients/{client}/composite
)GET /{realm}/clients/{id}/certificates/{attr}
)POST /{realm}/clients/{id}/certificates/{attr}/download
)POST /{realm}/clients/{id}/certificates/{attr}/generate
)POST /{realm}/clients/{id}/certificates/{attr}/generate-and-download
)POST /{realm}/clients/{id}/certificates/{attr}/upload
)POST /{realm}/clients/{id}/certificates/{attr}/upload-certificate
)Demo code: https://github.com/keycloak/keycloak/blob/main/js/libs/keycloak-admin-client/test/idp.spec.ts
POST /{realm}/identity-provider/instances
)GET /{realm}/identity-provider/instances
)GET /{realm}/identity-provider/instances/{alias}
)PUT /{realm}/identity-provider/instances/{alias}
)DELETE /{realm}/identity-provider/instances/{alias}
)GET /{realm}/identity-provider/providers/{providerId}
)POST /{realm}/identity-provider/instances/{alias}/mappers
)GET /{realm}/identity-provider/instances/{alias}/mappers
)GET /{realm}/identity-provider/instances/{alias}/mappers/{id}
)PUT /{realm}/identity-provider/instances/{alias}/mappers/{id}
)DELETE /{realm}/identity-provider/instances/{alias}/mappers/{id}
)GET /{realm}/identity-provider/instances/{alias}/mapper-types
)POST /{realm}/client-scopes
)GET /{realm}/client-scopes
)GET /{realm}/client-scopes/{id}
)PUT /{realm}/client-scopes/{id}
)DELETE /{realm}/client-scopes/{id}
)GET /{realm}/default-default-client-scopes
)PUT /{realm}/default-default-client-scopes/{id}
)DELETE /{realm}/default-default-client-scopes/{id}
)GET /{realm}/default-optional-client-scopes
)PUT /{realm}/default-optional-client-scopes/{id}
)DELETE /{realm}/default-optional-client-scopes/{id}
)GET /{realm}/clients/{id}/default-client-scopes
)PUT /{realm}/clients/{id}/default-client-scopes/{clientScopeId}
)DELETE /{realm}/clients/{id}/default-client-scopes/{clientScopeId}
)GET /{realm}/clients/{id}/optional-client-scopes
)PUT /{realm}/clients/{id}/optional-client-scopes/{clientScopeId}
)DELETE /{realm}/clients/{id}/optional-client-scopes/{clientScopeId}
)GET /{realm}/client-scopes/{id}/scope-mappings
)POST /{realm}/client-scopes/{id}/scope-mappings/clients/{client}
)GET /{realm}/client-scopes/{id}/scope-mappings/clients/{client}
)GET /{realm}/client-scopes/{id}/scope-mappings/clients/{client}/available
)GET /{realm}/client-scopes/{id}/scope-mappings/clients/{client}/composite
)DELETE /{realm}/client-scopes/{id}/scope-mappings/clients/{client}
)POST /{realm}/client-scopes/{id}/scope-mappings/realm
)GET /{realm}/client-scopes/{id}/scope-mappings/realm
)DELETE /{realm}/client-scopes/{id}/scope-mappings/realm
)GET /{realm}/client-scopes/{id}/scope-mappings/realm/available
)GET /{realm}/client-scopes/{id}/scope-mappings/realm/composite
)GET /{realm}/clients/{id}/scope-mappings
)POST /{realm}/clients/{id}/scope-mappings/clients/{client}
)GET /{realm}/clients/{id}/scope-mappings/clients/{client}
)DELETE /{realm}/clients/{id}/scope-mappings/clients/{client}
)GET /{realm}/clients/{id}/scope-mappings/clients/{client}/available
)GET /{realm}/clients/{id}/scope-mappings/clients/{client}/composite
)POST /{realm}/clients/{id}/scope-mappings/realm
)GET /{realm}/clients/{id}/scope-mappings/realm
)DELETE /{realm}/clients/{id}/scope-mappings/realm
)GET /{realm}/clients/{id}/scope-mappings/realm/available
)GET /{realm}/clients/{id}/scope-mappings/realm/composite
)POST /{realm}/client-scopes/{id}/protocol-mappers/add-models
)POST /{realm}/client-scopes/{id}/protocol-mappers/models
)GET /{realm}/client-scopes/{id}/protocol-mappers/models
)GET /{realm}/client-scopes/{id}/protocol-mappers/models/{mapperId}
)PUT /{realm}/client-scopes/{id}/protocol-mappers/models/{mapperId}
)DELETE /{realm}/client-scopes/{id}/protocol-mappers/models/{mapperId}
