Here is
new documentation version.
You are reading outdated documentation, which will be shutdown soon!
REST API
Tenant Manager REST API documentation version v1
{schema}://{host}/api/{version}
- schema: required(one of http, https - default: http)
- host: required(string - default: localhost)
- version: required(v1)
Tenants
Operations on tenants and tenant users.
get /tenants
Returns information about tenants.
- kaa:tenant:read on kaa-system resource
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
Query Parameters
- offset: optional (integer)
Start index that the server should return data from.
Example:
0
- limit: optional (integer - default: 50)
Maximum number of items to return. To get all items limit must be 0.
Example:
1
- realm_name: optional (string)
Filters tenants by realm name.
Example:
my-realm-name
HTTP status code 200
Tenant list is successfully retrieved.
Body
Media type: application/json
Type: object
Properties
- count: required(integer)
Total number of elements available for retrieval.
- results: required(array of Tenant)
Items: Tenant
- id: required(string)
Unique identifier of a tenant.
- realm_name: required(string)
Realm name (not id!).
- client_frontend_id: required(string)
Identifier of a client frontend.
- client_backend_id: required(string)
Identifier of a client backend.
- client_backend_secret: required(string)
Identifier of a client backend secret for confidential clients.
- realm_template_version: required(integer)
Identifier of a realm template version.
- realm_scopes_version: required(integer)
Identifier of a realm scope version.
- client_backend_version: required(integer)
Identifier of a realm client backend version.
- client_frontend_version: required(integer)
Identifier of a realm client frontend version.
- roles_version: required(integer)
Identifier of a realm role version.
- resources_version: required(integer)
Identifier of a realm resources version.
- idp_version: optional (boolean)
Identifier of a realm identity provider version.
- user: optional (integer)
Identifier of a tenant user.
- issuer: required(string)
URL of the auth service.
- status: required(one of AVAILABLE, CREATING, UPDATING, DISABLED, DELETED)
Tenant status.
- created: required(datetime)
Tenant creation timestamp in ISO 8601 format (UTC timezone).
- id: required(string)
Example:
{
"count": 6,
"results": [
{
"id": "80786da9-985a-4e01-a51a-c5872e03d44f",
"realm_name": "alpha-realm",
"client_frontend_id": "16f9a9d6-1989-4cb1-a30f-6bba13aa6460",
"client_backend_id": "727eaf72-fb73-419f-a677-50a37d8829cd",
"client_backend_secret": "e3f8f5c7-cdf2-473d-8721-a7bfad0691e7",
"realm_template_version": 1,
"realm_scopes_version": 1,
"client_backend_version": 1,
"client_frontend_version": 1,
"roles_version": 1,
"resources_version": 1,
"idp_version": 1,
"user": 1,
"issuer": "https://{identity-provider-host}/auth/realms/80786da9-985a-4e01-a51a-c5872e03d44f",
"status": "AVAILABLE",
"created": "2020-03-06T14:49:08.339576Z"
},
{
"id": "6d2e4ccd-4a15-4a3f-91b6-e168918e945f",
"realm_name": "beta-realm",
"client_frontend_id": "fb6d9435-448d-46b8-82b1-60e91c2e1307",
"client_backend_id": "d5cd59ff-6f1d-45f5-a84a-28877fa2cd36",
"client_backend_secret": "bda83b4a-4633-4767-a68b-6153c7901131",
"realm_template_version": 1,
"realm_scopes_version": 1,
"client_backend_version": 1,
"client_frontend_version": 1,
"roles_version": 1,
"resources_version": 1,
"idp_version": 1,
"user": 2,
"issuer": "https://{identity-provider-host}/auth/realms/6d2e4ccd-4a15-4a3f-91b6-e168918e945f",
"status": "AVAILABLE",
"created": "2020-03-06T14:49:11.180017Z"
}
]
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
post /tenants
Registers new tenant.
- kaa:tenant:create on kaa-system resource
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
Body
Media type: application/json
Type: object
Properties
- realm_name: required(string)
Realm name (not id!).
- realm_template_version: required(integer)
Identifier of a realm template version.
- realm_scopes_version: required(integer)
Identifier of a realm scope version.
- client_backend_version: required(integer)
Identifier of a realm client backend version.
- client_frontend_version: required(integer)
Identifier of a realm client frontend version.
- roles_version: required(integer)
Identifier of a realm role version.
- resources_version: required(integer)
Identifier of a realm resources version.
- idp_version: optional (boolean)
Identifier of a realm identity provider version.
- user: optional (integer)
Identifier of a tenant user.
Example:
{
"realm_name": "delta-realm",
"realm_template_version": 1,
"realm_scopes_version": 1,
"client_backend_version": 1,
"client_frontend_version": 1,
"roles_version": 1,
"resources_version": 1,
"idp_version": 1,
"user": 1
}
HTTP status code 201
Tenant is successfully created.
Body
Media type: application/json
Type: object
Properties
- id: required(string)
Unique identifier of a tenant.
- realm_name: required(string)
Realm name (not id!).
- client_frontend_id: required(string)
Identifier of a client frontend.
- client_backend_id: required(string)
Identifier of a client backend.
- client_backend_secret: required(string)
Identifier of a client backend secret for confidential clients.
- realm_template_version: required(integer)
Identifier of a realm template version.
- realm_scopes_version: required(integer)
Identifier of a realm scope version.
- client_backend_version: required(integer)
Identifier of a realm client backend version.
- client_frontend_version: required(integer)
Identifier of a realm client frontend version.
- roles_version: required(integer)
Identifier of a realm role version.
- resources_version: required(integer)
Identifier of a realm resources version.
- idp_version: optional (boolean)
Identifier of a realm identity provider version.
- user: optional (integer)
Identifier of a tenant user.
- issuer: required(string)
URL of the auth service.
- status: required(one of AVAILABLE, CREATING, UPDATING, DISABLED, DELETED)
Tenant status.
- created: required(datetime)
Tenant creation timestamp in ISO 8601 format (UTC timezone).
Example:
{
"id": "5428586f-49a1-45b6-9ab7-de56ebd11e03",
"realm_name": "delta-realm",
"client_frontend_id": "16f9a9d6-1989-4cb1-a30f-6bba13aa6460",
"client_backend_id": "727eaf72-fb73-419f-a677-50a37d8829cd",
"client_backend_secret": "e3f8f5c7-cdf2-473d-8721-a7bfad0691e7",
"realm_template_version": 1,
"realm_scopes_version": 1,
"client_backend_version": 1,
"client_frontend_version": 1,
"roles_version": 1,
"resources_version": 1,
"idp_version": 1,
"user": 1,
"issuer": "https://{identity-provider-host}/auth/realms/5428586f-49a1-45b6-9ab7-de56ebd11e03",
"status": "CREATING",
"created": "2020-02-24T10:46:29.657054Z"
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
get /tenants/{tenantId}
Retrieve tenant.
- kaa:tenant:read on kaa-system resource
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
URI Parameters
- tenantId: required(string)
Identifier of the tenant to operate on.
Example:
1957f6df-ca08-4052-962b-b14ec96ab8f5
HTTP status code 200
Tenant is successfully retrieved.
Body
Media type: application/json
Type: object
Properties
- id: required(string)
Unique identifier of a tenant.
- realm_name: required(string)
Realm name (not id!).
- client_frontend_id: required(string)
Identifier of a client frontend.
- client_backend_id: required(string)
Identifier of a client backend.
- client_backend_secret: required(string)
Identifier of a client backend secret for confidential clients.
- realm_template_version: required(integer)
Identifier of a realm template version.
- realm_scopes_version: required(integer)
Identifier of a realm scope version.
- client_backend_version: required(integer)
Identifier of a realm client backend version.
- client_frontend_version: required(integer)
Identifier of a realm client frontend version.
- roles_version: required(integer)
Identifier of a realm role version.
- resources_version: required(integer)
Identifier of a realm resources version.
- idp_version: optional (boolean)
Identifier of a realm identity provider version.
- user: optional (integer)
Identifier of a tenant user.
- issuer: required(string)
URL of the auth service.
- status: required(one of AVAILABLE, CREATING, UPDATING, DISABLED, DELETED)
Tenant status.
- created: required(datetime)
Tenant creation timestamp in ISO 8601 format (UTC timezone).
Example:
{
"id": "5428586f-49a1-45b6-9ab7-de56ebd11e03",
"realm_name": "delta-realm",
"client_frontend_id": "16f9a9d6-1989-4cb1-a30f-6bba13aa6460",
"client_backend_id": "727eaf72-fb73-419f-a677-50a37d8829cd",
"client_backend_secret": "e3f8f5c7-cdf2-473d-8721-a7bfad0691e7",
"realm_template_version": 1,
"realm_scopes_version": 1,
"client_backend_version": 1,
"client_frontend_version": 1,
"roles_version": 1,
"resources_version": 1,
"idp_version": 1,
"user": 1,
"issuer": "https://{identity-provider-host}/auth/realms/5428586f-49a1-45b6-9ab7-de56ebd11e03",
"status": "AVAILABLE",
"created": "2020-02-24T10:46:29.657054Z"
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
HTTP status code 404
Resource not found or querying user is not authorized for it.
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
put /tenants/{tenantId}
Update tenant
- kaa:tenant:update on kaa-system resource
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
URI Parameters
- tenantId: required(string)
Identifier of the tenant to operate on.
Example:
1957f6df-ca08-4052-962b-b14ec96ab8f5
Body
Media type: application/json
Type: tenant-manager-api-types.TenantUpdateUpdate
Example:
{
"realm_name": "delta-realm",
"realm_template_version": 1,
"realm_scopes_version": 1,
"client_backend_version": 1,
"client_frontend_version": 1,
"roles_version": 1,
"resources_version": 1,
"idp_version": 1,
"user": 1
}
HTTP status code 201
Tenant is successfully updated.
Body
Media type: application/json
Type: object
Properties
- id: required(string)
Unique identifier of a tenant.
- realm_name: required(string)
Realm name (not id!).
- client_frontend_id: required(string)
Identifier of a client frontend.
- client_backend_id: required(string)
Identifier of a client backend.
- client_backend_secret: required(string)
Identifier of a client backend secret for confidential clients.
- realm_template_version: required(integer)
Identifier of a realm template version.
- realm_scopes_version: required(integer)
Identifier of a realm scope version.
- client_backend_version: required(integer)
Identifier of a realm client backend version.
- client_frontend_version: required(integer)
Identifier of a realm client frontend version.
- roles_version: required(integer)
Identifier of a realm role version.
- resources_version: required(integer)
Identifier of a realm resources version.
- idp_version: optional (boolean)
Identifier of a realm identity provider version.
- user: optional (integer)
Identifier of a tenant user.
- issuer: required(string)
URL of the auth service.
- status: required(one of AVAILABLE, CREATING, UPDATING, DISABLED, DELETED)
Tenant status.
- created: required(datetime)
Tenant creation timestamp in ISO 8601 format (UTC timezone).
