REST API

Tenant Manager REST API documentation version v1

{schema}://{host}/api/{version}

  • schema: required (one of http, https - default: http)
  • host: required (string - default: localhost)
  • version: required (v1)

Tenants

Operations on tenants and tenant users.

/tenants get post

get /tenants

Returns information about tenants.

Secured by oauth_2_0 with scopes:
  • tenant:read on tenant-system resource

Tenant Manager supports OAuth 2.0 for authenticating all API requests.

Query Parameters

  • offset: (integer)

    Start index that the server should return data from.

    Example:

    0
  • limit: (integer - default: 50)

    Maximum number of items to return. To get all items limit must be 0.

    Example:

    1
  • realm_name: (string)

    Filters tenants by realm name.

    Example:

    my-realm-name

HTTP status code 200

Tenant list is successfully retrieved.

Body

Media type: application/json

Type: object

Properties

  • count: required (integer)

    Total number of elements available for retrieval.

  • results: required (array of Tenant)

    Items: Tenant

    • id: required (string)

      Unique identifier of a tenant.

    • realm_name: required (string)

      Realm name (not id!).

    • client_frontend_id: required (string)

      Identifier of a client frontend.

    • client_backend_id: required (string)

      Identifier of a client backend.

    • client_backend_secret: required (string)

      Identifier of a client backend secret for confidential clients.

    • realm_template_version: required (integer)

      Identifier of a realm template version.

    • realm_scopes_version: required (integer)

      Identifier of a realm scope version.

    • client_backend_version: required (integer)

      Identifier of a realm client backend version.

    • client_frontend_version: required (integer)

      Identifier of a realm client frontend version.

    • roles_version: required (integer)

      Identifier of a realm role version.

    • resources_version: required (integer)

      Identifier of a realm resources version.

    • idp_version: (boolean)

      Identifier of a realm identity provider version.

    • user: (integer)

      Identifier of a tenant user.

    • issuer: required (string)

      URL of the auth service.

    • status: required (one of AVAILABLE, CREATING, UPDATING, DISABLED, DELETED)

      Tenant status.

    • created: required (datetime)

      Tenant creation timestamp in ISO 8601 format (UTC timezone).

Example:

{
  "count": 6,
  "results": [
    {
      "id": "80786da9-985a-4e01-a51a-c5872e03d44f",
      "realm_name": "alpha-realm",
      "client_frontend_id": "16f9a9d6-1989-4cb1-a30f-6bba13aa6460",
      "client_backend_id": "727eaf72-fb73-419f-a677-50a37d8829cd",
      "client_backend_secret": "e3f8f5c7-cdf2-473d-8721-a7bfad0691e7",
      "realm_template_version": 1,
      "realm_scopes_version": 1,
      "client_backend_version": 1,
      "client_frontend_version": 1,
      "roles_version": 1,
      "resources_version": 1,
      "idp_version": 1,
      "user": 1,
      "issuer": "https://{identity-provider-host}/auth/realms/80786da9-985a-4e01-a51a-c5872e03d44f",
      "status": "AVAILABLE",
      "created": "2020-03-06T14:49:08.339576Z"
    },
    {
      "id": "6d2e4ccd-4a15-4a3f-91b6-e168918e945f",
      "realm_name": "beta-realm",
      "client_frontend_id": "fb6d9435-448d-46b8-82b1-60e91c2e1307",
      "client_backend_id": "d5cd59ff-6f1d-45f5-a84a-28877fa2cd36",
      "client_backend_secret": "bda83b4a-4633-4767-a68b-6153c7901131",
      "realm_template_version": 1,
      "realm_scopes_version": 1,
      "client_backend_version": 1,
      "client_frontend_version": 1,
      "roles_version": 1,
      "resources_version": 1,
      "idp_version": 1,
      "user": 2,
      "issuer": "https://{identity-provider-host}/auth/realms/6d2e4ccd-4a15-4a3f-91b6-e168918e945f",
      "status": "AVAILABLE",
      "created": "2020-03-06T14:49:11.180017Z"
    }
  ]
}

HTTP status code 400

Invalid request

HTTP status code 401

Unauthenticated request

Secured by oauth_2_0

Headers

  • Authorization: (string)

    Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.

post /tenants

Registers new tenant.

Secured by oauth_2_0 with scopes:
  • tenant:create on tenant-system resource

Tenant Manager supports OAuth 2.0 for authenticating all API requests.

Body

Media type: application/json

Type: object

Properties

  • realm_name: required (string)

    Realm name (not id!).

  • realm_template_version: required (integer)

    Identifier of a realm template version.

  • realm_scopes_version: required (integer)

    Identifier of a realm scope version.

  • client_backend_version: required (integer)

    Identifier of a realm client backend version.

  • client_frontend_version: required (integer)

    Identifier of a realm client frontend version.

  • roles_version: required (integer)

    Identifier of a realm role version.

  • resources_version: required (integer)

    Identifier of a realm resources version.

  • idp_version: (boolean)

    Identifier of a realm identity provider version.

  • user: (integer)

    Identifier of a tenant user.

Example:

{
  "realm_name": "delta-realm",
  "realm_template_version": 1,
  "realm_scopes_version": 1,
  "client_backend_version": 1,
  "client_frontend_version": 1,
  "roles_version": 1,
  "resources_version": 1,
  "idp_version": 1,
  "user": 1
}

HTTP status code 201

Tenant is successfully created.

Body

Media type: application/json

Type: object

Properties

  • id: required (string)

    Unique identifier of a tenant.

  • realm_name: required (string)

    Realm name (not id!).

  • client_frontend_id: required (string)

    Identifier of a client frontend.

  • client_backend_id: required (string)

    Identifier of a client backend.

  • client_backend_secret: required (string)

    Identifier of a client backend secret for confidential clients.

  • realm_template_version: required (integer)

    Identifier of a realm template version.

  • realm_scopes_version: required (integer)

    Identifier of a realm scope version.

  • client_backend_version: required (integer)

    Identifier of a realm client backend version.

  • client_frontend_version: required (integer)

    Identifier of a realm client frontend version.

  • roles_version: required (integer)

    Identifier of a realm role version.

  • resources_version: required (integer)

    Identifier of a realm resources version.

  • idp_version: (boolean)

    Identifier of a realm identity provider version.

  • user: (integer)

    Identifier of a tenant user.

  • issuer: required (string)

    URL of the auth service.

  • status: required (one of AVAILABLE, CREATING, UPDATING, DISABLED, DELETED)

    Tenant status.

  • created: required (datetime)

    Tenant creation timestamp in ISO 8601 format (UTC timezone).

Example:

{
  "id": "5428586f-49a1-45b6-9ab7-de56ebd11e03",
  "realm_name": "delta-realm",
  "client_frontend_id": "16f9a9d6-1989-4cb1-a30f-6bba13aa6460",
  "client_backend_id": "727eaf72-fb73-419f-a677-50a37d8829cd",
  "client_backend_secret": "e3f8f5c7-cdf2-473d-8721-a7bfad0691e7",
  "realm_template_version": 1,
  "realm_scopes_version": 1,
  "client_backend_version": 1,
  "client_frontend_version": 1,
  "roles_version": 1,
  "resources_version": 1,
  "idp_version": 1,
  "user": 1,
  "issuer": "https://{identity-provider-host}/auth/realms/5428586f-49a1-45b6-9ab7-de56ebd11e03",
  "status": "CREATING",
  "created": "2020-02-24T10:46:29.657054Z"
}

HTTP status code 400

Invalid request

HTTP status code 401

Unauthenticated request

Secured by oauth_2_0

Headers

  • Authorization: (string)

    Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.

/tenants/{tenantId} get put delete

get /tenants/{tenantId}

Retrieve tenant.

Secured by oauth_2_0 with scopes:
  • tenant:read

Tenant Manager supports OAuth 2.0 for authenticating all API requests.

URI Parameters

  • tenantId: required (string)

    Identifier of the tenant to operate on.

    Example:

    1957f6df-ca08-4052-962b-b14ec96ab8f5

HTTP status code 200

Tenant is successfully retrieved.

Body

Media type: application/json

Type: object

Properties

  • id: required (string)

    Unique identifier of a tenant.

  • realm_name: required (string)

    Realm name (not id!).

  • client_frontend_id: required (string)

    Identifier of a client frontend.

  • client_backend_id: required (string)

    Identifier of a client backend.

  • client_backend_secret: required (string)

    Identifier of a client backend secret for confidential clients.

  • realm_template_version: required (integer)

    Identifier of a realm template version.

  • realm_scopes_version: required (integer)

    Identifier of a realm scope version.

  • client_backend_version: required (integer)

    Identifier of a realm client backend version.

  • client_frontend_version: required (integer)

    Identifier of a realm client frontend version.

  • roles_version: required (integer)

    Identifier of a realm role version.

  • resources_version: required (integer)

    Identifier of a realm resources version.

  • idp_version: (boolean)

    Identifier of a realm identity provider version.

  • user: (integer)

    Identifier of a tenant user.

  • issuer: required (string)

    URL of the auth service.

  • status: required (one of AVAILABLE, CREATING, UPDATING, DISABLED, DELETED)

    Tenant status.

  • created: required (datetime)

    Tenant creation timestamp in ISO 8601 format (UTC timezone).

Example:

{
  "id": "5428586f-49a1-45b6-9ab7-de56ebd11e03",
  "realm_name": "delta-realm",
  "client_frontend_id": "16f9a9d6-1989-4cb1-a30f-6bba13aa6460",
  "client_backend_id": "727eaf72-fb73-419f-a677-50a37d8829cd",
  "client_backend_secret": "e3f8f5c7-cdf2-473d-8721-a7bfad0691e7",
  "realm_template_version": 1,
  "realm_scopes_version": 1,
  "client_backend_version": 1,
  "client_frontend_version": 1,
  "roles_version": 1,
  "resources_version": 1,
  "idp_version": 1,
  "user": 1,
  "issuer": "https://{identity-provider-host}/auth/realms/5428586f-49a1-45b6-9ab7-de56ebd11e03",
  "status": "AVAILABLE",
  "created": "2020-02-24T10:46:29.657054Z"
}

HTTP status code 400

Invalid request

HTTP status code 401

Unauthenticated request

HTTP status code 404

Resource not found or querying user is not authorized for it.

Secured by oauth_2_0

Headers

  • Authorization: (string)

    Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.

put /tenants/{tenantId}

Update tenant

Secured by oauth_2_0 with scopes:
  • tenant:update

Tenant Manager supports OAuth 2.0 for authenticating all API requests.

URI Parameters

  • tenantId: required (string)

    Identifier of the tenant to operate on.

    Example:

    1957f6df-ca08-4052-962b-b14ec96ab8f5

Body

Media type: application/json

Type: tenant-manager-api-types.TenantUpdateUpdate

Example:

{
  "realm_name": "delta-realm",
  "realm_template_version": 1,
  "realm_scopes_version": 1,
  "client_backend_version": 1,
  "client_frontend_version": 1,
  "roles_version": 1,
  "resources_version": 1,
  "idp_version": 1,
  "user": 1
}

HTTP status code 201

Tenant is successfully updated.

Body

Media type: application/json

Type: object

Properties

  • id: required (string)

    Unique identifier of a tenant.

  • realm_name: required (string)

    Realm name (not id!).

  • client_frontend_id: required (string)

    Identifier of a client frontend.

  • client_backend_id: required (string)

    Identifier of a client backend.

  • client_backend_secret: required (string)

    Identifier of a client backend secret for confidential clients.

  • realm_template_version: required (integer)

    Identifier of a realm template version.

  • realm_scopes_version: required (integer)

    Identifier of a realm scope version.

  • client_backend_version: required (integer)

    Identifier of a realm client backend version.

  • client_frontend_version: required (integer)

    Identifier of a realm client frontend version.

  • roles_version: required (integer)

    Identifier of a realm role version.

  • resources_version: required (integer)

    Identifier of a realm resources version.

  • idp_version: (boolean)

    Identifier of a realm identity provider version.

  • user: (integer)

    Identifier of a tenant user.

  • issuer: required (string)

    URL of the auth service.

  • status: required (one of AVAILABLE, CREATING, UPDATING, DISABLED, DELETED)

    Tenant status.

  • created: required (datetime)

    Tenant creation timestamp in ISO 8601 format (UTC timezone).

Example:

{
  "id": "5428586f-49a1-45b6-9ab7-de56ebd11e03",
  "realm_name": "delta-realm",
  "client_frontend_id": "16f9a9d6-1989-4cb1-a30f-6bba13aa6460",
  "client_backend_id": "727eaf72-fb73-419f-a677-50a37d8829cd",
  "client_backend_secret": "e3f8f5c7-cdf2-473d-8721-a7bfad0691e7",
  "realm_template_version": 1,
  "realm_scopes_version": 1,
  "client_backend_version": 1,
  "client_frontend_version": 1,
  "roles_version": 1,
  "resources_version": 1,
  "idp_version": 1,
  "user": 1,
  "issuer": "https://{identity-provider-host}/auth/realms/5428586f-49a1-45b6-9ab7-de56ebd11e03",
  "status": "UPDATING",
  "created": "2020-02-24T10:46:29.657054Z"
}

HTTP status code 400

Invalid request

HTTP status code 401

Unauthenticated request

HTTP status code 404

Resource not found or querying user is not authorized for it.

Secured by oauth_2_0

Headers

  • Authorization: (string)

    Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.

delete /tenants/{tenantId}

Delete tenant.

Secured by oauth_2_0 with scopes:
  • tenant:delete

Tenant Manager supports OAuth 2.0 for authenticating all API requests.

URI Parameters

  • tenantId: required (string)

    Identifier of the tenant to operate on.

    Example:

    1957f6df-ca08-4052-962b-b14ec96ab8f5

HTTP status code 204

Tenant is successfully deleted.

HTTP status code 400

Invalid request

HTTP status code 401

Unauthenticated request

HTTP status code 404

Resource not found or querying user is not authorized for it.

Secured by oauth_2_0

Headers

  • Authorization: (string)

    Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.

/tenants/{tenantId}/credentials get put

get /tenants/{tenantId}/credentials

Retrieve tenant's credentials.

Secured by oauth_2_0 with scopes:
  • tenant:read

Tenant Manager supports OAuth 2.0 for authenticating all API requests.

URI Parameters

  • tenantId: required (string)

    Identifier of the tenant to operate on.

    Example:

    1957f6df-ca08-4052-962b-b14ec96ab8f5

HTTP status code 200

Tenant's credentials are successfully retrieved.

Body

Media type: application/json

Type: object

Properties

  • id: required (string)

    Unique identifier of a tenant.

  • realm_name: required (string)

    Realm name (not id!).

  • client_backend_id: required (string)

    Identifier of a client backend.

  • client_backend_secret: required (string)

    Identifier of a client backend secret.

  • client_frontend_id: required (string)

    Identifier of a client frontend.

  • issuer: required (string)

    URL of the auth service.

Example:

{
  "id": "1957f6df-ca08-4052-962b-b14ec96ab8f5",
  "realm_name": "delta-realm",
  "client_backend_id": "727eaf72-fb73-419f-a677-50a37d8829cd",
  "client_backend_secret": "e3f8f5c7-cdf2-473d-8721-a7bfad0691e7",
  "client_frontend_id": "16f9a9d6-1989-4cb1-a30f-6bba13aa6460",
  "issuer": "https://{identity-provider-host}/auth/realms/1957f6df-ca08-4052-962b-b14ec96ab8f5"
}

HTTP status code 400

Invalid request

HTTP status code 401

Unauthenticated request

HTTP status code 404

Resource not found or querying user is not authorized for it.

Secured by oauth_2_0

Headers

  • Authorization: (string)

    Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.

put /tenants/{tenantId}/credentials

Update tenant's credentials.

Secured by oauth_2_0 with scopes:
  • tenant:update

Tenant Manager supports OAuth 2.0 for authenticating all API requests.

URI Parameters

  • tenantId: required (string)

    Identifier of the tenant to operate on.

    Example:

    1957f6df-ca08-4052-962b-b14ec96ab8f5

Body

Media type: application/json

Type: object

Properties

  • client_backend_id: required (string)

    Identifier of a client backend.

