I’m tasked with creating a solution that will allow a person to manage Users(Realm or Client), and a Clients Resources, Policies and Permissions.
What I’ve found challenging is finding a Rest API that will allow me to GET the information for a Client. Think
Client > CLIENT_NAME > Authorization > Resources
Client > CLIENT_NAME > Authorization > Policies
Client > CLIENT_NAME > Authorization > Permissions
I’ve looked through the KeyCloak Admin API with no luck. Am I looking at the wrong API? Should I be using the Java API?
It looks like they are not documented in the Admin API docs. However, everything in the Admin UI is based on a REST API. You can figure out how to use them by opening the “Network” tab of the Chrome Dev Tools when you are using the the Admin UI.
E.g. I was able to get a list of resources with this:
GET https://<host>/auth/admin/realms/<realm>/clients/<client_id>/authz/resource-server/resource?deep=false&first=0&max=20
and the metadata for the resource server with this:
GET https://<host>/auth/admin/realms/<realm>/clients/<client_id>/authz/resource-server
It’s certainly not as good as having documentation, but the methods do exist.
Thanks a lot. It works, to get/post policy, permission and scope too
GET/POST {{keycloak_url}}/admin/realms/{{realm}}/clients/{{clientId}}/authz/resource-server/policy
GET/POST{{keycloak_url}}/admin/realms/{{realm}}/clients/{{clientId}}/authz/resource-server/permission
GET/POST{{keycloak_url}}/admin/realms/{{realm}}/clients/{{clientId}}/authz/resource-server/scope