Example:
{
"id": "5428586f-49a1-45b6-9ab7-de56ebd11e03",
"realm_name": "delta-realm",
"client_frontend_id": "16f9a9d6-1989-4cb1-a30f-6bba13aa6460",
"client_backend_id": "727eaf72-fb73-419f-a677-50a37d8829cd",
"client_backend_secret": "e3f8f5c7-cdf2-473d-8721-a7bfad0691e7",
"realm_template_version": 1,
"realm_scopes_version": 1,
"client_backend_version": 1,
"client_frontend_version": 1,
"roles_version": 1,
"resources_version": 1,
"idp_version": 1,
"user": 1,
"issuer": "https://{identity-provider-host}/auth/realms/5428586f-49a1-45b6-9ab7-de56ebd11e03",
"status": "UPDATING",
"created": "2020-02-24T10:46:29.657054Z"
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
HTTP status code 404
Resource not found or querying user is not authorized for it.
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
delete /tenants/{tenantId}
Delete tenant.
- kaa:tenant:delete on kaa-system resource
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
URI Parameters
- tenantId: required(string)
Identifier of the tenant to operate on.
Example:
1957f6df-ca08-4052-962b-b14ec96ab8f5
HTTP status code 204
Tenant is successfully deleted.
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
HTTP status code 404
Resource not found or querying user is not authorized for it.
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
get /tenants/{tenantId}/credentials
Retrieve tenant's credentials.
- kaa:tenant:read
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
URI Parameters
- tenantId: required(string)
Identifier of the tenant to operate on.
Example:
1957f6df-ca08-4052-962b-b14ec96ab8f5
HTTP status code 200
Tenant's credentials are successfully retrieved.
Body
Media type: application/json
Type: object
Properties
- id: required(string)
Unique identifier of a tenant.
- realm_name: required(string)
Realm name (not id!).
- client_backend_id: required(string)
Identifier of a client backend.
- client_backend_secret: required(string)
Identifier of a client backend secret.
- client_frontend_id: required(string)
Identifier of a client frontend.
- issuer: required(string)
URL of the auth service.
Example:
{
"id": "1957f6df-ca08-4052-962b-b14ec96ab8f5",
"realm_name": "delta-realm",
"client_backend_id": "727eaf72-fb73-419f-a677-50a37d8829cd",
"client_backend_secret": "e3f8f5c7-cdf2-473d-8721-a7bfad0691e7",
"client_frontend_id": "16f9a9d6-1989-4cb1-a30f-6bba13aa6460",
"issuer": "https://{identity-provider-host}/auth/realms/1957f6df-ca08-4052-962b-b14ec96ab8f5"
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
HTTP status code 404
Resource not found or querying user is not authorized for it.
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
put /tenants/{tenantId}/credentials
Update tenant's credentials.
- kaa:tenant:update
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
URI Parameters
- tenantId: required(string)
Identifier of the tenant to operate on.
Example:
1957f6df-ca08-4052-962b-b14ec96ab8f5
Body
Media type: application/json
Type: object
Properties
- client_backend_id: required(string)
Identifier of a client backend.
- client_backend_secret: required(string)
Identifier of a client backend secret.
- client_frontend_id: required(string)
Identifier of a client frontend.
Example:
{
"client_backend_id": "727eaf72-fb73-419f-a677-50a37d8829cd",
"client_backend_secret": "e3f8f5c7-cdf2-473d-8721-a7bfad0691e7",
"client_frontend_id": "16f9a9d6-1989-4cb1-a30f-6bba13aa6460"
}
HTTP status code 201
Tenant's credentials are successfully updated.
Body
Media type: application/json
Type: object
Properties
- id: required(string)
Unique identifier of a tenant.
- realm_name: required(string)
Realm name (not id!).
- client_backend_id: required(string)
Identifier of a client backend.
- client_backend_secret: required(string)
Identifier of a client backend secret.
- client_frontend_id: required(string)
Identifier of a client frontend.
- issuer: required(string)
URL of the auth service.
Example:
{
"id": "1957f6df-ca08-4052-962b-b14ec96ab8f5",
"realm_name": "delta-realm",
"client_backend_id": "727eaf72-fb73-419f-a677-50a37d8829cd",
"client_backend_secret": "e3f8f5c7-cdf2-473d-8721-a7bfad0691e7",
"client_frontend_id": "16f9a9d6-1989-4cb1-a30f-6bba13aa6460",
"issuer": "https://{identity-provider-host}/auth/realms/1957f6df-ca08-4052-962b-b14ec96ab8f5"
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
HTTP status code 404
Resource not found or querying user is not authorized for it.
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
get /tenants/users
Retrieve tenant users list.
- kaa:tenant:tenant-user:read
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
Query Parameters
- offset: optional (integer)
Start index that the server should return data from.
Example:
0
- limit: optional (integer - default: 50)
Maximum number of items to return. To get all items limit must be 0.
Example:
1
HTTP status code 200
Tenant users list is successfully retrieved.
Body
Media type: application/json
Type: object
Properties
- count: required(integer)
Total number of elements available for retrieval.
- results: required(array of TenantUser)
Items: TenantUser
- id: required(integer)
Unique identifier of a tenant.
- email: required(string)
Email of a tenant user.
- firstName: required(string)
First name of a tenant user.
- lastName: required(string)
Last name of a tenant user.
- password: required(string)
Password of a tenant user.
- idp_id: optional (string)
Identifier of external Identity Provider.
- id: required(integer)
Example:
{
"count": 3,
"results": [
{
"id": 2,
"email": "admin@example.com",
"firstName": "Admin",
"lastName": "Admin",
"password": "admin",
"idp_id": "059d8639-b566-484b-98b7-729c02870d91"
}
]
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
post /tenants/users
Create new tenant user.
- kaa:tenant:tenant-user:create
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
Body
Media type: application/json
Type: object
Properties
- email: required(string)
Email of a tenant user.
- firstName: required(string)
First name of a tenant user.
- lastName: required(string)
Last name of a tenant user.
- password: required(string)
Password of a tenant user.
- idp_id: optional (string)
Identifier of external Identity Provider.
Example:
{
"email": "admin@example.com",
"firstName": "Admin",
"lastName": "Admin",
"password": "admin",
"idp_id": "059d8639-b566-484b-98b7-729c02870d91"
}
HTTP status code 201
Tenant user is successfully created.
Body
Media type: application/json
Type: object
Properties
- id: required(integer)
Unique identifier of a tenant.
- email: required(string)
Email of a tenant user.
- firstName: required(string)
First name of a tenant user.
- lastName: required(string)
Last name of a tenant user.
- password: required(string)
Password of a tenant user.
- idp_id: optional (string)
Identifier of external Identity Provider.
Example:
{
"id": 2,
"email": "admin@example.com",
"firstName": "Admin",
"lastName": "Admin",
"password": "admin",
"idp_id": "059d8639-b566-484b-98b7-729c02870d91"
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
get /tenants/users/{userId}
Retrieve tenant user.
- kaa:tenant:tenant-user:read
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
URI Parameters
- userId: required(integer)
Identifier of the tenant user to operate on.
Example:
2
HTTP status code 200
Tenant user is successfully retrieved.
Body
Media type: application/json
Type: object
Properties
- id: required(integer)
Unique identifier of a tenant.
- email: required(string)
Email of a tenant user.
- firstName: required(string)
First name of a tenant user.
- lastName: required(string)
Last name of a tenant user.
- password: required(string)
Password of a tenant user.
- idp_id: optional (string)
Identifier of external Identity Provider.
Example:
{
"id": 2,
"email": "admin@example.com",
"firstName": "Admin",
"lastName": "Admin",
"password": "admin",
"idp_id": "059d8639-b566-484b-98b7-729c02870d91"
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
HTTP status code 404
Resource not found or querying user is not authorized for it.
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
put /tenants/users/{userId}
Update user.
- kaa:tenant:tenant-user:update
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
URI Parameters
- userId: required(integer)
Identifier of the tenant user to operate on.
Example:
2
Body
Media type: application/json
Type: object
Properties
- email: required(string)
Email of a tenant user.
- firstName: required(string)
First name of a tenant user.
- lastName: required(string)
Last name of a tenant user.
- password: required(string)
Password of a tenant user.
- idp_id: optional (string)
Identifier of external Identity Provider.
Example:
{
"email": "admin@example.com",
"firstName": "Admin",
"lastName": "Admin",
"password": "admin",
"idp_id": "059d8639-b566-484b-98b7-729c02870d91"
}
HTTP status code 201
Tenant user is successfully updated.
Body
Media type: application/json
Type: object
Properties
- id: required(integer)
Unique identifier of a tenant.
- email: required(string)
Email of a tenant user.
- firstName: required(string)
First name of a tenant user.
- lastName: required(string)
Last name of a tenant user.
- password: required(string)
Password of a tenant user.
- idp_id: optional (string)
Identifier of external Identity Provider.
Example:
{
"id": 2,
"email": "admin@example.com",
"firstName": "Admin",
"lastName": "Admin",
"password": "admin",
"idp_id": "059d8639-b566-484b-98b7-729c02870d91"
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
HTTP status code 404
Resource not found or querying user is not authorized for it.
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
delete /tenants/users/{userId}
Delete user.
- kaa:tenant:tenant-user:delete
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
URI Parameters
- userId: required(integer)
Identifier of the tenant user to operate on.
Example:
2
HTTP status code 204
Tenant user is successfully deleted.
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
HTTP status code 404
Resource not found or querying user is not authorized for it.
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
Templates
Operations on realm, frontend client and backend client templates.
get /templates/realms
Retrieve realm templates list.
- kaa:tenant:realm-template:read
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
Query Parameters
- offset: optional (integer)
Start index that the server should return data from.
Example:
0
- limit: optional (integer - default: 50)
Maximum number of items to return. To get all items limit must be 0.
Example:
1
HTTP status code 200
Realm templates list is successfully retrieved.
Body
Media type: application/json
Type: object
Properties
- count: required(integer)
Total number of elements available for retrieval.
- results: required(array of RealmTemplate)
Items: RealmTemplate
- id: required(integer)
Unique identifier of a realm template version.
- template: required(object)
Realm template version.
- description: required(string)
Realm template version description.
- id: required(integer)
Example:
{
"count": 3,
"results": [
{
"id": 2,
"template": {
"enabledEventTypes": [],
"adminEventsEnabled": false,
"adminEventsDetailsEnabled": false,
"internationalizationEnabled": false,
"supportedLocales": [],
"browserFlow": "browser",
"registrationFlow": "registration",
"directGrantFlow": "direct grant",
"resetCredentialsFlow": "reset credentials",
"clientAuthenticationFlow": "clients",
"dockerAuthenticationFlow": "docker auth"
},
"description": "realm template description"
}
]
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
post /templates/realms
Create new realm template.
- kaa:tenant:realm-template:create
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
Body
Media type: application/json
Type: object
Properties
- template: required(object)
Realm template version.
- description: required(string)
Realm template version description.