  • client_backend_secret: required (string)

    Identifier of a client backend secret.

  • client_frontend_id: required (string)

    Identifier of a client frontend.

Example:

{
  "client_backend_id": "727eaf72-fb73-419f-a677-50a37d8829cd",
  "client_backend_secret": "e3f8f5c7-cdf2-473d-8721-a7bfad0691e7",
  "client_frontend_id": "16f9a9d6-1989-4cb1-a30f-6bba13aa6460"
}

HTTP status code 201

Tenant's credentials are successfully updated.

Body

Media type: application/json

Type: object

Properties

  • id: required (string)

    Unique identifier of a tenant.

  • realm_name: required (string)

    Realm name (not id!).

  • client_backend_id: required (string)

    Identifier of a client backend.

  • client_backend_secret: required (string)

    Identifier of a client backend secret.

  • client_frontend_id: required (string)

    Identifier of a client frontend.

  • issuer: required (string)

    URL of the auth service.

Example:

{
  "id": "1957f6df-ca08-4052-962b-b14ec96ab8f5",
  "realm_name": "delta-realm",
  "client_backend_id": "727eaf72-fb73-419f-a677-50a37d8829cd",
  "client_backend_secret": "e3f8f5c7-cdf2-473d-8721-a7bfad0691e7",
  "client_frontend_id": "16f9a9d6-1989-4cb1-a30f-6bba13aa6460",
  "issuer": "https://{identity-provider-host}/auth/realms/1957f6df-ca08-4052-962b-b14ec96ab8f5"
}

HTTP status code 400

Invalid request

HTTP status code 401

Unauthenticated request

HTTP status code 404

Resource not found or querying user is not authorized for it.

Secured by oauth_2_0

Headers

  • Authorization: (string)

    Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.

/tenants/users get post

get /tenants/users

Retrieve tenant users list.

Secured by oauth_2_0 with scopes:
  • tenant:tenant-user:read

Tenant Manager supports OAuth 2.0 for authenticating all API requests.

Query Parameters

  • offset: (integer)

    Start index that the server should return data from.

    Example:

    0
  • limit: (integer - default: 50)

    Maximum number of items to return. To get all items limit must be 0.

    Example:

    1

HTTP status code 200

Tenant users list is successfully retrieved.

Body

Media type: application/json

Type: object

Properties

  • count: required (integer)

    Total number of elements available for retrieval.

  • results: required (array of TenantUser)

    Items: TenantUser

    • id: required (integer)

      Unique identifier of a tenant.

    • email: required (string)

      Email of a tenant user.

    • firstName: required (string)

      First name of a tenant user.

    • lastName: required (string)

      Last name of a tenant user.

    • password: required (string)

      Password of a tenant user.

    • idp_id: (string)

      Identifier of external Identity Provider.

Example:

{
  "count": 3,
  "results": [
    {
      "id": 2,
      "email": "admin@example.com",
      "firstName": "Admin",
      "lastName": "Admin",
      "password": "admin",
      "idp_id": "059d8639-b566-484b-98b7-729c02870d91"
    }
  ]
}

HTTP status code 400

Invalid request

HTTP status code 401

Unauthenticated request

Secured by oauth_2_0

Headers

  • Authorization: (string)

    Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.

post /tenants/users

Create new tenant user.

Secured by oauth_2_0 with scopes:
  • tenant:tenant-user:create

Tenant Manager supports OAuth 2.0 for authenticating all API requests.

Body

Media type: application/json

Type: object

Properties

  • email: required (string)

    Email of a tenant user.

  • firstName: required (string)

    First name of a tenant user.

  • lastName: required (string)

    Last name of a tenant user.

  • password: required (string)

    Password of a tenant user.

  • idp_id: (string)

    Identifier of external Identity Provider.

Example:

{
  "email": "admin@example.com",
  "firstName": "Admin",
  "lastName": "Admin",
  "password": "admin",
  "idp_id": "059d8639-b566-484b-98b7-729c02870d91"
}

HTTP status code 201

Tenant user is successfully created.

Body

Media type: application/json

Type: object

Properties

  • id: required (integer)

    Unique identifier of a tenant.

  • email: required (string)

    Email of a tenant user.

  • firstName: required (string)

    First name of a tenant user.

  • lastName: required (string)

    Last name of a tenant user.

  • password: required (string)

    Password of a tenant user.

  • idp_id: (string)

    Identifier of external Identity Provider.

Example:

{
  "id": 2,
  "email": "admin@example.com",
  "firstName": "Admin",
  "lastName": "Admin",
  "password": "admin",
  "idp_id": "059d8639-b566-484b-98b7-729c02870d91"
}

HTTP status code 400

Invalid request

HTTP status code 401

Unauthenticated request

Secured by oauth_2_0

Headers

  • Authorization: (string)

    Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.

/tenants/users/{userId} get put delete

get /tenants/users/{userId}

Retrieve tenant user.

Secured by oauth_2_0 with scopes:
  • tenant:tenant-user:read

Tenant Manager supports OAuth 2.0 for authenticating all API requests.

URI Parameters

  • userId: required (integer)

    Identifier of the tenant user to operate on.

    Example:

    2

HTTP status code 200

Tenant user is successfully retrieved.

Body

Media type: application/json

Type: object

Properties

  • id: required (integer)

    Unique identifier of a tenant.

  • email: required (string)

    Email of a tenant user.

  • firstName: required (string)

    First name of a tenant user.

  • lastName: required (string)

    Last name of a tenant user.

  • password: required (string)

    Password of a tenant user.

  • idp_id: (string)

    Identifier of external Identity Provider.

Example:

{
  "id": 2,
  "email": "admin@example.com",
  "firstName": "Admin",
  "lastName": "Admin",
  "password": "admin",
  "idp_id": "059d8639-b566-484b-98b7-729c02870d91"
}

HTTP status code 400

Invalid request

HTTP status code 401

Unauthenticated request

HTTP status code 404

Resource not found or querying user is not authorized for it.

Secured by oauth_2_0

Headers

  • Authorization: (string)

    Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.

put /tenants/users/{userId}

Update user.

Secured by oauth_2_0 with scopes:
  • tenant:tenant-user:update

Tenant Manager supports OAuth 2.0 for authenticating all API requests.

URI Parameters

  • userId: required (integer)

    Identifier of the tenant user to operate on.

    Example:

    2

Body

Media type: application/json

Type: object

Properties

  • email: required (string)

    Email of a tenant user.

  • firstName: required (string)

    First name of a tenant user.

  • lastName: required (string)

    Last name of a tenant user.

  • password: required (string)

    Password of a tenant user.

  • idp_id: (string)

    Identifier of external Identity Provider.

Example:

{
  "email": "admin@example.com",
  "firstName": "Admin",
  "lastName": "Admin",
  "password": "admin",
  "idp_id": "059d8639-b566-484b-98b7-729c02870d91"
}

HTTP status code 201

Tenant user is successfully updated.

Body

Media type: application/json

Type: object

Properties

  • id: required (integer)

    Unique identifier of a tenant.

  • email: required (string)

    Email of a tenant user.

  • firstName: required (string)

    First name of a tenant user.

  • lastName: required (string)

    Last name of a tenant user.

  • password: required (string)

    Password of a tenant user.

  • idp_id: (string)

    Identifier of external Identity Provider.

Example:

{
  "id": 2,
  "email": "admin@example.com",
  "firstName": "Admin",
  "lastName": "Admin",
  "password": "admin",
  "idp_id": "059d8639-b566-484b-98b7-729c02870d91"
}

HTTP status code 400

Invalid request

HTTP status code 401

Unauthenticated request

HTTP status code 404

Resource not found or querying user is not authorized for it.

Secured by oauth_2_0

Headers

  • Authorization: (string)

    Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.

delete /tenants/users/{userId}

Delete user.

Secured by oauth_2_0 with scopes:
  • tenant:tenant-user:delete

Tenant Manager supports OAuth 2.0 for authenticating all API requests.

URI Parameters

  • userId: required (integer)

    Identifier of the tenant user to operate on.

    Example:

    2

HTTP status code 204

Tenant user is successfully deleted.

HTTP status code 400

Invalid request

HTTP status code 401

Unauthenticated request

HTTP status code 404

Resource not found or querying user is not authorized for it.

Secured by oauth_2_0

Headers

  • Authorization: (string)

    Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.

Templates

Operations on realm, frontend client and backend client templates.

/templates/realms get post

get /templates/realms

Retrieve realm templates list.

Secured by oauth_2_0 with scopes:
  • tenant:keycloak-realm-template-version:read

Tenant Manager supports OAuth 2.0 for authenticating all API requests.

Query Parameters

  • offset: (integer)

    Start index that the server should return data from.

    Example:

    0
  • limit: (integer - default: 50)

    Maximum number of items to return. To get all items limit must be 0.

    Example:

    1

HTTP status code 200

Realm templates list is successfully retrieved.

Body

Media type: application/json

Type: object

Properties

  • count: required (integer)

    Total number of elements available for retrieval.

  • results: required (array of RealmTemplate)

    Items: RealmTemplate

    • id: required (integer)

      Unique identifier of a realm template version.

    • template: required (object)

      Realm template version.

      • description: required (string)

        Realm template version description.

    Example:

    {
      "count": 3,
      "results": [
        {
          "id": 2,
          "template": {
            "enabledEventTypes": [],
            "adminEventsEnabled": false,
            "adminEventsDetailsEnabled": false,
            "internationalizationEnabled": false,
            "supportedLocales": [],
            "browserFlow": "browser",
            "registrationFlow": "registration",
            "directGrantFlow": "direct grant",
            "resetCredentialsFlow": "reset credentials",
            "clientAuthenticationFlow": "clients",
            "dockerAuthenticationFlow": "docker auth"
          },
          "description": "realm template description"
        }
      ]
    }
    

    HTTP status code 400

    Invalid request

    HTTP status code 401

    Unauthenticated request

    Secured by oauth_2_0

    Headers

    • Authorization: (string)

      Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.

    post /templates/realms

    Create new realm template.

    Secured by oauth_2_0 with scopes:
    • tenant:keycloak-realm-template-version:create

    Tenant Manager supports OAuth 2.0 for authenticating all API requests.

    Body

    Media type: application/json

    Type: object

    Properties

    • template: required (object)

      Realm template version.

      • description: required (string)

        Realm template version description.

      Example:

      {
        "template": {
          "enabledEventTypes": [],
          "adminEventsEnabled": false,
          "adminEventsDetailsEnabled": false,
          "internationalizationEnabled": false,
          "supportedLocales": [],
          "browserFlow": "browser",
          "registrationFlow": "registration",
          "directGrantFlow": "direct grant",
          "resetCredentialsFlow": "reset credentials",
          "clientAuthenticationFlow": "clients",
          "dockerAuthenticationFlow": "docker auth"
        },
        "description": "realm template description"
      }

      HTTP status code 201

      Realm template is successfully created.

      Body

      Media type: application/json

      Type: object

      Properties

      • id: required (integer)

        Unique identifier of a realm template version.

      • template: required (object)

        Realm template version.

        • description: required (string)

          Realm template version description.

        Example:

        {
          "id": 1,
          "template": {
            "revokeRefreshToken": false,
            "refreshTokenMaxReuse": 0,
            "accessTokenLifespan": 1800,
            "ssoSessionIdleTimeout": 5400,
            "ssoSessionMaxLifespan": 36000
          },
          "description": "realm template description"
        }

        HTTP status code 400

        Invalid request

        HTTP status code 401

        Unauthenticated request

        Secured by oauth_2_0

        Headers

        • Authorization: (string)

          Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.

        /templates/realms/{id} get put delete

        get /templates/realms/{id}

        Retrieve realm template.

        Secured by oauth_2_0 with scopes:
        • tenant:keycloak-realm-template-version:read

        Tenant Manager supports OAuth 2.0 for authenticating all API requests.

        URI Parameters

        • id: required (integer)

          Identifier of the realm template to operate on.

          Example:

          1

        HTTP status code 200

        Realm template is successfully retrieved.

        Body

        Media type: application/json

        Type: object

        Properties

        • id: required (integer)

          Unique identifier of a realm template version.

        • template: required (object)

          Realm template version.

          • description: required (string)

            Realm template version description.

          Example:

          {
            "id": 1,
            "template": {
              "revokeRefreshToken": false,
              "refreshTokenMaxReuse": 0,
              "accessTokenLifespan": 1800,
              "ssoSessionIdleTimeout": 5400,
              "ssoSessionMaxLifespan": 36000
            },
            "description": "realm template description"
          }

          HTTP status code 400

          Invalid request

          HTTP status code 401

          Unauthenticated request

          HTTP status code 404

          Resource not found or querying user is not authorized for it.

          Secured by oauth_2_0

          Headers

          • Authorization: (string)

            Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.

          put /templates/realms/{id}

          Update realm template

          Secured by oauth_2_0 with scopes:
          • tenant:keycloak-realm-template-version:update

          Tenant Manager supports OAuth 2.0 for authenticating all API requests.

          URI Parameters

          • id: required (integer)

            Identifier of the realm template to operate on.

            Example:

            1

          Body

          Media type: application/json

          Type: object

          Properties

          • template: required (object)

            Realm template version.

            • description: required (string)

              Realm template version description.

            Example:

            {
              "template": {
                "enabledEventTypes": [],
                "adminEventsEnabled": false,
                "adminEventsDetailsEnabled": false,
                "internationalizationEnabled": false,
                "supportedLocales": [],
                "browserFlow": "browser",
                "registrationFlow": "registration",
                "directGrantFlow": "direct grant",
                "resetCredentialsFlow": "reset credentials",
                "clientAuthenticationFlow": "clients",
                "dockerAuthenticationFlow": "docker auth"
              },
              "description": "realm template description"
            }

            HTTP status code 200

            Realm template is successfully updated.

            Body

            Media type: application/json

            Type: object

            Properties

            • id: required (integer)

              Unique identifier of a realm template version.

            • template: required (object)

              Realm template version.

              • description: required (string)

                Realm template version description.

              Example:

              {
                "id": 1,
                "template": {
                  "revokeRefreshToken": false,
                  "refreshTokenMaxReuse": 0,
                  "accessTokenLifespan": 1800,
                  "ssoSessionIdleTimeout": 5400,
                  "ssoSessionMaxLifespan": 36000
                },
                "description": "realm template description"
              }

              HTTP status code 400

              Invalid request

              HTTP status code 401

              Unauthenticated request

              HTTP status code 404

              Resource not found or querying user is not authorized for it.

              Secured by oauth_2_0

              Headers

              • Authorization: (string)

                Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.

              delete /templates/realms/{id}

              Delete realm template.

              Secured by oauth_2_0 with scopes:
              • tenant:keycloak-realm-template-version:delete

              Tenant Manager supports OAuth 2.0 for authenticating all API requests.

              URI Parameters

              • id: required (integer)

                Identifier of the realm template to operate on.

                Example:

                1

              HTTP status code 204

              Realm template is successfully deleted.

              HTTP status code 400

              Invalid request

              HTTP status code 401

              Unauthenticated request

              HTTP status code 404

              Resource not found or querying user is not authorized for it.

              Secured by oauth_2_0

              Headers

              • Authorization: (string)

                Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.

              /templates/realm-frontend-clients get post

              get /templates/realm-frontend-clients

              Retrieve realm frontend client template list.

              Secured by oauth_2_0 with scopes:
              • tenant:keycloak-client-frontend-template-version:read

              Tenant Manager supports OAuth 2.0 for authenticating all API requests.

              Query Parameters

              • offset: (integer)

                Start index that the server should return data from.

                Example:

                0
              • limit: (integer - default: 50)

                Maximum number of items to return. To get all items limit must be 0.

                Example:

                1

              HTTP status code 200

              Realm frontend client template list is successfully retrieved.

              Body

              Media type: application/json

              Type: object

              Properties

              • count: required (integer)

                Total number of elements available for retrieval.

              • results: required (array of RealmFrontendClientTemplate)

                Items: RealmFrontendClientTemplate

                • id: required (integer)

                  Unique identifier of a realm frontend template version.

