From 921bcd45cfddaf8be8d49d4ffa34caca6195b62a Mon Sep 17 00:00:00 2001 From: Alfredo Oliviero Date: Fri, 29 Mar 2024 18:14:50 +0100 Subject: [PATCH] implemented Users and Roles Rest APIs --- Dockerfile | 2 +- .../Identity Manager.postman_collection.json | 1351 ++ .../-gcube-devNext.postman_environment.json | 39 - ...ube-devsec-devVRE.postman_environment.json | 117 - .../postman/-gcube.postman_environment.json | 45 - ...ycloakRest IDM API.postman_collection.json | 378 - ...uth Token Requests.postman_collection.json | 445 - .../KeycloakRestAPI.postman_collection.json | 13029 ---------------- .../org/gcube/keycloack/KkClientFactory.java | 162 - .../service/idm/controller/KKRolesClient.java | 18 +- .../service/idm/controller/KKUserClient.java | 96 +- .../idm/is/InfrastrctureServiceClient.java | 172 + .../idm/is/IsServerConfig.java} | 19 +- .../is/client/InfrastrctureServiceClient.java | 96 - .../idm}/keycloack/ErrorMessages.java | 2 +- .../idm}/keycloack/KeycloackApiClient.java | 2 +- .../idm/keycloack/KkClientFactory.java | 131 + .../{ => service/idm}/keycloack/flusso.txt | 0 .../idm/liferay/LiferayClientFactory.java | 89 + .../org/gcube/service/idm/rest/RolesAPI.java | 104 +- .../org/gcube/service/idm/rest/UserApi.java | 233 + .../service/idm/rest/UsersSocialAPI.java | 83 +- .../ServiceEndpointAccessPointSerializer.java | 64 + .../service/rest/ResponseBeanPaginated.java | 2 - todo.md | 26 + 25 files changed, 2310 insertions(+), 14395 deletions(-) create mode 100644 docs/postman/Identity Manager.postman_collection.json delete mode 100644 documentazione/postman/-gcube-devNext.postman_environment.json delete mode 100644 documentazione/postman/-gcube-devsec-devVRE.postman_environment.json delete mode 100644 documentazione/postman/-gcube.postman_environment.json delete mode 100644 documentazione/postman/KeycloakRest IDM API.postman_collection.json delete mode 100644 documentazione/postman/KeycloakRestAPI -Auth Token Requests.postman_collection.json delete mode 100644 documentazione/postman/KeycloakRestAPI.postman_collection.json delete mode 100644 src/main/java/org/gcube/keycloack/KkClientFactory.java create mode 100644 src/main/java/org/gcube/service/idm/is/InfrastrctureServiceClient.java rename src/main/java/org/gcube/{keycloack/KeycloakServerConfig.java => service/idm/is/IsServerConfig.java} (57%) delete mode 100644 src/main/java/org/gcube/service/idm/is/client/InfrastrctureServiceClient.java rename src/main/java/org/gcube/{ => service/idm}/keycloack/ErrorMessages.java (98%) rename src/main/java/org/gcube/{ => service/idm}/keycloack/KeycloackApiClient.java (94%) create mode 100644 src/main/java/org/gcube/service/idm/keycloack/KkClientFactory.java rename src/main/java/org/gcube/{ => service/idm}/keycloack/flusso.txt (100%) create mode 100644 src/main/java/org/gcube/service/idm/liferay/LiferayClientFactory.java create mode 100644 src/main/java/org/gcube/service/idm/rest/UserApi.java create mode 100644 src/main/java/org/gcube/service/idm/serializers/ServiceEndpointAccessPointSerializer.java create mode 100644 todo.md diff --git a/Dockerfile b/Dockerfile index 3c80722..aaa35b1 100644 --- a/Dockerfile +++ b/Dockerfile @@ -4,7 +4,7 @@ FROM d4science/smartgears-distribution:4.0.0-SNAPSHOT-java$JAVA_VERSION-tomcat10 COPY ./docker/logback.xml /etc/ COPY ./docker/container.ini /etc/ -COPY ./docker/devsec.gcubekey /tomcat/lib +COPY ./docker/*.gcubekey /tomcat/lib COPY ./target/idm.war /tomcat/webapps/ EXPOSE 8080 diff --git a/docs/postman/Identity Manager.postman_collection.json b/docs/postman/Identity Manager.postman_collection.json new file mode 100644 index 0000000..059ba3e --- /dev/null +++ b/docs/postman/Identity Manager.postman_collection.json @@ -0,0 +1,1351 @@ +{ + "info": { + "_postman_id": "dbb0b069-d99f-4a87-830a-e14254c0cee2", + "name": "Identity Manager", + "description": "An example collection that can be used for communicating with gcube services\n\nget TOKEN and at UMA_TOKEN from url: [https://next.dev.d4science.org/group/gcube/home](https://next.dev.d4science.org/group/gcube/home)\n\nupdate the collection's variables gcube_token and uma_token", + "schema": "https://schema.getpostman.com/json/collection/v2.1.0/collection.json", + "_exporter_id": "32856827" + }, + "item": [ + { + "name": "LOGIN", + "item": [ + { + "name": "[UAT] Obtain CONTEXT id token for a user", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "var jsonData = JSON.parse(responseBody);", + "postman.setEnvironmentVariable(\"oidc_access_token\", jsonData.access_token);", + "postman.setEnvironmentVariable(\"oidc_refresh_token\", jsonData.refresh_token);", + "", + "postman.setEnvironmentVariable(\"uma_token\", jsonData.access_token);", + "", + "", + "", + "postman.setEnvironmentVariable(\"access_token\", jsonData.access_token);", + "postman.setEnvironmentVariable(\"refresh_token\", jsonData.refresh_token);", + "" + ], + "type": "text/javascript", + "packages": {} + } + }, + { + "listen": "prerequest", + "script": { + "exec": [ + "function set_user_pass(){", + " var username = pm.variables.get('username');", + "", + " console.log('current username', pm.variables.get('username'));", + "", + " var pwd_key = 'password_' + username;", + " if (pm.variables.has('key_password')) {", + " pwd_key = pm.variables.get('key_password')", + " }", + "", + " if (pm.variables.has(pwd_key)) {", + " password = pm.variables.get(pwd_key);", + " } else {", + " throw new Error(\"missing password for username \" + username + \". Set a global password (type secret) with key \" + pwd_key);", + " }", + " pm.environment.set('current_password', password );", + " console.log('password', password, 'from', pwd_key );", + "", + " pm.environment.set('current_username', username);", + " pm.environment.set('current_password', password);", + "}", + "", + "set_user_pass();" + ], + "type": "text/javascript", + "packages": {} + } + } + ], + "request": { + "auth": { + "type": "noauth" + }, + "method": "POST", + "header": [ + { + "key": "Content-Type", + "name": "Content-Type", + "value": "application/x-www-form-urlencoded", + "type": "text" + }, + { + "key": "X-D4Science-Context", + "value": "{{encoded_context}}", + "type": "text" + } + ], + "body": { + "mode": "urlencoded", + "urlencoded": [ + { + "key": "client_id", + "value": "{{client-id-user}}", + "type": "text" + }, + { + "key": "username", + "value": "{{username}}", + "type": "text" + }, + { + "key": "password", + "value": "{{password}}", + "type": "text" + }, + { + "key": "grant_type", + "value": "password", + "type": "text" + } + ] + }, + "url": { + "raw": "{{keycloak_url}}/realms/{{realm}}/protocol/openid-connect/token", + "host": [ + "{{keycloak_url}}" + ], + "path": [ + "realms", + "{{realm}}", + "protocol", + "openid-connect", + "token" + ] + }, + "description": "Obtain UAT = user access token from a user in realm" + }, + "response": [] + }, + { + "name": "refresh CONTEXT token Copy", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "var jsonData = JSON.parse(responseBody);", + "", + "postman.setEnvironmentVariable(\"access_token\", jsonData.access_token);", + "postman.setEnvironmentVariable(\"refresh_token\", jsonData.refresh_token);", + "" + ], + "type": "text/javascript", + "packages": {} + } + } + ], + "request": { + "method": "POST", + "header": [ + { + "key": "X-D4Science-Context", + "value": "{{encoded_context}}", + "type": "text" + } + ], + "body": { + "mode": "urlencoded", + "urlencoded": [ + { + "key": "grant_type", + "value": "refresh_token", + "type": "text" + }, + { + "key": "client_id", + "value": "{{client-id-user}}", + "type": "text" + }, + { + "key": "refresh_token", + "value": "{{refresh_token}}", + "type": "text" + }, + { + "key": "client_secret", + "value": "{{service_client_secret}}", + "type": "text", + "disabled": true + } + ] + }, + "url": { + "raw": "{{keycloak_url}}/realms/{{realm}}/protocol/openid-connect/token", + "host": [ + "{{keycloak_url}}" + ], + "path": [ + "realms", + "{{realm}}", + "protocol", + "openid-connect", + "token" + ] + } + }, + "response": [] + } + ] + }, + { + "name": "TEST", + "item": [ + { + "name": "hello TOKEN PARAM", + "request": { + "auth": { + "type": "noauth" + }, + "method": "GET", + "header": [ + { + "key": "", + "value": "{{token}}", + "type": "text" + } + ], + "url": { + "raw": "{{base_url}}/{{application}}/hello?gcube-token={{gcube_token}}", + "host": [ + "{{base_url}}" + ], + "path": [ + "{{application}}", + "hello" + ], + "query": [ + { + "key": "gcube-token", + "value": "{{gcube_token}}" + } + ] + } + }, + "response": [] + }, + { + "name": "details TOKEN PARAM", + "request": { + "auth": { + "type": "noauth" + }, + "method": "GET", + "header": [], + "url": { + "raw": "{{base_url}}/{{application}}/details?gcube-token={{gcube_token}}", + "host": [ + "{{base_url}}" + ], + "path": [ + "{{application}}", + "details" + ], + "query": [ + { + "key": "gcube-token", + "value": "{{gcube_token}}" + } + ] + } + }, + "response": [] + }, + { + "name": "test keycloak TOKEN PARAM", + "request": { + "auth": { + "type": "bearer", + "bearer": [ + { + "key": "token", + "value": "{{uma_token}}", + "type": "string" + } + ] + }, + "method": "GET", + "header": [ + { + "key": "gcube-token", + "value": "{{gcube_token}}", + "type": "text", + "disabled": true + } + ], + "url": { + "raw": "{{base_url}}/{{application}}/keycloak?client_secret={{service_client_secret}}", + "host": [ + "{{base_url}}" + ], + "path": [ + "{{application}}", + "keycloak" + ], + "query": [ + { + "key": "client_secret", + "value": "{{service_client_secret}}" + }, + { + "key": "client_id", + "value": "{{current_client-id}}", + "disabled": true + } + ] + } + }, + "response": [] + }, + { + "name": "auth org member TOKEN PARAM", + "request": { + "auth": { + "type": "noauth" + }, + "method": "GET", + "header": [], + "url": { + "raw": "{{base_url}}/{{application}}/auth/org_member?gcube-token={{gcube_token}}", + "host": [ + "{{base_url}}" + ], + "path": [ + "{{application}}", + "auth", + "org_member" + ], + "query": [ + { + "key": "gcube-token", + "value": "{{gcube_token}}" + } + ] + } + }, + "response": [] + }, + { + "name": "auth member TOKEN PARAM Copy", + "request": { + "auth": { + "type": "noauth" + }, + "method": "GET", + "header": [], + "url": { + "raw": "{{base_url}}/{{application}}/auth/member?gcube-token={{gcube_token}}", + "host": [ + "{{base_url}}" + ], + "path": [ + "{{application}}", + "auth", + "member" + ], + "query": [ + { + "key": "gcube-token", + "value": "{{gcube_token}}" + } + ] + } + }, + "response": [] + }, + { + "name": "guest", + "request": { + "auth": { + "type": "noauth" + }, + "method": "GET", + "header": [], + "url": { + "raw": "{{base_url}}/{{application}}/guest", + "host": [ + "{{base_url}}" + ], + "path": [ + "{{application}}", + "guest" + ] + } + }, + "response": [] + }, + { + "name": "hello BEARER Copy", + "request": { + "auth": { + "type": "bearer", + "bearer": [ + { + "key": "token", + "value": "{{uma_token}}", + "type": "string" + } + ] + }, + "method": "GET", + "header": [], + "url": { + "raw": "{{base_url}}/{{application}}/hello", + "host": [ + "{{base_url}}" + ], + "path": [ + "{{application}}", + "hello" + ] + } + }, + "response": [] + }, + { + "name": "details BEARER Copy", + "request": { + "auth": { + "type": "bearer", + "bearer": [ + { + "key": "token", + "value": "{{uma_token}}", + "type": "string" + } + ] + }, + "method": "GET", + "header": [], + "url": { + "raw": "{{base_url}}/{{application}}/details", + "host": [ + "{{base_url}}" + ], + "path": [ + "{{application}}", + "details" + ] + } + }, + "response": [] + }, + { + "name": "auth org member BEARER Copy", + "request": { + "auth": { + "type": "bearer", + "bearer": [ + { + "key": "token", + "value": "{{uma_token}}", + "type": "string" + } + ] + }, + "method": "GET", + "header": [], + "url": { + "raw": "{{base_url}}/{{application}}/auth/org_member", + "host": [ + "{{base_url}}" + ], + "path": [ + "{{application}}", + "auth", + "org_member" + ] + } + }, + "response": [] + }, + { + "name": "auth member BEARER Copy", + "request": { + "auth": { + "type": "bearer", + "bearer": [ + { + "key": "token", + "value": "{{uma_token}}", + "type": "string" + } + ] + }, + "method": "GET", + "header": [], + "url": { + "raw": "{{base_url}}/{{application}}/auth/member", + "host": [ + "{{base_url}}" + ], + "path": [ + "{{application}}", + "auth", + "member" + ] + } + }, + "response": [] + }, + { + "name": "test keycloak BEARER", + "request": { + "auth": { + "type": "bearer", + "bearer": [ + { + "key": "token", + "value": "{{uma_token}}", + "type": "string" + } + ] + }, + "method": "GET", + "header": [ + { + "key": "gcube-token", + "value": "{{gcube_token}}", + "type": "text", + "disabled": true + } + ], + "url": { + "raw": "{{base_url}}/{{application}}/keycloak?client_secret={{service_client_secret}}", + "host": [ + "{{base_url}}" + ], + "path": [ + "{{application}}", + "keycloak" + ], + "query": [ + { + "key": "client_secret", + "value": "{{service_client_secret}}" + }, + { + "key": "client_id", + "value": "{{current_client-id}}", + "disabled": true + } + ] + } + }, + "response": [] + } + ] + }, + { + "name": "Users", + "item": [ + { + "name": "me", + "item": [ + { + "name": "me/owner", + "request": { + "method": "GET", + "header": [], + "url": { + "raw": "{{base_url}}/{{application}}/users/me/owner", + "host": [ + "{{base_url}}" + ], + "path": [ + "{{application}}", + "users", + "me", + "owner" + ] + } + }, + "response": [] + }, + { + "name": "me/profile", + "request": { + "method": "GET", + "header": [], + "url": { + "raw": "{{base_url}}/{{application}}/users/me/profile", + "host": [ + "{{base_url}}" + ], + "path": [ + "{{application}}", + "users", + "me", + "profile" + ] + } + }, + "response": [] + }, + { + "name": "me/email", + "request": { + "method": "GET", + "header": [], + "url": { + "raw": "{{base_url}}/{{application}}/users/me/email", + "host": [ + "{{base_url}}" + ], + "path": [ + "{{application}}", + "users", + "me", + "email" + ] + } + }, + "response": [] + }, + { + "name": "me/id", + "request": { + "method": "GET", + "header": [], + "url": { + "raw": "{{base_url}}/{{application}}/users/me/id", + "host": [ + "{{base_url}}" + ], + "path": [ + "{{application}}", + "users", + "me", + "id" + ] + } + }, + "response": [] + }, + { + "name": "me/username", + "request": { + "method": "GET", + "header": [], + "url": { + "raw": "{{base_url}}/{{application}}/users/me/username", + "host": [ + "{{base_url}}" + ], + "path": [ + "{{application}}", + "users", + "me", + "username" + ] + } + }, + "response": [] + }, + { + "name": "me/roles_clients", + "request": { + "method": "GET", + "header": [], + "url": { + "raw": "{{base_url}}/{{application}}/users/me/roles_clients", + "host": [ + "{{base_url}}" + ], + "path": [ + "{{application}}", + "users", + "me", + "roles_clients" + ] + } + }, + "response": [] + }, + { + "name": "me/roles_realm", + "request": { + "method": "GET", + "header": [], + "url": { + "raw": "{{base_url}}/{{application}}/users/me/roles_realm", + "host": [ + "{{base_url}}" + ], + "path": [ + "{{application}}", + "users", + "me", + "roles_realm" + ] + } + }, + "response": [] + }, + { + "name": "me/groups", + "request": { + "method": "GET", + "header": [], + "url": { + "raw": "{{base_url}}/{{application}}/users/me/groups", + "host": [ + "{{base_url}}" + ], + "path": [ + "{{application}}", + "users", + "me", + "groups" + ] + } + }, + "response": [] + } + ] + }, + { + "name": "id", + "item": [ + { + "name": "profile", + "request": { + "method": "GET", + "header": [], + "url": { + "raw": "{{base_url}}/{{application}}/users/{{user_id}}/profile", + "host": [ + "{{base_url}}" + ], + "path": [ + "{{application}}", + "users", + "{{user_id}}", + "profile" + ] + } + }, + "response": [] + }, + { + "name": "email", + "request": { + "method": "GET", + "header": [], + "url": { + "raw": "{{base_url}}/{{application}}/users/{{user_id}}/email", + "host": [ + "{{base_url}}" + ], + "path": [ + "{{application}}", + "users", + "{{user_id}}", + "email" + ] + } + }, + "response": [] + }, + { + "name": "id", + "request": { + "method": "GET", + "header": [], + "url": { + "raw": "{{base_url}}/{{application}}/users/{{user_id}}/id", + "host": [ + "{{base_url}}" + ], + "path": [ + "{{application}}", + "users", + "{{user_id}}", + "id" + ] + } + }, + "response": [] + }, + { + "name": "name", + "request": { + "method": "GET", + "header": [], + "url": { + "raw": "{{base_url}}/{{application}}/users/{{user_id}}/name", + "host": [ + "{{base_url}}" + ], + "path": [ + "{{application}}", + "users", + "{{user_id}}", + "name" + ] + } + }, + "response": [] + }, + { + "name": "username", + "request": { + "method": "GET", + "header": [], + "url": { + "raw": "{{base_url}}/{{application}}/users/{{user_id}}/username", + "host": [ + "{{base_url}}" + ], + "path": [ + "{{application}}", + "users", + "{{user_id}}", + "username" + ] + } + }, + "response": [] + }, + { + "name": "roles_clients", + "request": { + "method": "GET", + "header": [], + "url": { + "raw": "/{{application}}/users/{{user_id}}/roles_clients", + "path": [ + "{{application}}", + "users", + "{{user_id}}", + "roles_clients" + ] + } + }, + "response": [] + }, + { + "name": "roles_realm", + "request": { + "method": "GET", + "header": [], + "url": { + "raw": "{{base_url}}/{{application}}/users/{{user_id}}/roles_realm", + "host": [ + "{{base_url}}" + ], + "path": [ + "{{application}}", + "users", + "{{user_id}}", + "roles_realm" + ] + } + }, + "response": [] + }, + { + "name": "groups", + "request": { + "method": "GET", + "header": [], + "url": { + "raw": "{{base_url}}/{{application}}/users/{{user_id}}/groups", + "host": [ + "{{base_url}}" + ], + "path": [ + "{{application}}", + "users", + "{{user_id}}", + "groups" + ] + } + }, + "response": [] + } + ] + }, + { + "name": "search", + "request": { + "method": "GET", + "header": [], + "url": { + "raw": "{{base_url}}/{{application}}/users/me/groups", + "host": [ + "{{base_url}}" + ], + "path": [ + "{{application}}", + "users", + "me", + "groups" + ], + "query": [ + { + "key": "firstName", + "value": "", + "disabled": true + }, + { + "key": "email", + "value": "", + "disabled": true + }, + { + "key": "idpAlias", + "value": "", + "disabled": true + }, + { + "key": "idpUserId", + "value": "", + "disabled": true + }, + { + "key": "emailVerified", + "value": "false", + "disabled": true + }, + { + "key": "enabled", + "value": "false", + "disabled": true + }, + { + "key": "briefRepresentation", + "value": "true", + "disabled": true + }, + { + "key": "first", + "value": "5", + "disabled": true + }, + { + "key": "max", + "value": "10", + "disabled": true + } + ] + } + }, + "response": [] + } + ] + }, + { + "name": "Social", + "item": [ + { + "name": "get-all-fullnames-and-usernames", + "request": { + "method": "GET", + "header": [], + "url": { + "raw": "{{base_url}}/{{application}}/social/users/get-all-fullnames-and-usernames?max=5&first=0", + "host": [ + "{{base_url}}" + ], + "path": [ + "{{application}}", + "social", + "users", + "get-all-fullnames-and-usernames" + ], + "query": [ + { + "key": "max", + "value": "5" + }, + { + "key": "first", + "value": "0" + } + ] + } + }, + "response": [] + }, + { + "name": "user-exists", + "request": { + "method": "GET", + "header": [], + "url": { + "raw": "{{base_url}}/{{application}}/social/users/user-exists?username={{user_id}}", + "host": [ + "{{base_url}}" + ], + "path": [ + "{{application}}", + "social", + "users", + "user-exists" + ], + "query": [ + { + "key": "username", + "value": "{{user_id}}" + } + ] + } + }, + "response": [] + }, + { + "name": "get-email", + "request": { + "method": "GET", + "header": [], + "url": { + "raw": "{{base_url}}/{{application}}/social/users/get-email", + "host": [ + "{{base_url}}" + ], + "path": [ + "{{application}}", + "social", + "users", + "get-email" + ] + } + }, + "response": [] + }, + { + "name": "users by role Member", + "request": { + "method": "GET", + "header": [], + "url": { + "raw": "{{base_url}}/{{application}}/social/users/get-usernames-by-role?role-name=Member&max=100&first=0", + "host": [ + "{{base_url}}" + ], + "path": [ + "{{application}}", + "social", + "users", + "get-usernames-by-role" + ], + "query": [ + { + "key": "role-name", + "value": "Member" + }, + { + "key": "max", + "value": "100" + }, + { + "key": "first", + "value": "0" + } + ] + } + }, + "response": [] + }, + { + "name": "get-all-usernames", + "request": { + "method": "GET", + "header": [], + "url": { + "raw": "{{base_url}}/{{application}}/social/users/get-all-fullnames-and-usernames?first=5&max=5&emailVerified=true&briefRepresentation=false", + "host": [ + "{{base_url}}" + ], + "path": [ + "{{application}}", + "social", + "users", + "get-all-fullnames-and-usernames" + ], + "query": [ + { + "key": "first", + "value": "5" + }, + { + "key": "max", + "value": "5" + }, + { + "key": "enabled", + "value": "false", + "disabled": true + }, + { + "key": "emailVerified", + "value": "true" + }, + { + "key": "briefRepresentation", + "value": "false" + } + ] + } + }, + "response": [] + }, + { + "name": "get-custom-attribute", + "request": { + "method": "GET", + "header": [], + "url": { + "raw": "{{base_url}}/{{application}}/social/users/get-custom-attribute?attribute=email", + "host": [ + "{{base_url}}" + ], + "path": [ + "{{application}}", + "social", + "users", + "get-custom-attribute" + ], + "query": [ + { + "key": "attribute", + "value": "email" + } + ] + } + }, + "response": [] + }, + { + "name": "get-profile", + "request": { + "method": "GET", + "header": [], + "url": { + "raw": "{{base_url}}/{{application}}/users/get-profile", + "host": [ + "{{base_url}}" + ], + "path": [ + "{{application}}", + "users", + "get-profile" + ] + } + }, + "response": [] + } + ] + }, + { + "name": "Roles", + "item": [ + { + "name": "roles", + "request": { + "method": "GET", + "header": [], + "url": { + "raw": "{{base_url}}/{{application}}/roles", + "host": [ + "{{base_url}}" + ], + "path": [ + "{{application}}", + "roles" + ] + } + }, + "response": [] + }, + { + "name": "role by name", + "request": { + "method": "GET", + "header": [], + "url": { + "raw": "{{base_url}}/{{application}}/roles/Member", + "host": [ + "{{base_url}}" + ], + "path": [ + "{{application}}", + "roles", + "Member" + ] + } + }, + "response": [] + }, + { + "name": "users for role by name", + "request": { + "method": "GET", + "header": [], + "url": { + "raw": "{{base_url}}/{{application}}/roles/{{role_name}}/users?max=1&first", + "host": [ + "{{base_url}}" + ], + "path": [ + "{{application}}", + "roles", + "{{role_name}}", + "users" + ], + "query": [ + { + "key": "max", + "value": "1" + }, + { + "key": "first", + "value": null + } + ] + } + }, + "response": [] + } + ] + }, + { + "name": "Tokens", + "item": [ + { + "name": "decode jwt", + "request": { + "auth": { + "type": "noauth" + }, + "method": "GET", + "header": [], + "url": { + "raw": "{{base_url}}/{{application}}/jwt/decode?token={{access_token}}", + "host": [ + "{{base_url}}" + ], + "path": [ + "{{application}}", + "jwt", + "decode" + ], + "query": [ + { + "key": "token", + "value": "{{access_token}}" + } + ] + } + }, + "response": [] + }, + { + "name": "decode jwt Auth", + "request": { + "method": "GET", + "header": [], + "url": { + "raw": "{{base_url}}/{{application}}/jwt/auth", + "host": [ + "{{base_url}}" + ], + "path": [ + "{{application}}", + "jwt", + "auth" + ] + } + }, + "response": [] + } + ] + } + ], + "auth": { + "type": "bearer", + "bearer": [ + { + "key": "token", + "value": "{{access_token}}", + "type": "string" + } + ] + }, + "event": [ + { + "listen": "prerequest", + "script": { + "type": "text/javascript", + "exec": [ + "" + ] + } + }, + { + "listen": "test", + "script": { + "type": "text/javascript", + "exec": [ + "" + ] + } + } + ], + "variable": [ + { + "key": "base_url", + "value": "http://localhost:8080", + "type": "string" + }, + { + "key": "application", + "value": "idm", + "type": "string" + }, + { + "key": "uma_token", + "value": "", + "type": "string" + }, + { + "key": "encoded_context", + "value": "%2Fgcube%2Fdevsec%2FdevVRE", + "type": "string" + }, + { + "key": "client-id-user", + "value": "next.d4science.org", + "type": "string" + }, + { + "key": "username", + "value": "", + "type": "string" + }, + { + "key": "password", + "value": "", + "type": "string" + }, + { + "key": "user_id", + "value": "", + "type": "string" + }, + { + "key": "role_name", + "value": "Member" + } + ] +} \ No newline at end of file diff --git a/documentazione/postman/-gcube-devNext.postman_environment.json b/documentazione/postman/-gcube-devNext.postman_environment.json deleted file mode 100644 index 7dc6c53..0000000 --- a/documentazione/postman/-gcube-devNext.postman_environment.json +++ /dev/null @@ -1,39 +0,0 @@ -{ - "id": "e36a9994-fbaf-4bc1-b1db-bed90eeb8066", - "name": "/gcube/devNext", - "values": [ - { - "key": "realm", - "value": "d4science", - "type": "default", - "enabled": true - }, - { - "key": "username", - "value": "alfredo.oliviero", - "type": "default", - "enabled": true - }, - { - "key": "scope_context", - "value": "/gcube/devNext", - "type": "default", - "enabled": true - }, - { - "key": "key_password", - "value": "password_alfredo.oliviero", - "type": "default", - "enabled": false - }, - { - "key": "proxy_disabled", - "value": "false", - "type": "default", - "enabled": true - } - ], - "_postman_variable_scope": "environment", - "_postman_exported_at": "2024-02-12T16:38:58.342Z", - "_postman_exported_using": "Postman/10.23.0" -} \ No newline at end of file diff --git a/documentazione/postman/-gcube-devsec-devVRE.postman_environment.json b/documentazione/postman/-gcube-devsec-devVRE.postman_environment.json deleted file mode 100644 index f5ee0ab..0000000 --- a/documentazione/postman/-gcube-devsec-devVRE.postman_environment.json +++ /dev/null @@ -1,117 +0,0 @@ -{ - "id": "f1860155-0d84-4c0c-917b-2f8f015b2752", - "name": "/gcube/devsec/devVRE", - "values": [ - { - "key": "realm", - "value": "d4science", - "type": "any", - "enabled": true - }, - { - "key": "username", - "value": "alfredo.oliviero", - "type": "default", - "enabled": true - }, - { - "key": "service_client_id", - "value": "id.d4science.org", - "type": "default", - "enabled": true - }, - { - "key": "service_client_secret", - "value": "09c26f24-3c65-4039-9fa0-e5cc4f4032cd", - "type": "secret", - "enabled": true - }, - { - "key": "proxy_disabled", - "value": "false", - "type": "default", - "enabled": true - }, - { - "key": "scope_context", - "value": "/gcube/devsec/devVRE", - "type": "default", - "enabled": true - }, - { - "key": "key_password", - "value": "password_alfredo.oliviero", - "type": "default", - "enabled": false - }, - { - "key": "current_context", - "value": "", - "type": "any", - "enabled": true - }, - { - "key": "current_url-encoded-context", - "value": "", - "type": "any", - "enabled": true - }, - { - "key": "current_iam-url", - "value": "", - "type": "any", - "enabled": true - }, - { - "key": "current_client-id", - "value": "", - "type": "any", - "enabled": true - }, - { - "key": "keycloak_url", - "value": "", - "type": "any", - "enabled": true - }, - { - "key": "token", - "value": "", - "type": "any", - "enabled": true - }, - { - "key": "refresh_token", - "value": "", - "type": "any", - "enabled": true - }, - { - "key": "id_token", - "value": "", - "type": "any", - "enabled": true - }, - { - "key": "clientId", - "value": "", - "type": "any", - "enabled": true - }, - { - "key": "current_password", - "value": "", - "type": "any", - "enabled": true - }, - { - "key": "current_username", - "value": "", - "type": "any", - "enabled": true - } - ], - "_postman_variable_scope": "environment", - "_postman_exported_at": "2024-02-12T16:38:53.606Z", - "_postman_exported_using": "Postman/10.23.0" -} \ No newline at end of file diff --git a/documentazione/postman/-gcube.postman_environment.json b/documentazione/postman/-gcube.postman_environment.json deleted file mode 100644 index 107681d..0000000 --- a/documentazione/postman/-gcube.postman_environment.json +++ /dev/null @@ -1,45 +0,0 @@ -{ - "id": "07ce7746-e9f4-443a-a651-81960a029729", - "name": "/gcube", - "values": [ - { - "key": "realm", - "value": "d4science", - "type": "default", - "enabled": true - }, - { - "key": "username", - "value": "alfredo.oliviero", - "type": "default", - "enabled": true - }, - { - "key": "proxy_disabled", - "value": "false", - "type": "default", - "enabled": true - }, - { - "key": "scope_context", - "value": "/gcube", - "type": "default", - "enabled": true - }, - { - "key": "key_password", - "value": "password_alfredo.oliviero", - "type": "default", - "enabled": false - }, - { - "key": "keycloak_url", - "value": "", - "type": "any", - "enabled": true - } - ], - "_postman_variable_scope": "environment", - "_postman_exported_at": "2024-02-12T16:39:02.914Z", - "_postman_exported_using": "Postman/10.23.0" -} \ No newline at end of file diff --git a/documentazione/postman/KeycloakRest IDM API.postman_collection.json b/documentazione/postman/KeycloakRest IDM API.postman_collection.json deleted file mode 100644 index 4671482..0000000 --- a/documentazione/postman/KeycloakRest IDM API.postman_collection.json +++ /dev/null @@ -1,378 +0,0 @@ -{ - "info": { - "_postman_id": "89ef223a-9bf5-4000-adf9-848f1570b560", - "name": "KeycloakRest IDM API", - "description": "Keycloak Admin Rest API v10 (https://www.keycloak.org/docs-api/10.0/rest-api/index.html)", - "schema": "https://schema.getpostman.com/json/collection/v2.1.0/collection.json", - "_exporter_id": "32856827" - }, - "item": [ - { - "name": "[SAT] Get Realms", - "event": [ - { - "listen": "test", - "script": { - "exec": [ - "var clients = JSON.parse(responseBody);", - "", - "console.log(\" clients: \", clients);", - "var scope_encoded_context = pm.environment.get(\"current_url-encoded-context\");", - "", - "var scope_context = pm.environment.get(\"current_context\");", - "", - "console.log(\"scope_encoded_context: \", scope_encoded_context);", - "console.log(\"scope_context: \", scope_context);", - "", - "//var client = clients.find( (c) => c.name == scope_context);", - "", - "var client = clients.find( (c) => c.clientId == scope_encoded_context);", - "console.log(\">> current client: \", client);", - "", - "if (client) {", - " pm.environment.set(\"clientId\", client.id)", - "}", - "", - "" - ], - "type": "text/javascript" - } - } - ], - "request": { - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms" - ] - } - }, - "response": [] - }, - { - "name": "[SAT] Get Clients", - "event": [ - { - "listen": "test", - "script": { - "exec": [ - "var clients = JSON.parse(responseBody);", - "", - "console.log(\" clients: \", clients);", - "var scope_encoded_context = pm.environment.get(\"current_url-encoded-context\");", - "", - "var scope_context = pm.environment.get(\"current_context\");", - "", - "console.log(\"scope_encoded_context: \", scope_encoded_context);", - "console.log(\"scope_context: \", scope_context);", - "", - "//var client = clients.find( (c) => c.name == scope_context);", - "", - "var client = clients.find( (c) => c.clientId == scope_encoded_context);", - "console.log(\">> current client: \", client);", - "", - "if (client) {", - " pm.environment.set(\"clientId\", client.id)", - "}", - "", - "" - ], - "type": "text/javascript" - } - } - ], - "request": { - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/clients", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "clients" - ] - }, - "description": "Get clients belonging to the realm Returns a list of clients belonging to the realm" - }, - "response": [] - }, - { - "name": "[SAT] Get client role users by role name", - "request": { - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/clients/{{clientId}}/roles/Catalogue-Editor/users", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "clients", - "{{clientId}}", - "roles", - "Catalogue-Editor", - "users" - ] - }, - "description": "Get all roles for the realm or client" - }, - "response": [] - }, - { - "name": "[SAT] Get all roles for the realm or client", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/clients/{{clientId}}/roles", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "clients", - "{{clientId}}", - "roles" - ] - } - }, - "response": [] - }, - { - "name": "[SAT] Get users for realm", - "request": { - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/users", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "users" - ], - "query": [ - { - "key": "briefRepresentation", - "value": "", - "disabled": true - }, - { - "key": "email", - "value": "", - "disabled": true - }, - { - "key": "first", - "value": "", - "disabled": true - }, - { - "key": "firstName", - "value": "", - "disabled": true - }, - { - "key": "lastName", - "value": "", - "disabled": true - }, - { - "key": "max", - "value": "", - "disabled": true - }, - { - "key": "search", - "value": "", - "disabled": true - }, - { - "key": "username", - "value": "", - "disabled": true - } - ] - } - }, - "response": [] - }, - { - "name": "[SAT] Search users by email in realm", - "request": { - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/users?email=alfredo.oliviero@isti.cnr.it", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "users" - ], - "query": [ - { - "key": "briefRepresentation", - "value": "", - "disabled": true - }, - { - "key": "first", - "value": "", - "disabled": true - }, - { - "key": "firstName", - "value": "", - "disabled": true - }, - { - "key": "lastName", - "value": "", - "disabled": true - }, - { - "key": "max", - "value": "", - "disabled": true - }, - { - "key": "search", - "value": "", - "disabled": true - }, - { - "key": "username", - "value": "", - "disabled": true - }, - { - "key": "email", - "value": "alfredo.oliviero@isti.cnr.it" - } - ] - } - }, - "response": [] - } - ], - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "event": [ - { - "listen": "prerequest", - "script": { - "type": "text/javascript", - "exec": [ - "" - ] - } - }, - { - "listen": "test", - "script": { - "type": "text/javascript", - "exec": [ - "" - ] - } - } - ], - "variable": [ - { - "key": "keycloak_url", - "value": "https://accounts.dev.d4science.org" - }, - { - "key": "realm", - "value": "d4science" - } - ] -} \ No newline at end of file diff --git a/documentazione/postman/KeycloakRestAPI -Auth Token Requests.postman_collection.json b/documentazione/postman/KeycloakRestAPI -Auth Token Requests.postman_collection.json deleted file mode 100644 index ec7cfc3..0000000 --- a/documentazione/postman/KeycloakRestAPI -Auth Token Requests.postman_collection.json +++ /dev/null @@ -1,445 +0,0 @@ -{ - "info": { - "_postman_id": "a19897ba-741b-4011-9618-862fec1b2a84", - "name": "KeycloakRestAPI -Auth Token Requests", - "description": "retrieves and sets the auth token\n\nbefore executing\n\n- update environment.username to current username\n- add in environment or in global the variable \"password_USERNAME\" , type secret, with the reletated password\n- add an empty variable \"current_password\", type secret, in Global Config to hide the current_password\n \n\nto check execution, open the Postman Console (View => Show Postman Console)", - "schema": "https://schema.getpostman.com/json/collection/v2.1.0/collection.json", - "_exporter_id": "32856827" - }, - "item": [ - { - "name": "clear context", - "event": [ - { - "listen": "prerequest", - "script": { - "exec": [ - "console.log(\"executing clear script\");", - "", - " pm.environment.unset('current_username');", - " pm.environment.unset('current_password');", - " pm.environment.unset('current_context');", - " pm.environment.unset('current_url-encoded-context');", - " pm.environment.unset('current_iam-url');", - " pm.environment.unset('current_client-id');", - " pm.environment.unset('current_uma-token');", - " pm.environment.unset('current_access-token');", - "", - "", - " pm.environment.unset('token');", - " pm.environment.unset('refresh_token');", - " pm.environment.unset('id_token');", - " pm.environment.unset('keycloak_url');", - "", - " pm.environment.unset('clientId');" - ], - "type": "text/javascript" - } - } - ], - "request": { - "method": "GET", - "header": [], - "url": { - "raw": "/", - "path": [ - "" - ] - } - }, - "response": [] - }, - { - "name": "[SAT] Obtain accsess token from a service account", - "event": [ - { - "listen": "test", - "script": { - "exec": [ - "var jsonData = JSON.parse(responseBody);", - "postman.setEnvironmentVariable(\"token\", jsonData.access_token);", - "postman.setEnvironmentVariable(\"refresh_token\", jsonData.refresh_token);", - "postman.setEnvironmentVariable(\"id_token\", jsonData.id_token);", - "", - "", - "postman.setNextRequest('[SAT][UAT] Set Current Client ID');", - "" - ], - "type": "text/javascript" - } - } - ], - "request": { - "method": "POST", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "value": "application/x-www-form-urlencoded", - "type": "text" - } - ], - "body": { - "mode": "urlencoded", - "urlencoded": [ - { - "key": "client_id", - "value": "{{service_client_id}}", - "type": "text" - }, - { - "key": "client_secret", - "value": "{{service_client_secret}}", - "type": "text" - }, - { - "key": "grant_type", - "value": "client_credentials", - "type": "text" - } - ] - }, - "url": { - "raw": "{{keycloak_url}}/realms/{{realm}}/protocol/openid-connect/token", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "realms", - "{{realm}}", - "protocol", - "openid-connect", - "token" - ] - }, - "description": "Obtain SAT (service account token)" - }, - "response": [] - }, - { - "name": "[UAT] Obtain access token for a user", - "event": [ - { - "listen": "test", - "script": { - "exec": [ - "var jsonData = JSON.parse(responseBody);", - "postman.setEnvironmentVariable(\"token\", jsonData.access_token);", - "postman.setEnvironmentVariable(\"refresh_token\", jsonData.refresh_token);", - "postman.setEnvironmentVariable(\"id_token\", jsonData.id_token);", - "", - "postman.setEnvironmentVariable(\"current_access-token\", jsonData.access_token);", - "" - ], - "type": "text/javascript" - } - }, - { - "listen": "prerequest", - "script": { - "exec": [ - "function set_user_pass(){", - " var username = pm.variables.get('username');", - "", - " console.log('current username', pm.variables.get('username'));", - "", - " var pwd_key = 'password_' + username;", - " if (pm.variables.has('key_password')) {", - " pwd_key = pm.variables.get('key_password')", - " }", - "", - " if (pm.variables.has(pwd_key)) {", - " password = pm.variables.get(pwd_key);", - " } else {", - " throw new Error(\"missing password for username \" + username + \". Set a global password (type secret) with key \" + pwd_key);", - " }", - " pm.environment.set('current_password', password );", - " console.log('password ****** from', pwd_key );", - "", - " pm.environment.set('current_username', username);", - " pm.environment.set('current_password', password);", - "}", - "", - "set_user_pass();" - ], - "type": "text/javascript" - } - } - ], - "request": { - "auth": { - "type": "noauth" - }, - "method": "POST", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "value": "application/x-www-form-urlencoded", - "type": "text" - } - ], - "body": { - "mode": "urlencoded", - "urlencoded": [ - { - "key": "client_id", - "value": "admin-cli", - "type": "text" - }, - { - "key": "username", - "value": "{{current_username}}", - "type": "text" - }, - { - "key": "password", - "value": "{{current_password}}", - "type": "text" - }, - { - "key": "grant_type", - "value": "password", - "type": "text" - } - ] - }, - "url": { - "raw": "{{keycloak_url}}/realms/{{realm}}/protocol/openid-connect/token", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "realms", - "{{realm}}", - "protocol", - "openid-connect", - "token" - ] - }, - "description": "Obtain UAT = user access token from a user in realm" - }, - "response": [] - }, - { - "name": "[SAT][UAT] Set Current Client ID", - "event": [ - { - "listen": "test", - "script": { - "exec": [ - "var clients = JSON.parse(responseBody);", - "", - "console.log(\" clients: \", clients);", - "var scope_encoded_context = pm.environment.get(\"current_url-encoded-context\");", - "", - "var scope_context = pm.environment.get(\"current_context\");", - "", - "console.log(\"scope_encoded_context: \", scope_encoded_context);", - "console.log(\"scope_context: \", scope_context);", - "", - "//var client = clients.find( (c) => c.name == scope_context);", - "", - "var client = clients.find( (c) => c.clientId == scope_encoded_context);", - "console.log(\">> current client: \", client);", - "", - "if (client) {", - " pm.environment.set(\"clientId\", client.id)", - "}", - "", - "" - ], - "type": "text/javascript" - } - } - ], - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/clients", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "clients" - ] - } - }, - "response": [] - } - ], - "event": [ - { - "listen": "prerequest", - "script": { - "type": "text/javascript", - "exec": [ - "console.log(\"executing pre-request script\");", - "", - "", - "var scope_context = pm.environment.get('scope_context');", - "", - "if (!scope_context) {", - " throw new Error(\"scope_context not defined\" );", - "}", - "", - "console.log('current context', scope_context);", - "pm.environment.set('current_context', scope_context);", - "", - "var urlEncodedContext = encodeURIComponent(scope_context);", - "pm.environment.set('current_url-encoded-context', urlEncodedContext);", - "", - "", - "var iamURL;", - "var clientID;", - "var prefix;", - "", - "if(scope_context.startsWith('/gcube')){", - " prefix = \"gcube_\";", - "} else if(scope_context.startsWith('/pred4s')) {", - " prefix = \"pred4s_\";", - "} else if(scope_context.startsWith('/d4science.research-infrastructures')) { ", - " prefix = \"d4science_\";", - "} else {", - " throw new Error(\"missing context parameters \" + context);", - "}", - "", - "var proxy_disabled = pm.variables.has(proxy_disabled) && pm.variables.get('proxy_disabled') == \"true\";", - "", - "var key_iamURL = prefix + \"iam_url\";", - "var key_client = prefix + \"client-id\";", - "", - "if (proxy_disabled) {", - " console.log(\"proxy disabled, bypassing proxy\")", - " key_iamURL += \"_noproxy\";", - "}", - "", - "console.log(\"key_iamURL\", key_iamURL);", - "console.log(\"key_client\", key_client);", - "", - "iamURL = pm.variables.get(key_iamURL) ;", - "clientID = pm.variables.get(key_client);", - "", - "console.log(\"current iamURL\", iamURL);", - "console.log(\"current clientID\", clientID);", - "", - "pm.environment.set('current_iam-url', iamURL);", - "pm.environment.set('current_client-id', clientID);", - "", - "pm.environment.set('keycloak_url', iamURL + '/auth') ;", - "", - "" - ] - } - }, - { - "listen": "test", - "script": { - "type": "text/javascript", - "exec": [ - "" - ] - } - } - ], - "variable": [ - { - "key": "password_mister.blonde", - "value": "oxv:3662" - }, - { - "key": "password_mister.brown", - "value": "pqm-6054" - }, - { - "key": "password_mister.pink", - "value": "pum*7692" - }, - { - "key": "password_mister.white", - "value": "pav_0026" - }, - { - "key": "password_mister.blue", - "value": "mbsl-2367" - }, - { - "key": "password_mister.orange", - "value": "mrsn-3188" - }, - { - "key": "iam-url", - "value": "" - }, - { - "key": "client-id-user", - "value": "" - }, - { - "key": "gcube_client-id", - "value": "next.d4science.org" - }, - { - "key": "gcube_iam_url_noproxy", - "value": "https://url.gcube.d4science.org", - "type": "string" - }, - { - "key": "gcube_iam_url", - "value": "https://accounts.dev.d4science.org", - "type": "string" - }, - { - "key": "pred4s_iam_url", - "value": "https://url.pred4s.d4science.org", - "type": "string" - }, - { - "key": "pred4s_client-id", - "value": "pre.d4science.org", - "type": "string" - }, - { - "key": "d4science_iam_url", - "value": "https://url.d4science.org", - "type": "string" - }, - { - "key": "c_client", - "value": "services.d4science.org", - "type": "string" - }, - { - "key": "d4science_iam_url_noproxy", - "value": "https://accounts.d4science.org", - "type": "string" - }, - { - "key": "pred4s_iam_url_noproxy", - "value": "https://accounts.pre.d4science.org", - "type": "string" - } - ] -} \ No newline at end of file diff --git a/documentazione/postman/KeycloakRestAPI.postman_collection.json b/documentazione/postman/KeycloakRestAPI.postman_collection.json deleted file mode 100644 index 19b7400..0000000 --- a/documentazione/postman/KeycloakRestAPI.postman_collection.json +++ /dev/null @@ -1,13029 +0,0 @@ -{ - "info": { - "_postman_id": "45447305-9512-45e3-a859-6a77de6414f1", - "name": "KeycloakRestAPI", - "description": "retrieves and sets the auth token\n\nbefore executing\n\n- update environment.username to current username\n- add in environment or in global the variable \"password_USERNAME\" , type secret, with the reletated password\n- add an empty variable \"current_password\", type secret, in Global Config to hide the current_password\n \n\nto check execution, open the Postman Console (View => Show Postman Console)", - "schema": "https://schema.getpostman.com/json/collection/v2.1.0/collection.json", - "_exporter_id": "32856827" - }, - "item": [ - { - "name": "Authentication Management", - "item": [ - { - "name": "Authenticator providers [SAT]", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "value": "application/x-www-form-urlencoded", - "type": "text", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/authentication/authenticator-providers", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "authentication", - "authenticator-providers" - ] - }, - "description": "Get authenticator providers Returns a list of authenticator providers." - }, - "response": [] - }, - { - "name": "Client authenticator providers [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/x-www-form-urlencoded", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/authentication/client-authenticator-providers", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "authentication", - "client-authenticator-providers" - ] - }, - "description": "Get client authenticator providers Returns a list of client authenticator providers." - }, - "response": [] - }, - { - "name": "Form action authenticator providers [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/x-www-form-urlencoded", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/authentication/form-action-providers", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "authentication", - "form-action-providers" - ] - }, - "description": "Get form action providers Returns a list of form action providers." - }, - "response": [] - }, - { - "name": "Form authenticator providers [SAT]", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/x-www-form-urlencoded", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/authentication/form-providers", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "authentication", - "form-providers" - ] - }, - "description": "Get form providers Returns a list of form providers." - }, - "response": [] - }, - { - "name": "Get configuration descriptions for all clients [SAT]", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/x-www-form-urlencoded", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/authentication/per-client-config-description", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "authentication", - "per-client-config-description" - ] - }, - "description": "Get configuration descriptions for all clients" - }, - "response": [] - }, - { - "name": "Client authenticator providers description [SAT]", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/x-www-form-urlencoded", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/authentication/config-description/{{providerId}}", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "authentication", - "config-description", - "{{providerId}}" - ] - }, - "description": "Get authenticator provider’s configuration description (e.g. client-jwt)" - }, - "response": [] - }, - { - "name": "Authenticator configuration [SAT]", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/x-www-form-urlencoded", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/authentication/config/{{configurationId}}", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "authentication", - "config", - "{{configurationId}}" - ] - }, - "description": "Get authenticator configuration" - }, - "response": [] - }, - { - "name": "Get authentication execution [SAT]", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/x-www-form-urlencoded", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/authentication/executions/{{executionId}}", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "authentication", - "executions", - "{{executionId}}" - ] - }, - "description": "Get Single Execution" - }, - "response": [] - }, - { - "name": "Update authentication execution [SAT]", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "POST", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json" - } - ], - "body": { - "mode": "raw", - "raw": "{\n \"id\": \"23e192b0-2811-4441-9f66-99bd1c4687f6\",\n \"authenticator\": \"auth-cookie\",\n \"authenticatorFlow\": false,\n \"requirement\": \"ALTERNATIVE\",\n \"priority\": 10,\n \"parentFlow\": \"bf2ffb04-39eb-4de9-b302-29f8d2735cbb\",\n \"enabled\": true,\n \"alternative\": true,\n \"required\": false,\n \"conditional\": false,\n \"disabled\": false\n}" - }, - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/authentication/executions/{{executionId}}", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "authentication", - "executions", - "{{executionId}}" - ] - }, - "description": "Update Execution" - }, - "response": [] - }, - { - "name": "Lower authentication execution priority [SAT]", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "POST", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/authentication/executions/{{executionId}}/lower-priority", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "authentication", - "executions", - "{{executionId}}", - "lower-priority" - ] - }, - "description": "Lower execution’s priority" - }, - "response": [] - }, - { - "name": "Raise authentication execution priority [SAT]", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "POST", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/authentication/executions/{{executionId}}/raise-priority", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "authentication", - "executions", - "{{executionId}}", - "raise-priority" - ] - }, - "description": "Raise execution’s priority" - }, - "response": [] - }, - { - "name": "Create a new authentication flow [SAT]", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "POST", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json" - } - ], - "body": { - "mode": "raw", - "raw": "{\n \"alias\": \"browser-for-fun\",\n \"description\": \"browser based authentication\",\n \"providerId\": \"basic-flow\",\n \"topLevel\": true,\n \"builtIn\": true,\n \"authenticationExecutions\": [\n {\n \"authenticator\": \"auth-cookie\",\n \"requirement\": \"ALTERNATIVE\",\n \"priority\": 10,\n \"userSetupAllowed\": false,\n \"autheticatorFlow\": false\n },\n {\n \"authenticator\": \"auth-spnego\",\n \"requirement\": \"DISABLED\",\n \"priority\": 20,\n \"userSetupAllowed\": false,\n \"autheticatorFlow\": false\n },\n {\n \"authenticator\": \"identity-provider-redirector\",\n \"requirement\": \"ALTERNATIVE\",\n \"priority\": 25,\n \"userSetupAllowed\": false,\n \"autheticatorFlow\": false\n },\n {\n \"requirement\": \"ALTERNATIVE\",\n \"priority\": 30,\n \"flowAlias\": \"forms\",\n \"userSetupAllowed\": false,\n \"autheticatorFlow\": true\n }\n ]\n }" - }, - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/authentication/flows", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "authentication", - "flows" - ] - }, - "description": "Create a new authentication flow" - }, - "response": [] - }, - { - "name": "Copy existing authentication flow [SAT]", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "POST", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "value": "application/json", - "type": "text" - } - ], - "body": { - "mode": "raw", - "raw": "{\n\t\"newName\": \"newName\"\n}" - }, - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/authentication/flows/{{LowerCaseAliasFlow}}/copy", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "authentication", - "flows", - "{{LowerCaseAliasFlow}}", - "copy" - ] - }, - "description": "Copy existing authentication flow under a new name The new name is given as 'newName' attribute of the passed JSON object" - }, - "response": [] - }, - { - "name": "Get authentication flows [SAT]", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/authentication/flows", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "authentication", - "flows" - ] - }, - "description": "Get authentication flows Returns a list of authentication flows." - }, - "response": [] - }, - { - "name": "Get authentication executions for a flow [SAT]", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/authentication/flows/{{LowerCaseAliasFlow}}/executions", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "authentication", - "flows", - "{{LowerCaseAliasFlow}}", - "executions" - ] - }, - "description": "Get authentication executions for a flow" - }, - "response": [] - }, - { - "name": "Get authentication executions for a flow [SAT]", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/authentication/flows/{{flowId}}", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "authentication", - "flows", - "{{flowId}}" - ] - }, - "description": "Get authentication flow for id" - }, - "response": [] - }, - { - "name": "Update an authentication flow [SAT]", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "PUT", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json" - } - ], - "body": { - "mode": "raw", - "raw": "{\n \"alias\": \"browser\",\n \"description\": \"browser based authentication - still getting error, but updates me\",\n \"providerId\": \"basic-flow\",\n \"topLevel\": true,\n \"builtIn\": true\n}" - }, - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/authentication/flows/{{flowId}}", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "authentication", - "flows", - "{{flowId}}" - ] - }, - "description": "Update an authentication flow" - }, - "response": [] - }, - { - "name": "Delete an authentication flow [SAT]", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "DELETE", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/authentication/flows/{{deleteFlowId}}", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "authentication", - "flows", - "{{deleteFlowId}}" - ] - }, - "description": "Delete an authentication flow\n*** Replace the deleteFlowId variable with the flow id you want to delete\nBe aware that an original flow cannot be deleted" - }, - "response": [] - }, - { - "name": "Update authentication executions of a flow [SAT]", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "PUT", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "value": "application/json", - "type": "text" - } - ], - "body": { - "mode": "raw", - "raw": "\t{\n \"id\": \"23e192b0-2811-4441-9f66-99bd1c4687f6\",\n \"requirement\": \"ALTERNATIVE\",\n \"displayName\": \"Cookie\",\n \"requirementChoices\": [\n \"REQUIRED\",\n \"ALTERNATIVE\",\n \"DISABLED\"\n ],\n \"configurable\": false,\n \"providerId\": \"auth-cookie\",\n \"level\": 0,\n \"index\": 0\n }" - }, - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/authentication/flows/{{LowerCaseAliasFlow}}/executions", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "authentication", - "flows", - "{{LowerCaseAliasFlow}}", - "executions" - ] - }, - "description": "Update authentication executions of a flow" - }, - "response": [] - }, - { - "name": "Add new authentication executions to a flow [SAT]", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "POST", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "value": "application/json", - "type": "text" - } - ], - "body": { - "mode": "raw", - "raw": "{\"provider\":\"reset-password\"}" - }, - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/authentication/flows/{{LowerCaseAliasFlow}}/executions/execution", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "authentication", - "flows", - "{{LowerCaseAliasFlow}}", - "executions", - "execution" - ] - }, - "description": "Add new authentication execution to a flow\n*** works only with a copied Flow!! " - }, - "response": [] - }, - { - "name": "Register a new required actions [SAT]", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "POST", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "value": "application/json", - "type": "text" - } - ], - "body": { - "mode": "raw", - "raw": "{\n\t\"providerId\":\"reset-password\",\n\t\"name\": \"new-reset-password\"\n}" - }, - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/authentication/register-required-action", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "authentication", - "register-required-action" - ] - }, - "description": "Register a new required actions" - }, - "response": [] - }, - { - "name": "Get required actions [SAT]", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "value": "application/json", - "type": "text", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/authentication/required-actions", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "authentication", - "required-actions" - ] - }, - "description": "Get required actions Returns a list of required actions." - }, - "response": [] - }, - { - "name": "Get unregistered required actions [SAT]", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "value": "application/json", - "type": "text", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/authentication/unregistered-required-actions", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "authentication", - "unregistered-required-actions" - ] - }, - "description": "Get unregistered required actions Returns a list of unregistered required actions." - }, - "response": [] - }, - { - "name": "Lower required action’s priority [SAT]", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "POST", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "value": "application/json", - "type": "text", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/authentication/required-actions/{{aliasRequiredAction}}/lower-priority", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "authentication", - "required-actions", - "{{aliasRequiredAction}}", - "lower-priority" - ] - }, - "description": "Lower required action’s priority" - }, - "response": [] - }, - { - "name": "Raise required action’s priority [SAT]", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "POST", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "value": "application/json", - "type": "text", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/authentication/required-actions/{{aliasRequiredAction}}/raise-priority", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "authentication", - "required-actions", - "{{aliasRequiredAction}}", - "raise-priority" - ] - }, - "description": "Raise required action’s priority" - }, - "response": [] - }, - { - "name": "Update required action [SAT]", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "PUT", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "value": "application/json", - "type": "text" - } - ], - "body": { - "mode": "raw", - "raw": " {\n \t\"alias\": \"UPDATE_PASSWORD\",\n \"name\": \"Update Password +\",\n \"providerId\": \"UPDATE_PASSWORD\",\n \"enabled\": true,\n \"defaultAction\": false,\n \"priority\": 30,\n \"config\": {}\n }" - }, - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/authentication/required-actions/{{aliasRequiredAction}}", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "authentication", - "required-actions", - "{{aliasRequiredAction}}" - ] - }, - "description": "Update required action" - }, - "response": [] - }, - { - "name": "Delete required action [SAT]", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "DELETE", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/authentication/required-actions/{{aliasRequiredAction}}", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "authentication", - "required-actions", - "{{aliasRequiredAction}}" - ] - }, - "description": "Delete required action" - }, - "response": [] - }, - { - "name": "Get required actions for alias [SAT]", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "value": "application/json", - "type": "text", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/authentication/required-actions/{{aliasRequiredAction}}", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "authentication", - "required-actions", - "{{aliasRequiredAction}}" - ] - }, - "description": "Get required action for alias" - }, - "response": [] - }, - { - "name": "Add new flow with new execution to existing flow [SAT]", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "POST", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "value": "application/json", - "type": "text" - } - ], - "body": { - "mode": "raw", - "raw": "{\"provider\":\"reset-password\",\n\t\"alias\": \"bff\",\n\t\"type\": \"generic\",\n\t\"description\": \"new flow bff\"\n}" - }, - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/authentication/flows/{{LowerCaseAliasFlow}}/executions/flow", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "authentication", - "flows", - "{{LowerCaseAliasFlow}}", - "executions", - "flow" - ] - }, - "description": "Add new flow with new execution to existing flow" - }, - "response": [] - }, - { - "name": "Delete authentication execution [SAT]", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "DELETE", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/x-www-form-urlencoded", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/authentication/executions/{{executionId}}", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "authentication", - "executions", - "{{executionId}}" - ] - }, - "description": "Delete execution" - }, - "response": [] - }, - { - "name": "Update authenticator configuration [SAT]", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "PUT", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json" - } - ], - "body": { - "mode": "raw", - "raw": "{\n\"config\": {\n \"update.profile.on.first.login\": \"on\"\n }\n}" - }, - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/authentication/config/{{configurationId}}", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "authentication", - "config", - "{{configurationId}}" - ] - }, - "description": "Update authenticator configuration" - }, - "response": [] - }, - { - "name": "Add authenticator configuration [SAT] Copy", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "POST", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json" - } - ], - "body": { - "mode": "raw", - "raw": "{\n\"config\": {\n \"update.profile.on.first.login\": \"on\"\n }\n}" - }, - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/authentication/config/{{configurationId}}", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "authentication", - "config", - "{{configurationId}}" - ] - }, - "description": "Add new authentication execution" - }, - "response": [] - }, - { - "name": "Delete authenticator configuration [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "DELETE", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/authentication/config/{{configurationId}}", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "authentication", - "config", - "{{configurationId}}" - ] - }, - "description": "Delete authenticator configuration" - }, - "response": [] - } - ] - }, - { - "name": "Root", - "item": [ - { - "name": "Get all [SAT]", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}" - ] - }, - "description": "Get themes, social providers, auth providers, and event listeners available on this server" - }, - "response": [ - { - "name": "Get sessions associated with the user [SAT] Copy", - "originalRequest": { - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}" - ] - } - }, - "status": "OK", - "code": 200, - "_postman_previewlanguage": "json", - "header": [ - { - "key": "Cache-Control", - "value": "no-cache" - }, - { - "key": "X-XSS-Protection", - "value": "1; mode=block" - }, - { - "key": "X-Frame-Options", - "value": "SAMEORIGIN" - }, - { - "key": "Date", - "value": "Sun, 10 May 2020 20:30:26 GMT" - }, - { - "key": "Connection", - "value": "keep-alive" - }, - { - "key": "Strict-Transport-Security", - "value": "max-age=31536000; includeSubDomains" - }, - { - "key": "X-Content-Type-Options", - "value": "nosniff" - }, - { - "key": "Content-Type", - "value": "application/json" - }, - { - "key": "Content-Length", - "value": "4571" - } - ], - "cookie": [], - "body": "{\n \"id\": \"heroes\",\n \"realm\": \"heroes\",\n \"notBefore\": 1589105644,\n \"revokeRefreshToken\": false,\n \"refreshTokenMaxReuse\": 0,\n \"accessTokenLifespan\": 300,\n \"accessTokenLifespanForImplicitFlow\": 900,\n \"ssoSessionIdleTimeout\": 1800,\n \"ssoSessionMaxLifespan\": 36000,\n \"ssoSessionIdleTimeoutRememberMe\": 0,\n \"ssoSessionMaxLifespanRememberMe\": 0,\n \"offlineSessionIdleTimeout\": 2592000,\n \"offlineSessionMaxLifespanEnabled\": false,\n \"offlineSessionMaxLifespan\": 5184000,\n \"clientSessionIdleTimeout\": 0,\n \"clientSessionMaxLifespan\": 0,\n \"accessCodeLifespan\": 60,\n \"accessCodeLifespanUserAction\": 300,\n \"accessCodeLifespanLogin\": 1800,\n \"actionTokenGeneratedByAdminLifespan\": 43200,\n \"actionTokenGeneratedByUserLifespan\": 300,\n \"enabled\": true,\n \"sslRequired\": \"external\",\n \"registrationAllowed\": false,\n \"registrationEmailAsUsername\": false,\n \"rememberMe\": false,\n \"verifyEmail\": false,\n \"loginWithEmailAllowed\": true,\n \"duplicateEmailsAllowed\": false,\n \"resetPasswordAllowed\": false,\n \"editUsernameAllowed\": false,\n \"bruteForceProtected\": false,\n \"permanentLockout\": false,\n \"maxFailureWaitSeconds\": 900,\n \"minimumQuickLoginWaitSeconds\": 60,\n \"waitIncrementSeconds\": 60,\n \"quickLoginCheckMilliSeconds\": 1000,\n \"maxDeltaTimeSeconds\": 43200,\n \"failureFactor\": 30,\n \"defaultRoles\": [\n \"offline_access\",\n \"uma_authorization\"\n ],\n \"requiredCredentials\": [\n \"password\"\n ],\n \"otpPolicyType\": \"totp\",\n \"otpPolicyAlgorithm\": \"HmacSHA1\",\n \"otpPolicyInitialCounter\": 0,\n \"otpPolicyDigits\": 6,\n \"otpPolicyLookAheadWindow\": 1,\n \"otpPolicyPeriod\": 30,\n \"otpSupportedApplications\": [\n \"FreeOTP\",\n \"Google Authenticator\"\n ],\n \"webAuthnPolicyRpEntityName\": \"keycloak\",\n \"webAuthnPolicySignatureAlgorithms\": [\n \"ES256\"\n ],\n \"webAuthnPolicyRpId\": \"\",\n \"webAuthnPolicyAttestationConveyancePreference\": \"not specified\",\n \"webAuthnPolicyAuthenticatorAttachment\": \"not specified\",\n \"webAuthnPolicyRequireResidentKey\": \"not specified\",\n \"webAuthnPolicyUserVerificationRequirement\": \"not specified\",\n \"webAuthnPolicyCreateTimeout\": 0,\n \"webAuthnPolicyAvoidSameAuthenticatorRegister\": false,\n \"webAuthnPolicyAcceptableAaguids\": [],\n \"webAuthnPolicyPasswordlessRpEntityName\": \"keycloak\",\n \"webAuthnPolicyPasswordlessSignatureAlgorithms\": [\n \"ES256\"\n ],\n \"webAuthnPolicyPasswordlessRpId\": \"\",\n \"webAuthnPolicyPasswordlessAttestationConveyancePreference\": \"not specified\",\n \"webAuthnPolicyPasswordlessAuthenticatorAttachment\": \"not specified\",\n \"webAuthnPolicyPasswordlessRequireResidentKey\": \"not specified\",\n \"webAuthnPolicyPasswordlessUserVerificationRequirement\": \"not specified\",\n \"webAuthnPolicyPasswordlessCreateTimeout\": 0,\n \"webAuthnPolicyPasswordlessAvoidSameAuthenticatorRegister\": false,\n \"webAuthnPolicyPasswordlessAcceptableAaguids\": [],\n \"browserSecurityHeaders\": {\n \"contentSecurityPolicyReportOnly\": \"\",\n \"xContentTypeOptions\": \"nosniff\",\n \"xRobotsTag\": \"none\",\n \"xFrameOptions\": \"SAMEORIGIN\",\n \"contentSecurityPolicy\": \"frame-src 'self'; frame-ancestors 'self'; object-src 'none';\",\n \"xXSSProtection\": \"1; mode=block\",\n \"strictTransportSecurity\": \"max-age=31536000; includeSubDomains\"\n },\n \"smtpServer\": {},\n \"eventsEnabled\": false,\n \"eventsListeners\": [\n \"jboss-logging\"\n ],\n \"enabledEventTypes\": [],\n \"adminEventsEnabled\": false,\n \"adminEventsDetailsEnabled\": false,\n \"identityProviders\": [\n {\n \"alias\": \"keycloak-oidc\",\n \"internalId\": \"d79d0d65-8ee1-47f0-8611-f9e6eea71f20\",\n \"providerId\": \"keycloak-oidc\",\n \"enabled\": true,\n \"updateProfileFirstLoginMode\": \"on\",\n \"trustEmail\": false,\n \"storeToken\": false,\n \"addReadTokenRoleOnCreate\": false,\n \"authenticateByDefault\": false,\n \"linkOnly\": false,\n \"firstBrokerLoginFlowAlias\": \"first broker login\",\n \"config\": {\n \"clientId\": \"ssss\",\n \"tokenUrl\": \"http://localhost\",\n \"authorizationUrl\": \"http://localhost\",\n \"clientAuthMethod\": \"client_secret_basic\",\n \"syncMode\": \"IMPORT\",\n \"clientSecret\": \"assaasa\",\n \"useJwksUrl\": \"true\"\n }\n },\n {\n \"alias\": \"keycloak-oidc-2\",\n \"internalId\": \"7cf3fd74-8d3a-4c8d-b651-fcc885df8a31\",\n \"providerId\": \"keycloak-oidc\",\n \"enabled\": true,\n \"updateProfileFirstLoginMode\": \"on\",\n \"trustEmail\": false,\n \"storeToken\": false,\n \"addReadTokenRoleOnCreate\": false,\n \"authenticateByDefault\": false,\n \"linkOnly\": false,\n \"firstBrokerLoginFlowAlias\": \"first broker login\",\n \"config\": {}\n }\n ],\n \"identityProviderMappers\": [\n {\n \"id\": \"42c7b62d-4383-42c9-a8a0-65519e2c2543\",\n \"name\": \"test-mapper\",\n \"identityProviderAlias\": \"keycloak-oidc2\",\n \"identityProviderMapper\": \"keycloak-oidc\",\n \"config\": {}\n },\n {\n \"id\": \"ea65c956-24c7-4587-8fe7-c07222e3485d\",\n \"name\": \"test\",\n \"identityProviderAlias\": \"keycloak-oidc-2\",\n \"identityProviderMapper\": \"hardcoded-user-session-attribute-idp-mapper\",\n \"config\": {\n \"syncMode\": \"INHERIT\"\n }\n }\n ],\n \"internationalizationEnabled\": false,\n \"supportedLocales\": [],\n \"browserFlow\": \"browser\",\n \"registrationFlow\": \"registration\",\n \"directGrantFlow\": \"direct grant\",\n \"resetCredentialsFlow\": \"reset credentials\",\n \"clientAuthenticationFlow\": \"clients\",\n \"dockerAuthenticationFlow\": \"docker auth\",\n \"attributes\": {},\n \"userManagedAccessAllowed\": false\n}" - } - ] - } - ] - }, - { - "name": "Attack Detection", - "item": [ - { - "name": "Brute force users [SAT]", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "DELETE", - "header": [], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/attack-detection/brute-force/users", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "attack-detection", - "brute-force", - "users" - ] - }, - "description": "Clear any user login failures for all users This can release temporary disabled users" - }, - "response": [] - }, - { - "name": "Brute force specific user [SAT]", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "DELETE", - "header": [], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/attack-detection/brute-force/users/{{userId}}", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "attack-detection", - "brute-force", - "users", - "{{userId}}" - ] - }, - "description": "Clear any user login failures for the user This can release temporary disabled user\n* Add userId" - }, - "response": [] - }, - { - "name": "Brute force specific user [SAT] Copy", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/attack-detection/brute-force/users/{{userId}}", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "attack-detection", - "brute-force", - "users", - "{{userId}}" - ] - }, - "description": "Get status of a username in brute force detection. \n* Add userId" - }, - "response": [] - } - ] - }, - { - "name": "Client Attribute Certificate", - "item": [ - { - "name": "Get key info [SAT]", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "value": "application/json", - "type": "text", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/clients/{{clientId}}/certificates/{{attr}}", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "clients", - "{{clientId}}", - "certificates", - "{{attr}}" - ] - }, - "description": "Get key info" - }, - "response": [] - }, - { - "name": "Get a keystore file for the client [SAT]", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "POST", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json" - } - ], - "body": { - "mode": "raw", - "raw": "{\n\t\"storePassword\": \"app\",\n\t\"format\": \"JKS\"\n}" - }, - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/clients/{{clientId}}/certificates/{{attr}}/download", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "clients", - "{{clientId}}", - "certificates", - "{{attr}}", - "download" - ] - }, - "description": "Get a keystore file for the client, containing private key and public certificate" - }, - "response": [] - }, - { - "name": "Upload certificate and eventually private key [SAT]", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "POST", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "multipart/form-data" - } - ], - "body": { - "mode": "file", - "file": {} - }, - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/clients/{{clientId}}/certificates/{{attr}}/upload", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "clients", - "{{clientId}}", - "certificates", - "{{attr}}", - "upload" - ] - }, - "description": "Upload certificate and eventually private key" - }, - "response": [] - }, - { - "name": "Upload only certificate, not private key [SAT]", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "POST", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "multipart/form-data" - } - ], - "body": { - "mode": "file", - "file": {} - }, - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/clients/{{clientId}}/certificates/{{attr}}/upload-certificate", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "clients", - "{{clientId}}", - "certificates", - "{{attr}}", - "upload-certificate" - ] - }, - "description": "Upload only certificate, not private key" - }, - "response": [] - }, - { - "name": "Generate a new keypair and certificate [SAT]", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "POST", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json" - } - ], - "body": { - "mode": "raw", - "raw": "{\n\t\"storePassword\": \"app\",\n\t\"format\": \"JKS\"\n}" - }, - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/clients/{{clientId}}/certificates/{{attr}}/generate-and-download", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "clients", - "{{clientId}}", - "certificates", - "{{attr}}", - "generate-and-download" - ] - }, - "description": "Generate a new keypair and certificate, and get the private key file Generates a keypair and certificate and serves the private key in a specified keystore format." - }, - "response": [] - }, - { - "name": "Generate a new certificate with new key pair [SAT]", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "POST", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/clients/{{clientId}}/certificates/{{attr}}/generate", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "clients", - "{{clientId}}", - "certificates", - "{{attr}}", - "generate" - ] - }, - "description": "Generate a new certificate with new key pair" - }, - "response": [] - } - ] - }, - { - "name": "Client Initial Access", - "item": [ - { - "name": "Create a new initial access token [SAT]", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "POST", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json" - } - ], - "body": { - "mode": "raw", - "raw": "{\n\t\"count\": 5,\n\t\"expiration\": 5\n}" - }, - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/clients-initial-access", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "clients-initial-access" - ] - }, - "description": "Create a new initial access token." - }, - "response": [] - }, - { - "name": "Get new initial access tokens [SAT]", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/clients-initial-access", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "clients-initial-access" - ] - }, - "description": "Get a list of new initial access tokens" - }, - "response": [] - }, - { - "name": "Delete initial access token with id [SAT] Copy", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "DELETE", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/clients-initial-access/50fadd33-d8ee-47cc-b094-33fff7535787", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "clients-initial-access", - "50fadd33-d8ee-47cc-b094-33fff7535787" - ] - } - }, - "response": [] - } - ] - }, - { - "name": "Client Registration Policy", - "item": [ - { - "name": "Base path for retrieve providers [SAT]", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/client-registration-policy/providers", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "client-registration-policy", - "providers" - ] - }, - "description": "Base path for retrieve providers with the configProperties properly filled" - }, - "response": [] - } - ] - }, - { - "name": "Client Role Mappings", - "item": [ - { - "name": "Add client-level roles to the user role mapping [SAT]", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "POST", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json" - } - ], - "body": { - "mode": "raw", - "raw": "[ \n\t{\n \"id\": \"647ba3cc-5d4d-4a5a-a67f-ed594f43a5b6\",\n \"name\": \"Sneaky\",\n \"composite\": false,\n \"clientRole\": true,\n \"containerId\": \"5725d549-faac-4a30-bab3-7b8370c19ce3\"\n }\n]\n" - }, - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/groups/{{groupId}}/role-mappings/clients/{{clientId}}", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "groups", - "{{groupId}}", - "role-mappings", - "clients", - "{{clientId}}" - ] - }, - "description": "Add client-level roles to the user role mapping" - }, - "response": [] - }, - { - "name": "Add client-level roles to the user role mapping - without group [SAT]", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "POST", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json" - } - ], - "body": { - "mode": "raw", - "raw": "[ \n\t{\n \"id\": \"647ba3cc-5d4d-4a5a-a67f-ed594f43a5b6\",\n \"name\": \"Sneaky\",\n \"composite\": false,\n \"clientRole\": true,\n \"containerId\": \"5725d549-faac-4a30-bab3-7b8370c19ce3\"\n }\n]\n" - }, - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/users/{{userId}}/role-mappings/clients/{{clientId}}", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "users", - "{{userId}}", - "role-mappings", - "clients", - "{{clientId}}" - ] - }, - "description": "Add client-level roles to the user role mapping" - }, - "response": [] - }, - { - "name": "Delete client-level roles from user role mapping [SAT]", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "DELETE", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json" - } - ], - "body": { - "mode": "raw", - "raw": "[ \n\t{\n \"id\": \"647ba3cc-5d4d-4a5a-a67f-ed594f43a5b6\",\n \"name\": \"Sneaky\",\n \"composite\": false,\n \"clientRole\": true,\n \"containerId\": \"5725d549-faac-4a30-bab3-7b8370c19ce3\"\n }\n]\n" - }, - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/users/{{userId}}/role-mappings/clients/{{clientId}}", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "users", - "{{userId}}", - "role-mappings", - "clients", - "{{clientId}}" - ] - }, - "description": "Delete client-level roles from user role mapping" - }, - "response": [] - }, - { - "name": "Get client-level role mappings for the user, and the app [SAT]", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/users/{{userId}}/role-mappings/clients/{{clientId}}", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "users", - "{{userId}}", - "role-mappings", - "clients", - "{{clientId}}" - ] - }, - "description": "Get client-level role mappings for the user, and the app" - }, - "response": [] - }, - { - "name": "Get available client-level roles that can be mapped to the user [SAT]", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/users/{{userId}}/role-mappings/clients/{{clientId}}/available", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "users", - "{{userId}}", - "role-mappings", - "clients", - "{{clientId}}", - "available" - ] - }, - "description": "Get available client-level roles that can be mapped to the user" - }, - "response": [] - }, - { - "name": "Get effective client-level role mappings - composite roles [SAT]", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/users/{{userId}}/role-mappings/clients/{{clientId}}/composite", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "users", - "{{userId}}", - "role-mappings", - "clients", - "{{clientId}}", - "composite" - ] - }, - "description": "Get effective client-level role mappings This recurses any composite roles" - }, - "response": [] - }, - { - "name": "Delete client-level roles from user role mapping [SAT]", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "DELETE", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json" - } - ], - "body": { - "mode": "raw", - "raw": "[ \n\t{\n \"id\": \"647ba3cc-5d4d-4a5a-a67f-ed594f43a5b6\",\n \"name\": \"Sneaky\",\n \"composite\": false,\n \"clientRole\": true,\n \"containerId\": \"5725d549-faac-4a30-bab3-7b8370c19ce3\"\n }\n]\n" - }, - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/groups/{{groupId}}/role-mappings/clients/{{clientId}}", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "groups", - "{{groupId}}", - "role-mappings", - "clients", - "{{clientId}}" - ] - }, - "description": "Delete client-level roles from user role mapping" - }, - "response": [] - }, - { - "name": "Get client-level role mappings for the user, and the app [SAT]", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/groups/{{groupId}}/role-mappings/clients/{{clientId}}", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "groups", - "{{groupId}}", - "role-mappings", - "clients", - "{{clientId}}" - ] - }, - "description": "Get client-level role mappings for the user, and the app" - }, - "response": [] - }, - { - "name": "Get available client-level roles that can be mapped to the user [SAT]", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/groups/{{groupId}}/role-mappings/clients/{{clientId}}/available", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "groups", - "{{groupId}}", - "role-mappings", - "clients", - "{{clientId}}", - "available" - ] - }, - "description": "Get available client-level roles that can be mapped to the user" - }, - "response": [] - }, - { - "name": "Get effective client-level role mapping + composite roles [SAT]", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/groups/{{groupId}}/role-mappings/clients/{{clientId}}/composite", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "groups", - "{{groupId}}", - "role-mappings", - "clients", - "{{clientId}}", - "composite" - ] - }, - "description": "Get effective client-level role mappings This recurses any composite roles" - }, - "response": [] - } - ] - }, - { - "name": "Client Scopes", - "item": [ - { - "name": "Get client scopes belonging [SAT]", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/client-scopes", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "client-scopes" - ] - }, - "description": "Get client scopes belonging to the realm Returns a list of client scopes belonging to the realm" - }, - "response": [] - }, - { - "name": "Get representation of the client scope [SAT]", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/client-scopes/{{clientScopeId}}", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "client-scopes", - "{{clientScopeId}}" - ] - }, - "description": "Get representation of the client scope" - }, - "response": [] - }, - { - "name": "Delete the client scope[SAT]", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "DELETE", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/client-scopes/{{clientScopeId}}", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "client-scopes", - "{{clientScopeId}}" - ] - }, - "description": "Delete the client scope" - }, - "response": [] - }, - { - "name": "Update the client scope [SAT]", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "PUT", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json" - } - ], - "body": { - "mode": "raw", - "raw": "{\n \"id\": \"4f841085-b7be-4596-b99b-15422e16bf0b\",\n \"name\": \"email\",\n \"description\": \"OpenID Connect built-in scope: email +\",\n \"protocol\": \"openid-connect\",\n \"attributes\": {\n \"include.in.token.scope\": \"true\",\n \"display.on.consent.screen\": \"true\",\n \"consent.screen.text\": \"${emailScopeConsentText}\"\n },\n \"protocolMappers\": [\n {\n \"id\": \"62224d4c-7181-4790-a3c9-71cdbf1516a5\",\n \"name\": \"email\",\n \"protocol\": \"openid-connect\",\n \"protocolMapper\": \"oidc-usermodel-property-mapper\",\n \"consentRequired\": false,\n \"config\": {\n \"userinfo.token.claim\": \"true\",\n \"user.attribute\": \"email\",\n \"id.token.claim\": \"true\",\n \"access.token.claim\": \"true\",\n \"claim.name\": \"email\",\n \"jsonType.label\": \"String\"\n }\n },\n {\n \"id\": \"e7b52fef-f525-4314-abf3-267d9f48082e\",\n \"name\": \"email verified\",\n \"protocol\": \"openid-connect\",\n \"protocolMapper\": \"oidc-usermodel-property-mapper\",\n \"consentRequired\": false,\n \"config\": {\n \"userinfo.token.claim\": \"true\",\n \"user.attribute\": \"emailVerified\",\n \"id.token.claim\": \"true\",\n \"access.token.claim\": \"true\",\n \"claim.name\": \"email_verified\",\n \"jsonType.label\": \"boolean\"\n }\n }\n ]\n}" - }, - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/client-scopes/{{clientScopeId}}", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "client-scopes", - "{{clientScopeId}}" - ] - }, - "description": "Update the client scope" - }, - "response": [] - }, - { - "name": "Create a new client scope [SAT]", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "POST", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json" - } - ], - "body": { - "mode": "raw", - "raw": " {\n \"name\": \"test_scope\",\n \"description\": \"OpenID Connect built-in scope: offline_access\",\n \"protocol\": \"openid-connect\",\n \"attributes\": {\n \"consent.screen.text\": \"${offlineAccessScopeConsentText}\",\n \"display.on.consent.screen\": \"true\"\n }\n }" - }, - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/client-scopes", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "client-scopes" - ] - }, - "description": "Create a new client scope Client Scope’s name must be unique!" - }, - "response": [] - } - ] - }, - { - "name": "Clients", - "item": [ - { - "name": "Get clients [SAT]", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/clients", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "clients" - ] - }, - "description": "Get clients belonging to the realm Returns a list of clients belonging to the realm" - }, - "response": [] - }, - { - "name": "Get representation of the client [SAT]", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/clients/{{clientId}}", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "clients", - "{{clientId}}" - ] - }, - "description": "Get representation of the client" - }, - "response": [] - }, - { - "name": "Generate a new secret for the client [SAT]", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "POST", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/clients/{{clientId}}/client-secret", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "clients", - "{{clientId}}", - "client-secret" - ] - }, - "description": "Generate a new secret for the client" - }, - "response": [] - }, - { - "name": "Get secret for the client [SAT]", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/clients/{{clientId}}/client-secret", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "clients", - "{{clientId}}", - "client-secret" - ] - }, - "description": "Get the client secret" - }, - "response": [] - }, - { - "name": "Get the client providers [SAT]", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/clients/{{clientId}}/installation/providers/keycloak-oidc", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "clients", - "{{clientId}}", - "installation", - "providers", - "keycloak-oidc" - ] - }, - "description": "Get the client providers" - }, - "response": [] - }, - { - "name": "Register a cluster node with the client [SAT]", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "POST", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json" - } - ], - "body": { - "mode": "raw", - "raw": "{\n\t\"formParams\": []\n}" - }, - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/clients/{{clientId}}/nodes", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "clients", - "{{clientId}}", - "nodes" - ] - }, - "description": "Register a cluster node with the client Manually register cluster node to this client - usually it’s not needed to call this directly as adapter should handle by sending registration request to Keycloak" - }, - "response": [] - }, - { - "name": "Register a cluster node with the client [SAT] Copy", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "DELETE", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/clients/{{clientId}}/nodes/{{node}}", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "clients", - "{{clientId}}", - "nodes", - "{{node}}" - ] - }, - "description": "Register a cluster node with the client Manually register cluster node to this client - usually it’s not needed to call this directly as adapter should handle by sending registration request to Keycloak" - }, - "response": [] - }, - { - "name": "Get client authorization permissions [SAT]", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/clients/{{clientId}}/management/permissions", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "clients", - "{{clientId}}", - "management", - "permissions" - ] - }, - "description": "Has client authorization permissions initialized?\n" - }, - "response": [] - }, - { - "name": "Update client authorization permissions [SAT]", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "PUT", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json" - } - ], - "body": { - "mode": "raw", - "raw": "{\n\t\"enabled\": \"false\"\n}" - }, - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/clients/{{clientId}}/management/permissions", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "clients", - "{{clientId}}", - "management", - "permissions" - ] - }, - "description": "Return object stating whether client Authorization permissions have been initialized or not and a reference" - }, - "response": [] - }, - { - "name": "Get representation of the client [SAT] Copy", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "DELETE", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/clients/{{clientId}}", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "clients", - "{{clientId}}" - ] - }, - "description": "Get representation of the client" - }, - "response": [] - }, - { - "name": "Create a new client [SAT]", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "POST", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json" - } - ], - "body": { - "mode": "raw", - "raw": " {\n \"clientId\": \"new-client-from-rest-api\",\n \"name\": \"new-client-from-rest-api\",\n \"adminUrl\": \"http://localhost:4200\",\n \"alwaysDisplayInConsole\": false,\n \"access\": {\n \"view\": true,\n \"configure\": true,\n \"manage\": true\n },\n \"attributes\": {},\n \"authenticationFlowBindingOverrides\" : {},\n \"authorizationServicesEnabled\": false,\n \"bearerOnly\": false,\n \"directAccessGrantsEnabled\": true,\n \"enabled\": true,\n \"protocol\": \"openid-connect\",\n \"description\": \"rest-api\",\n\n \"rootUrl\": \"${authBaseUrl}\",\n \"baseUrl\": \"/realms/heroes/account/\",\n \"surrogateAuthRequired\": false,\n \"clientAuthenticatorType\": \"client-secret\",\n \"defaultRoles\": [\n \"manage-account\",\n \"view-profile\"\n ],\n \"redirectUris\": [\n \"/realms/heroes/account/*\"\n ],\n \"webOrigins\": [],\n \"notBefore\": 0,\n \"consentRequired\": false,\n \"standardFlowEnabled\": true,\n \"implicitFlowEnabled\": false,\n \"serviceAccountsEnabled\": false,\n \"publicClient\": false,\n \"frontchannelLogout\": false,\n \"fullScopeAllowed\": false,\n \"nodeReRegistrationTimeout\": 0,\n \"defaultClientScopes\": [\n \"web-origins\",\n \"role_list\",\n \"profile\",\n \"roles\",\n \"email\"\n ],\n \"optionalClientScopes\": [\n \"address\",\n \"phone\",\n \"offline_access\",\n \"microprofile-jwt\"\n ]\n }" - }, - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/clients", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "clients" - ] - }, - "description": "Create a new client Client’s client_id must be unique!" - }, - "response": [] - }, - { - "name": "Create a new client [SAT] Copy", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "PUT", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json" - } - ], - "body": { - "mode": "raw", - "raw": "{\n \"enabled\": false\n}" - }, - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/clients/{{clientId}}", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "clients", - "{{clientId}}" - ] - }, - "description": "Create a new client Client’s client_id must be unique!" - }, - "response": [] - }, - { - "name": "Get default client scopes [SAT]", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/clients/{{clientId}}/default-client-scopes", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "clients", - "{{clientId}}", - "default-client-scopes" - ] - }, - "description": "Get default client scopes from a client." - }, - "response": [] - }, - { - "name": "Create JSON with payload of example access token [SAT]", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/clients/{{clientId}}/evaluate-scopes/generate-example-access-token?userId={{userId}}", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "clients", - "{{clientId}}", - "evaluate-scopes", - "generate-example-access-token" - ], - "query": [ - { - "key": "scope", - "value": "", - "disabled": true - }, - { - "key": "userId", - "value": "{{userId}}" - } - ] - }, - "description": "Create JSON with payload of example access token" - }, - "response": [] - }, - { - "name": "Get effective scope mapping of all roles [SAT]", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/clients/{{clientId}}/evaluate-scopes/scope-mappings/{{containerId}}/granted", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "clients", - "{{clientId}}", - "evaluate-scopes", - "scope-mappings", - "{{containerId}}", - "granted" - ], - "query": [ - { - "key": "scope", - "value": "", - "disabled": true - } - ] - }, - "description": "Get effective scope mapping of all roles of particular role container, which this client is defacto allowed to have in the accessToken issued for him." - }, - "response": [] - }, - { - "name": "Get roles without scope and access token [SAT]", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/clients/{{clientId}}/evaluate-scopes/scope-mappings/{{containerId}}/not-granted", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "clients", - "{{clientId}}", - "evaluate-scopes", - "scope-mappings", - "{{containerId}}", - "not-granted" - ], - "query": [ - { - "key": "scope", - "value": "", - "disabled": true - } - ] - }, - "description": "Get roles, which this client doesn’t have scope for and can’t have them in the accessToken issued for him." - }, - "response": [] - }, - { - "name": "Get all protocol mappers [SAT]", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/clients/{{clientId}}/evaluate-scopes/protocol-mappers", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "clients", - "{{clientId}}", - "evaluate-scopes", - "protocol-mappers" - ], - "query": [ - { - "key": "scope", - "value": "", - "disabled": true - } - ] - }, - "description": "Return list of all protocol mappers, which will be used when generating tokens issued for particular client." - }, - "response": [] - }, - { - "name": "Get application offline session count [SAT]", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/clients/{{clientId}}/offline-session-count", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "clients", - "{{clientId}}", - "offline-session-count" - ], - "query": [ - { - "key": "scope", - "value": "", - "disabled": true - } - ] - }, - "description": "Get application offline session count Returns a number of offline user sessions associated with this client { \"count\": number }" - }, - "response": [] - }, - { - "name": "Get application offline sessions [SAT]", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/clients/{{clientId}}/offline-sessions", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "clients", - "{{clientId}}", - "offline-sessions" - ], - "query": [ - { - "key": "scope", - "value": "", - "disabled": true - } - ] - }, - "description": "Get offline sessions for client Returns a list of offline user sessions associated with this client" - }, - "response": [] - }, - { - "name": "Get optional client scopes[SAT]", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/clients/{{clientId}}/optional-client-scopes", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "clients", - "{{clientId}}", - "optional-client-scopes" - ], - "query": [ - { - "key": "scope", - "value": "", - "disabled": true - } - ] - }, - "description": "Get optional client scopes." - }, - "response": [] - }, - { - "name": "Add optional client scope to client [SAT]", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "PUT", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/clients/{{clientId}}/optional-client-scopes/{{clientScopeId}}", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "clients", - "{{clientId}}", - "optional-client-scopes", - "{{clientScopeId}}" - ], - "query": [ - { - "key": "scope", - "value": "", - "disabled": true - } - ] - }, - "description": "Add optional client scope to client" - }, - "response": [] - }, - { - "name": "Delete optional client scope to client [SAT]", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "DELETE", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/clients/{{clientId}}/optional-client-scopes/{{clientScopeId}}", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "clients", - "{{clientId}}", - "optional-client-scopes", - "{{clientScopeId}}" - ], - "query": [ - { - "key": "scope", - "value": "", - "disabled": true - } - ] - }, - "description": "Delete optional client scope to client" - }, - "response": [] - }, - { - "name": "Add default client scope to client [SAT]", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "PUT", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/clients/{{clientId}}/default-client-scopes/{{clientScopeId}}", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "clients", - "{{clientId}}", - "default-client-scopes", - "{{clientScopeId}}" - ] - }, - "description": "Add default client scope to client" - }, - "response": [] - }, - { - "name": "Delete default client scope to client [SAT]", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "DELETE", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/clients/{{clientId}}/default-client-scopes/{{clientScopeId}}", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "clients", - "{{clientId}}", - "default-client-scopes", - "{{clientScopeId}}" - ] - }, - "description": "Delete default client scope to client" - }, - "response": [] - }, - { - "name": "Push the client’s revocation policy to its admin URL [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "POST", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/clients/{{clientId}}/push-revocation", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "clients", - "{{clientId}}", - "push-revocation" - ] - }, - "description": "Push the client’s revocation policy to its admin URL If the client has an admin URL, push revocation policy to it." - }, - "response": [] - }, - { - "name": "Generate a new registration access token for the client [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "POST", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/clients/{{clientId}}/registration-access-token", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "clients", - "{{clientId}}", - "registration-access-token" - ] - }, - "description": "Generate a new registration access token for the client" - }, - "response": [] - }, - { - "name": "Get a user dedicated to the service account [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/clients/{{clientIdServiceAccount}}/service-account-user", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "clients", - "{{clientIdServiceAccount}}", - "service-account-user" - ] - }, - "description": "Get a user dedicated to the service account" - }, - "response": [] - }, - { - "name": "Get application session count associated with this client [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/clients/{{clientIdServiceAccount}}/session-count", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "clients", - "{{clientIdServiceAccount}}", - "session-count" - ] - }, - "description": "Get application session count Returns a number of user sessions associated with this client { \"count\": number }" - }, - "response": [] - }, - { - "name": "Test if registered cluster nodes are available [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/clients/{{clientIdServiceAccount}}/test-nodes-available", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "clients", - "{{clientIdServiceAccount}}", - "test-nodes-available" - ] - }, - "description": "Test if registered cluster nodes are available Tests availability by sending 'ping' request to all cluster nodes" - }, - "response": [] - }, - { - "name": "Get user sessions associated with this client [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/clients/{{clientIdServiceAccount}}/user-sessions", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "clients", - "{{clientIdServiceAccount}}", - "user-sessions" - ] - }, - "description": "Get