Example:
{
"template": {
"enabledEventTypes": [],
"adminEventsEnabled": false,
"adminEventsDetailsEnabled": false,
"internationalizationEnabled": false,
"supportedLocales": [],
"browserFlow": "browser",
"registrationFlow": "registration",
"directGrantFlow": "direct grant",
"resetCredentialsFlow": "reset credentials",
"clientAuthenticationFlow": "clients",
"dockerAuthenticationFlow": "docker auth"
},
"description": "realm template description"
}
HTTP status code 201
Realm template is successfully created.
Body
Media type: application/json
Type: object
Properties
- id: required(integer)
Unique identifier of a realm template version.
- template: required(object)
Realm template version.
- description: required(string)
Realm template version description.
Example:
{
"id": 1,
"template": {
"revokeRefreshToken": false,
"refreshTokenMaxReuse": 0,
"accessTokenLifespan": 1800,
"ssoSessionIdleTimeout": 5400,
"ssoSessionMaxLifespan": 36000
},
"description": "realm template description"
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
get /templates/realms/{id}
Retrieve realm template.
- kaa:tenant:realm-template:read
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
URI Parameters
- id: required(integer)
Identifier of the realm template to operate on.
Example:
1
HTTP status code 200
Realm template is successfully retrieved.
Body
Media type: application/json
Type: object
Properties
- id: required(integer)
Unique identifier of a realm template version.
- template: required(object)
Realm template version.
- description: required(string)
Realm template version description.
Example:
{
"id": 1,
"template": {
"revokeRefreshToken": false,
"refreshTokenMaxReuse": 0,
"accessTokenLifespan": 1800,
"ssoSessionIdleTimeout": 5400,
"ssoSessionMaxLifespan": 36000
},
"description": "realm template description"
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
HTTP status code 404
Resource not found or querying user is not authorized for it.
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
put /templates/realms/{id}
Update realm template
- kaa:tenant:realm-template:update
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
URI Parameters
- id: required(integer)
Identifier of the realm template to operate on.
Example:
1
Body
Media type: application/json
Type: object
Properties
- template: required(object)
Realm template version.
- description: required(string)
Realm template version description.
Example:
{
"template": {
"enabledEventTypes": [],
"adminEventsEnabled": false,
"adminEventsDetailsEnabled": false,
"internationalizationEnabled": false,
"supportedLocales": [],
"browserFlow": "browser",
"registrationFlow": "registration",
"directGrantFlow": "direct grant",
"resetCredentialsFlow": "reset credentials",
"clientAuthenticationFlow": "clients",
"dockerAuthenticationFlow": "docker auth"
},
"description": "realm template description"
}
HTTP status code 200
Realm template is successfully updated.
Body
Media type: application/json
Type: object
Properties
- id: required(integer)
Unique identifier of a realm template version.
- template: required(object)
Realm template version.
- description: required(string)
Realm template version description.
Example:
{
"id": 1,
"template": {
"revokeRefreshToken": false,
"refreshTokenMaxReuse": 0,
"accessTokenLifespan": 1800,
"ssoSessionIdleTimeout": 5400,
"ssoSessionMaxLifespan": 36000
},
"description": "realm template description"
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
HTTP status code 404
Resource not found or querying user is not authorized for it.
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
delete /templates/realms/{id}
Delete realm template.
- kaa:tenant:realm-template:delete
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
URI Parameters
- id: required(integer)
Identifier of the realm template to operate on.
Example:
1
HTTP status code 204
Realm template is successfully deleted.
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
HTTP status code 404
Resource not found or querying user is not authorized for it.
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
get /templates/realm-frontend-clients
Retrieve realm frontend client template list.
- kaa:tenant:realm-frontend-client-template:read
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
Query Parameters
- offset: optional (integer)
Start index that the server should return data from.
Example:
0
- limit: optional (integer - default: 50)
Maximum number of items to return. To get all items limit must be 0.
Example:
1
HTTP status code 200
Realm frontend client template list is successfully retrieved.
Body
Media type: application/json
Type: object
Properties
- count: required(integer)
Total number of elements available for retrieval.
- results: required(array of RealmFrontendClientTemplate)
Items: RealmFrontendClientTemplate
- id: required(integer)
Unique identifier of a realm frontend template version.
- template: required(object)
Realm frontend template version.
- description: required(string)
Realm frontend template version description.
- id: required(integer)
Example:
{
"count": 3,
"results": [
{
"id": 2,
"template": {
"protocol": "openid-connect",
"webOrigins": [
"+"
],
"publicClient": true,
"redirectUris": [
"*"
],
"fullScopeAllowed": false,
"serviceAccountsEnabled": false,
"authorizationServicesEnabled": false
},
"description": "realm frontend client template description"
}
]
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
post /templates/realm-frontend-clients
Create new realm frontend client template.
- kaa:tenant:realm-frontend-client-template:create
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
Body
Media type: application/json
Type: object
Properties
- template: required(object)
Realm frontend template version.
- description: required(string)
Realm frontend template version description.
Example:
{
"template": {
"protocol": "openid-connect",
"webOrigins": [
"+"
],
"publicClient": true,
"redirectUris": [
"*"
],
"fullScopeAllowed": false,
"serviceAccountsEnabled": false,
"authorizationServicesEnabled": false
},
"description": "realm frontend client template description"
}
HTTP status code 201
Realm frontend client template is successfully created.
Body
Media type: application/json
Type: object
Properties
- id: required(integer)
Unique identifier of a realm frontend template version.
- template: required(object)
Realm frontend template version.
- description: required(string)
Realm frontend template version description.
Example:
{
"id": 2,
"template": {
"protocol": "openid-connect",
"webOrigins": [
"+"
],
"publicClient": true,
"redirectUris": [
"*"
],
"fullScopeAllowed": false,
"serviceAccountsEnabled": false,
"authorizationServicesEnabled": false
},
"description": "realm frontend client template description"
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
get /templates/realm-frontend-clients/{id}
Retrieve realm frontend client template.
- kaa:tenant:realm-frontend-client-template:read
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
URI Parameters
- id: required(integer)
Identifier of the realm frontend client template to operate on.
Example:
2
HTTP status code 200
Realm frontend client template is successfully retrieved.
Body
Media type: application/json
Type: object
Properties
- id: required(integer)
Unique identifier of a realm frontend template version.
- template: required(object)
Realm frontend template version.
- description: required(string)
Realm frontend template version description.
Example:
{
"id": 2,
"template": {
"protocol": "openid-connect",
"webOrigins": [
"+"
],
"publicClient": true,
"redirectUris": [
"*"
],
"fullScopeAllowed": false,
"serviceAccountsEnabled": false,
"authorizationServicesEnabled": false
},
"description": "realm frontend client template description"
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
HTTP status code 404
Resource not found or querying user is not authorized for it.
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
put /templates/realm-frontend-clients/{id}
Update realm frontend client template
- kaa:tenant:realm-frontend-client-template:update
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
URI Parameters
- id: required(integer)
Identifier of the realm frontend client template to operate on.
Example:
2
Body
Media type: application/json
Type: object
Properties
- template: required(object)
Realm frontend template version.
- description: required(string)
Realm frontend template version description.
Example:
{
"template": {
"protocol": "openid-connect",
"webOrigins": [
"+"
],
"publicClient": true,
"redirectUris": [
"*"
],
"fullScopeAllowed": false,
"serviceAccountsEnabled": false,
"authorizationServicesEnabled": false
},
"description": "realm frontend client template description"
}
HTTP status code 200
Realm frontend client template is successfully updated.
Body
Media type: application/json
Type: object
Properties
- id: required(integer)
Unique identifier of a realm frontend template version.
- template: required(object)
Realm frontend template version.
- description: required(string)
Realm frontend template version description.
Example:
{
"id": 2,
"template": {
"protocol": "openid-connect",
"webOrigins": [
"+"
],
"publicClient": true,
"redirectUris": [
"*"
],
"fullScopeAllowed": false,
"serviceAccountsEnabled": false,
"authorizationServicesEnabled": false
},
"description": "realm frontend client template description"
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
HTTP status code 404
Resource not found or querying user is not authorized for it.
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
delete /templates/realm-frontend-clients/{id}
Delete realm frontend client template.
- kaa:tenant:realm-frontend-client-template:delete
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
URI Parameters
- id: required(integer)
Identifier of the realm frontend client template to operate on.
Example:
2
HTTP status code 204
Realm frontend client template is successfully deleted.
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
HTTP status code 404
Resource not found or querying user is not authorized for it.
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
get /templates/realm-backend-clients
Retrieve realm backend client template list.
- kaa:tenant:realm-backend-client-template:read
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
Query Parameters
- offset: optional (integer)
Start index that the server should return data from.
Example:
0
- limit: optional (integer - default: 50)
Maximum number of items to return. To get all items limit must be 0.
Example:
1
HTTP status code 200
Realm backend client template list is successfully retrieved.
Body
Media type: application/json
Type: object
Properties
- count: required(integer)
Total number of elements available for retrieval.
- results: required(array of RealmBackendClientTemplate)
Items: RealmBackendClientTemplate
- id: required(integer)
Unique identifier of a realm backend template version.
- template: required(object)
Realm backend template version.
- description: required(string)
Realm backend template version description.
- id: required(integer)
Example:
{
"count": 4,
"results": [
{
"id": 2,
"template": {
"protocol": "openid-connect",
"webOrigins": [
"+"
],
"publicClient": false,
"redirectUris": [
"*"
],
"fullScopeAllowed": false,
"serviceAccountsEnabled": true,
"authorizationServicesEnabled": true
},
"description": "realm backend client template description"
}
]
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
post /templates/realm-backend-clients
Create new realm backend client template.
- kaa:tenant:realm-backend-client-template:create
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
Body
Media type: application/json
Type: object
Properties
- template: required(object)
Realm backend template version.
- description: required(string)
Realm backend template version description.
Example:
{
"template": {
"protocol": "openid-connect",
"webOrigins": [
"+"
],
"publicClient": false,
"redirectUris": [
"*"
],
"fullScopeAllowed": false,
"serviceAccountsEnabled": true,
"authorizationServicesEnabled": true
},
"description": "realm backend client template description"
}
HTTP status code 201
Realm backend client template is successfully created.
Body
Media type: application/json
Type: object
Properties
- id: required(integer)
Unique identifier of a realm backend template version.
- template: required(object)
Realm backend template version.
- description: required(string)
Realm backend template version description.
Example:
{
"id": 2,
"template": {
"protocol": "openid-connect",
"webOrigins": [
"+"
],
"publicClient": false,
"redirectUris": [
"*"
],
"fullScopeAllowed": false,
"serviceAccountsEnabled": true,
"authorizationServicesEnabled": true
},
"description": "realm backend client template description"
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
get /templates/realm-backend-clients/{id}
Retrieve realm backend client template.
- kaa:tenant:realm-backend-client-template:read
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
URI Parameters
- id: required(integer)
Identifier of the realm backend client template to operate on.
Example:
2
HTTP status code 200
Realm backend client template is successfully retrieved.
Body
Media type: application/json
Type: object
Properties
- id: required(integer)
Unique identifier of a realm backend template version.
- template: required(object)
Realm backend template version.
- description: required(string)
Realm backend template version description.