                • template: required (object)

                  Realm frontend template version.

                  • description: required (string)

                    Realm frontend template version description.

                Example:

                {
                  "count": 3,
                  "results": [
                    {
                      "id": 2,
                      "template": {
                        "protocol": "openid-connect",
                        "webOrigins": [
                          "+"
                        ],
                        "publicClient": true,
                        "redirectUris": [
                          "*"
                        ],
                        "fullScopeAllowed": false,
                        "serviceAccountsEnabled": false,
                        "authorizationServicesEnabled": false
                      },
                      "description": "realm frontend client template description"
                    }
                  ]
                }
                

                HTTP status code 400

                Invalid request

                HTTP status code 401

                Unauthenticated request

                Secured by oauth_2_0

                Headers

                • Authorization: (string)

                  Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.

                post /templates/realm-frontend-clients

                Create new realm frontend client template.

                Secured by oauth_2_0 with scopes:
                • tenant:keycloak-client-frontend-template-version:create

                Tenant Manager supports OAuth 2.0 for authenticating all API requests.

                Body

                Media type: application/json

                Type: object

                Properties

                • template: required (object)

                  Realm frontend template version.

                  • description: required (string)

                    Realm frontend template version description.

                  Example:

                  {
                    "template": {
                      "protocol": "openid-connect",
                      "webOrigins": [
                        "+"
                      ],
                      "publicClient": true,
                      "redirectUris": [
                        "*"
                      ],
                      "fullScopeAllowed": false,
                      "serviceAccountsEnabled": false,
                      "authorizationServicesEnabled": false
                    },
                    "description": "realm frontend client template description"
                  }

                  HTTP status code 201

                  Realm frontend client template is successfully created.

                  Body

                  Media type: application/json

                  Type: object

                  Properties

                  • id: required (integer)

                    Unique identifier of a realm frontend template version.

                  • template: required (object)

                    Realm frontend template version.

                    • description: required (string)

                      Realm frontend template version description.

                    Example:

                    {
                      "id": 2,
                      "template": {
                        "protocol": "openid-connect",
                        "webOrigins": [
                          "+"
                        ],
                        "publicClient": true,
                        "redirectUris": [
                          "*"
                        ],
                        "fullScopeAllowed": false,
                        "serviceAccountsEnabled": false,
                        "authorizationServicesEnabled": false
                      },
                      "description": "realm frontend client template description"
                    }

                    HTTP status code 400

                    Invalid request

                    HTTP status code 401

                    Unauthenticated request

                    Secured by oauth_2_0

                    Headers

                    • Authorization: (string)

                      Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.

                    /templates/realm-frontend-clients/{id} get put delete

                    get /templates/realm-frontend-clients/{id}

                    Retrieve realm frontend client template.

                    Secured by oauth_2_0 with scopes:
                    • tenant:keycloak-client-frontend-template-version:read

                    Tenant Manager supports OAuth 2.0 for authenticating all API requests.

                    URI Parameters

                    • id: required (integer)

                      Identifier of the realm frontend client template to operate on.

                      Example:

                      2

                    HTTP status code 200

                    Realm frontend client template is successfully retrieved.

                    Body

                    Media type: application/json

                    Type: object

                    Properties

                    • id: required (integer)

                      Unique identifier of a realm frontend template version.

                    • template: required (object)

                      Realm frontend template version.

                      • description: required (string)

                        Realm frontend template version description.

                      Example:

                      {
                        "id": 2,
                        "template": {
                          "protocol": "openid-connect",
                          "webOrigins": [
                            "+"
                          ],
                          "publicClient": true,
                          "redirectUris": [
                            "*"
                          ],
                          "fullScopeAllowed": false,
                          "serviceAccountsEnabled": false,
                          "authorizationServicesEnabled": false
                        },
                        "description": "realm frontend client template description"
                      }

                      HTTP status code 400

                      Invalid request

                      HTTP status code 401

                      Unauthenticated request

                      HTTP status code 404

                      Resource not found or querying user is not authorized for it.

                      Secured by oauth_2_0

                      Headers

                      • Authorization: (string)

                        Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.

                      put /templates/realm-frontend-clients/{id}

                      Update realm frontend client template

                      Secured by oauth_2_0 with scopes:
                      • tenant:keycloak-client-frontend-template-version:update

                      Tenant Manager supports OAuth 2.0 for authenticating all API requests.

                      URI Parameters

                      • id: required (integer)

                        Identifier of the realm frontend client template to operate on.

                        Example:

                        2

                      Body

                      Media type: application/json

                      Type: object

                      Properties

                      • template: required (object)

                        Realm frontend template version.

                        • description: required (string)

                          Realm frontend template version description.

                        Example:

                        {
                          "template": {
                            "protocol": "openid-connect",
                            "webOrigins": [
                              "+"
                            ],
                            "publicClient": true,
                            "redirectUris": [
                              "*"
                            ],
                            "fullScopeAllowed": false,
                            "serviceAccountsEnabled": false,
                            "authorizationServicesEnabled": false
                          },
                          "description": "realm frontend client template description"
                        }

                        HTTP status code 200

                        Realm frontend client template is successfully updated.

                        Body

                        Media type: application/json

                        Type: object

                        Properties

                        • id: required (integer)

                          Unique identifier of a realm frontend template version.

                        • template: required (object)

                          Realm frontend template version.

                          • description: required (string)

                            Realm frontend template version description.

                          Example:

                          {
                            "id": 2,
                            "template": {
                              "protocol": "openid-connect",
                              "webOrigins": [
                                "+"
                              ],
                              "publicClient": true,
                              "redirectUris": [
                                "*"
                              ],
                              "fullScopeAllowed": false,
                              "serviceAccountsEnabled": false,
                              "authorizationServicesEnabled": false
                            },
                            "description": "realm frontend client template description"
                          }

                          HTTP status code 400

                          Invalid request

                          HTTP status code 401

                          Unauthenticated request

                          HTTP status code 404

                          Resource not found or querying user is not authorized for it.

                          Secured by oauth_2_0

                          Headers

                          • Authorization: (string)

                            Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.

                          delete /templates/realm-frontend-clients/{id}

                          Delete realm frontend client template.

                          Secured by oauth_2_0 with scopes:
                          • tenant:keycloak-client-frontend-template-version:delete

                          Tenant Manager supports OAuth 2.0 for authenticating all API requests.

                          URI Parameters

                          • id: required (integer)

                            Identifier of the realm frontend client template to operate on.

                            Example:

                            2

                          HTTP status code 204

                          Realm frontend client template is successfully deleted.

                          HTTP status code 400

                          Invalid request

                          HTTP status code 401

                          Unauthenticated request

                          HTTP status code 404

                          Resource not found or querying user is not authorized for it.

                          Secured by oauth_2_0

                          Headers

                          • Authorization: (string)

                            Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.

                          /templates/realm-backend-clients get post

                          get /templates/realm-backend-clients

                          Retrieve realm backend client template list.

                          Secured by oauth_2_0 with scopes:
                          • tenant:keycloak-client-backend-template-version:read

                          Tenant Manager supports OAuth 2.0 for authenticating all API requests.

                          Query Parameters

                          • offset: (integer)

                            Start index that the server should return data from.

                            Example:

                            0
                          • limit: (integer - default: 50)

                            Maximum number of items to return. To get all items limit must be 0.

                            Example:

                            1

                          HTTP status code 200

                          Realm backend client template list is successfully retrieved.

                          Body

                          Media type: application/json

                          Type: object

                          Properties

                          • count: required (integer)

                            Total number of elements available for retrieval.

                          • results: required (array of RealmBackendClientTemplate)

                            Items: RealmBackendClientTemplate

                            • id: required (integer)

                              Unique identifier of a realm backend template version.

                            • template: required (object)

                              Realm backend template version.

                              • description: required (string)

                                Realm backend template version description.

                            Example:

                            {
                              "count": 4,
                              "results": [
                                {
                                  "id": 2,
                                  "template": {
                                    "protocol": "openid-connect",
                                    "webOrigins": [
                                      "+"
                                    ],
                                    "publicClient": false,
                                    "redirectUris": [
                                      "*"
                                    ],
                                    "fullScopeAllowed": false,
                                    "serviceAccountsEnabled": true,
                                    "authorizationServicesEnabled": true
                                  },
                                  "description": "realm backend client template description"
                                }
                              ]
                            }
                            

                            HTTP status code 400

                            Invalid request

                            HTTP status code 401

                            Unauthenticated request

                            Secured by oauth_2_0

                            Headers

                            • Authorization: (string)

                              Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.

                            post /templates/realm-backend-clients

                            Create new realm backend client template.

                            Secured by oauth_2_0 with scopes:
                            • tenant:keycloak-client-backend-template-version:create

                            Tenant Manager supports OAuth 2.0 for authenticating all API requests.

                            Body

                            Media type: application/json

                            Type: object

                            Properties

                            • template: required (object)

                              Realm backend template version.

                              • description: required (string)

                                Realm backend template version description.

                              Example:

                              {
                                "template": {
                                  "protocol": "openid-connect",
                                  "webOrigins": [
                                    "+"
                                  ],
                                  "publicClient": false,
                                  "redirectUris": [
                                    "*"
                                  ],
                                  "fullScopeAllowed": false,
                                  "serviceAccountsEnabled": true,
                                  "authorizationServicesEnabled": true
                                },
                                "description": "realm backend client template description"
                              }

                              HTTP status code 201

                              Realm backend client template is successfully created.

                              Body

                              Media type: application/json

                              Type: object

                              Properties

                              • id: required (integer)

                                Unique identifier of a realm backend template version.

                              • template: required (object)

                                Realm backend template version.

                                • description: required (string)

                                  Realm backend template version description.

                                Example:

                                {
                                  "id": 2,
                                  "template": {
                                    "protocol": "openid-connect",
                                    "webOrigins": [
                                      "+"
                                    ],
                                    "publicClient": false,
                                    "redirectUris": [
                                      "*"
                                    ],
                                    "fullScopeAllowed": false,
                                    "serviceAccountsEnabled": true,
                                    "authorizationServicesEnabled": true
                                  },
                                  "description": "realm backend client template description"
                                }

                                HTTP status code 400

                                Invalid request

                                HTTP status code 401

                                Unauthenticated request

                                Secured by oauth_2_0

                                Headers

                                • Authorization: (string)

                                  Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.

                                /templates/realm-backend-clients/{id} get put delete

                                get /templates/realm-backend-clients/{id}

                                Retrieve realm backend client template.

                                Secured by oauth_2_0 with scopes:
                                • tenant:keycloak-client-backend-template-version:read

                                Tenant Manager supports OAuth 2.0 for authenticating all API requests.

                                URI Parameters

                                • id: required (integer)

                                  Identifier of the realm backend client template to operate on.

                                  Example:

                                  2

                                HTTP status code 200

                                Realm backend client template is successfully retrieved.

                                Body

                                Media type: application/json

                                Type: object

                                Properties

                                • id: required (integer)

                                  Unique identifier of a realm backend template version.

                                • template: required (object)

                                  Realm backend template version.

                                  • description: required (string)

                                    Realm backend template version description.

                                  Example:

                                  {
                                    "id": 2,
                                    "template": {
                                      "protocol": "openid-connect",
                                      "webOrigins": [
                                        "+"
                                      ],
                                      "publicClient": false,
                                      "redirectUris": [
                                        "*"
                                      ],
                                      "fullScopeAllowed": false,
                                      "serviceAccountsEnabled": true,
                                      "authorizationServicesEnabled": true
                                    },
                                    "description": "realm backend client template description"
                                  }

                                  HTTP status code 400

                                  Invalid request

                                  HTTP status code 401

                                  Unauthenticated request

                                  HTTP status code 404

                                  Resource not found or querying user is not authorized for it.

                                  Secured by oauth_2_0

                                  Headers

                                  • Authorization: (string)

                                    Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.

                                  put /templates/realm-backend-clients/{id}

                                  Update realm backend client template

                                  Secured by oauth_2_0 with scopes:
                                  • tenant:keycloak-client-backend-template-version:update

                                  Tenant Manager supports OAuth 2.0 for authenticating all API requests.

                                  URI Parameters

                                  • id: required (integer)

                                    Identifier of the realm backend client template to operate on.

                                    Example:

                                    2

                                  Body

                                  Media type: application/json

                                  Type: object

                                  Properties

                                  • template: required (object)

                                    Realm backend template version.

                                    • description: required (string)

                                      Realm backend template version description.

                                    Example:

                                    {
                                      "template": {
                                        "protocol": "openid-connect",
                                        "webOrigins": [
                                          "+"
                                        ],
                                        "publicClient": false,
                                        "redirectUris": [
                                          "*"
                                        ],
                                        "fullScopeAllowed": false,
                                        "serviceAccountsEnabled": true,
                                        "authorizationServicesEnabled": true
                                      },
                                      "description": "realm backend client template description"
                                    }

                                    HTTP status code 200

                                    Realm backend client template is successfully updated.

                                    Body

                                    Media type: application/json

                                    Type: object

                                    Properties

                                    • id: required (integer)

                                      Unique identifier of a realm backend template version.

                                    • template: required (object)

                                      Realm backend template version.

                                      • description: required (string)

                                        Realm backend template version description.

                                      Example:

                                      {
                                        "id": 2,
                                        "template": {
                                          "protocol": "openid-connect",
                                          "webOrigins": [
                                            "+"
                                          ],
                                          "publicClient": false,
                                          "redirectUris": [
                                            "*"
                                          ],
                                          "fullScopeAllowed": false,
                                          "serviceAccountsEnabled": true,
                                          "authorizationServicesEnabled": true
                                        },
                                        "description": "realm backend client template description"
                                      }

                                      HTTP status code 400

                                      Invalid request

                                      HTTP status code 401

                                      Unauthenticated request

                                      HTTP status code 404

                                      Resource not found or querying user is not authorized for it.

                                      Secured by oauth_2_0

                                      Headers

                                      • Authorization: (string)

                                        Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.

                                      delete /templates/realm-backend-clients/{id}

                                      Delete realm backend client template.

                                      Secured by oauth_2_0 with scopes:
                                      • tenant:keycloak-client-backend-template-version:delete

                                      Tenant Manager supports OAuth 2.0 for authenticating all API requests.

                                      URI Parameters

                                      • id: required (integer)

                                        Identifier of the realm backend client template to operate on.

                                        Example:

                                        2

                                      HTTP status code 204

                                      Realm backend client template is successfully deleted.

                                      HTTP status code 400

                                      Invalid request

                                      HTTP status code 401

                                      Unauthenticated request

                                      HTTP status code 404

                                      Resource not found or querying user is not authorized for it.

                                      Secured by oauth_2_0

                                      Headers

                                      • Authorization: (string)

                                        Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.

                                      Scopes

                                      Operations on realm scopes.

                                      /scopes get post

                                      get /scopes

                                      Retrieve realm scopes list.

                                      Secured by oauth_2_0 with scopes:
                                      • tenant:keycloak-scopes:read

                                      Tenant Manager supports OAuth 2.0 for authenticating all API requests.

                                      Query Parameters

                                      • offset: (integer)

                                        Start index that the server should return data from.

                                        Example:

                                        0
                                      • limit: (integer - default: 50)

                                        Maximum number of items to return. To get all items limit must be 0.

                                        Example:

                                        1

                                      HTTP status code 200

                                      Realm scopes list is successfully retrieved.

                                      Body

                                      Media type: application/json

                                      Type: object

                                      Properties

                                      • count: required (integer)

                                        Total number of elements available for retrieval.

                                      • results: required (array of RealmScope)

                                        Items: RealmScope

                                        • name: required (string)

                                          Unique identifier of a realm scope.

                                        • dispalayName: required (string)

                                          Name of a realm scope.

