How can I make sure certain clients are deleted when a user is removed?

I’m new to keycloak but looking to use it to manage access to an API. The idea is for third party developers to sign up, register their application and retrieve service account credentials from my ui.

My understanding is that I should be able to do this using the Admin API. However, what I can’t figure out is how to associate clients with specific users. Specifically, I want any clients related to a user to be deleted if the user itself is deleted.

Is this supported by keycloak or do I need to write a plugin?

Users and clients are not related to each other in Keycloak. If you want to achieve a behavior you described, you’ll have to implement a custom extension, e.g. an event-listener, acting upon a user deletion event and then removing the associated client(s).

Ok, I thought so. Thank you for confirming!

As a follow up: does keycloak allow extensions to add form controls to the admin GUI? I.e. would it be possible for me to add a control to display and possibly even change the user my extension would assign to a given client from the GUI client settings? Any help locating the proper documentation for this would be most appreciated!