Example:
{
"id": 2,
"template": {
"protocol": "openid-connect",
"webOrigins": [
"+"
],
"publicClient": false,
"redirectUris": [
"*"
],
"fullScopeAllowed": false,
"serviceAccountsEnabled": true,
"authorizationServicesEnabled": true
},
"description": "realm backend client template description"
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
HTTP status code 404
Resource not found or querying user is not authorized for it.
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
put /templates/realm-backend-clients/{id}
Update realm backend client template
- kaa:tenant:realm-backend-client-template:update
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
URI Parameters
- id: required(integer)
Identifier of the realm backend client template to operate on.
Example:
2
Body
Media type: application/json
Type: object
Properties
- template: required(object)
Realm backend template version.
- description: required(string)
Realm backend template version description.
Example:
{
"template": {
"protocol": "openid-connect",
"webOrigins": [
"+"
],
"publicClient": false,
"redirectUris": [
"*"
],
"fullScopeAllowed": false,
"serviceAccountsEnabled": true,
"authorizationServicesEnabled": true
},
"description": "realm backend client template description"
}
HTTP status code 200
Realm backend client template is successfully updated.
Body
Media type: application/json
Type: object
Properties
- id: required(integer)
Unique identifier of a realm backend template version.
- template: required(object)
Realm backend template version.
- description: required(string)
Realm backend template version description.
Example:
{
"id": 2,
"template": {
"protocol": "openid-connect",
"webOrigins": [
"+"
],
"publicClient": false,
"redirectUris": [
"*"
],
"fullScopeAllowed": false,
"serviceAccountsEnabled": true,
"authorizationServicesEnabled": true
},
"description": "realm backend client template description"
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
HTTP status code 404
Resource not found or querying user is not authorized for it.
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
delete /templates/realm-backend-clients/{id}
Delete realm backend client template.
- kaa:tenant:realm-backend-client-template:delete
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
URI Parameters
- id: required(integer)
Identifier of the realm backend client template to operate on.
Example:
2
HTTP status code 204
Realm backend client template is successfully deleted.
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
HTTP status code 404
Resource not found or querying user is not authorized for it.
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
Scopes
Operations on realm scopes.
get /scopes
Retrieve realm scopes list.
- kaa:tenant:scope:read
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
Query Parameters
- offset: optional (integer)
Start index that the server should return data from.
Example:
0
- limit: optional (integer - default: 50)
Maximum number of items to return. To get all items limit must be 0.
Example:
1
HTTP status code 200
Realm scopes list is successfully retrieved.
Body
Media type: application/json
Type: object
Properties
- count: required(integer)
Total number of elements available for retrieval.
- results: required(array of RealmScope)
Items: RealmScope
- name: required(string)
Unique identifier of a realm scope.
- dispalayName: required(string)
Name of a realm scope.
- name: required(string)
Example:
{
"count": 97,
"results": [
{
"name": "application:read",
"displayName": "application:read"
},
{
"name": "application:software:read",
"displayName": "application:software:read"
},
{
"name": "application:software:update",
"displayName": "application:software:update"
},
{
"name": "application:timeseries-config:read",
"displayName": "application:timeseries-config:read"
},
{
"name": "application:update",
"displayName": "application:update"
},
{
"name": "dashboard:read",
"displayName": "dashboard:read"
},
{
"name": "endpoint:delete",
"displayName": "endpoint:delete"
},
{
"name": "endpoint:read",
"displayName": "endpoint:read"
},
{
"name": "endpoint:update",
"displayName": "endpoint:update"
},
{
"name": "kaa:application:create",
"displayName": "kaa:application:create"
}
]
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
post /scopes
Create new realm scope.
- kaa:tenant:scope:create
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
Body
Media type: application/json
Type: object
Properties
- name: required(string)
Unique identifier of a realm scope.
- dispalayName: required(string)
Name of a realm scope.
Example:
{
"name": "application:read",
"displayName": "application:read"
}
HTTP status code 201
Realm scope is successfully created.
Body
Media type: application/json
Type: object
Properties
- name: required(string)
Unique identifier of a realm scope.
- dispalayName: required(string)
Name of a realm scope.
Example:
{
"name": "application:read",
"displayName": "application:read"
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
get /scopes/{id}
Retrieve realm scope.
- kaa:tenant:scope:read
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
URI Parameters
- id: required(string)
Identifier of the realm scope to operate on.
Example:
application:read
HTTP status code 200
Realm scope is successfully retrieved.
Body
Media type: application/json
Type: object
Properties
- name: required(string)
Unique identifier of a realm scope.
- dispalayName: required(string)
Name of a realm scope.
Example:
{
"name": "application:read",
"displayName": "application:read"
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
HTTP status code 404
Resource not found or querying user is not authorized for it.
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
put /scopes/{id}
Update realm scope
- kaa:tenant:scope:update
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
URI Parameters
- id: required(string)
Identifier of the realm scope to operate on.
Example:
application:read
Body
Media type: application/json
Type: object
Properties
- name: required(string)
Unique identifier of a realm scope.
- dispalayName: required(string)
Name of a realm scope.
Example:
{
"name": "application:read",
"displayName": "application:read"
}
HTTP status code 200
Realm scope is successfully updated.
Body
Media type: application/json
Type: object
Properties
- name: required(string)
Unique identifier of a realm scope.
- dispalayName: required(string)
Name of a realm scope.
Example:
{
"name": "application:read",
"displayName": "application:read"
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
HTTP status code 404
Resource not found or querying user is not authorized for it.
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
delete /scopes/{id}
Delete realm scope.
- kaa:tenant:scope:delete
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
URI Parameters
- id: required(string)
Identifier of the realm scope to operate on.
Example:
application:read
HTTP status code 204
Realm scope is successfully deleted.
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
HTTP status code 404
Resource not found or querying user is not authorized for it.
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
get /scopes/versions
Retrieve realm scopes versions list.
- kaa:tenant:keycloak-scopes-versions:read
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
Query Parameters
- offset: optional (integer)
Start index that the server should return data from.
Example:
0
- limit: optional (integer - default: 50)
Maximum number of items to return. To get all items limit must be 0.
Example:
1
HTTP status code 200
Realm scopes versions list is successfully retrieved.
Body
Media type: application/json
Type: object
Properties
- count: required(integer)
Total number of elements available for retrieval.
- results: required(array of RealmScopeVersion)
Items: RealmScopeVersion
- id: required(integer)
Unique identifier of a realm scope version.
- scopes: required(array of items)
Array of scopes.
- id: required(integer)
Example:
{
"count": 4,
"results": [
{
"id": 2,
"scopes": [
"application:delete",
"application:endpoint-config:delete",
"application:endpoint-config:read",
"application:endpoint-config:update",
"application:endpoint:create",
"application:endpoint-filter:create",
"application:endpoint-filter:delete",
"application:endpoint-filter:read",
"application:endpoint-filter:update",
"application:endpoints-metadata-keys:read",
"application:read"
]
}
]
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
post /scopes/versions
Create new realm scope version.
- kaa:tenant:keycloak-scopes-versions:create
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
HTTP status code 201
Realm scope version is successfully created.
Body
Media type: application/json
Type: object
Properties
- id: required(integer)
Unique identifier of a realm scope version.
- scopes: required(array of items)
Array of scopes.
Example:
{
"id": 1,
"scopes": []
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
get /scopes/versions/{id}
Retrieve realm scope version.
- kaa:tenant:keycloak-scopes-versions:read
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
URI Parameters
- id: required(integer)
Identifier of the realm scope version to operate on.
Example:
1
HTTP status code 200
Realm scope version is successfully retrieved.
Body
Media type: application/json
Type: object
Properties
- id: required(integer)
Unique identifier of a realm scope version.
- scopes: required(array of items)
Array of scopes.
Example:
{
"id": 1,
"scopes": [
"kaa:tenant:realm-backend-client-template:create",
"kaa:tenant:realm-backend-client-template:delete",
"kaa:tenant:realm-backend-client-template:read",
"kaa:tenant:realm-backend-client-template:update",
"kaa:tenant:realm-frontend-client-template:create",
"kaa:tenant:realm-frontend-client-template:delete",
"kaa:tenant:realm-frontend-client-template:read",
"kaa:tenant:realm-frontend-client-template:update",
"kaa:tenant:default-resource:create",
"kaa:tenant:default-resource:delete"
]
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
HTTP status code 404
Resource not found or querying user is not authorized for it.
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
delete /scopes/versions/{id}
Delete realm scope version.
- kaa:tenant:keycloak-scopes-versions:delete
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
URI Parameters
- id: required(integer)
Identifier of the realm scope version to operate on.
Example:
1
HTTP status code 204
Realm scope version is successfully deleted.
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
HTTP status code 404
Resource not found or querying user is not authorized for it.
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
get /scopes/versions-mappings
Retrieve realm scopes versions mappings list.
- kaa:tenant:keycloak-scopes-versions-mappings:read
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
Query Parameters
- offset: optional (integer)
Start index that the server should return data from.
Example:
0
- limit: optional (integer - default: 50)
Maximum number of items to return. To get all items limit must be 0.
Example:
1
HTTP status code 200
Realm scopes versions mappings list is successfully retrieved.
Body
Media type: application/json
Type: object
Properties
- count: required(integer)
Total number of elements available for retrieval.
- results: required(array of RealmScopeVersionMapping)
Items: RealmScopeVersionMapping
- id: required(integer)
Unique identifier of a realm scope version mapping.
- verision: required(integer)
Identifier of a realm scope version.
- scope: required(string)
Identifier of a realm scope.
- id: required(integer)
Example:
{
"count": 97,
"results": [
{
"id": 11,
"version": 1,
"scope": "application:endpoint-config:read"
},
{
"id": 12,
"version": 1,
"scope": "application:endpoint-config:update"
},
{
"id": 13,
"version": 1,
"scope": "application:endpoint-config:delete"
},
{
"id": 14,
"version": 1,
"scope": "application:software:read"
},
{
"id": 15,
"version": 1,
"scope": "application:software:update"
}
]
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
post /scopes/versions-mappings
Create new realm scope version.
- kaa:tenant:keycloak-scopes-versions-mappings:create
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
Body
Media type: application/json
Type: object
Properties
- verision: required(integer)
Identifier of a realm scope version.
- scope: required(string)
Identifier of a realm scope.
Example:
{
"version": 1,
"scope": "application:read"
}
HTTP status code 201
Realm scope version is successfully created.
Body
Media type: application/json
Type: object
Properties
- id: required(integer)
Unique identifier of a realm scope version mapping.
- verision: required(integer)
Identifier of a realm scope version.
- scope: required(string)
Identifier of a realm scope.
Example:
{
"id": 1,
"version": 1,
"scope": "application:read"
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
get /scopes/versions-mappings/{id}
Retrieve realm scope version mapping.
- kaa:tenant:keycloak-scopes-versions-mappings:read
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
URI Parameters
- id: required(integer)
Identifier of the realm scope version mapping to operate on.
Example:
1
HTTP status code 200
Realm scope version mapping is successfully retrieved.
Body
Media type: application/json
Type: object
Properties
- id: required(integer)
Unique identifier of a realm scope version mapping.