                                      Example:

                                      {
                                        "count": 97,
                                        "results": [
                                          {
                                            "name": "application:read",
                                            "displayName": "application:read"
                                          },
                                          {
                                            "name": "application:software:read",
                                            "displayName": "application:software:read"
                                          },
                                          {
                                            "name": "application:software:update",
                                            "displayName": "application:software:update"
                                          },
                                          {
                                            "name": "application:timeseries-config:read",
                                            "displayName": "application:timeseries-config:read"
                                          },
                                          {
                                            "name": "application:update",
                                            "displayName": "application:update"
                                          },
                                          {
                                            "name": "dashboard:read",
                                            "displayName": "dashboard:read"
                                          },
                                          {
                                            "name": "endpoint:delete",
                                            "displayName": "endpoint:delete"
                                          },
                                          {
                                            "name": "endpoint:read",
                                            "displayName": "endpoint:read"
                                          },
                                          {
                                            "name": "endpoint:update",
                                            "displayName": "endpoint:update"
                                          },
                                          {
                                            "name": "kaa:application:create",
                                            "displayName": "kaa:application:create"
                                          }
                                        ]
                                      }
                                      

                                      HTTP status code 400

                                      Invalid request

                                      HTTP status code 401

                                      Unauthenticated request

                                      Secured by oauth_2_0

                                      Headers

                                      • Authorization: (string)

                                        Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.

                                      post /scopes

                                      Create new realm scope.

                                      Secured by oauth_2_0 with scopes:
                                      • tenant:keycloak-scopes:create

                                      Tenant Manager supports OAuth 2.0 for authenticating all API requests.

                                      Body

                                      Media type: application/json

                                      Type: object

                                      Properties

                                      • name: required (string)

                                        Unique identifier of a realm scope.

                                      • dispalayName: required (string)

                                        Name of a realm scope.

                                      Example:

                                      {
                                        "name": "application:read",
                                        "displayName": "application:read"
                                      }
                                      

                                      HTTP status code 201

                                      Realm scope is successfully created.

                                      Body

                                      Media type: application/json

                                      Type: object

                                      Properties

                                      • name: required (string)

                                        Unique identifier of a realm scope.

                                      • dispalayName: required (string)

                                        Name of a realm scope.

                                      Example:

                                      {
                                        "name": "application:read",
                                        "displayName": "application:read"
                                      }
                                      

                                      HTTP status code 400

                                      Invalid request

                                      HTTP status code 401

                                      Unauthenticated request

                                      Secured by oauth_2_0

                                      Headers

                                      • Authorization: (string)

                                        Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.

                                      /scopes/{id} get put delete

                                      get /scopes/{id}

                                      Retrieve realm scope.

                                      Secured by oauth_2_0 with scopes:
                                      • tenant:keycloak-scopes:read

                                      Tenant Manager supports OAuth 2.0 for authenticating all API requests.

                                      URI Parameters

                                      • id: required (string)

                                        Identifier of the realm scope to operate on.

                                        Example:

                                        application:read

                                      HTTP status code 200

                                      Realm scope is successfully retrieved.

                                      Body

                                      Media type: application/json

                                      Type: object

                                      Properties

                                      • name: required (string)

                                        Unique identifier of a realm scope.

                                      • dispalayName: required (string)

                                        Name of a realm scope.

                                      Example:

                                      {
                                        "name": "application:read",
                                        "displayName": "application:read"
                                      }
                                      

                                      HTTP status code 400

                                      Invalid request

                                      HTTP status code 401

                                      Unauthenticated request

                                      HTTP status code 404

                                      Resource not found or querying user is not authorized for it.

                                      Secured by oauth_2_0

                                      Headers

                                      • Authorization: (string)

                                        Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.

                                      put /scopes/{id}

                                      Update realm scope

                                      Secured by oauth_2_0 with scopes:
                                      • tenant:keycloak-scopes:update

                                      Tenant Manager supports OAuth 2.0 for authenticating all API requests.

                                      URI Parameters

                                      • id: required (string)

                                        Identifier of the realm scope to operate on.

                                        Example:

                                        application:read

                                      Body

                                      Media type: application/json

                                      Type: object

                                      Properties

                                      • name: required (string)

                                        Unique identifier of a realm scope.

                                      • dispalayName: required (string)

                                        Name of a realm scope.

                                      Example:

                                      {
                                        "name": "application:read",
                                        "displayName": "application:read"
                                      }
                                      

                                      HTTP status code 200

                                      Realm scope is successfully updated.

                                      Body

                                      Media type: application/json

                                      Type: object

                                      Properties

                                      • name: required (string)

                                        Unique identifier of a realm scope.

                                      • dispalayName: required (string)

                                        Name of a realm scope.

                                      Example:

                                      {
                                        "name": "application:read",
                                        "displayName": "application:read"
                                      }
                                      

                                      HTTP status code 400

                                      Invalid request

                                      HTTP status code 401

                                      Unauthenticated request

                                      HTTP status code 404

                                      Resource not found or querying user is not authorized for it.

                                      Secured by oauth_2_0

                                      Headers

                                      • Authorization: (string)

                                        Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.

                                      delete /scopes/{id}

                                      Delete realm scope.

                                      Secured by oauth_2_0 with scopes:
                                      • tenant:keycloak-scopes:delete

                                      Tenant Manager supports OAuth 2.0 for authenticating all API requests.

                                      URI Parameters

                                      • id: required (string)

                                        Identifier of the realm scope to operate on.

                                        Example:

                                        application:read

                                      HTTP status code 204

                                      Realm scope is successfully deleted.

                                      HTTP status code 400

                                      Invalid request

                                      HTTP status code 401

                                      Unauthenticated request

                                      HTTP status code 404

                                      Resource not found or querying user is not authorized for it.

                                      Secured by oauth_2_0

                                      Headers

                                      • Authorization: (string)

                                        Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.

                                      /scopes/versions get post

                                      get /scopes/versions

                                      Retrieve realm scopes versions list.

                                      Secured by oauth_2_0 with scopes:
                                      • tenant:keycloak-scopes-versions:read

                                      Tenant Manager supports OAuth 2.0 for authenticating all API requests.

                                      Query Parameters

                                      • offset: (integer)

                                        Start index that the server should return data from.

                                        Example:

                                        0
                                      • limit: (integer - default: 50)

                                        Maximum number of items to return. To get all items limit must be 0.

                                        Example:

                                        1

                                      HTTP status code 200

                                      Realm scopes versions list is successfully retrieved.

                                      Body

                                      Media type: application/json

                                      Type: object

                                      Properties

                                      • count: required (integer)

                                        Total number of elements available for retrieval.

                                      • results: required (array of RealmScopeVersion)

                                        Items: RealmScopeVersion

                                        • id: required (integer)

                                          Unique identifier of a realm scope version.

                                        • scopes: required (array of items)

                                          Array of scopes.

                                      Example:

                                      {
                                        "count": 4,
                                        "results": [
                                          {
                                            "id": 2,
                                            "scopes": [
                                              "application:delete",
                                              "application:endpoint-config:delete",
                                              "application:endpoint-config:read",
                                              "application:endpoint-config:update",
                                              "application:endpoint:create",
                                              "application:endpoint-filter:create",
                                              "application:endpoint-filter:delete",
                                              "application:endpoint-filter:read",
                                              "application:endpoint-filter:update",
                                              "application:endpoints-metadata-keys:read",
                                              "application:read"
                                            ]
                                          }
                                        ]
                                      }
                                      

                                      HTTP status code 400

                                      Invalid request

                                      HTTP status code 401

                                      Unauthenticated request

                                      Secured by oauth_2_0

                                      Headers

                                      • Authorization: (string)

                                        Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.

                                      post /scopes/versions

                                      Create new realm scope version.

                                      Secured by oauth_2_0 with scopes:
                                      • tenant:keycloak-scopes-versions:create

                                      Tenant Manager supports OAuth 2.0 for authenticating all API requests.

                                      HTTP status code 201

                                      Realm scope version is successfully created.

                                      Body

                                      Media type: application/json

                                      Type: object

                                      Properties

                                      • id: required (integer)

                                        Unique identifier of a realm scope version.

                                      • scopes: required (array of items)

                                        Array of scopes.

                                      Example:

                                      {
                                        "id": 1,
                                        "scopes": []
                                      }

                                      HTTP status code 400

                                      Invalid request

                                      HTTP status code 401

                                      Unauthenticated request

                                      Secured by oauth_2_0

                                      Headers

                                      • Authorization: (string)

                                        Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.

                                      /scopes/versions/{id} get delete

                                      get /scopes/versions/{id}

                                      Retrieve realm scope version.

                                      Secured by oauth_2_0 with scopes:
                                      • tenant:keycloak-scopes-versions:read

                                      Tenant Manager supports OAuth 2.0 for authenticating all API requests.

                                      URI Parameters

                                      • id: required (integer)

                                        Identifier of the realm scope version to operate on.

                                        Example:

                                        1

                                      HTTP status code 200

                                      Realm scope version is successfully retrieved.

                                      Body

                                      Media type: application/json

                                      Type: object

                                      Properties

                                      • id: required (integer)

                                        Unique identifier of a realm scope version.

                                      • scopes: required (array of items)

                                        Array of scopes.

                                      Example:

                                      {
                                        "id": 1,
                                        "scopes": [
                                          "tenant:keycloak-client-backend-template-version:create",
                                          "tenant:keycloak-client-backend-template-version:delete",
                                          "tenant:keycloak-client-backend-template-version:read",
                                          "tenant:keycloak-client-backend-template-version:update",
                                          "tenant:keycloak-client-frontend-template-version:create",
                                          "tenant:keycloak-client-frontend-template-version:delete",
                                          "tenant:keycloak-client-frontend-template-version:read",
                                          "tenant:keycloak-client-frontend-template-version:update",
                                          "tenant:keycloak-default-resource:create",
                                          "tenant:keycloak-default-resource:delete"
                                        ]
                                      }
                                      

                                      HTTP status code 400

                                      Invalid request

                                      HTTP status code 401

                                      Unauthenticated request

                                      HTTP status code 404

                                      Resource not found or querying user is not authorized for it.

                                      Secured by oauth_2_0

                                      Headers

                                      • Authorization: (string)

                                        Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.

                                      delete /scopes/versions/{id}

                                      Delete realm scope version.

                                      Secured by oauth_2_0 with scopes:
                                      • tenant:keycloak-scopes-versions:delete

                                      Tenant Manager supports OAuth 2.0 for authenticating all API requests.

                                      URI Parameters

                                      • id: required (integer)

                                        Identifier of the realm scope version to operate on.

                                        Example:

                                        1

                                      HTTP status code 204

                                      Realm scope version is successfully deleted.

                                      HTTP status code 400

                                      Invalid request

                                      HTTP status code 401

                                      Unauthenticated request

                                      HTTP status code 404

                                      Resource not found or querying user is not authorized for it.

                                      Secured by oauth_2_0

                                      Headers

                                      • Authorization: (string)

                                        Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.

                                      /scopes/versions-mappings get post

                                      get /scopes/versions-mappings

                                      Retrieve realm scopes versions mappings list.

                                      Secured by oauth_2_0 with scopes:
                                      • tenant:keycloak-scopes-versions-mappings:read

                                      Tenant Manager supports OAuth 2.0 for authenticating all API requests.

                                      Query Parameters

                                      • offset: (integer)

                                        Start index that the server should return data from.

                                        Example:

                                        0
                                      • limit: (integer - default: 50)

                                        Maximum number of items to return. To get all items limit must be 0.

                                        Example:

                                        1

                                      HTTP status code 200

                                      Realm scopes versions mappings list is successfully retrieved.

                                      Body

                                      Media type: application/json

                                      Type: object

                                      Properties

                                      • count: required (integer)

                                        Total number of elements available for retrieval.

                                      • results: required (array of RealmScopeVersionMapping)

                                        Items: RealmScopeVersionMapping

                                        • id: required (integer)

                                          Unique identifier of a realm scope version mapping.

                                        • verision: required (integer)

                                          Identifier of a realm scope version.

                                        • scope: required (string)

                                          Identifier of a realm scope.

                                      Example:

                                      {
                                        "count": 97,
                                        "results": [
                                          {
                                            "id": 11,
                                            "version": 1,
                                            "scope": "application:endpoint-config:read"
                                          },
                                          {
                                            "id": 12,
                                            "version": 1,
                                            "scope": "application:endpoint-config:update"
                                          },
                                          {
                                            "id": 13,
                                            "version": 1,
                                            "scope": "application:endpoint-config:delete"
                                          },
                                          {
                                            "id": 14,
                                            "version": 1,
                                            "scope": "application:software:read"
                                          },
                                          {
                                            "id": 15,
                                            "version": 1,
                                            "scope": "application:software:update"
                                          }
                                        ]
                                      }
                                      

                                      HTTP status code 400

                                      Invalid request

                                      HTTP status code 401

                                      Unauthenticated request

                                      Secured by oauth_2_0

                                      Headers

                                      • Authorization: (string)

                                        Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.

                                      post /scopes/versions-mappings

                                      Create new realm scope version.

                                      Secured by oauth_2_0 with scopes:
                                      • tenant:keycloak-scopes-versions-mappings:create

                                      Tenant Manager supports OAuth 2.0 for authenticating all API requests.

                                      Body

                                      Media type: application/json

                                      Type: object

                                      Properties

                                      • verision: required (integer)

                                        Identifier of a realm scope version.

                                      • scope: required (string)

                                        Identifier of a realm scope.

                                      Example:

                                      {
                                        "version": 1,
                                        "scope": "application:read"
                                      }
                                      

                                      HTTP status code 201

                                      Realm scope version is successfully created.

                                      Body

                                      Media type: application/json

                                      Type: object

                                      Properties

                                      • id: required (integer)

                                        Unique identifier of a realm scope version mapping.

                                      • verision: required (integer)

                                        Identifier of a realm scope version.

                                      • scope: required (string)

                                        Identifier of a realm scope.

                                      Example:

                                      {
                                        "id": 1,
                                        "version": 1,
                                        "scope": "application:read"
                                      }
                                      

                                      HTTP status code 400

                                      Invalid request

                                      HTTP status code 401

                                      Unauthenticated request

                                      Secured by oauth_2_0

                                      Headers

                                      • Authorization: (string)

                                        Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.

                                      /scopes/versions-mappings/{id} get put delete

                                      get /scopes/versions-mappings/{id}

                                      Retrieve realm scope version mapping.

                                      Secured by oauth_2_0 with scopes:
                                      • tenant:keycloak-scopes-versions-mappings:read

                                      Tenant Manager supports OAuth 2.0 for authenticating all API requests.

                                      URI Parameters

                                      • id: required (integer)

                                        Identifier of the realm scope version mapping to operate on.

                                        Example:

                                        1

                                      HTTP status code 200

                                      Realm scope version mapping is successfully retrieved.

                                      Body

                                      Media type: application/json

                                      Type: object

                                      Properties

                                      • id: required (integer)

                                        Unique identifier of a realm scope version mapping.

                                      • verision: required (integer)

                                        Identifier of a realm scope version.

                                      • scope: required (string)

                                        Identifier of a realm scope.

                                      Example:

                                      {
                                        "id": 1,
                                        "version": 1,
                                        "scope": "application:read"
                                      }
                                      

                                      HTTP status code 400

                                      Invalid request

                                      HTTP status code 401

                                      Unauthenticated request

                                      HTTP status code 404

                                      Resource not found or querying user is not authorized for it.

                                      Secured by oauth_2_0

                                      Headers

                                      • Authorization: (string)

                                        Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.

                                      put /scopes/versions-mappings/{id}

                                      Update realm scope version mapping.

                                      Secured by oauth_2_0 with scopes:
                                      • tenant:keycloak-scopes-versions-mappings:update

                                      Tenant Manager supports OAuth 2.0 for authenticating all API requests.

                                      URI Parameters

                                      • id: required (integer)

                                        Identifier of the realm scope version mapping to operate on.

                                        Example:

                                        1

                                      Body

                                      Media type: application/json

                                      Type: object

                                      Properties

                                      • verision: required (integer)

                                        Identifier of a realm scope version.

                                      • scope: required (string)

                                        Identifier of a realm scope.

                                      Example:

                                      {
                                        "version": 1,
                                        "scope": "application:read"
                                      }
                                      

                                      HTTP status code 200

                                      Realm scope version mapping is successfully updated.

                                      Body

                                      Media type: application/json

                                      Type: object

                                      Properties

                                      • id: required (integer)

                                        Unique identifier of a realm scope version mapping.

