I have added custom rest endpoint to keycloak by implementing provider,
https://www.keycloak.org/docs/latest/server_development/#_extensions_rest

now, the endpoint is open and not secured which anyone access.
Whats the way the rest endpoint can be secured like with only admin credentials.

Hi,

under the spi-resource example on my https://github.com/zonaut/keycloak-extensions repo you can find a couple of ways to do this. Hope this helps you further.