- verision: required(integer)
Identifier of a realm scope version.
- scope: required(string)
Identifier of a realm scope.
Example:
{
"id": 1,
"version": 1,
"scope": "application:read"
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
HTTP status code 404
Resource not found or querying user is not authorized for it.
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
put /scopes/versions-mappings/{id}
Update realm scope version mapping.
- kaa:tenant:keycloak-scopes-versions-mappings:update
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
URI Parameters
- id: required(integer)
Identifier of the realm scope version mapping to operate on.
Example:
1
Body
Media type: application/json
Type: object
Properties
- verision: required(integer)
Identifier of a realm scope version.
- scope: required(string)
Identifier of a realm scope.
Example:
{
"version": 1,
"scope": "application:read"
}
HTTP status code 200
Realm scope version mapping is successfully updated.
Body
Media type: application/json
Type: object
Properties
- id: required(integer)
Unique identifier of a realm scope version mapping.
- verision: required(integer)
Identifier of a realm scope version.
- scope: required(string)
Identifier of a realm scope.
Example:
{
"id": 1,
"version": 1,
"scope": "application:read"
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
HTTP status code 404
Resource not found or querying user is not authorized for it.
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
delete /scopes/versions-mappings/{id}
Delete realm scope version mapping.
- kaa:tenant:keycloak-scopes-versions-mappings:delete
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
URI Parameters
- id: required(integer)
Identifier of the realm scope version mapping to operate on.
Example:
1
HTTP status code 204
Realm scope version mapping is successfully deleted.
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
HTTP status code 404
Resource not found or querying user is not authorized for it.
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
Roles
Operations on realm roles.
get /roles
Retrieve realm roles list.
- kaa:tenant:role:read
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
Query Parameters
- offset: optional (integer)
Start index that the server should return data from.
Example:
0
- limit: optional (integer - default: 50)
Maximum number of items to return. To get all items limit must be 0.
Example:
1
HTTP status code 200
Realm roles list is successfully retrieved.
Body
Media type: application/json
Type: object
Properties
- count: required(integer)
Total number of elements available for retrieval.
- results: required(array of RealmRole)
Items: RealmRole
- name: required(string)
Unique identifier of a realm role.
- scopes: required(array of items)
Array of scopes.
- name: required(string)
Example:
{
"count": 47,
"results": [
{
"name": "endpoint-reader",
"scopes": [
"endpoint:read"
]
},
{
"name": "keycloak-client-backend-template-version-admin",
"scopes": [
"kaa:tenant:realm-backend-client-template:create",
"kaa:tenant:realm-backend-client-template:delete",
"kaa:tenant:realm-backend-client-template:read",
"kaa:tenant:realm-backend-client-template:update"
]
},
{
"name": "keycloak-client-backend-template-version-reader",
"scopes": [
"kaa:tenant:realm-backend-client-template:read"
]
},
{
"name": "keycloak-client-frontend-template-version-admin",
"scopes": [
"kaa:tenant:realm-frontend-client-template:create",
"kaa:tenant:realm-frontend-client-template:delete",
"kaa:tenant:realm-frontend-client-template:read",
"kaa:tenant:realm-frontend-client-template:update"
]
},
{
"name": "keycloak-client-frontend-template-version-reader",
"scopes": [
"kaa:tenant:realm-frontend-client-template:read"
]
}
]
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
post /roles
Create new realm role.
- kaa:tenant:role:create
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
Body
Media type: application/json
Type: object
Properties
- name: required(string)
Unique identifier of a realm role.
Example:
{
"name": "application:read"
}
HTTP status code 201
Realm role is successfully created.
Body
Media type: application/json
Type: object
Properties
- name: required(string)
Unique identifier of a realm role.
- scopes: required(array of items)
Array of scopes.
Example:
{
"name": "application:read",
"scopes": []
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
get /roles/{id}
Retrieve realm role.
- kaa:tenant:role:read
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
URI Parameters
- id: required(string)
Identifier of the realm role to operate on.
Example:
application-read
HTTP status code 200
Realm role is successfully retrieved.
Body
Media type: application/json
Type: object
Properties
- name: required(string)
Unique identifier of a realm role.
- scopes: required(array of items)
Array of scopes.
Example:
{
"name": "application:read",
"scopes": [
"application:read",
"application:endpoint-config:delete"
]
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
HTTP status code 404
Resource not found or querying user is not authorized for it.
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
delete /roles/{id}
Delete realm role.
- kaa:tenant:role:delete
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
URI Parameters
- id: required(string)
Identifier of the realm role to operate on.
Example:
application-read
HTTP status code 204
Realm role is successfully deleted.
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
HTTP status code 404
Resource not found or querying user is not authorized for it.
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
get /roles/versions
Retrieve realm roles versions list.
- kaa:tenant:keycloak-roles-versions:read
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
Query Parameters
- offset: optional (integer)
Start index that the server should return data from.
Example:
0
- limit: optional (integer - default: 50)
Maximum number of items to return. To get all items limit must be 0.
Example:
1
HTTP status code 200
Realm roles versions list is successfully retrieved.
Body
Media type: application/json
Type: object
Properties
- count: required(integer)
Total number of elements available for retrieval.
- results: required(array of RealmRoleVersion)
Items: RealmRoleVersion
- id: required(integer)
Unique identifier of a realm role version.
- roles: required(array of items)
Array of roles.
- id: required(integer)
Example:
{
"count": 4,
"results": [
{
"id": 2,
"roles": [
{
"name": "application-reader",
"scopes": [
"application:endpoint-config:read",
"application:endpoint-filter:read",
"application:endpoints-metadata-keys:read",
"application:endpoints-metadata-keys:read",
"application:read",
"application:software:read",
"application:timeseries-config:read",
"application:timeseries-config:read",
"dashboard:read",
"endpoint:read",
"kaa:client-certificates:read",
"kaa:client-credentials:read"
]
},
{
"name": "dashboard-admin",
"scopes": [
"dashboard:read"
]
}
]
}
]
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
post /roles/versions
Create new realm role version.
- kaa:tenant:keycloak-roles-versions:create
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
HTTP status code 201
Realm role version is successfully created.
Body
Media type: application/json
Type: object
Properties
- id: required(integer)
Unique identifier of a realm role version.
- roles: required(array of items)
Array of roles.
Example:
{
"id": 1,
"roles": []
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
get /roles/versions/{id}
Retrieve realm roles version.
- kaa:tenant:keycloak-roles-versions:read
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
URI Parameters
- id: required(integer)
Identifier of the realm role version to operate on.
Example:
1
HTTP status code 200
Realm role version is successfully retrieved.
Body
Media type: application/json
Type: object
Properties
- id: required(integer)
Unique identifier of a realm role version.
- roles: required(array of items)
Array of roles.
Example:
{
"id": 1,
"roles": [
"application-admin",
"application-reader"
]
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
HTTP status code 404
Resource not found or querying user is not authorized for it.
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
delete /roles/versions/{id}
Delete realm role version.
- kaa:tenant:keycloak-roles-versions:delete
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
URI Parameters
- id: required(integer)
Identifier of the realm role version to operate on.
Example:
1
HTTP status code 204
Realm role version is successfully deleted.
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
HTTP status code 404
Resource not found or querying user is not authorized for it.
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
get /roles/versions-mappings
Retrieve realm roles versions mappings list.
- kaa:tenant:keycloak-roles-versions-mappings:read
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
Query Parameters
- offset: optional (integer)
Start index that the server should return data from.
Example:
0
- limit: optional (integer - default: 50)
Maximum number of items to return. To get all items limit must be 0.
Example:
1
HTTP status code 200
Realm roles versions mappings list is successfully retrieved.
Body
Media type: application/json
Type: object
Properties
- count: required(integer)
Total number of elements available for retrieval.
- results: required(array of RealmRoleVersionMapping)
Items: RealmRoleVersionMapping
- id: required(integer)
Unique identifier of a realm role version mapping.
- verision: required(integer)
Identifier of a realm role version.
- role: required(string)
Identifier of a realm role.
- id: required(integer)
Example:
{
"count": 46,
"results": [
{
"id": 3,
"version": 1,
"role": "application-admin"
},
{
"id": 4,
"version": 1,
"role": "application-reader"
}
]
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
post /roles/versions-mappings
Create new realm role version mapping.
- kaa:tenant:keycloak-roles-versions-mappings:create
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
Body
Media type: application/json
Type: object
Properties
- verision: required(integer)
Identifier of a realm role version.
- role: required(string)
Identifier of a realm role.
Example:
{
"version": 1,
"role": "application:read"
}
HTTP status code 201
Realm role version is successfully created.
Body
Media type: application/json
Type: object
Properties
- id: required(integer)
Unique identifier of a realm role version mapping.
- verision: required(integer)
Identifier of a realm role version.
- role: required(string)
Identifier of a realm role.
Example:
{
"id": 1,
"version": 1,
"role": "application:read"
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
get /roles/versions-mappings/{id}
Retrieve realm role version mapping.
- kaa:tenant:keycloak-roles-versions-mappings:read
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
URI Parameters
- id: required(integer)
Identifier of the realm role version mapping to operate on.
Example:
1
HTTP status code 200
Realm role version mapping is successfully retrieved.
Body
Media type: application/json
Type: object
Properties
- id: required(integer)
Unique identifier of a realm role version mapping.
- verision: required(integer)
Identifier of a realm role version.
- role: required(string)
Identifier of a realm role.
Example:
{
"id": 1,
"version": 1,
"role": "application:read"
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
HTTP status code 404
Resource not found or querying user is not authorized for it.
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
put /roles/versions-mappings/{id}
Update realm role version mapping.
- kaa:tenant:keycloak-roles-versions-mappings:update
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
URI Parameters
- id: required(integer)
Identifier of the realm role version mapping to operate on.
Example:
1
Body
Media type: application/json
Type: object
Properties
- verision: required(integer)
Identifier of a realm role version.
- role: required(string)
Identifier of a realm role.
Example:
{
"version": 1,
"role": "application:read"
}
HTTP status code 200
Realm role version mapping is successfully updated.
Body
Media type: application/json
Type: object
Properties
- id: required(integer)
Unique identifier of a realm role version mapping.
- verision: required(integer)
Identifier of a realm role version.
- role: required(string)
Identifier of a realm role.
Example:
{
"id": 1,
"version": 1,
"role": "application:read"
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
HTTP status code 404
Resource not found or querying user is not authorized for it.
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
delete /roles/versions-mappings/{id}
Delete realm role version mapping.
- kaa:tenant:keycloak-roles-versions-mappings:delete
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
URI Parameters
- id: required(integer)
Identifier of the realm role version mapping to operate on.
Example:
1
HTTP status code 204
Realm role version mapping is successfully deleted.
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
HTTP status code 404
Resource not found or querying user is not authorized for it.
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
get /roles/scopes-mappings
Retrieve realm roles and scopes mappings list.
- kaa:tenant:keycloak-roles-scopes-mappings:read
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
Query Parameters
- offset: optional (integer)
Start index that the server should return data from.