                                      • verision: required (integer)

                                        Identifier of a realm scope version.

                                      • scope: required (string)

                                        Identifier of a realm scope.

                                      Example:

                                      {
                                        "id": 1,
                                        "version": 1,
                                        "scope": "application:read"
                                      }
                                      

                                      HTTP status code 400

                                      Invalid request

                                      HTTP status code 401

                                      Unauthenticated request

                                      HTTP status code 404

                                      Resource not found or querying user is not authorized for it.

                                      Secured by oauth_2_0

                                      Headers

                                      • Authorization: (string)

                                        Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.

                                      delete /scopes/versions-mappings/{id}

                                      Delete realm scope version mapping.

                                      Secured by oauth_2_0 with scopes:
                                      • tenant:keycloak-scopes-versions-mappings:delete

                                      Tenant Manager supports OAuth 2.0 for authenticating all API requests.

                                      URI Parameters

                                      • id: required (integer)

                                        Identifier of the realm scope version mapping to operate on.

                                        Example:

                                        1

                                      HTTP status code 204

                                      Realm scope version mapping is successfully deleted.

                                      HTTP status code 400

                                      Invalid request

                                      HTTP status code 401

                                      Unauthenticated request

                                      HTTP status code 404

                                      Resource not found or querying user is not authorized for it.

                                      Secured by oauth_2_0

                                      Headers

                                      • Authorization: (string)

                                        Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.

                                      Roles

                                      Operations on realm roles.

                                      /roles get post

                                      get /roles

                                      Retrieve realm roles list.

                                      Secured by oauth_2_0 with scopes:
                                      • tenant:keycloak-roles:read

                                      Tenant Manager supports OAuth 2.0 for authenticating all API requests.

                                      Query Parameters

                                      • offset: (integer)

                                        Start index that the server should return data from.

                                        Example:

                                        0
                                      • limit: (integer - default: 50)

                                        Maximum number of items to return. To get all items limit must be 0.

                                        Example:

                                        1

                                      HTTP status code 200

                                      Realm roles list is successfully retrieved.

                                      Body

                                      Media type: application/json

                                      Type: object

                                      Properties

                                      • count: required (integer)

                                        Total number of elements available for retrieval.

                                      • results: required (array of RealmRole)

                                        Items: RealmRole

                                        • name: required (string)

                                          Unique identifier of a realm role.

                                        • scopes: required (array of items)

                                          Array of scopes.

                                      Example:

                                      {
                                        "count": 47,
                                        "results": [
                                          {
                                            "name": "endpoint-reader",
                                            "scopes": [
                                              "endpoint:read"
                                            ]
                                          },
                                          {
                                            "name": "keycloak-client-backend-template-version-admin",
                                            "scopes": [
                                              "tenant:keycloak-client-backend-template-version:create",
                                              "tenant:keycloak-client-backend-template-version:delete",
                                              "tenant:keycloak-client-backend-template-version:read",
                                              "tenant:keycloak-client-backend-template-version:update"
                                            ]
                                          },
                                          {
                                            "name": "keycloak-client-backend-template-version-reader",
                                            "scopes": [
                                              "tenant:keycloak-client-backend-template-version:read"
                                            ]
                                          },
                                          {
                                            "name": "keycloak-client-frontend-template-version-admin",
                                            "scopes": [
                                              "tenant:keycloak-client-frontend-template-version:create",
                                              "tenant:keycloak-client-frontend-template-version:delete",
                                              "tenant:keycloak-client-frontend-template-version:read",
                                              "tenant:keycloak-client-frontend-template-version:update"
                                            ]
                                          },
                                          {
                                            "name": "keycloak-client-frontend-template-version-reader",
                                            "scopes": [
                                              "tenant:keycloak-client-frontend-template-version:read"
                                            ]
                                          }
                                        ]
                                      }
                                      

                                      HTTP status code 400

                                      Invalid request

                                      HTTP status code 401

                                      Unauthenticated request

                                      Secured by oauth_2_0

                                      Headers

                                      • Authorization: (string)

                                        Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.

                                      post /roles

                                      Create new realm role.

                                      Secured by oauth_2_0 with scopes:
                                      • tenant:keycloak-roles:create

                                      Tenant Manager supports OAuth 2.0 for authenticating all API requests.

                                      Body

                                      Media type: application/json

                                      Type: object

                                      Properties

                                      • name: required (string)

                                        Unique identifier of a realm role.

                                      Example:

                                      {
                                        "name": "application:read"
                                      }
                                      

                                      HTTP status code 201

                                      Realm role is successfully created.

                                      Body

                                      Media type: application/json

                                      Type: object

                                      Properties

                                      • name: required (string)

                                        Unique identifier of a realm role.

                                      • scopes: required (array of items)

                                        Array of scopes.

                                      Example:

                                      {
                                        "name": "application:read",
                                        "scopes": []
                                      }
                                      

                                      HTTP status code 400

                                      Invalid request

                                      HTTP status code 401

                                      Unauthenticated request

                                      Secured by oauth_2_0

                                      Headers

                                      • Authorization: (string)

                                        Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.

                                      /roles/{id} get delete

                                      get /roles/{id}

                                      Retrieve realm role.

                                      Secured by oauth_2_0 with scopes:
                                      • tenant:keycloak-roles:read

                                      Tenant Manager supports OAuth 2.0 for authenticating all API requests.

                                      URI Parameters

                                      • id: required (string)

                                        Identifier of the realm role to operate on.

                                        Example:

                                        application-read

                                      HTTP status code 200

                                      Realm role is successfully retrieved.

                                      Body

                                      Media type: application/json

                                      Type: object

                                      Properties

                                      • name: required (string)

                                        Unique identifier of a realm role.

                                      • scopes: required (array of items)

                                        Array of scopes.

                                      Example:

                                      {
                                        "name": "application:read",
                                        "scopes": [
                                          "application:read",
                                          "application:endpoint-config:delete"
                                        ]
                                      }
                                      

                                      HTTP status code 400

                                      Invalid request

                                      HTTP status code 401

                                      Unauthenticated request

                                      HTTP status code 404

                                      Resource not found or querying user is not authorized for it.

                                      Secured by oauth_2_0

                                      Headers

                                      • Authorization: (string)

                                        Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.

                                      delete /roles/{id}

                                      Delete realm role.

                                      Secured by oauth_2_0 with scopes:
                                      • tenant:keycloak-roles:delete

                                      Tenant Manager supports OAuth 2.0 for authenticating all API requests.

                                      URI Parameters

                                      • id: required (string)

                                        Identifier of the realm role to operate on.

                                        Example:

                                        application-read

                                      HTTP status code 204

                                      Realm role is successfully deleted.

                                      HTTP status code 400

                                      Invalid request

                                      HTTP status code 401

                                      Unauthenticated request

                                      HTTP status code 404

                                      Resource not found or querying user is not authorized for it.

                                      Secured by oauth_2_0

                                      Headers

                                      • Authorization: (string)

                                        Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.

                                      /roles/versions get post

                                      get /roles/versions

                                      Retrieve realm roles versions list.

                                      Secured by oauth_2_0 with scopes:
                                      • tenant:keycloak-roles-versions:read

                                      Tenant Manager supports OAuth 2.0 for authenticating all API requests.

                                      Query Parameters

                                      • offset: (integer)

                                        Start index that the server should return data from.

                                        Example:

                                        0
                                      • limit: (integer - default: 50)

                                        Maximum number of items to return. To get all items limit must be 0.

                                        Example:

                                        1

                                      HTTP status code 200

                                      Realm roles versions list is successfully retrieved.

                                      Body

                                      Media type: application/json

                                      Type: object

                                      Properties

                                      • count: required (integer)

                                        Total number of elements available for retrieval.

                                      • results: required (array of RealmRoleVersion)

                                        Items: RealmRoleVersion

                                        • id: required (integer)

                                          Unique identifier of a realm role version.

                                        • roles: required (array of items)

                                          Array of roles.

                                      Example:

                                      {
                                        "count": 4,
                                        "results": [
                                          {
                                            "id": 2,
                                            "roles": [
                                              {
                                                "name": "application-reader",
                                                "scopes": [
                                                  "application:endpoint-config:read",
                                                  "application:endpoint-filter:read",
                                                  "application:endpoints-metadata-keys:read",
                                                  "application:endpoints-metadata-keys:read",
                                                  "application:read",
                                                  "application:software:read",
                                                  "application:timeseries-config:read",
                                                  "application:timeseries-config:read",
                                                  "dashboard:read",
                                                  "endpoint:read",
                                                  "kaa:client-certificates:read",
                                                  "kaa:client-credentials:read"
                                                ]
                                              },
                                              {
                                                "name": "dashboard-admin",
                                                "scopes": [
                                                  "dashboard:read"
                                                ]
                                              }
                                            ]
                                          }
                                        ]
                                      }
                                      

                                      HTTP status code 400

                                      Invalid request

                                      HTTP status code 401

                                      Unauthenticated request

                                      Secured by oauth_2_0

                                      Headers

                                      • Authorization: (string)

                                        Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.

                                      post /roles/versions

                                      Create new realm role version.

                                      Secured by oauth_2_0 with scopes:
                                      • tenant:keycloak-roles-versions:create

                                      Tenant Manager supports OAuth 2.0 for authenticating all API requests.

                                      HTTP status code 201

                                      Realm role version is successfully created.

                                      Body

                                      Media type: application/json

                                      Type: object

                                      Properties

                                      • id: required (integer)

                                        Unique identifier of a realm role version.

                                      • roles: required (array of items)

                                        Array of roles.

                                      Example:

                                      {
                                        "id": 1,
                                        "roles": []
                                      }

                                      HTTP status code 400

                                      Invalid request

                                      HTTP status code 401

                                      Unauthenticated request

                                      Secured by oauth_2_0

                                      Headers

                                      • Authorization: (string)

                                        Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.

                                      /roles/versions/{id} get delete

                                      get /roles/versions/{id}

                                      Retrieve realm roles version.

                                      Secured by oauth_2_0 with scopes:
                                      • tenant:keycloak-roles-versions:read

                                      Tenant Manager supports OAuth 2.0 for authenticating all API requests.

                                      URI Parameters

                                      • id: required (integer)

                                        Identifier of the realm role version to operate on.

                                        Example:

                                        1

                                      HTTP status code 200

                                      Realm role version is successfully retrieved.

                                      Body

                                      Media type: application/json

                                      Type: object

                                      Properties

                                      • id: required (integer)

                                        Unique identifier of a realm role version.

                                      • roles: required (array of items)

                                        Array of roles.

                                      Example:

                                      {
                                        "id": 1,
                                        "roles": [
                                          "application-admin",
                                          "application-reader"
                                        ]
                                      }

                                      HTTP status code 400

                                      Invalid request

                                      HTTP status code 401

                                      Unauthenticated request

                                      HTTP status code 404

                                      Resource not found or querying user is not authorized for it.

                                      Secured by oauth_2_0

                                      Headers

                                      • Authorization: (string)

                                        Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.

                                      delete /roles/versions/{id}

                                      Delete realm role version.

                                      Secured by oauth_2_0 with scopes:
                                      • tenant:keycloak-roles-versions:delete

                                      Tenant Manager supports OAuth 2.0 for authenticating all API requests.

                                      URI Parameters

                                      • id: required (integer)

                                        Identifier of the realm role version to operate on.

                                        Example:

                                        1

                                      HTTP status code 204

                                      Realm role version is successfully deleted.

                                      HTTP status code 400

                                      Invalid request

                                      HTTP status code 401

                                      Unauthenticated request

                                      HTTP status code 404

                                      Resource not found or querying user is not authorized for it.

                                      Secured by oauth_2_0

                                      Headers

                                      • Authorization: (string)

                                        Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.

                                      /roles/versions-mappings get post

                                      get /roles/versions-mappings

                                      Retrieve realm roles versions mappings list.

                                      Secured by oauth_2_0 with scopes:
                                      • tenant:keycloak-roles-versions-mappings:read

                                      Tenant Manager supports OAuth 2.0 for authenticating all API requests.

                                      Query Parameters

                                      • offset: (integer)

                                        Start index that the server should return data from.

                                        Example:

                                        0
                                      • limit: (integer - default: 50)

                                        Maximum number of items to return. To get all items limit must be 0.

                                        Example:

                                        1

                                      HTTP status code 200

                                      Realm roles versions mappings list is successfully retrieved.

                                      Body

                                      Media type: application/json

                                      Type: object

                                      Properties

                                      • count: required (integer)

                                        Total number of elements available for retrieval.

                                      • results: required (array of RealmRoleVersionMapping)

                                        Items: RealmRoleVersionMapping

                                        • id: required (integer)

                                          Unique identifier of a realm role version mapping.

                                        • verision: required (integer)

                                          Identifier of a realm role version.

                                        • role: required (string)

                                          Identifier of a realm role.

                                      Example:

                                      {
                                        "count": 46,
                                        "results": [
                                          {
                                            "id": 3,
                                            "version": 1,
                                            "role": "application-admin"
                                          },
                                          {
                                            "id": 4,
                                            "version": 1,
                                            "role": "application-reader"
                                          }
                                        ]
                                      }
                                      

                                      HTTP status code 400

                                      Invalid request

                                      HTTP status code 401

                                      Unauthenticated request

                                      Secured by oauth_2_0

                                      Headers

                                      • Authorization: (string)

                                        Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.

                                      post /roles/versions-mappings

                                      Create new realm role version mapping.

                                      Secured by oauth_2_0 with scopes:
                                      • tenant:keycloak-roles-versions-mappings:create

                                      Tenant Manager supports OAuth 2.0 for authenticating all API requests.

                                      Body

                                      Media type: application/json

                                      Type: object

                                      Properties

                                      • verision: required (integer)

                                        Identifier of a realm role version.

                                      • role: required (string)

                                        Identifier of a realm role.

                                      Example:

                                      {
                                        "version": 1,
                                        "role": "application:read"
                                      }
                                      

                                      HTTP status code 201

                                      Realm role version is successfully created.

                                      Body

                                      Media type: application/json

                                      Type: object

                                      Properties

                                      • id: required (integer)

                                        Unique identifier of a realm role version mapping.

                                      • verision: required (integer)

                                        Identifier of a realm role version.

                                      • role: required (string)

                                        Identifier of a realm role.

                                      Example:

                                      {
                                        "id": 1,
                                        "version": 1,
                                        "role": "application:read"
                                      }
                                      

                                      HTTP status code 400

                                      Invalid request

                                      HTTP status code 401

                                      Unauthenticated request

                                      Secured by oauth_2_0

                                      Headers

                                      • Authorization: (string)

                                        Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.

                                      /roles/versions-mappings/{id} get put delete

                                      get /roles/versions-mappings/{id}

                                      Retrieve realm role version mapping.

                                      Secured by oauth_2_0 with scopes:
                                      • tenant:keycloak-roles-versions-mappings:read

                                      Tenant Manager supports OAuth 2.0 for authenticating all API requests.

                                      URI Parameters

                                      • id: required (integer)

                                        Identifier of the realm role version mapping to operate on.

                                        Example:

                                        1

                                      HTTP status code 200

                                      Realm role version mapping is successfully retrieved.

                                      Body

                                      Media type: application/json

                                      Type: object

                                      Properties

                                      • id: required (integer)

                                        Unique identifier of a realm role version mapping.

                                      • verision: required (integer)

                                        Identifier of a realm role version.

                                      • role: required (string)

                                        Identifier of a realm role.

                                      Example:

                                      {
                                        "id": 1,
                                        "version": 1,
                                        "role": "application:read"
                                      }
                                      

                                      HTTP status code 400

                                      Invalid request

                                      HTTP status code 401

                                      Unauthenticated request

                                      HTTP status code 404

                                      Resource not found or querying user is not authorized for it.

                                      Secured by oauth_2_0

                                      Headers

                                      • Authorization: (string)

                                        Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.

                                      put /roles/versions-mappings/{id}

                                      Update realm role version mapping.

                                      Secured by oauth_2_0 with scopes:
                                      • tenant:keycloak-roles-versions-mappings:update

                                      Tenant Manager supports OAuth 2.0 for authenticating all API requests.

