API To GET Client Authorization Policies And Permissions

I’m tasked with creating a solution that will allow a person to manage Users(Realm or Client), and a Clients Resources, Policies and Permissions.

What I’ve found challenging is finding a Rest API that will allow me to GET the information for a Client. Think
Client > CLIENT_NAME > Authorization > Resources
Client > CLIENT_NAME > Authorization > Policies
Client > CLIENT_NAME > Authorization > Permissions

I’ve looked through the KeyCloak Admin API with no luck. Am I looking at the wrong API? Should I be using the Java API?

Thank you in advance!

It looks like they are not documented in the Admin API docs. However, everything in the Admin UI is based on a REST API. You can figure out how to use them by opening the “Network” tab of the Chrome Dev Tools when you are using the the Admin UI.

E.g. I was able to get a list of resources with this:

GET https://<host>/auth/admin/realms/<realm>/clients/<client_id>/authz/resource-server/resource?deep=false&first=0&max=20

and the metadata for the resource server with this:

GET https://<host>/auth/admin/realms/<realm>/clients/<client_id>/authz/resource-server

It’s certainly not as good as having documentation, but the methods do exist.

1 Like

Thank you very much. This was a lot of help!

Thanks a lot. It works, to get/post policy, permission and scope too
GET/POST {{keycloak_url}}/admin/realms/{{realm}}/clients/{{clientId}}/authz/resource-server/policy