Example:
0
- limit: optional (integer - default: 50)
Maximum number of items to return. To get all items limit must be 0.
Example:
1
HTTP status code 200
Realm roles and scopes mappings list is successfully retrieved.
Body
Media type: application/json
Type: object
Properties
- count: required(integer)
Total number of elements available for retrieval.
- results: required(array of RealmRoleScopeMapping)
Items: RealmRoleScopeMapping
- id: required(integer)
- role: required(string)
Identifier of a realm role.
- scope: required(string)
Identifier of a realm scope.
Example:
{
"count": 46,
"results": [
{
"id": 3,
"role": "platform-admin",
"scope": "application:delete"
},
{
"id": 4,
"role": "platform-admin",
"scope": "application:endpoint:create"
}
]
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
post /roles/scopes-mappings
Create new realm role and scope mapping.
- kaa:tenant:keycloak-roles-scopes-mappings:create
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
Body
Media type: application/json
Type: object
Properties
- role: required(string)
Identifier of a realm role.
- scope: required(string)
Identifier of a realm scope.
Example:
{
"role": "platform-admin",
"scope": "application:read"
}
HTTP status code 201
Realm role and scope mapping is successfully created.
Body
Media type: application/json
Type: object
Properties
- id: required(integer)
- role: required(string)
Identifier of a realm role.
- scope: required(string)
Identifier of a realm scope.
Example:
{
"id": 1,
"role": "platform-admin",
"scope": "application:read"
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
get /roles/scopes-mappings/{id}
Retrieve realm role-scope mapping.
- kaa:tenant:keycloak-roles-scopes-mappings:read
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
URI Parameters
- id: required(integer)
Identifier of the realm role-scope mapping to operate on.
Example:
1
HTTP status code 200
Realm role-scope mapping is successfully retrieved.
Body
Media type: application/json
Type: object
Properties
- id: required(integer)
- role: required(string)
Identifier of a realm role.
- scope: required(string)
Identifier of a realm scope.
Example:
{
"id": 1,
"role": "platform-admin",
"scope": "application:read"
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
HTTP status code 404
Resource not found or querying user is not authorized for it.
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
put /roles/scopes-mappings/{id}
Update realm role-scope mapping.
- kaa:tenant:keycloak-roles-scopes-mappings:update
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
URI Parameters
- id: required(integer)
Identifier of the realm role-scope mapping to operate on.
Example:
1
Body
Media type: application/json
Type: object
Properties
- role: required(string)
Identifier of a realm role.
- scope: required(string)
Identifier of a realm scope.
Example:
{
"role": "platform-admin",
"scope": "application:read"
}
HTTP status code 200
Realm role-scope mapping is successfully updated.
Body
Media type: application/json
Type: object
Properties
- id: required(integer)
- role: required(string)
Identifier of a realm role.
- scope: required(string)
Identifier of a realm scope.
Example:
{
"id": 1,
"role": "platform-admin",
"scope": "application:read"
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
HTTP status code 404
Resource not found or querying user is not authorized for it.
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
delete /roles/scopes-mappings/{id}
Delete realm-scope mapping.
- kaa:tenant:keycloak-roles-scopes-mappings:delete
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
URI Parameters
- id: required(integer)
Identifier of the realm role-scope mapping to operate on.
Example:
1
HTTP status code 204
Realm role-scope mapping is successfully deleted.
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
HTTP status code 404
Resource not found or querying user is not authorized for it.
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
Default resources
Operations on realm default resources.
get /default-resources
Retrieve realm default resources list.
- kaa:tenant:default-resource:read
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
Query Parameters
- offset: optional (integer)
Start index that the server should return data from.
Example:
0
- limit: optional (integer - default: 50)
Maximum number of items to return. To get all items limit must be 0.
Example:
1
HTTP status code 200
Realm default resources list is successfully retrieved.
Body
Media type: application/json
Type: object
Properties
- count: required(integer)
Total number of elements available for retrieval.
- results: required(array of RealmDefaultResource)
Items: RealmDefaultResource
- resource_name: required(string)
Unique identifier of a realm default resource.
- resource_type: required(string)
Name of a realm default resource type.
- display_name: required(string)
Name of a realm default resource.
- scopes: required(array of items)
Array of scopes.
- resource_name: required(string)
Example:
{
"count": 17,
"results": [
{
"resource_name": "keycloak-client-frontend-template-version",
"resource_type": "keycloak-client-frontend-template-version",
"display_name": "keycloak-client-frontend-template-version",
"scopes": [
"kaa:tenant:realm-frontend-client-template:create",
"kaa:tenant:realm-frontend-client-template:delete",
"kaa:tenant:realm-frontend-client-template:read",
"kaa:tenant:realm-frontend-client-template:update"
]
}
]
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
post /default-resources
Create new realm default resource.
- kaa:tenant:default-resource:create
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
Body
Media type: application/json
Type: object
Properties
- resource_name: required(string)
Unique identifier of a realm default resource.
- resource_type: required(string)
Name of a realm default resource type.
- display_name: required(string)
Name of a realm default resource.
Example:
{
"resource_name": "keycloak-client-frontend-template-version",
"resource_type": "keycloak-client-frontend-template-version",
"display_name": "keycloak-client-frontend-template-version"
}
HTTP status code 201
Realm default resource is successfully created.
Body
Media type: application/json
Type: object
Properties
- resource_name: required(string)
Unique identifier of a realm default resource.
- resource_type: required(string)
Name of a realm default resource type.
- display_name: required(string)
Name of a realm default resource.
- scopes: required(array of items)
Array of scopes.
Example:
{
"resource_name": "tenant-user",
"resource_type": "tenant-user",
"display_name": "tenant-user",
"scopes": []
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
get /default-resources/{id}
Retrieve realm default resource.
- kaa:tenant:default-resource:read
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
URI Parameters
- id: required(string)
Identifier of the realm default resource to operate on.
Example:
keycloak-client-frontend-template-version
HTTP status code 200
Realm default resource is successfully retrieved.
Body
Media type: application/json
Type: object
Properties
- resource_name: required(string)
Unique identifier of a realm default resource.
- resource_type: required(string)
Name of a realm default resource type.
- display_name: required(string)
Name of a realm default resource.
- scopes: required(array of items)
Array of scopes.
Example:
{
"resource_name": "keycloak-client-frontend-template-version",
"resource_type": "keycloak-client-frontend-template-version",
"display_name": "keycloak-client-frontend-template-version",
"scopes": [
"kaa:tenant:realm-frontend-client-template:create",
"kaa:tenant:realm-frontend-client-template:delete",
"kaa:tenant:realm-frontend-client-template:read",
"kaa:tenant:realm-frontend-client-template:update"
]
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
HTTP status code 404
Resource not found or querying user is not authorized for it.
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
put /default-resources/{id}
Update realm default resource
- kaa:tenant:default-resource:update
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
URI Parameters
- id: required(string)
Identifier of the realm default resource to operate on.
Example:
keycloak-client-frontend-template-version
Body
Media type: application/json
Type: object
Properties
- resource_name: required(string)
Unique identifier of a realm default resource.
- resource_type: required(string)
Name of a realm default resource type.
- display_name: required(string)
Name of a realm default resource.
Example:
{
"resource_name": "keycloak-client-frontend-template-version",
"resource_type": "keycloak-client-frontend-template-version",
"display_name": "keycloak-client-frontend-template-version"
}
HTTP status code 200
Realm default resource is successfully updated.
Body
Media type: application/json
Type: object
Properties
- resource_name: required(string)
Unique identifier of a realm default resource.
- resource_type: required(string)
Name of a realm default resource type.
- display_name: required(string)
Name of a realm default resource.
- scopes: required(array of items)
Array of scopes.
Example:
{
"resource_name": "keycloak-client-frontend-template-version",
"resource_type": "keycloak-client-frontend-template-version",
"display_name": "keycloak-client-frontend-template-version",
"scopes": [
"kaa:tenant:realm-frontend-client-template:create",
"kaa:tenant:realm-frontend-client-template:delete",
"kaa:tenant:realm-frontend-client-template:read",
"kaa:tenant:realm-frontend-client-template:update"
]
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
HTTP status code 404
Resource not found or querying user is not authorized for it.
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
delete /default-resources/{id}
Delete realm default resource.
- kaa:tenant:default-resource:delete
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
URI Parameters
- id: required(string)
Identifier of the realm default resource to operate on.
Example:
keycloak-client-frontend-template-version
HTTP status code 204
Realm default resource is successfully deleted.
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
HTTP status code 404
Resource not found or querying user is not authorized for it.
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
get /default-resources/mappings
Retrieve realm default resource mappings list.
- kaa:tenant:keycloak-default-resource-mappings:read
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
Query Parameters
- offset: optional (integer)
Start index that the server should return data from.
Example:
0
- limit: optional (integer - default: 50)
Maximum number of items to return. To get all items limit must be 0.
Example:
1
HTTP status code 200
Realm default resource mappings list is successfully retrieved.
Body
Media type: application/json
Type: object
Properties
- count: required(integer)
Total number of elements available for retrieval.
- results: required(array of RealmDefaultResourceMapping)
Items: RealmDefaultResourceMapping
- id: required(integer)
Unique identifier of a realm default resource.
- resource: required(string)
Identifier of a realm default resource.
- scope: required(string)
Identifier of a realm scope.
- id: required(integer)
Example:
{
"count": 70,
"results": [
{
"id": 6,
"resource": "tenant-system",
"scope": "kaa:tenant:delete"
},
{
"id": 7,
"resource": "tenant-system",
"scope": "kaa:tenant:delete"
},
{
"id": 8,
"resource": "tenant-system",
"scope": "kaa:tenant:delete"
},
{
"id": 9,
"resource": "tenant-system",
"scope": "tenant:application:create"
}
]
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
post /default-resources/mappings
Create new realm default resource mapping.
- kaa:tenant:keycloak-default-resource-mappings:create
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
Body
Media type: application/json
Type: object
Properties
- resource: required(string)
Identifier of a realm default resource.
- scope: required(string)
Identifier of a realm scope.
Example:
{
"resource": "tenant",
"scope": "kaa:tenant:add"
}
HTTP status code 201
Realm default resource mapping is successfully created.
Body
Media type: application/json
Type: object
Properties
- id: required(integer)
Unique identifier of a realm default resource.
- resource: required(string)
Identifier of a realm default resource.
- scope: required(string)
Identifier of a realm scope.
Example:
{
"id": 1,
"resource": "tenant",
"scope": "kaa:tenant:add"
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
get /default-resources/mappings/{id}
Retrieve realm default resource mapping.
- kaa:tenant:keycloak-default-resource-mappings:read
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
URI Parameters
- id: required(integer)
Identifier of the realm default resource mapping to operate on.
Example:
1
HTTP status code 200
Realm default resource mapping is successfully retrieved.
Body
Media type: application/json
Type: object
Properties
- id: required(integer)
Unique identifier of a realm default resource.
- resource: required(string)
Identifier of a realm default resource.
- scope: required(string)
Identifier of a realm scope.