                                      URI Parameters

                                      • id: required (integer)

                                        Identifier of the realm role version mapping to operate on.

                                        Example:

                                        1

                                      Body

                                      Media type: application/json

                                      Type: object

                                      Properties

                                      • verision: required (integer)

                                        Identifier of a realm role version.

                                      • role: required (string)

                                        Identifier of a realm role.

                                      Example:

                                      {
                                        "version": 1,
                                        "role": "application:read"
                                      }
                                      

                                      HTTP status code 200

                                      Realm role version mapping is successfully updated.

                                      Body

                                      Media type: application/json

                                      Type: object

                                      Properties

                                      • id: required (integer)

                                        Unique identifier of a realm role version mapping.

                                      • verision: required (integer)

                                        Identifier of a realm role version.

                                      • role: required (string)

                                        Identifier of a realm role.

                                      Example:

                                      {
                                        "id": 1,
                                        "version": 1,
                                        "role": "application:read"
                                      }
                                      

                                      HTTP status code 400

                                      Invalid request

                                      HTTP status code 401

                                      Unauthenticated request

                                      HTTP status code 404

                                      Resource not found or querying user is not authorized for it.

                                      Secured by oauth_2_0

                                      Headers

                                      • Authorization: (string)

                                        Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.

                                      delete /roles/versions-mappings/{id}

                                      Delete realm role version mapping.

                                      Secured by oauth_2_0 with scopes:
                                      • tenant:keycloak-roles-versions-mappings:delete

                                      Tenant Manager supports OAuth 2.0 for authenticating all API requests.

                                      URI Parameters

                                      • id: required (integer)

                                        Identifier of the realm role version mapping to operate on.

                                        Example:

                                        1

                                      HTTP status code 204

                                      Realm role version mapping is successfully deleted.

                                      HTTP status code 400

                                      Invalid request

                                      HTTP status code 401

                                      Unauthenticated request

                                      HTTP status code 404

                                      Resource not found or querying user is not authorized for it.

                                      Secured by oauth_2_0

                                      Headers

                                      • Authorization: (string)

                                        Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.

                                      /roles/scopes-mappings get post

                                      get /roles/scopes-mappings

                                      Retrieve realm roles and scopes mappings list.

                                      Secured by oauth_2_0 with scopes:
                                      • tenant:keycloak-roles-scopes-mappings:read

                                      Tenant Manager supports OAuth 2.0 for authenticating all API requests.

                                      Query Parameters

                                      • offset: (integer)

                                        Start index that the server should return data from.

                                        Example:

                                        0
                                      • limit: (integer - default: 50)

                                        Maximum number of items to return. To get all items limit must be 0.

                                        Example:

                                        1

                                      HTTP status code 200

                                      Realm roles and scopes mappings list is successfully retrieved.

                                      Body

                                      Media type: application/json

                                      Type: object

                                      Properties

                                      • count: required (integer)

                                        Total number of elements available for retrieval.

                                      • results: required (array of RealmRoleScopeMapping)

                                        Items: RealmRoleScopeMapping

                                        • id: required (integer)
                                        • role: required (string)

                                          Identifier of a realm role.

                                        • scope: required (string)

                                          Identifier of a realm scope.

                                      Example:

                                      {
                                        "count": 46,
                                        "results": [
                                          {
                                            "id": 3,
                                            "role": "platform-admin",
                                            "scope": "application:delete"
                                          },
                                          {
                                            "id": 4,
                                            "role": "platform-admin",
                                            "scope": "application:endpoint:create"
                                          }
                                        ]
                                      }
                                      

                                      HTTP status code 400

                                      Invalid request

                                      HTTP status code 401

                                      Unauthenticated request

                                      Secured by oauth_2_0

                                      Headers

                                      • Authorization: (string)

                                        Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.

                                      post /roles/scopes-mappings

                                      Create new realm role and scope mapping.

                                      Secured by oauth_2_0 with scopes:
                                      • tenant:keycloak-roles-scopes-mappings:create

                                      Tenant Manager supports OAuth 2.0 for authenticating all API requests.

                                      Body

                                      Media type: application/json

                                      Type: object

                                      Properties

                                      • role: required (string)

                                        Identifier of a realm role.

                                      • scope: required (string)

                                        Identifier of a realm scope.

                                      Example:

                                      {
                                        "role": "platform-admin",
                                        "scope": "application:read"
                                      }
                                      

                                      HTTP status code 201

                                      Realm role and scope mapping is successfully created.

                                      Body

                                      Media type: application/json

                                      Type: object

                                      Properties

                                      • id: required (integer)
                                      • role: required (string)

                                        Identifier of a realm role.

                                      • scope: required (string)

                                        Identifier of a realm scope.

                                      Example:

                                      {
                                        "id": 1,
                                        "role": "platform-admin",
                                        "scope": "application:read"
                                      }

                                      HTTP status code 400

                                      Invalid request

                                      HTTP status code 401

                                      Unauthenticated request

                                      Secured by oauth_2_0

                                      Headers

                                      • Authorization: (string)

                                        Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.

                                      /roles/scopes-mappings/{id} get put delete

                                      get /roles/scopes-mappings/{id}

                                      Retrieve realm role-scope mapping.

                                      Secured by oauth_2_0 with scopes:
                                      • tenant:keycloak-roles-scopes-mappings:read

                                      Tenant Manager supports OAuth 2.0 for authenticating all API requests.

                                      URI Parameters

                                      • id: required (integer)

                                        Identifier of the realm role-scope mapping to operate on.

                                        Example:

                                        1

                                      HTTP status code 200

                                      Realm role-scope mapping is successfully retrieved.

                                      Body

                                      Media type: application/json

                                      Type: object

                                      Properties

                                      • id: required (integer)
                                      • role: required (string)

                                        Identifier of a realm role.

                                      • scope: required (string)

                                        Identifier of a realm scope.

                                      Example:

                                      {
                                        "id": 1,
                                        "role": "platform-admin",
                                        "scope": "application:read"
                                      }

                                      HTTP status code 400

                                      Invalid request

                                      HTTP status code 401

                                      Unauthenticated request

                                      HTTP status code 404

                                      Resource not found or querying user is not authorized for it.

                                      Secured by oauth_2_0

                                      Headers

                                      • Authorization: (string)

                                        Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.

                                      put /roles/scopes-mappings/{id}

                                      Update realm role-scope mapping.

                                      Secured by oauth_2_0 with scopes:
                                      • tenant:keycloak-roles-scopes-mappings:update

                                      Tenant Manager supports OAuth 2.0 for authenticating all API requests.

                                      URI Parameters

                                      • id: required (integer)

                                        Identifier of the realm role-scope mapping to operate on.

                                        Example:

                                        1

                                      Body

                                      Media type: application/json

                                      Type: object

                                      Properties

                                      • role: required (string)

                                        Identifier of a realm role.

                                      • scope: required (string)

                                        Identifier of a realm scope.

                                      Example:

                                      {
                                        "role": "platform-admin",
                                        "scope": "application:read"
                                      }
                                      

                                      HTTP status code 200

                                      Realm role-scope mapping is successfully updated.

                                      Body

                                      Media type: application/json

                                      Type: object

                                      Properties

                                      • id: required (integer)
                                      • role: required (string)

                                        Identifier of a realm role.

                                      • scope: required (string)

                                        Identifier of a realm scope.

                                      Example:

                                      {
                                        "id": 1,
                                        "role": "platform-admin",
                                        "scope": "application:read"
                                      }

                                      HTTP status code 400

                                      Invalid request

                                      HTTP status code 401

                                      Unauthenticated request

                                      HTTP status code 404

                                      Resource not found or querying user is not authorized for it.

                                      Secured by oauth_2_0

                                      Headers

                                      • Authorization: (string)

                                        Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.

                                      delete /roles/scopes-mappings/{id}

                                      Delete realm-scope mapping.

                                      Secured by oauth_2_0 with scopes:
                                      • tenant:keycloak-roles-scopes-mappings:delete

                                      Tenant Manager supports OAuth 2.0 for authenticating all API requests.

                                      URI Parameters

                                      • id: required (integer)

                                        Identifier of the realm role-scope mapping to operate on.

                                        Example:

                                        1

                                      HTTP status code 204

                                      Realm role-scope mapping is successfully deleted.

                                      HTTP status code 400

                                      Invalid request

                                      HTTP status code 401

                                      Unauthenticated request

                                      HTTP status code 404

                                      Resource not found or querying user is not authorized for it.

                                      Secured by oauth_2_0

                                      Headers

                                      • Authorization: (string)

                                        Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.

                                      Default resources

                                      Operations on realm default resources.

                                      /default-resources get post

                                      get /default-resources

                                      Retrieve realm default resources list.

                                      Secured by oauth_2_0 with scopes:
                                      • tenant:keycloak-default-resources:read

                                      Tenant Manager supports OAuth 2.0 for authenticating all API requests.

                                      Query Parameters

                                      • offset: (integer)

                                        Start index that the server should return data from.

                                        Example:

                                        0
                                      • limit: (integer - default: 50)

                                        Maximum number of items to return. To get all items limit must be 0.

                                        Example:

                                        1

                                      HTTP status code 200

                                      Realm default resources list is successfully retrieved.

                                      Body

                                      Media type: application/json

                                      Type: object

                                      Properties

                                      • count: required (integer)

                                        Total number of elements available for retrieval.

                                      • results: required (array of RealmDefaultResource)

                                        Items: RealmDefaultResource

                                        • resource_name: required (string)

                                          Unique identifier of a realm default resource.

                                        • resource_type: required (string)

                                          Name of a realm default resource type.

                                        • display_name: required (string)

                                          Name of a realm default resource.

                                        • scopes: required (array of items)

                                          Array of scopes.

                                      Example:

                                      {
                                        "count": 17,
                                        "results": [
                                          {
                                            "resource_name": "keycloak-client-frontend-template-version",
                                            "resource_type": "keycloak-client-frontend-template-version",
                                            "display_name": "keycloak-client-frontend-template-version",
                                            "scopes": [
                                              "tenant:keycloak-client-frontend-template-version:create",
                                              "tenant:keycloak-client-frontend-template-version:delete",
                                              "tenant:keycloak-client-frontend-template-version:read",
                                              "tenant:keycloak-client-frontend-template-version:update"
                                            ]
                                          }
                                        ]
                                      }
                                      

                                      HTTP status code 400

                                      Invalid request

                                      HTTP status code 401

                                      Unauthenticated request

                                      Secured by oauth_2_0

                                      Headers

                                      • Authorization: (string)

                                        Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.

                                      post /default-resources

                                      Create new realm default resource.

                                      Secured by oauth_2_0 with scopes:
                                      • tenant:keycloak-default-resources:create

                                      Tenant Manager supports OAuth 2.0 for authenticating all API requests.

                                      Body

                                      Media type: application/json

                                      Type: object

                                      Properties

                                      • resource_name: required (string)

                                        Unique identifier of a realm default resource.

                                      • resource_type: required (string)

                                        Name of a realm default resource type.

                                      • display_name: required (string)

                                        Name of a realm default resource.

                                      Example:

                                      {
                                        "resource_name": "keycloak-client-frontend-template-version",
                                        "resource_type": "keycloak-client-frontend-template-version",
                                        "display_name": "keycloak-client-frontend-template-version"
                                      }

                                      HTTP status code 201

                                      Realm default resource is successfully created.

                                      Body

                                      Media type: application/json

                                      Type: object

                                      Properties

                                      • resource_name: required (string)

                                        Unique identifier of a realm default resource.

                                      • resource_type: required (string)

                                        Name of a realm default resource type.

                                      • display_name: required (string)

                                        Name of a realm default resource.

                                      • scopes: required (array of items)

                                        Array of scopes.

                                      Example:

                                      {
                                        "resource_name": "tenant-user",
                                        "resource_type": "tenant-user",
                                        "display_name": "tenant-user",
                                        "scopes": []
                                      }

                                      HTTP status code 400

                                      Invalid request

                                      HTTP status code 401

                                      Unauthenticated request

                                      Secured by oauth_2_0

                                      Headers

                                      • Authorization: (string)

                                        Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.

                                      /default-resources/{id} get put delete

                                      get /default-resources/{id}

                                      Retrieve realm default resource.

                                      Secured by oauth_2_0 with scopes:
                                      • tenant:keycloak-default-resources:read

                                      Tenant Manager supports OAuth 2.0 for authenticating all API requests.

                                      URI Parameters

                                      • id: required (string)

                                        Identifier of the realm default resource to operate on.

                                        Example:

                                        keycloak-client-frontend-template-version

                                      HTTP status code 200

                                      Realm default resource is successfully retrieved.

                                      Body

                                      Media type: application/json

                                      Type: object

                                      Properties

                                      • resource_name: required (string)

                                        Unique identifier of a realm default resource.

                                      • resource_type: required (string)

                                        Name of a realm default resource type.

                                      • display_name: required (string)

                                        Name of a realm default resource.

                                      • scopes: required (array of items)

                                        Array of scopes.

                                      Example:

                                      {
                                        "resource_name": "keycloak-client-frontend-template-version",
                                        "resource_type": "keycloak-client-frontend-template-version",
                                        "display_name": "keycloak-client-frontend-template-version",
                                        "scopes": [
                                          "tenant:keycloak-client-frontend-template-version:create",
                                          "tenant:keycloak-client-frontend-template-version:delete",
                                          "tenant:keycloak-client-frontend-template-version:read",
                                          "tenant:keycloak-client-frontend-template-version:update"
                                        ]
                                      }

                                      HTTP status code 400

                                      Invalid request

                                      HTTP status code 401

                                      Unauthenticated request

                                      HTTP status code 404

                                      Resource not found or querying user is not authorized for it.

                                      Secured by oauth_2_0

                                      Headers

                                      • Authorization: (string)

                                        Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.

                                      put /default-resources/{id}

                                      Update realm default resource

                                      Secured by oauth_2_0 with scopes:
                                      • tenant:keycloak-default-resources:update

                                      Tenant Manager supports OAuth 2.0 for authenticating all API requests.

                                      URI Parameters

                                      • id: required (string)

                                        Identifier of the realm default resource to operate on.

                                        Example:

                                        keycloak-client-frontend-template-version

                                      Body

                                      Media type: application/json

                                      Type: object

                                      Properties

                                      • resource_name: required (string)

                                        Unique identifier of a realm default resource.

                                      • resource_type: required (string)

                                        Name of a realm default resource type.

                                      • display_name: required (string)

                                        Name of a realm default resource.

                                      Example:

                                      {
                                        "resource_name": "keycloak-client-frontend-template-version",
                                        "resource_type": "keycloak-client-frontend-template-version",
                                        "display_name": "keycloak-client-frontend-template-version"
                                      }

                                      HTTP status code 200

                                      Realm default resource is successfully updated.

                                      Body

                                      Media type: application/json

                                      Type: object

                                      Properties

                                      • resource_name: required (string)

                                        Unique identifier of a realm default resource.

                                      • resource_type: required (string)

                                        Name of a realm default resource type.

                                      • display_name: required (string)

                                        Name of a realm default resource.

                                      • scopes: required (array of items)

                                        Array of scopes.

                                      Example:

                                      {
                                        "resource_name": "keycloak-client-frontend-template-version",
                                        "resource_type": "keycloak-client-frontend-template-version",
                                        "display_name": "keycloak-client-frontend-template-version",
                                        "scopes": [
                                          "tenant:keycloak-client-frontend-template-version:create",
                                          "tenant:keycloak-client-frontend-template-version:delete",
                                          "tenant:keycloak-client-frontend-template-version:read",
                                          "tenant:keycloak-client-frontend-template-version:update"
                                        ]
                                      }

                                      HTTP status code 400

                                      Invalid request

                                      HTTP status code 401

                                      Unauthenticated request

                                      HTTP status code 404

                                      Resource not found or querying user is not authorized for it.

                                      Secured by oauth_2_0

                                      Headers

                                      • Authorization: (string)

                                        Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.

                                      delete /default-resources/{id}

                                      Delete realm default resource.

                                      Secured by oauth_2_0 with scopes:
                                      • tenant:keycloak-default-resources:delete

                                      Tenant Manager supports OAuth 2.0 for authenticating all API requests.