)GET /{realm}/client-scopes/{id}/protocol-mappers/protocol/{protocol}
)Demo code: https://github.com/keycloak/keycloak/blob/main/js/libs/keycloak-admin-client/test/clients.spec.ts
POST /{realm}/clients/{id}/protocol-mappers/add-models
)POST /{realm}/clients/{id}/protocol-mappers/models
)GET /{realm}/clients/{id}/protocol-mappers/models
)GET /{realm}/clients/{id}/protocol-mappers/models/{mapperId}
)PUT /{realm}/clients/{id}/protocol-mappers/models/{mapperId}
)DELETE /{realm}/clients/{id}/protocol-mappers/models/{mapperId}
)GET /{realm}/clients/{id}/protocol-mappers/protocol/{protocol}
)Supported for user federation. Demo code: https://github.com/keycloak/keycloak/blob/main/js/libs/keycloak-admin-client/test/components.spec.ts
POST /{realm}/components
)GET /{realm}/components
)GET /{realm}/components/{id}
)PUT /{realm}/components/{id}
)DELETE /{realm}/components/{id}
)Demo code: https://github.com/keycloak/keycloak/blob/main/js/libs/keycloak-admin-client/test/clients.spec.ts
GET /{realm}/clients/{id}/user-sessions
)GET /{realm}/clients/{id}/offline-sessions
)GET /{realm}/clients/{id}/session-count
)GET /{realm}/clients/{id}/offline-session-count
)POST /{realm}/authentication/register-required-action
)GET /{realm}/authentication/required-actions
)GET /{realm}/authentication/required-actions/{alias}
)PUT /{realm}/authentication/required-actions/{alias}
)DELETE /{realm}/authentication/required-actions/{alias}
)POST /{realm}/authentication/required-actions/{alias}/lower-priority
)POST /{realm}/authentication/required-actions/{alias}/raise-priority
)GET /{realm}/authentication/unregistered-required-actions
)Demo code: https://github.com/keycloak/keycloak/blob/main/js/libs/keycloak-admin-client/test/clients.spec.ts
POST /{realm}/clients/{id}/authz/resource-server/permission/{type}
)GET /{realm}/clients/{id}/authz/resource-server/permission/{type}/{permissionId}
)PUT /{realm}/clients/{id}/authz/resource-server/permission/{type}/{permissionId}
)DELETE /{realm}/clients/{id}/authz/resource-server/permission/{type}/{permissionId}
)Demo code: https://github.com/keycloak/keycloak/blob/main/js/libs/keycloak-admin-client/test/clients.spec.ts
POST /{realm}/clients/{id}/authz/resource-server/policy/{type}
)GET /{realm}/clients/{id}/authz/resource-server/policy/{type}/{policyId}
)GET /{realm}/clients/{id}/authz/resource-server/policy/search
)PUT /{realm}/clients/{id}/authz/resource-server/policy/{type}/{policyId}
)DELETE /{realm}/clients/{id}/authz/resource-server/policy/{policyId}
)DELETE /{realm}/attack-detection/brute-force/users
)GET /{realm}/attack-detection/brute-force/users/{userId}
)DELETE /{realm}/attack-detection/brute-force/users/{userId}
)This repo is originally developed by Canner and InfuseAI before being transferred under keycloak organization.
FAQs
A client to interact with Keycloak's Administration API
The npm package @keycloak/keycloak-admin-client receives a total of 85,478 weekly downloads. As such, @keycloak/keycloak-admin-client popularity was classified as popular.
We found that @keycloak/keycloak-admin-client demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
In an open letter, JavaScript community leaders urge Oracle to give up the JavaScript trademark, arguing that it has been effectively abandoned through nonuse.
Security News
The initial version of the Socket Python SDK is now on PyPI, enabling developers to more easily interact with the Socket REST API in Python projects.
Security News
Floating dependency ranges in npm can introduce instability and security risks into your project by allowing unverified or incompatible versions to be installed automatically, leading to unpredictable behavior and potential conflicts.