Example:
{
"id": 1,
"resource": "tenant",
"scope": "kaa:tenant:add"
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
HTTP status code 404
Resource not found or querying user is not authorized for it.
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
put /default-resources/mappings/{id}
Update realm default resource mapping.
- kaa:tenant:keycloak-default-resource-mappings:update
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
URI Parameters
- id: required(integer)
Identifier of the realm default resource mapping to operate on.
Example:
1
Body
Media type: application/json
Type: object
Properties
- resource: required(string)
Identifier of a realm default resource.
- scope: required(string)
Identifier of a realm scope.
Example:
{
"resource": "tenant",
"scope": "kaa:tenant:add"
}
HTTP status code 200
Realm default resource mapping is successfully updated.
Body
Media type: application/json
Type: object
Properties
- id: required(integer)
Unique identifier of a realm default resource.
- resource: required(string)
Identifier of a realm default resource.
- scope: required(string)
Identifier of a realm scope.
Example:
{
"id": 1,
"resource": "tenant",
"scope": "kaa:tenant:add"
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
HTTP status code 404
Resource not found or querying user is not authorized for it.
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
delete /default-resources/mappings/{id}
Delete default resource mapping.
- kaa:tenant:keycloak-default-resource-mappings:delete
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
URI Parameters
- id: required(integer)
Identifier of the realm default resource mapping to operate on.
Example:
1
HTTP status code 204
Realm default resource mapping is successfully deleted.
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
HTTP status code 404
Resource not found or querying user is not authorized for it.
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
get /default-resources/versions
Retrieve realm default resource version list.
- kaa:tenant:default-resource-version:read
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
Query Parameters
- offset: optional (integer)
Start index that the server should return data from.
Example:
0
- limit: optional (integer - default: 50)
Maximum number of items to return. To get all items limit must be 0.
Example:
1
HTTP status code 200
Realm default resource version list is successfully retrieved.
Body
Media type: application/json
Type: object
Properties
- count: required(integer)
Total number of elements available for retrieval.
- results: required(array of RealmDefaultResourceVersion)
Items: RealmDefaultResourceVersion
- id: required(integer)
Unique identifier of a realm default resource.
- resources: required(array of items)
Array of resources.
- id: required(integer)
Example:
{
"count": 3,
"results": [
{
"id": 2,
"resources": [
"tenant-system",
"kaa-system"
]
}
]
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
post /default-resources/versions
Create new realm default resource version.
- kaa:tenant:default-resource-version:create
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
HTTP status code 201
Realm default resource version is successfully created.
Body
Media type: application/json
Type: object
Properties
- id: required(integer)
Unique identifier of a realm default resource.
- resources: required(array of items)
Array of resources.
Example:
{
"id": 1,
"resources": []
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
get /default-resources/versions/{id}
Retrieve realm default resource version.
- kaa:tenant:default-resource-version:read
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
URI Parameters
- id: required(integer)
Identifier of the realm default resource version to operate on.
Example:
2
HTTP status code 200
Realm default resource version is successfully retrieved.
Body
Media type: application/json
Type: object
Properties
- id: required(integer)
Unique identifier of a realm default resource.
- resources: required(array of items)
Array of resources.
Example:
{
"id": 2,
"resources": [
"tenant-system",
"kaa-system"
]
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
HTTP status code 404
Resource not found or querying user is not authorized for it.
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
delete /default-resources/versions/{id}
Delete realm default resource version.
- kaa:tenant:default-resource-version:delete
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
URI Parameters
- id: required(integer)
Identifier of the realm default resource version to operate on.
Example:
2
HTTP status code 204
Realm default resource version is successfully deleted.
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
HTTP status code 404
Resource not found or querying user is not authorized for it.
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
get /default-resources/version-mappings
Retrieve realm default resource version mappings list.
- kaa:tenant:default-resource-version-mapping:read
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
Query Parameters
- offset: optional (integer)
Start index that the server should return data from.
Example:
0
- limit: optional (integer - default: 50)
Maximum number of items to return. To get all items limit must be 0.
Example:
1
HTTP status code 200
Realm default resource version mappings list is successfully retrieved.
Body
Media type: application/json
Type: object
Properties
- count: required(integer)
Total number of elements available for retrieval.
- results: required(array of RealmDefaultResourceVersionMapping)
Items: RealmDefaultResourceVersionMapping
- id: required(integer)
Unique identifier of a realm default resource version mapping.
- version: required(integer)
Identifier of a realm default resource version.
- resources: required(string)
Identifier of a realm default resource.
- id: required(integer)
Example:
{
"count": 17,
"results": [
{
"id": 6,
"version": 1,
"resources": "keycloak-scope"
},
{
"id": 7,
"version": 1,
"resources": "keycloak-scopes-version"
},
{
"id": 8,
"version": 1,
"resources": "keycloak-scope-version-mapping"
},
{
"id": 9,
"version": 1,
"resources": "keycloak-roles-version"
},
{
"id": 10,
"version": 1,
"resources": "keycloak-role-version-mapping"
}
]
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
post /default-resources/version-mappings
Create new realm default resource version mapping.
- kaa:tenant:default-resource-version-mapping:create
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
Body
Media type: application/json
Type: object
Properties
- version: required(integer)
Identifier of a realm default resource version.
- resources: required(string)
Identifier of a realm default resource.
Example:
{
"version": 1,
"resources": "keycloak-scope"
}
HTTP status code 201
Realm default resource version mapping is successfully created.
Body
Media type: application/json
Type: object
Properties
- id: required(integer)
Unique identifier of a realm default resource version mapping.
- version: required(integer)
Identifier of a realm default resource version.
- resources: required(string)
Identifier of a realm default resource.
Example:
{
"id": 1,
"version": 1,
"resources": "keycloak-scope"
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
get /default-resources/version-mappings/{id}
Retrieve realm default resource version mapping.
- kaa:tenant:default-resource-version-mapping:read
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
URI Parameters
- id: required(integer)
Identifier of the realm default resource version mapping to operate on.
Example:
1
HTTP status code 200
Realm default resource version mapping is successfully retrieved.
Body
Media type: application/json
Type: object
Properties
- id: required(integer)
Unique identifier of a realm default resource version mapping.
- version: required(integer)
Identifier of a realm default resource version.
- resources: required(string)
Identifier of a realm default resource.
Example:
{
"id": 1,
"version": 1,
"resources": "keycloak-scope"
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
HTTP status code 404
Resource not found or querying user is not authorized for it.
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
put /default-resources/version-mappings/{id}
Update realm default resource version mapping.
- kaa:tenant:default-resource-version-mapping:update
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
URI Parameters
- id: required(integer)
Identifier of the realm default resource version mapping to operate on.
Example:
1
Body
Media type: application/json
Type: object
Properties
- version: required(integer)
Identifier of a realm default resource version.
- resources: required(string)
Identifier of a realm default resource.
Example:
{
"version": 1,
"resources": "keycloak-scope"
}
HTTP status code 200
Realm default resource version mapping is successfully updated.
Body
Media type: application/json
Type: object
Properties
- id: required(integer)
Unique identifier of a realm default resource version mapping.
- version: required(integer)
Identifier of a realm default resource version.
- resources: required(string)
Identifier of a realm default resource.
Example:
{
"id": 1,
"version": 1,
"resources": "keycloak-scope"
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
HTTP status code 404
Resource not found or querying user is not authorized for it.
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
delete /default-resources/version-mappings/{id}
Delete default resource version mapping.
- kaa:tenant:default-resource-version-mapping:delete
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
URI Parameters
- id: required(integer)
Identifier of the realm default resource version mapping to operate on.
Example:
1
HTTP status code 204
Realm default resource version mapping is successfully deleted.
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
HTTP status code 404
Resource not found or querying user is not authorized for it.
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
Identity providers
Operations on realm identity providers.
get /idps
Retrieve realm identity providers list.
- kaa:tenant:idp:read
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
Query Parameters
- offset: optional (integer)
Start index that the server should return data from.
Example:
0
- limit: optional (integer - default: 50)
Maximum number of items to return. To get all items limit must be 0.
Example:
1
HTTP status code 200
Realm identity providers list is successfully retrieved.
Body
Media type: application/json
Type: object
Properties
- count: required(integer)
Total number of elements available for retrieval.
- results: required(array of RealmIdp)
Items: RealmIdp
- id: required(integer)
Unique identifier of a realm identity provider.
- url: required(string)
URL of an a realm identity provider.
- client_id: required(string)
Identifier of a client.
- client_secret: required(string)
Identifier of a client secret for confidential clients.
- alias: required(string)
Name of an identity provider.
- idp_realm: required(string)
Name of a realm used to access an identity provider.
- role_mapping: required(object)
Mapping realm role.
- id: required(integer)
Unique identifier of a role mapping.
- realm_role: required(string)
Name of a realm role.
- claim_name: required(string)
Name of a realm role's claim.
- claim_value: required(string)
Value of a realm role's claim.
- id: required(integer)
- id: required(integer)
Example:
{
"count": 2,
"results": [
{
"id": 1,
"url": "https://auth.local.kaatech.com",
"client_id": "example_idp_client",
"client_secret": "2ad4f4bc-aa4f-44b1-ada3-3ba8b8b13ab3",
"alias": "example",
"idp_realm": "example",
"role_mapping": {
"id": 1,
"realm_role": "platform-admin",
"claim_name": "roles",
"claim_value": "customer"
}
},
{
"id": 2,
"url": "https://id.kaaiot.io",
"client_id": "kaa-eph",
"client_secret": "17b2c323-cbc1-40d1-f164-9574dde094ac",
"alias": "KaaID",
"idp_realm": "master",
"role_mapping": {
"id": 2,
"realm_role": "platform-admin",
"claim_name": "roles",
"claim_value": "admin"
}
}
]
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
post /idps
Create new realm identity provider.
- kaa:tenant:idp:create
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
Body
Media type: application/json
Type: object
Properties
- url: required(string)
URL of an a realm identity provider.
- client_id: required(string)
Identifier of a client.
- client_secret: required(string)
Identifier of a client secret for confidential clients.
- alias: required(string)
Name of an identity provider.
- idp_realm: required(string)
Name of a realm used to access an identity provider.
- role_mapping: required(object)
Mapping realm role.
- realm_role: required(string)
Name of a realm role.
- claim_name: required(string)
Name of a realm role's claim.
- claim_value: required(string)
Value of a realm role's claim.
- realm_role: required(string)
Example:
{
"url": "https://auth.local.kaatech.com",
"client_id": "example_idp_client",
"client_secret": "2ad4f4bc-rt4f-4241-ada3-3ba8b8b13ab3",
"alias": "example",
"idp_realm": "example",
"role_mapping": {
"realm_role": "platform-admin",
"claim_name": "roles",
"claim_value": "customer"
}
}
HTTP status code 201
Realm identity provider is successfully created.
Body
Media type: application/json
Type: object
Properties
- id: required(integer)
Unique identifier of a realm identity provider.
- url: required(string)
URL of an a realm identity provider.
- client_id: required(string)
Identifier of a client.
- client_secret: required(string)
Identifier of a client secret for confidential clients.