                                      URI Parameters

                                      • id: required (string)

                                        Identifier of the realm default resource to operate on.

                                        Example:

                                        keycloak-client-frontend-template-version

                                      HTTP status code 204

                                      Realm default resource is successfully deleted.

                                      HTTP status code 400

                                      Invalid request

                                      HTTP status code 401

                                      Unauthenticated request

                                      HTTP status code 404

                                      Resource not found or querying user is not authorized for it.

                                      Secured by oauth_2_0

                                      Headers

                                      • Authorization: (string)

                                        Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.

                                      /default-resources/mappings get post

                                      get /default-resources/mappings

                                      Retrieve realm default resource mappings list.

                                      Secured by oauth_2_0 with scopes:
                                      • tenant:keycloak-default-resource-mappings:read

                                      Tenant Manager supports OAuth 2.0 for authenticating all API requests.

                                      Query Parameters

                                      • offset: (integer)

                                        Start index that the server should return data from.

                                        Example:

                                        0
                                      • limit: (integer - default: 50)

                                        Maximum number of items to return. To get all items limit must be 0.

                                        Example:

                                        1

                                      HTTP status code 200

                                      Realm default resource mappings list is successfully retrieved.

                                      Body

                                      Media type: application/json

                                      Type: object

                                      Properties

                                      • count: required (integer)

                                        Total number of elements available for retrieval.

                                      • results: required (array of RealmDefaultResourceMapping)

                                        Items: RealmDefaultResourceMapping

                                        • id: required (integer)

                                          Unique identifier of a realm default resource.

                                        • resource: required (string)

                                          Identifier of a realm default resource.

                                        • scope: required (string)

                                          Identifier of a realm scope.

                                      Example:

                                      {
                                        "count": 70,
                                        "results": [
                                          {
                                            "id": 6,
                                            "resource": "tenant-system",
                                            "scope": "tenant:delete"
                                          },
                                          {
                                            "id": 7,
                                            "resource": "tenant-system",
                                            "scope": "tenant:create"
                                          },
                                          {
                                            "id": 8,
                                            "resource": "tenant-system",
                                            "scope": "tenant:update"
                                          },
                                          {
                                            "id": 9,
                                            "resource": "tenant-system",
                                            "scope": "tenant:application:create"
                                          },
                                          {
                                            "id": 10,
                                            "resource": "tenant-system",
                                            "scope": "tenant:application:read"
                                          }
                                        ]
                                      }
                                      

                                      HTTP status code 400

                                      Invalid request

                                      HTTP status code 401

                                      Unauthenticated request

                                      Secured by oauth_2_0

                                      Headers

                                      • Authorization: (string)

                                        Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.

                                      post /default-resources/mappings

                                      Create new realm default resource mapping.

                                      Secured by oauth_2_0 with scopes:
                                      • tenant:keycloak-default-resource-mappings:create

                                      Tenant Manager supports OAuth 2.0 for authenticating all API requests.

                                      Body

                                      Media type: application/json

                                      Type: object

                                      Properties

                                      • resource: required (string)

                                        Identifier of a realm default resource.

                                      • scope: required (string)

                                        Identifier of a realm scope.

                                      Example:

                                      {
                                        "resource": "tenant",
                                        "scope": "tenant:add"
                                      }

                                      HTTP status code 201

                                      Realm default resource mapping is successfully created.

                                      Body

                                      Media type: application/json

                                      Type: object

                                      Properties

                                      • id: required (integer)

                                        Unique identifier of a realm default resource.

                                      • resource: required (string)

                                        Identifier of a realm default resource.

                                      • scope: required (string)

                                        Identifier of a realm scope.

                                      Example:

                                      {
                                        "id": 1,
                                        "resource": "tenant",
                                        "scope": "tenant:add"
                                      }

                                      HTTP status code 400

                                      Invalid request

                                      HTTP status code 401

                                      Unauthenticated request

                                      Secured by oauth_2_0

                                      Headers

                                      • Authorization: (string)

                                        Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.

                                      /default-resources/mappings/{id} get put delete

                                      get /default-resources/mappings/{id}

                                      Retrieve realm default resource mapping.

                                      Secured by oauth_2_0 with scopes:
                                      • tenant:keycloak-default-resource-mappings:read

                                      Tenant Manager supports OAuth 2.0 for authenticating all API requests.

                                      URI Parameters

                                      • id: required (integer)

                                        Identifier of the realm default resource mapping to operate on.

                                        Example:

                                        1

                                      HTTP status code 200

                                      Realm default resource mapping is successfully retrieved.

                                      Body

                                      Media type: application/json

                                      Type: object

                                      Properties

                                      • id: required (integer)

                                        Unique identifier of a realm default resource.

                                      • resource: required (string)

                                        Identifier of a realm default resource.

                                      • scope: required (string)

                                        Identifier of a realm scope.

                                      Example:

                                      {
                                        "id": 1,
                                        "resource": "tenant",
                                        "scope": "tenant:add"
                                      }

                                      HTTP status code 400

                                      Invalid request

                                      HTTP status code 401

                                      Unauthenticated request

                                      HTTP status code 404

                                      Resource not found or querying user is not authorized for it.

                                      Secured by oauth_2_0

                                      Headers

                                      • Authorization: (string)

                                        Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.

                                      put /default-resources/mappings/{id}

                                      Update realm default resource mapping.

                                      Secured by oauth_2_0 with scopes:
                                      • tenant:keycloak-default-resource-mappings:update

                                      Tenant Manager supports OAuth 2.0 for authenticating all API requests.

                                      URI Parameters

                                      • id: required (integer)

                                        Identifier of the realm default resource mapping to operate on.

                                        Example:

                                        1

                                      Body

                                      Media type: application/json

                                      Type: object

                                      Properties

                                      • resource: required (string)

                                        Identifier of a realm default resource.

                                      • scope: required (string)

                                        Identifier of a realm scope.

                                      Example:

                                      {
                                        "resource": "tenant",
                                        "scope": "tenant:add"
                                      }

                                      HTTP status code 200

                                      Realm default resource mapping is successfully updated.

                                      Body

                                      Media type: application/json

                                      Type: object

                                      Properties

                                      • id: required (integer)

                                        Unique identifier of a realm default resource.

                                      • resource: required (string)

                                        Identifier of a realm default resource.

                                      • scope: required (string)

                                        Identifier of a realm scope.

                                      Example:

                                      {
                                        "id": 1,
                                        "resource": "tenant",
                                        "scope": "tenant:add"
                                      }

                                      HTTP status code 400

                                      Invalid request

                                      HTTP status code 401

                                      Unauthenticated request

                                      HTTP status code 404

                                      Resource not found or querying user is not authorized for it.

                                      Secured by oauth_2_0

                                      Headers

                                      • Authorization: (string)

                                        Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.

                                      delete /default-resources/mappings/{id}

                                      Delete default resource mapping.

                                      Secured by oauth_2_0 with scopes:
                                      • tenant:keycloak-default-resource-mappings:delete

                                      Tenant Manager supports OAuth 2.0 for authenticating all API requests.

                                      URI Parameters

                                      • id: required (integer)

                                        Identifier of the realm default resource mapping to operate on.

                                        Example:

                                        1

                                      HTTP status code 204

                                      Realm default resource mapping is successfully deleted.

                                      HTTP status code 400

                                      Invalid request

                                      HTTP status code 401

                                      Unauthenticated request

                                      HTTP status code 404

                                      Resource not found or querying user is not authorized for it.

                                      Secured by oauth_2_0

                                      Headers

                                      • Authorization: (string)

                                        Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.

                                      /default-resources/versions get post

                                      get /default-resources/versions

                                      Retrieve realm default resource version list.

                                      Secured by oauth_2_0 with scopes:
                                      • tenant:keycloak-default-resource-version:read

                                      Tenant Manager supports OAuth 2.0 for authenticating all API requests.

                                      Query Parameters

                                      • offset: (integer)

                                        Start index that the server should return data from.

                                        Example:

                                        0
                                      • limit: (integer - default: 50)

                                        Maximum number of items to return. To get all items limit must be 0.

                                        Example:

                                        1

                                      HTTP status code 200

                                      Realm default resource version list is successfully retrieved.

                                      Body

                                      Media type: application/json

                                      Type: object

                                      Properties

                                      • count: required (integer)

                                        Total number of elements available for retrieval.

                                      • results: required (array of RealmDefaultResourceVersion)

                                        Items: RealmDefaultResourceVersion

                                        • id: required (integer)

                                          Unique identifier of a realm default resource.

                                        • resources: required (array of items)

                                          Array of resources.

                                      Example:

                                      {
                                        "count": 3,
                                        "results": [
                                          {
                                            "id": 2,
                                            "resources": [
                                              "keycloak-client-backend-template-version",
                                              "keycloak-client-frontend-template-version",
                                              "keycloak-default-resource",
                                              "keycloak-default-resource-mapping",
                                              "keycloak-default-resource-version",
                                              "keycloak-default-resource-version-mapping",
                                              "keycloak-idp",
                                              "keycloak-realm-template-version",
                                              "keycloak-role",
                                              "keycloak-role-scope-mapping",
                                              "keycloak-roles-version",
                                              "keycloak-role-version-mapping",
                                              "keycloak-scope",
                                              "keycloak-scopes-version",
                                              "keycloak-scope-version-mapping",
                                              "tenant-system",
                                              "tenant-user"
                                            ]
                                          }
                                        ]
                                      }
                                      

                                      HTTP status code 400

                                      Invalid request

                                      HTTP status code 401

                                      Unauthenticated request

                                      Secured by oauth_2_0

                                      Headers

                                      • Authorization: (string)

                                        Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.

                                      post /default-resources/versions

                                      Create new realm default resource version.

                                      Secured by oauth_2_0 with scopes:
                                      • tenant:keycloak-default-resource-version:create

                                      Tenant Manager supports OAuth 2.0 for authenticating all API requests.

                                      HTTP status code 201

                                      Realm default resource version is successfully created.

                                      Body

                                      Media type: application/json

                                      Type: object

                                      Properties

                                      • id: required (integer)

                                        Unique identifier of a realm default resource.

                                      • resources: required (array of items)

                                        Array of resources.

                                      Example:

                                      {
                                        "id": 1,
                                        "resources": []
                                      }

                                      HTTP status code 400

                                      Invalid request

                                      HTTP status code 401

                                      Unauthenticated request

                                      Secured by oauth_2_0

                                      Headers

                                      • Authorization: (string)

                                        Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.

                                      /default-resources/versions/{id} get delete

                                      get /default-resources/versions/{id}

                                      Retrieve realm default resource version.

                                      Secured by oauth_2_0 with scopes:
                                      • tenant:keycloak-default-resource-version:read

                                      Tenant Manager supports OAuth 2.0 for authenticating all API requests.

                                      URI Parameters

                                      • id: required (integer)

                                        Identifier of the realm default resource version to operate on.

                                        Example:

                                        2

                                      HTTP status code 200

                                      Realm default resource version is successfully retrieved.

                                      Body

                                      Media type: application/json

                                      Type: object

                                      Properties

                                      • id: required (integer)

                                        Unique identifier of a realm default resource.

                                      • resources: required (array of items)

                                        Array of resources.

                                      Example:

                                      {
                                        "id": 2,
                                        "resources": [
                                          "keycloak-client-backend-template-version",
                                          "keycloak-client-frontend-template-version",
                                          "keycloak-default-resource",
                                          "keycloak-default-resource-mapping",
                                          "keycloak-default-resource-version",
                                          "keycloak-default-resource-version-mapping",
                                          "keycloak-idp",
                                          "keycloak-realm-template-version",
                                          "keycloak-role",
                                          "keycloak-role-scope-mapping",
                                          "keycloak-roles-version",
                                          "keycloak-role-version-mapping",
                                          "keycloak-scope",
                                          "keycloak-scopes-version",
                                          "keycloak-scope-version-mapping",
                                          "tenant-system",
                                          "tenant-user"
                                        ]
                                      }

                                      HTTP status code 400

                                      Invalid request

                                      HTTP status code 401

                                      Unauthenticated request

                                      HTTP status code 404

                                      Resource not found or querying user is not authorized for it.

                                      Secured by oauth_2_0

                                      Headers

                                      • Authorization: (string)

                                        Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.

                                      delete /default-resources/versions/{id}

                                      Delete realm default resource version.

                                      Secured by oauth_2_0 with scopes:
                                      • tenant:keycloak-default-resource-version:delete

                                      Tenant Manager supports OAuth 2.0 for authenticating all API requests.

                                      URI Parameters

                                      • id: required (integer)

                                        Identifier of the realm default resource version to operate on.

                                        Example:

                                        2

                                      HTTP status code 204

                                      Realm default resource version is successfully deleted.

                                      HTTP status code 400

                                      Invalid request

                                      HTTP status code 401

                                      Unauthenticated request

                                      HTTP status code 404

                                      Resource not found or querying user is not authorized for it.

                                      Secured by oauth_2_0

                                      Headers

                                      • Authorization: (string)

                                        Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.

                                      /default-resources/version-mappings get post

                                      get /default-resources/version-mappings

                                      Retrieve realm default resource version mappings list.

                                      Secured by oauth_2_0 with scopes:
                                      • tenant:keycloak-default-resource-version-mapping:read

                                      Tenant Manager supports OAuth 2.0 for authenticating all API requests.

                                      Query Parameters

                                      • offset: (integer)

                                        Start index that the server should return data from.

                                        Example:

                                        0
                                      • limit: (integer - default: 50)

                                        Maximum number of items to return. To get all items limit must be 0.

                                        Example:

                                        1

                                      HTTP status code 200

                                      Realm default resource version mappings list is successfully retrieved.

                                      Body

                                      Media type: application/json

                                      Type: object

                                      Properties

                                      • count: required (integer)

                                        Total number of elements available for retrieval.

                                      • results: required (array of RealmDefaultResourceVersionMapping)

                                        Items: RealmDefaultResourceVersionMapping

                                        • id: required (integer)

                                          Unique identifier of a realm default resource version mapping.

                                        • version: required (integer)

                                          Identifier of a realm default resource version.

                                        • resources: required (string)

                                          Identifier of a realm default resource.

                                      Example:

                                      {
                                        "count": 17,
                                        "results": [
                                          {
                                            "id": 6,
                                            "version": 1,
                                            "resources": "keycloak-scope"
                                          },
                                          {
                                            "id": 7,
                                            "version": 1,
                                            "resources": "keycloak-scopes-version"
                                          },
                                          {
                                            "id": 8,
                                            "version": 1,
                                            "resources": "keycloak-scope-version-mapping"
                                          },
                                          {
                                            "id": 9,
                                            "version": 1,
                                            "resources": "keycloak-roles-version"
                                          },
                                          {
                                            "id": 10,
                                            "version": 1,
                                            "resources": "keycloak-role-version-mapping"
                                          }
                                        ]
                                      }
                                      

                                      HTTP status code 400

                                      Invalid request

                                      HTTP status code 401

                                      Unauthenticated request

                                      Secured by oauth_2_0

                                      Headers

                                      • Authorization: (string)

                                        Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.

                                      post /default-resources/version-mappings

                                      Create new realm default resource version mapping.

                                      Secured by oauth_2_0 with scopes:
                                      • tenant:keycloak-default-resource-version-mapping:create

                                      Tenant Manager supports OAuth 2.0 for authenticating all API requests.

                                      Body

                                      Media type: application/json

                                      Type: object

                                      Properties

                                      • version: required (integer)

                                        Identifier of a realm default resource version.

                                      • resources: required (string)

                                        Identifier of a realm default resource.

                                      Example:

                                      {
                                        "version": 1,
                                        "resources": "keycloak-scope"
                                      }

                                      HTTP status code 201

                                      Realm default resource version mapping is successfully created.

                                      Body

                                      Media type: application/json

                                      Type: object

                                      Properties

                                      • id: required (integer)

                                        Unique identifier of a realm default resource version mapping.

                                      • version: required (integer)

                                        Identifier of a realm default resource version.

                                      • resources: required (string)

                                        Identifier of a realm default resource.

                                      Example:

                                      {
                                        "id": 1,
                                        "version": 1,
                                        "resources": "keycloak-scope"
                                      }

                                      HTTP status code 400

                                      Invalid request

                                      HTTP status code 401

                                      Unauthenticated request

                                      Secured by oauth_2_0

                                      Headers

                                      • Authorization: (string)

                                        Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.

                                      /default-resources/version-mappings/{id} get put delete

                                      get /default-resources/version-mappings/{id}

                                      Retrieve realm default resource version mapping.

                                      Secured by oauth_2_0 with scopes:
                                      • tenant:keycloak-default-resource-version-mapping:read

                                      Tenant Manager supports OAuth 2.0 for authenticating all API requests.

                                      URI Parameters

                                      • id: required (integer)

                                        Identifier of the realm default resource version mapping to operate on.

                                        Example:

                                        1

                                      HTTP status code 200

                                      Realm default resource version mapping is successfully retrieved.

                                      Body

                                      Media type: application/json

                                      Type: object

                                      Properties

                                      • id: required (integer)

                                        Unique identifier of a realm default resource version mapping.

                                      • version: required (integer)

                                        Identifier of a realm default resource version.

                                      • resources: required (string)

                                        Identifier of a realm default resource.

                                      Example:

                                      {
                                        "id": 1,
                                        "version": 1,
                                        "resources": "keycloak-scope"
                                      }

                                      HTTP status code 400

                                      Invalid request

                                      HTTP status code 401

                                      Unauthenticated request

                                      HTTP status code 404

                                      Resource not found or querying user is not authorized for it.

                                      Secured by oauth_2_0

                                      Headers

                                      • Authorization: (string)

                                        Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.

                                      put /default-resources/version-mappings/{id}

                                      Update realm default resource version mapping.

                                      Secured by oauth_2_0 with scopes:
                                      • tenant:keycloak-default-resource-version-mapping:update

                                      Tenant Manager supports OAuth 2.0 for authenticating all API requests.

                                      URI Parameters

                                      • id: required (integer)

                                        Identifier of the realm default resource version mapping to operate on.

                                        Example:

                                        1

                                      Body

                                      Media type: application/json

                                      Type: object

                                      Properties

                                      • version: required (integer)

                                        Identifier of a realm default resource version.

                                      • resources: required (string)

                                        Identifier of a realm default resource.

                                      Example:

                                      {
                                        "version": 1,
                                        "resources": "keycloak-scope"
                                      }

                                      HTTP status code 200

                                      Realm default resource version mapping is successfully updated.

                                      Body

                                      Media type: application/json

                                      Type: object

                                      Properties

                                      • id: required (integer)

                                        Unique identifier of a realm default resource version mapping.

                                      • version: required (integer)

                                        Identifier of a realm default resource version.

                                      • resources: required (string)

                                        Identifier of a realm default resource.

                                      Example:

                                      {
                                        "id": 1,
                                        "version": 1,
                                        "resources": "keycloak-scope"
                                      }

                                      HTTP status code 400

                                      Invalid request

                                      HTTP status code 401

                                      Unauthenticated request

                                      HTTP status code 404

                                      Resource not found or querying user is not authorized for it.

                                      Secured by oauth_2_0

                                      Headers

                                      • Authorization: (string)

                                        Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.

                                      delete /default-resources/version-mappings/{id}

                                      Delete default resource version mapping.

                                      Secured by oauth_2_0 with scopes:
                                      • tenant:keycloak-default-resource-version-mapping:delete

                                      Tenant Manager supports OAuth 2.0 for authenticating all API requests.

                                      URI Parameters

                                      • id: required (integer)

                                        Identifier of the realm default resource version mapping to operate on.

                                        Example:

                                        1

                                      HTTP status code 204

                                      Realm default resource version mapping is successfully deleted.

                                      HTTP status code 400

                                      Invalid request

                                      HTTP status code 401

                                      Unauthenticated request

                                      HTTP status code 404

                                      Resource not found or querying user is not authorized for it.

                                      Secured by oauth_2_0

                                      Headers

                                      • Authorization: (string)

                                        Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.

                                      Identity providers

                                      Operations on realm identity providers.

                                      /idps get post

                                      get /idps

                                      Retrieve realm identity providers list.

                                      Secured by oauth_2_0 with scopes:
                                      • tenant:keycloak-idp:read

                                      Tenant Manager supports OAuth 2.0 for authenticating all API requests.

                                      Query Parameters

                                      • offset: (integer)

                                        Start index that the server should return data from.

                                        Example:

                                        0
                                      • limit: (integer - default: 50)

                                        Maximum number of items to return. To get all items limit must be 0.

                                        Example:

                                        1

                                      HTTP status code 200

                                      Realm identity providers list is successfully retrieved.

                                      Body

                                      Media type: application/json

                                      Type: object

                                      Properties

                                      • count: required (integer)

                                        Total number of elements available for retrieval.

                                      • results: required (array of RealmIdp)

                                        Items: RealmIdp

                                        • id: required (integer)

                                          Unique identifier of a realm identity provider.

                                        • url: required (string)

                                          URL of an a realm identity provider.

                                        • client_id: required (string)

                                          Identifier of a client.

                                        • client_secret: required (string)

                                          Identifier of a client secret for confidential clients.

                                        • alias: required (string)

                                          Name of an identity provider.

                                        • idp_realm: required (string)

                                          Name of a realm used to access an identity provider.

                                        • role_mapping: required (object)

                                          Mapping realm role.

                                          • id: required (integer)

                                            Unique identifier of a role mapping.

                                          • realm_role: required (string)

                                            Name of a realm role.

                                          • claim_name: required (string)

                                            Name of a realm role's claim.

                                          • claim_value: required (string)

                                            Value of a realm role's claim.

                                      Example:

                                      {
                                        "count": 2,
                                        "results": [
                                          {
                                            "id": 1,
                                            "url": "https://auth.local.kaatech.com",
                                            "client_id": "example_idp_client",
                                            "client_secret": "2ad4f4bc-aa4f-44b1-ada3-3ba8b8b13ab3",
                                            "alias": "example",
                                            "idp_realm": "example",
                                            "role_mapping": {
                                              "id": 1,
                                              "realm_role": "platform-admin",
                                              "claim_name": "roles",
                                              "claim_value": "customer"
                                            }
                                          },
                                          {
                                            "id": 2,
                                            "url": "https://id.kaaiot.io",
                                            "client_id": "kaa-eph",
                                            "client_secret": "17b2c323-cbc1-40d1-f164-9574dde094ac",
                                            "alias": "KaaID",
                                            "idp_realm": "master",
                                            "role_mapping": {
                                              "id": 2,
                                              "realm_role": "platform-admin",
                                              "claim_name": "roles",
                                              "claim_value": "admin"
                                            }
                                          }
                                        ]
                                      }
                                      

                                      HTTP status code 400

                                      Invalid request

                                      HTTP status code 401

                                      Unauthenticated request

                                      Secured by oauth_2_0

                                      Headers

                                      • Authorization: (string)

                                        Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.

                                      post /idps

                                      Create new realm identity provider.

                                      Secured by oauth_2_0 with scopes:
                                      • tenant:keycloak-idp:create

                                      Tenant Manager supports OAuth 2.0 for authenticating all API requests.

                                      Body

                                      Media type: application/json

                                      Type: object

                                      Properties

                                      • url: required (string)

                                        URL of an a realm identity provider.

                                      • client_id: required (string)

                                        Identifier of a client.

                                      • client_secret: required (string)

                                        Identifier of a client secret for confidential clients.

                                      • alias: required (string)

                                        Name of an identity provider.

                                      • idp_realm: required (string)

                                        Name of a realm used to access an identity provider.

                                      • role_mapping: required (object)

                                        Mapping realm role.

                                        • realm_role: required (string)

                                          Name of a realm role.

                                        • claim_name: required (string)

                                          Name of a realm role's claim.

                                        • claim_value: required (string)

                                          Value of a realm role's claim.

                                      Example:

                                      {
                                        "url": "https://auth.local.kaatech.com",
                                        "client_id": "example_idp_client",
                                        "client_secret": "2ad4f4bc-rt4f-4241-ada3-3ba8b8b13ab3",
                                        "alias": "example",
                                        "idp_realm": "example",
                                        "role_mapping": {
                                          "realm_role": "platform-admin",
                                          "claim_name": "roles",
                                          "claim_value": "customer"
                                        }
                                      }
                                      

                                      HTTP status code 201

                                      Realm identity provider is successfully created.

                                      Body

                                      Media type: application/json

                                      Type: object

                                      Properties

                                      • id: required (integer)

                                        Unique identifier of a realm identity provider.

                                      • url: required (string)

                                        URL of an a realm identity provider.

                                      • client_id: required (string)

                                        Identifier of a client.

                                      • client_secret: required (string)

                                        Identifier of a client secret for confidential clients.

                                      • alias: required (string)

                                        Name of an identity provider.

                                      • idp_realm: required (string)

                                        Name of a realm used to access an identity provider.

                                      • role_mapping: required (object)

                                        Mapping realm role.

                                        • id: required (integer)

                                          Unique identifier of a role mapping.

                                        • realm_role: required (string)

                                          Name of a realm role.

                                        • claim_name: required (string)

                                          Name of a realm role's claim.

                                        • claim_value: required (string)

                                          Value of a realm role's claim.

                                      Example:

                                      {
                                        "id": 1,
                                        "url": "https://auth.local.kaatech.com",
                                        "client_id": "example_idp_client",
                                        "client_secret": "2ad4f4bc-rt4f-4241-ada3-3ba8b8b13ab3",
                                        "alias": "example",
                                        "idp_realm": "example",
                                        "role_mapping": {
                                          "id": 1,
                                          "realm_role": "platform-admin",
                                          "claim_name": "roles",
                                          "claim_value": "customer"
                                        }
                                      }
                                      

                                      HTTP status code 400

                                      Invalid request

                                      HTTP status code 401

                                      Unauthenticated request

                                      Secured by oauth_2_0

                                      Headers

                                      • Authorization: (string)

                                        Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.

                                      /idps/{id} get put delete

                                      get /idps/{id}

                                      Retrieve realm identity provider.

                                      Secured by oauth_2_0 with scopes:
                                      • tenant:keycloak-idp:read

                                      Tenant Manager supports OAuth 2.0 for authenticating all API requests.

                                      URI Parameters

                                      • id: required (integer)

                                        Identifier of the realm identity provider to operate on.

                                        Example:

                                        1

                                      HTTP status code 200

                                      Realm identity provider is successfully retrieved.

                                      Body

                                      Media type: application/json

                                      Type: object

                                      Properties

                                      • id: required (integer)

                                        Unique identifier of a realm identity provider.

                                      • url: required (string)

                                        URL of an a realm identity provider.

                                      • client_id: required (string)

                                        Identifier of a client.

                                      • client_secret: required (string)

                                        Identifier of a client secret for confidential clients.

                                      • alias: required (string)

                                        Name of an identity provider.

                                      • idp_realm: required (string)

                                        Name of a realm used to access an identity provider.

                                      • role_mapping: required (object)

                                        Mapping realm role.

                                        • id: required (integer)

                                          Unique identifier of a role mapping.

                                        • realm_role: required (string)

                                          Name of a realm role.

                                        • claim_name: required (string)

                                          Name of a realm role's claim.

                                        • claim_value: required (string)

                                          Value of a realm role's claim.

                                      Example:

                                      {
                                        "id": 1,
                                        "url": "https://auth.local.kaatech.com",
                                        "client_id": "example_idp_client",
                                        "client_secret": "2ad4f4bc-rt4f-4241-ada3-3ba8b8b13ab3",
                                        "alias": "example",
                                        "idp_realm": "example",
                                        "role_mapping": {
                                          "id": 1,
                                          "realm_role": "platform-admin",
                                          "claim_name": "roles",
                                          "claim_value": "customer"
                                        }
                                      }
                                      

                                      HTTP status code 400

                                      Invalid request

                                      HTTP status code 401

                                      Unauthenticated request

                                      HTTP status code 404

                                      Resource not found or querying user is not authorized for it.

                                      Secured by oauth_2_0

                                      Headers

                                      • Authorization: (string)

                                        Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.

                                      put /idps/{id}

                                      Update realm identity provider.

                                      Secured by oauth_2_0 with scopes:
                                      • tenant:keycloak-idp:update

                                      Tenant Manager supports OAuth 2.0 for authenticating all API requests.

                                      URI Parameters

                                      • id: required (integer)

                                        Identifier of the realm identity provider to operate on.

                                        Example:

                                        1

                                      Body

                                      Media type: application/json

                                      Type: object

                                      Properties

                                      • url: required (string)

                                        URL of an a realm identity provider.

                                      • client_id: required (string)

                                        Identifier of a client.

                                      • client_secret: required (string)

                                        Identifier of a client secret for confidential clients.

                                      • alias: required (string)

                                        Name of an identity provider.

                                      • idp_realm: required (string)

                                        Name of a realm used to access an identity provider.

                                      • role_mapping: required (object)

                                        Mapping realm role.

                                        • realm_role: required (string)

                                          Name of a realm role.

                                        • claim_name: required (string)

                                          Name of a realm role's claim.

                                        • claim_value: required (string)

                                          Value of a realm role's claim.

                                      Example:

                                      {
                                        "url": "https://auth.local.kaatech.com",
                                        "client_id": "example_idp_client",
                                        "client_secret": "2ad4f4bc-rt4f-4241-ada3-3ba8b8b13ab3",
                                        "alias": "example",
                                        "idp_realm": "example",
                                        "role_mapping": {
                                          "realm_role": "platform-admin",
                                          "claim_name": "roles",
                                          "claim_value": "customer"
                                        }
                                      }
                                      

                                      HTTP status code 200

                                      Realm identity provider is successfully updated.

                                      Body

                                      Media type: application/json

                                      Type: object

                                      Properties

                                      • id: required (integer)

                                        Unique identifier of a realm identity provider.

                                      • url: required (string)

                                        URL of an a realm identity provider.

                                      • client_id: required (string)

                                        Identifier of a client.

                                      • client_secret: required (string)

                                        Identifier of a client secret for confidential clients.

                                      • alias: required (string)

                                        Name of an identity provider.

                                      • idp_realm: required (string)

                                        Name of a realm used to access an identity provider.

                                      • role_mapping: required (object)

                                        Mapping realm role.

                                        • id: required (integer)

                                          Unique identifier of a role mapping.

                                        • realm_role: required (string)

                                          Name of a realm role.

                                        • claim_name: required (string)

                                          Name of a realm role's claim.

                                        • claim_value: required (string)

                                          Value of a realm role's claim.

                                      Example:

                                      {
                                        "id": 1,
                                        "url": "https://auth.local.kaatech.com",
                                        "client_id": "example_idp_client",
                                        "client_secret": "2ad4f4bc-rt4f-4241-ada3-3ba8b8b13ab3",
                                        "alias": "example",
                                        "idp_realm": "example",
                                        "role_mapping": {
                                          "id": 1,
                                          "realm_role": "platform-admin",
                                          "claim_name": "roles",
                                          "claim_value": "customer"
                                        }
                                      }
                                      

                                      HTTP status code 400

                                      Invalid request

                                      HTTP status code 401

                                      Unauthenticated request

                                      HTTP status code 404

                                      Resource not found or querying user is not authorized for it.

                                      Secured by oauth_2_0

                                      Headers

                                      • Authorization: (string)

                                        Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.

                                      delete /idps/{id}

                                      Delete realm identity provider.

                                      Secured by oauth_2_0 with scopes:
                                      • tenant:keycloak-idp:delete

                                      Tenant Manager supports OAuth 2.0 for authenticating all API requests.

                                      URI Parameters

                                      • id: required (integer)

                                        Identifier of the realm identity provider to operate on.

                                        Example:

                                        1

                                      HTTP status code 204

                                      Realm identity provider is successfully deleted.

                                      HTTP status code 400

                                      Invalid request

                                      HTTP status code 401

                                      Unauthenticated request

                                      HTTP status code 404

                                      Resource not found or querying user is not authorized for it.

                                      Secured by oauth_2_0

                                      Headers

                                      • Authorization: (string)

                                        Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.