- alias: required(string)
Name of an identity provider.
- idp_realm: required(string)
Name of a realm used to access an identity provider.
- role_mapping: required(object)
Mapping realm role.
- id: required(integer)
Unique identifier of a role mapping.
- realm_role: required(string)
Name of a realm role.
- claim_name: required(string)
Name of a realm role's claim.
- claim_value: required(string)
Value of a realm role's claim.
- id: required(integer)
Example:
{
"id": 1,
"url": "https://auth.local.kaatech.com",
"client_id": "example_idp_client",
"client_secret": "2ad4f4bc-rt4f-4241-ada3-3ba8b8b13ab3",
"alias": "example",
"idp_realm": "example",
"role_mapping": {
"id": 1,
"realm_role": "platform-admin",
"claim_name": "roles",
"claim_value": "customer"
}
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
get /idps/{id}
Retrieve realm identity provider.
- kaa:tenant:idp:read
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
URI Parameters
- id: required(integer)
Identifier of the realm identity provider to operate on.
Example:
1
HTTP status code 200
Realm identity provider is successfully retrieved.
Body
Media type: application/json
Type: object
Properties
- id: required(integer)
Unique identifier of a realm identity provider.
- url: required(string)
URL of an a realm identity provider.
- client_id: required(string)
Identifier of a client.
- client_secret: required(string)
Identifier of a client secret for confidential clients.
- alias: required(string)
Name of an identity provider.
- idp_realm: required(string)
Name of a realm used to access an identity provider.
- role_mapping: required(object)
Mapping realm role.
- id: required(integer)
Unique identifier of a role mapping.
- realm_role: required(string)
Name of a realm role.
- claim_name: required(string)
Name of a realm role's claim.
- claim_value: required(string)
Value of a realm role's claim.
- id: required(integer)
Example:
{
"id": 1,
"url": "https://auth.local.kaatech.com",
"client_id": "example_idp_client",
"client_secret": "2ad4f4bc-rt4f-4241-ada3-3ba8b8b13ab3",
"alias": "example",
"idp_realm": "example",
"role_mapping": {
"id": 1,
"realm_role": "platform-admin",
"claim_name": "roles",
"claim_value": "customer"
}
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
HTTP status code 404
Resource not found or querying user is not authorized for it.
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
put /idps/{id}
Update realm identity provider.
- kaa:tenant:idp:update
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
URI Parameters
- id: required(integer)
Identifier of the realm identity provider to operate on.
Example:
1
Body
Media type: application/json
Type: object
Properties
- url: required(string)
URL of an a realm identity provider.
- client_id: required(string)
Identifier of a client.
- client_secret: required(string)
Identifier of a client secret for confidential clients.
- alias: required(string)
Name of an identity provider.
- idp_realm: required(string)
Name of a realm used to access an identity provider.
- role_mapping: required(object)
Mapping realm role.
- realm_role: required(string)
Name of a realm role.
- claim_name: required(string)
Name of a realm role's claim.
- claim_value: required(string)
Value of a realm role's claim.
- realm_role: required(string)
Example:
{
"url": "https://auth.local.kaatech.com",
"client_id": "example_idp_client",
"client_secret": "2ad4f4bc-rt4f-4241-ada3-3ba8b8b13ab3",
"alias": "example",
"idp_realm": "example",
"role_mapping": {
"realm_role": "platform-admin",
"claim_name": "roles",
"claim_value": "customer"
}
}
HTTP status code 200
Realm identity provider is successfully updated.
Body
Media type: application/json
Type: object
Properties
- id: required(integer)
Unique identifier of a realm identity provider.
- url: required(string)
URL of an a realm identity provider.
- client_id: required(string)
Identifier of a client.
- client_secret: required(string)
Identifier of a client secret for confidential clients.
- alias: required(string)
Name of an identity provider.
- idp_realm: required(string)
Name of a realm used to access an identity provider.
- role_mapping: required(object)
Mapping realm role.
- id: required(integer)
Unique identifier of a role mapping.
- realm_role: required(string)
Name of a realm role.
- claim_name: required(string)
Name of a realm role's claim.
- claim_value: required(string)
Value of a realm role's claim.
- id: required(integer)
Example:
{
"id": 1,
"url": "https://auth.local.kaatech.com",
"client_id": "example_idp_client",
"client_secret": "2ad4f4bc-rt4f-4241-ada3-3ba8b8b13ab3",
"alias": "example",
"idp_realm": "example",
"role_mapping": {
"id": 1,
"realm_role": "platform-admin",
"claim_name": "roles",
"claim_value": "customer"
}
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
HTTP status code 404
Resource not found or querying user is not authorized for it.
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
delete /idps/{id}
Delete realm identity provider.
- kaa:tenant:idp:delete
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
URI Parameters
- id: required(integer)
Identifier of the realm identity provider to operate on.
Example:
1
HTTP status code 204
Realm identity provider is successfully deleted.
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
HTTP status code 404
Resource not found or querying user is not authorized for it.
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
Keycloak servers
Operations on Keycloak servers data.
get /keycloak-servers
Retrieve Keycloak servers list.
- kaa:tenant:keycloak-server:read
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
Query Parameters
- offset: optional (integer)
Start index that the server should return data from.
Example:
0
- limit: optional (integer - default: 50)
Maximum number of items to return. To get all items limit must be 0.
Example:
1
HTTP status code 200
Keycloak servers list is successfully retrieved.
Body
Media type: application/json
Type: object
Properties
- count: required(integer)
Total number of elements available for retrieval.
- results: required(array of KeycloakServer)
Items: KeycloakServer
- id: required(integer)
Unique identifier of a Keycloak server.
- url: required(string)
URL of a Keycloak server.
- username: required(string)
Username of a 'master' realm user.
- password: required(string)
Password of a 'master' realm user.
- realm_count: optional (integer - default: 0)
Count of existing realms in a Keycloak server.
- max_realms: optional (integer)
A number that indicates the maximum number of realms that can be created on a Keycloak server.
- id: required(integer)
Example:
{
"count": 2,
"results": [
{
"id": 1,
"url": "https://auth.local.kaatech.com",
"username": "admin",
"password": "admin",
"realm_count": 1,
"max_realms": 200
},
{
"id": 2,
"url": "https://autha.local.kaatech.com",
"username": "admin",
"password": "admin",
"realm_count": 0,
"max_realms": 200
}
]
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
post /keycloak-servers
Create new Keycloak server.
- kaa:tenant:keycloak-server:create
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
Body
Media type: application/json
Type: object
Properties
- url: required(string)
URL of a Keycloak server.
- username: required(string)
Username of a 'master' realm user.
- password: required(string)
Password of a 'master' realm user.
- realm_count: optional (integer - default: 0)
Count of existing realms in a Keycloak server.
- max_realms: optional (integer)
A number that indicates the maximum number of realms that can be created on a Keycloak server.
Example:
{
"url": "https://auth.local.kaatech.com",
"username": "admin",
"password": "admin",
"realm_count": 1,
"max_realms": 200
}
HTTP status code 201
Keycloak server is successfully created.
Body
Media type: application/json
Type: object
Properties
- id: required(integer)
Unique identifier of a Keycloak server.
- url: required(string)
URL of a Keycloak server.
- username: required(string)
Username of a 'master' realm user.
- password: required(string)
Password of a 'master' realm user.
- realm_count: optional (integer - default: 0)
Count of existing realms in a Keycloak server.
- max_realms: optional (integer)
A number that indicates the maximum number of realms that can be created on a Keycloak server.
Example:
{
"id": 1,
"url": "https://auth.local.kaatech.com",
"username": "admin",
"password": "admin",
"realm_count": 1,
"max_realms": 200
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
get /keycloak-servers/{id}
Retrieve Keycloak server.
- kaa:tenant:keycloak-server:read
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
URI Parameters
- id: required(integer)
Identifier of the Keycloak server to operate on.
Example:
1
HTTP status code 200
Keycloak server is successfully retrieved.
Body
Media type: application/json
Type: object
Properties
- id: required(integer)
Unique identifier of a Keycloak server.
- url: required(string)
URL of a Keycloak server.
- username: required(string)
Username of a 'master' realm user.
- password: required(string)
Password of a 'master' realm user.
- realm_count: optional (integer - default: 0)
Count of existing realms in a Keycloak server.
- max_realms: optional (integer)
A number that indicates the maximum number of realms that can be created on a Keycloak server.
Example:
{
"id": 1,
"url": "https://auth.local.kaatech.com",
"username": "admin",
"password": "admin",
"realm_count": 1,
"max_realms": 200
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
HTTP status code 404
Resource not found or querying user is not authorized for it.
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
put /keycloak-servers/{id}
Update Keycloak server.
- kaa:tenant:keycloak-server:update
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
URI Parameters
- id: required(integer)
Identifier of the Keycloak server to operate on.
Example:
1
Body
Media type: application/json
Type: object
Properties
- url: required(string)
URL of a Keycloak server.
- username: required(string)
Username of a 'master' realm user.
- password: required(string)
Password of a 'master' realm user.
- realm_count: optional (integer - default: 0)
Count of existing realms in a Keycloak server.
- max_realms: optional (integer)
A number that indicates the maximum number of realms that can be created on a Keycloak server.
Example:
{
"url": "https://auth.local.kaatech.com",
"username": "admin",
"password": "admin",
"realm_count": 1,
"max_realms": 200
}
HTTP status code 200
Keycloak server is successfully updated.
Body
Media type: application/json
Type: object
Properties
- id: required(integer)
Unique identifier of a Keycloak server.
- url: required(string)
URL of a Keycloak server.
- username: required(string)
Username of a 'master' realm user.
- password: required(string)
Password of a 'master' realm user.
- realm_count: optional (integer - default: 0)
Count of existing realms in a Keycloak server.
- max_realms: optional (integer)
A number that indicates the maximum number of realms that can be created on a Keycloak server.
Example:
{
"id": 1,
"url": "https://auth.local.kaatech.com",
"client_id": "example_idp_client",
"client_secret": "2ad4f4bc-rt4f-4241-ada3-3ba8b8b13ab3",
"alias": "example",
"idp_realm": "example",
"role_mapping": {
"id": 1,
"realm_role": "platform-admin",
"claim_name": "roles",
"claim_value": "customer"
}
}
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
HTTP status code 404
Resource not found or querying user is not authorized for it.
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.
delete /keycloak-servers/{id}
Delete Keycloak server.
- kaa:tenant:keycloak-server:delete
Tenant Manager supports OAuth 2.0 for authenticating all API requests.
URI Parameters
- id: required(integer)
Identifier of the Keycloak server to operate on.
Example:
1
HTTP status code 204
Keycloak server is successfully deleted.
HTTP status code 400
Invalid request
HTTP status code 401
Unauthenticated request
HTTP status code 404
Resource not found or querying user is not authorized for it.
Secured by oauth_2_0
Headers
- Authorization: optional (string)
Used to send a valid OAuth 2 access token. Example: "Authorization: Bearer 'access_token'" where 'access_token' must be replaced by a valid OAuth access token. This header is needed only if API authentication is enabled for the service.