user sessions for client Returns a list of user sessions associated with this client" - }, - "response": [] - } - ] - }, - { - "name": "General information", - "item": [ - { - "name": "Get certs information", - "request": { - "method": "GET", - "header": [], - "url": { - "raw": "{{keycloak_url}}/realms/{{realm}}/protocol/openid-connect/certs", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "realms", - "{{realm}}", - "protocol", - "openid-connect", - "certs" - ] - } - }, - "response": [] - }, - { - "name": "Well known configuration", - "event": [ - { - "listen": "test", - "script": { - "exec": [ - "" - ], - "type": "text/javascript" - } - } - ], - "request": { - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "value": "application/x-www-form-urlencoded", - "type": "text", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/realms/{{realm}}/.well-known/openid-configuration", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "realms", - "{{realm}}", - ".well-known", - "openid-configuration" - ] - }, - "description": "Get configuration information" - }, - "response": [] - } - ] - }, - { - "name": "Component", - "item": [ - { - "name": "Add components [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "POST", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json" - } - ], - "body": { - "mode": "raw", - "raw": "{\n\t\"name\": \"test\",\n \"providerId\": \"max-clients\",\n \"providerType\": \"org.keycloak.services.clientregistration.policy.ClientRegistrationPolicy\",\n \"parentId\": \"heroes\",\n \"subType\": \"anonymous\",\n \"config\": {\n \"max-clients\": [\n \"200\"\n ]\n }\n}" - }, - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/components", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "components" - ] - }, - "description": "Add components" - }, - "response": [] - }, - { - "name": "Get components [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/components", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "components" - ] - }, - "description": "Get components" - }, - "response": [] - }, - { - "name": "Get a specific component [SAT]", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/components/{{componentId}}", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "components", - "{{componentId}}" - ] - }, - "description": "Get component from id" - }, - "response": [] - }, - { - "name": "Get subcomponents [SAT]", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/components/{{componentId}}/sub-component-types?type=org.keycloak.keys.KeyProvider", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "components", - "{{componentId}}", - "sub-component-types" - ], - "query": [ - { - "key": "type", - "value": "org.keycloak.keys.KeyProvider" - } - ] - }, - "description": "List of subcomponent types that are available to configure for a particular parent component." - }, - "response": [] - }, - { - "name": "Update a specific component [SAT]", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "PUT", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json" - } - ], - "body": { - "mode": "raw", - "raw": "{\n \"id\": \"7a084caa-36f4-4ea4-8dcb-56b1b189c2fa\",\n \"name\": \"Trusted Hosts\",\n \"providerId\": \"trusted-hosts\",\n \"providerType\": \"org.keycloak.services.clientregistration.policy.ClientRegistrationPolicy\",\n \"parentId\": \"heroes\",\n \"subType\": \"anonymous\",\n \"config\": {\n \"host-sending-registration-request-must-match\": [\n \"true\"\n ],\n \"client-uris-must-match\": [\n \"true\"\n ]\n }\n}" - }, - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/components/{{componentId}}", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "components", - "{{componentId}}" - ] - }, - "description": "Update a component from id" - }, - "response": [] - }, - { - "name": "Update a specific component [SAT] Copy", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "DELETE", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/components/{{componentId}}", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "components", - "{{componentId}}" - ] - }, - "description": "Update a component from id" - }, - "response": [] - } - ] - }, - { - "name": "Groups", - "item": [ - { - "name": "Get groups [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/groups", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "groups" - ] - }, - "description": "Get groups" - }, - "response": [] - }, - { - "name": "Get specific group [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/groups/{{groupId}}", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "groups", - "{{groupId}}" - ] - }, - "description": "Get group for a specific id" - }, - "response": [] - }, - { - "name": "Get groups count [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/groups/count", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "groups", - "count" - ] - }, - "description": "Get groups count" - }, - "response": [] - }, - { - "name": "Create a group [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "POST", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json" - } - ], - "body": { - "mode": "raw", - "raw": "{\n\t\"name\": \"anime\",\n\t\"path\": \"/anime\",\n\t\"subGroups\": []\n}" - }, - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/groups", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "groups" - ] - }, - "description": "create or add a top level realm groupSet or create child" - }, - "response": [] - }, - { - "name": "Update group [SAT]", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "PUT", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json" - } - ], - "body": { - "mode": "raw", - "raw": "{\n \"id\": \"67722639-5e88-4635-b641-522c2461fef3\",\n \"name\": \"marvel\",\n \"path\": \"/marVel\",\n \"subGroups\": []\n }" - }, - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/groups/{{groupId}}", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "groups", - "{{groupId}}" - ] - }, - "description": "Update group, ignores subgroups." - }, - "response": [] - }, - { - "name": "Delete group [SAT]", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "DELETE", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/groups/91f732ae-509f-4520-a246-abe570f9b52d", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "groups", - "91f732ae-509f-4520-a246-abe570f9b52d" - ] - }, - "description": "Delete group" - }, - "response": [] - }, - { - "name": "Add subgroup [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "POST", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json" - } - ], - "body": { - "mode": "raw", - "raw": "{\n\t\"name\": \"movies\",\n\t\"path\": \"/movies\",\n\t\"subGroups\": []\n}" - }, - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/groups/{{groupId}}/children", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "groups", - "{{groupId}}", - "children" - ] - }, - "description": "Add subgroup" - }, - "response": [] - }, - { - "name": "Return object authorization permissions [SAT] ", - "protocolProfileBehavior": { - "disableBodyPruning": true - }, - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json" - } - ], - "body": { - "mode": "raw", - "raw": "{\n\t\"name\": \"movies\",\n\t\"path\": \"/movies\",\n\t\"subGroups\": []\n}" - }, - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/groups/{{groupId}}/management/permissions", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "groups", - "{{groupId}}", - "management", - "permissions" - ] - }, - "description": "Return object stating whether client Authorization permissions have been initialized or not and a reference" - }, - "response": [] - }, - { - "name": "Get group members [SAT] ", - "protocolProfileBehavior": { - "disableBodyPruning": true - }, - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json" - } - ], - "body": { - "mode": "raw", - "raw": "{\n\t\"name\": \"movies\",\n\t\"path\": \"/movies\",\n\t\"subGroups\": []\n}" - }, - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/groups/{{groupId}}/members", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "groups", - "{{groupId}}", - "members" - ] - }, - "description": "Get users Returns a list of users, filtered according to query parameters" - }, - "response": [] - }, - { - "name": "Update return object authorization permissions [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "PUT", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json" - } - ], - "body": { - "mode": "raw", - "raw": "{\n\t\"enabled\": \"false\"\n}" - }, - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/groups/{{groupId}}/management/permissions", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "groups", - "{{groupId}}", - "management", - "permissions" - ] - }, - "description": "Return object stating whether client Authorization permissions have been initialized or not and a reference" - }, - "response": [] - } - ] - }, - { - "name": "Identity Providers", - "item": [ - { - "name": "Import identity provider from uploaded JSON file [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "POST", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "multipart/form-data" - } - ], - "body": { - "mode": "file", - "file": {} - }, - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/identity-provider/import-config", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "identity-provider", - "import-config" - ] - }, - "description": "Import identity provider from uploaded JSON file" - }, - "response": [] - }, - { - "name": "Create a new identity provider [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "POST", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json" - } - ], - "body": { - "mode": "raw", - "raw": "{\n \"alias\": \"keycloak-oidc-2\",\n \"providerId\": \"keycloak-oidc\",\n \"enabled\": true,\n \"updateProfileFirstLoginMode\": \"on\",\n \"trustEmail\": false,\n \"storeToken\": false,\n \"addReadTokenRoleOnCreate\": false,\n \"authenticateByDefault\": false,\n \"linkOnly\": false,\n \"firstBrokerLoginFlowAlias\": \"first broker login\",\n \"config\": {}\n }" - }, - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/identity-provider/instances", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "identity-provider", - "instances" - ] - }, - "description": "Create a new identity provider" - }, - "response": [] - }, - { - "name": "Get identity providers [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "multipart/form-data", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/identity-provider/instances", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "identity-provider", - "instances" - ] - }, - "description": "Get identity providers" - }, - "response": [] - }, - { - "name": "Get the identity provider from alias [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "multipart/form-data", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/identity-provider/instances/{{providerAlias}}", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "identity-provider", - "instances", - "{{providerAlias}}" - ] - }, - "description": "Get the identity provider from alias" - }, - "response": [] - }, - { - "name": "Return object stating client Authorization [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "multipart/form-data", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/identity-provider/instances/{{providerAlias}}/management/permissions", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "identity-provider", - "instances", - "{{providerAlias}}", - "management", - "permissions" - ] - }, - "description": "Return object stating whether client Authorization permissions have been initialized or not and a reference" - }, - "response": [] - }, - { - "name": "Return object stating client Authorization [SAT] Copy", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "PUT", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json" - } - ], - "body": { - "mode": "raw", - "raw": "{\n\t\"enabled\": true\n}" - }, - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/identity-provider/instances/{{providerAlias}}/management/permissions", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "identity-provider", - "instances", - "{{providerAlias}}", - "management", - "permissions" - ] - }, - "description": "Return object stating whether client Authorization permissions have been initialized or not and a reference" - }, - "response": [] - }, - { - "name": "Export public broker configuration for identity provider [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "multipart/form-data", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/identity-provider/instances/{{providerAlias}}/export?format=json", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "identity-provider", - "instances", - "{{providerAlias}}", - "export" - ], - "query": [ - { - "key": "format", - "value": "json" - } - ] - }, - "description": "Export public broker configuration for identity provider" - }, - "response": [] - }, - { - "name": "Update the identity provider [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "PUT", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json" - } - ], - "body": { - "mode": "raw", - "raw": "{\n \"alias\": \"keycloak-oidc-2\",\n \"internalId\": \"0df24d90-d39e-4e02-ab3d-7150efa40b1d\",\n \"providerId\": \"keycloak-oidc\",\n \"enabled\": true,\n \"updateProfileFirstLoginMode\": \"on\",\n \"trustEmail\": true,\n \"storeToken\": false,\n \"addReadTokenRoleOnCreate\": false,\n \"authenticateByDefault\": false,\n \"linkOnly\": false,\n \"firstBrokerLoginFlowAlias\": \"first broker login\",\n \"config\": {}\n}" - }, - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/identity-provider/instances/{{providerAlias}}", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "identity-provider", - "instances", - "{{providerAlias}}" - ] - }, - "description": "Update the identity provider" - }, - "response": [] - }, - { - "name": "Delete the identity provider [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "DELETE", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/identity-provider/instances/{{providerAlias}}", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "identity-provider", - "instances", - "{{providerAlias}}" - ] - }, - "description": "Delete the identity provider" - }, - "response": [] - }, - { - "name": "Get mapper types for identity provider [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/octet-stream", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/identity-provider/instances/{{providerAlias}}/mapper-types", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "identity-provider", - "instances", - "{{providerAlias}}", - "mapper-types" - ] - }, - "description": "Get mapper types for identity provider" - }, - "response": [] - }, - { - "name": "Add a mapper to identity provider [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "POST", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json" - } - ], - "body": { - "mode": "raw", - "raw": "{\n\t\"name\": \"test-mapper\",\n\t\"identityProviderAlias\": \"keycloak-oidc2\",\n\t\"identityProviderMapper\": \"keycloak-oidc\",\n\t\"config\": {}\n}" - }, - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/identity-provider/instances/{{providerAlias}}/mappers", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "identity-provider", - "instances", - "{{providerAlias}}", - "mappers" - ] - }, - "description": "Add a mapper to identity provider" - }, - "response": [] - }, - { - "name": "Get mappes for the identity provider [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/identity-provider/instances/{{providerAlias}}/mappers", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "identity-provider", - "instances", - "{{providerAlias}}", - "mappers" - ] - }, - "description": "Get mappes for the identity provider " - }, - "response": [] - }, - { - "name": "Get mapper by id for the identity provider [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/identity-provider/instances/{{providerAlias}}/mappers/ea65c956-24c7-4587-8fe7-c07222e3485d", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "identity-provider", - "instances", - "{{providerAlias}}", - "mappers", - "ea65c956-24c7-4587-8fe7-c07222e3485d" - ] - }, - "description": "Get mapper by id for the identity provider" - }, - "response": [] - }, - { - "name": "Get identity providers [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/identity-provider/providers/keycloak-oidc", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "identity-provider", - "providers", - "keycloak-oidc" - ] - }, - "description": "Get identity providers" - }, - "response": [] - }, - { - "name": "Update a mapper for the identity provider [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "PUT", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json" - } - ], - "body": { - "mode": "raw", - "raw": "{\n \"id\": \"ea65c956-24c7-4587-8fe7-c07222e3485d\",\n \"name\": \"test\",\n \"identityProviderAlias\": \"keycloak-oidc-2\",\n \"identityProviderMapper\": \"hardcoded-user-session-attribute-idp-mapper\",\n \"config\": {\n \"syncMode\": \"INHERIT\"\n }\n}" - }, - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/identity-provider/instances/{{providerAlias}}/mappers/ea65c956-24c7-4587-8fe7-c07222e3485d", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "identity-provider", - "instances", - "{{providerAlias}}", - "mappers", - "ea65c956-24c7-4587-8fe7-c07222e3485d" - ] - }, - "description": "Update a mapper for the identity provider" - }, - "response": [] - }, - { - "name": "Delete a mapper for the identity provider [SAT]", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "DELETE", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/identity-provider/instances/{{providerAlias}}/mappers/ea65c956-24c7-4587-8fe7-c07222e3485d", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "identity-provider", - "instances", - "{{providerAlias}}", - "mappers", - "ea65c956-24c7-4587-8fe7-c07222e3485d" - ] - }, - "description": "Delete a mapper for the identity provider" - }, - "response": [] - } - ] - }, - { - "name": "Key", - "item": [ - { - "name": "Get realm keys [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/keys", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "keys" - ] - }, - "description": "Get realm keys " - }, - "response": [] - } - ] - }, - { - "name": "Protocol Mappers", - "item": [ - { - "name": "Create mappers to identity provider [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "POST", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json" - } - ], - "body": { - "mode": "raw", - "raw": "[{\n\t\"name\": \"protocol-mapper-2\",\n\t\"protocol\": \"openid-connect\",\n\t\"protocolMapper\": \"oidc-usermodel-property-mapper\",\n\t\"config\": {}\n}]" - }, - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/client-scopes/{{clientScopeId}}/protocol-mappers/add-models", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "client-scopes", - "{{clientScopeId}}", - "protocol-mappers", - "add-models" - ] - }, - "description": "Create mappers to identity provider " - }, - "response": [] - }, - { - "name": "Create a mapper to identity provider [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "POST", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json" - } - ], - "body": { - "mode": "raw", - "raw": "{\n\t\"name\": \"protocol-mapper\",\n\t\"protocol\": \"openid-connect\",\n\t\"protocolMapper\": \"oidc-usermodel-property-mapper\",\n\t\"config\": {}\n}" - }, - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/client-scopes/{{clientScopeId}}/protocol-mappers/models", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "client-scopes", - "{{clientScopeId}}", - "protocol-mappers", - "models" - ] - }, - "description": "Add a mapper to identity provider" - }, - "response": [] - }, - { - "name": "Update the mapper[SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "PUT", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json" - } - ], - "body": { - "mode": "raw", - "raw": "{\n \"id\": \"62224d4c-7181-4790-a3c9-71cdbf1516a5\",\n \"name\": \"email\",\n \"protocol\": \"openid-connect\",\n \"protocolMapper\": \"oidc-usermodel-property-mapper\",\n \"consentRequired\": false,\n \"config\": {\n \"userinfo.token.claim\": \"true\",\n \"user.attribute\": \"email\",\n \"id.token.claim\": \"true\",\n \"access.token.claim\": \"true\",\n \"claim.name\": \"email\",\n \"jsonType.label\": \"String\"\n }\n}" - }, - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/client-scopes/{{clientScopeId}}/protocol-mappers/models/62224d4c-7181-4790-a3c9-71cdbf1516a5", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "client-scopes", - "{{clientScopeId}}", - "protocol-mappers", - "models", - "62224d4c-7181-4790-a3c9-71cdbf1516a5" - ] - }, - "description": "Update the mapper" - }, - "response": [] - }, - { - "name": "Update the mapper[SAT] Copy", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "DELETE", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/client-scopes/{{clientScopeId}}/protocol-mappers/models/62224d4c-7181-4790-a3c9-71cdbf1516a5", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "client-scopes", - "{{clientScopeId}}", - "protocol-mappers", - "models", - "62224d4c-7181-4790-a3c9-71cdbf1516a5" - ] - }, - "description": "Update the mapper" - }, - "response": [] - }, - { - "name": "Get mappers [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/client-scopes/{{clientScopeId}}/protocol-mappers/models", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "client-scopes", - "{{clientScopeId}}", - "protocol-mappers", - "models" - ] - }, - "description": "Get mappers" - }, - "response": [] - }, - { - "name": "Get mappers by name for a specific protocol [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/client-scopes/{{clientScopeId}}/protocol-mappers/protocol/62224d4c-7181-4790-a3c9-71cdbf1516a5", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "client-scopes", - "{{clientScopeId}}", - "protocol-mappers", - "protocol", - "62224d4c-7181-4790-a3c9-71cdbf1516a5" - ] - }, - "description": "Get mappers by name for a specific protocol" - }, - "response": [] - }, - { - "name": "Get exact mapper [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/client-scopes/{{clientScopeId}}/protocol-mappers/models/62224d4c-7181-4790-a3c9-71cdbf1516a5", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "client-scopes", - "{{clientScopeId}}", - "protocol-mappers", - "models", - "62224d4c-7181-4790-a3c9-71cdbf1516a5" - ] - }, - "description": "Get specific mapper" - }, - "response": [] - }, - { - "name": "Create multiple mappers for a client [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "POST", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json" - } - ], - "body": { - "mode": "raw", - "raw": "[{\n\t\"name\": \"protocol-mapper-2\",\n\t\"protocol\": \"openid-connect\",\n\t\"protocolMapper\": \"oidc-usermodel-property-mapper\",\n\t\"config\": {}\n}]" - }, - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/clients/{{clientId}}/protocol-mappers/add-models", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "clients", - "{{clientId}}", - "protocol-mappers", - "add-models" - ] - }, - "description": "Create multiple mappers" - }, - "response": [] - }, - { - "name": "Create a mapper for a client [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "POST", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json" - } - ], - "body": { - "mode": "raw", - "raw": "{\n\t\"name\": \"protocol-mapper-2\",\n\t\"protocol\": \"openid-connect\",\n\t\"protocolMapper\": \"oidc-usermodel-property-mapper\",\n\t\"config\": {}\n}" - }, - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/clients/{{clientId}}/protocol-mappers/models", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "clients", - "{{clientId}}", - "protocol-mappers", - "models" - ] - }, - "description": "Create a mapper for a client" - }, - "response": [] - }, - { - "name": "Get mappers for a client [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/clients/{{clientId}}/protocol-mappers/models", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "clients", - "{{clientId}}", - "protocol-mappers", - "models" - ] - }, - "description": "Get mappers for a client" - }, - "response": [] - }, - { - "name": "Get mapper for a specific client [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/clients/{{clientId}}/protocol-mappers/models/af0bf361-7882-4d10-a38c-40ffddba9a59", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "clients", - "{{clientId}}", - "protocol-mappers", - "models", - "af0bf361-7882-4d10-a38c-40ffddba9a59" - ] - }, - "description": "Get mapper for a specific client" - }, - "response": [] - }, - { - "name": "Get mappers by name for a specific protocol [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/clients/{{clientId}}/protocol-mappers/protocol/openid-connect", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "clients", - "{{clientId}}", - "protocol-mappers", - "protocol", - "openid-connect" - ] - }, - "description": "Get mappers by name for a specific protocol" - }, - "response": [] - }, - { - "name": "Update the mapper [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "PUT", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json" - } - ], - "body": { - "mode": "raw", - "raw": "{\n \"id\": \"af0bf361-7882-4d10-a38c-40ffddba9a59\",\n \"name\": \"protocol-mapper-2\",\n \"protocol\": \"openid-connect\",\n \"protocolMapper\": \"oidc-usermodel-property-mapper\",\n \"consentRequired\": false,\n \"config\": {}\n}" - }, - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/clients/{{clientId}}/protocol-mappers/models/af0bf361-7882-4d10-a38c-40ffddba9a59", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "clients", - "{{clientId}}", - "protocol-mappers", - "models", - "af0bf361-7882-4d10-a38c-40ffddba9a59" - ] - }, - "description": "Update the mapper" - }, - "response": [] - }, - { - "name": "Update the mapper [SAT] Copy", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "DELETE", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/clients/{{clientId}}/protocol-mappers/models/af0bf361-7882-4d10-a38c-40ffddba9a59", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "clients", - "{{clientId}}", - "protocol-mappers", - "models", - "af0bf361-7882-4d10-a38c-40ffddba9a59" - ] - }, - "description": "Update the mapper" - }, - "response": [] - } - ] - }, - { - "name": "Realms Admin", - "item": [ - { - "name": "Get realm info [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}" - ] - }, - "description": "Get realm info" - }, - "response": [] - }, - { - "name": "Get admin events of the realm [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/admin-events", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "admin-events" - ] - }, - "description": "Get admin events Returns all admin events, or filters events based on URL query parameters listed here" - }, - "response": [] - }, - { - "name": "Delete all admin events [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "DELETE", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/admin-events", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "admin-events" - ] - }, - "description": "Delete all admin events" - }, - "response": [] - }, - { - "name": "Add realm [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "POST", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json" - } - ], - "body": { - "mode": "raw", - "raw": "{\n \"id\": \"heroes\",\n \"realm\": \"heroes\",\n \"notBefore\": 0,\n \"revokeRefreshToken\": false,\n \"refreshTokenMaxReuse\": 0,\n \"accessTokenLifespan\": 300,\n \"accessTokenLifespanForImplicitFlow\": 900,\n \"ssoSessionIdleTimeout\": 1800,\n \"ssoSessionMaxLifespan\": 36000,\n \"ssoSessionIdleTimeoutRememberMe\": 0,\n \"ssoSessionMaxLifespanRememberMe\": 0,\n \"offlineSessionIdleTimeout\": 2592000,\n \"offlineSessionMaxLifespanEnabled\": false,\n \"offlineSessionMaxLifespan\": 5184000,\n \"clientSessionIdleTimeout\": 0,\n \"clientSessionMaxLifespan\": 0,\n \"accessCodeLifespan\": 60,\n \"accessCodeLifespanUserAction\": 300,\n \"accessCodeLifespanLogin\": 1800,\n \"actionTokenGeneratedByAdminLifespan\": 43200,\n \"actionTokenGeneratedByUserLifespan\": 300,\n \"enabled\": true,\n \"sslRequired\": \"external\",\n \"registrationAllowed\": false,\n \"registrationEmailAsUsername\": false,\n \"rememberMe\": false,\n \"verifyEmail\": false,\n \"loginWithEmailAllowed\": true,\n \"duplicateEmailsAllowed\": false,\n \"resetPasswordAllowed\": false,\n \"editUsernameAllowed\": false,\n \"bruteForceProtected\": false,\n \"permanentLockout\": false,\n \"maxFailureWaitSeconds\": 900,\n \"minimumQuickLoginWaitSeconds\": 60,\n \"waitIncrementSeconds\": 60,\n \"quickLoginCheckMilliSeconds\": 1000,\n \"maxDeltaTimeSeconds\": 43200,\n \"failureFactor\": 30,\n \"defaultRoles\": [\n \"offline_access\",\n \"uma_authorization\"\n ],\n \"requiredCredentials\": [\n \"password\"\n ],\n \"otpPolicyType\": \"totp\",\n \"otpPolicyAlgorithm\": \"HmacSHA1\",\n \"otpPolicyInitialCounter\": 0,\n \"otpPolicyDigits\": 6,\n \"otpPolicyLookAheadWindow\": 1,\n \"otpPolicyPeriod\": 30,\n \"otpSupportedApplications\": [\n \"FreeOTP\",\n \"Google Authenticator\"\n ],\n \"webAuthnPolicyRpEntityName\": \"keycloak\",\n \"webAuthnPolicySignatureAlgorithms\": [\n \"ES256\"\n ],\n \"webAuthnPolicyRpId\": \"\",\n \"webAuthnPolicyAttestationConveyancePreference\": \"not specified\",\n \"webAuthnPolicyAuthenticatorAttachment\": \"not specified\",\n \"webAuthnPolicyRequireResidentKey\": \"not specified\",\n \"webAuthnPolicyUserVerificationRequirement\": \"not specified\",\n \"webAuthnPolicyCreateTimeout\": 0,\n \"webAuthnPolicyAvoidSameAuthenticatorRegister\": false,\n \"webAuthnPolicyAcceptableAaguids\": [],\n \"webAuthnPolicyPasswordlessRpEntityName\": \"keycloak\",\n \"webAuthnPolicyPasswordlessSignatureAlgorithms\": [\n \"ES256\"\n ],\n \"webAuthnPolicyPasswordlessRpId\": \"\",\n \"webAuthnPolicyPasswordlessAttestationConveyancePreference\": \"not specified\",\n \"webAuthnPolicyPasswordlessAuthenticatorAttachment\": \"not specified\",\n \"webAuthnPolicyPasswordlessRequireResidentKey\": \"not specified\",\n \"webAuthnPolicyPasswordlessUserVerificationRequirement\": \"not specified\",\n \"webAuthnPolicyPasswordlessCreateTimeout\": 0,\n \"webAuthnPolicyPasswordlessAvoidSameAuthenticatorRegister\": false,\n \"webAuthnPolicyPasswordlessAcceptableAaguids\": [],\n \"browserSecurityHeaders\": {\n \"contentSecurityPolicyReportOnly\": \"\",\n \"xContentTypeOptions\": \"nosniff\",\n \"xRobotsTag\": \"none\",\n \"xFrameOptions\": \"SAMEORIGIN\",\n \"contentSecurityPolicy\": \"frame-src 'self'; frame-ancestors 'self'; object-src 'none';\",\n \"xXSSProtection\": \"1; mode=block\",\n \"strictTransportSecurity\": \"max-age=31536000; includeSubDomains\"\n },\n \"smtpServer\": {},\n \"eventsEnabled\": false,\n \"eventsListeners\": [\n \"jboss-logging\"\n ],\n \"enabledEventTypes\": [],\n \"adminEventsEnabled\": false,\n \"adminEventsDetailsEnabled\": false,\n \"identityProviders\": [\n {\n \"alias\": \"keycloak-oidc\",\n \"internalId\": \"d79d0d65-8ee1-47f0-8611-f9e6eea71f20\",\n \"providerId\": \"keycloak-oidc\",\n \"enabled\": true,\n \"updateProfileFirstLoginMode\": \"on\",\n \"trustEmail\": false,\n \"storeToken\": false,\n \"addReadTokenRoleOnCreate\": false,\n \"authenticateByDefault\": false,\n \"linkOnly\": false,\n \"firstBrokerLoginFlowAlias\": \"first broker login\",\n \"config\": {\n \"clientId\": \"ssss\",\n \"tokenUrl\": \"http://localhost\",\n \"authorizationUrl\": \"http://localhost\",\n \"clientAuthMethod\": \"client_secret_basic\",\n \"syncMode\": \"IMPORT\",\n \"clientSecret\": \"assaasa\",\n \"useJwksUrl\": \"true\"\n }\n },\n {\n \"alias\": \"keycloak-oidc-2\",\n \"internalId\": \"7cf3fd74-8d3a-4c8d-b651-fcc885df8a31\",\n \"providerId\": \"keycloak-oidc\",\n \"enabled\": true,\n \"updateProfileFirstLoginMode\": \"on\",\n \"trustEmail\": false,\n \"storeToken\": false,\n \"addReadTokenRoleOnCreate\": false,\n \"authenticateByDefault\": false,\n \"linkOnly\": false,\n \"firstBrokerLoginFlowAlias\": \"first broker login\",\n \"config\": {}\n }\n ],\n \"identityProviderMappers\": [\n {\n \"id\": \"42c7b62d-4383-42c9-a8a0-65519e2c2543\",\n \"name\": \"test-mapper\",\n \"identityProviderAlias\": \"keycloak-oidc2\",\n \"identityProviderMapper\": \"keycloak-oidc\",\n \"config\": {}\n },\n {\n \"id\": \"ea65c956-24c7-4587-8fe7-c07222e3485d\",\n \"name\": \"test\",\n \"identityProviderAlias\": \"keycloak-oidc-2\",\n \"identityProviderMapper\": \"hardcoded-user-session-attribute-idp-mapper\",\n \"config\": {\n \"syncMode\": \"INHERIT\"\n }\n }\n ],\n \"internationalizationEnabled\": false,\n \"supportedLocales\": [],\n \"browserFlow\": \"browser\",\n \"registrationFlow\": \"registration\",\n \"directGrantFlow\": \"direct grant\",\n \"resetCredentialsFlow\": \"reset credentials\",\n \"clientAuthenticationFlow\": \"clients\",\n \"dockerAuthenticationFlow\": \"docker auth\",\n \"attributes\": {},\n \"userManagedAccessAllowed\": false\n}" - }, - "url": { - "raw": "{{keycloak_url}}/admin/realms", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms" - ] - }, - "description": "Add realm" - }, - "response": [] - }, - { - "name": "Update realm [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "PUT", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json" - } - ], - "body": { - "mode": "raw", - "raw": "{\n \"id\": \"heroes\",\n \"realm\": \"heroes\",\n \"notBefore\": 0,\n \"revokeRefreshToken\": false,\n \"refreshTokenMaxReuse\": 0,\n \"accessTokenLifespan\": 300,\n \"accessTokenLifespanForImplicitFlow\": 900,\n \"ssoSessionIdleTimeout\": 1800,\n \"ssoSessionMaxLifespan\": 36000,\n \"ssoSessionIdleTimeoutRememberMe\": 0,\n \"ssoSessionMaxLifespanRememberMe\": 0,\n \"offlineSessionIdleTimeout\": 2592000,\n \"offlineSessionMaxLifespanEnabled\": false,\n \"offlineSessionMaxLifespan\": 5184000,\n \"clientSessionIdleTimeout\": 0,\n \"clientSessionMaxLifespan\": 0,\n \"accessCodeLifespan\": 60,\n \"accessCodeLifespanUserAction\": 300,\n \"accessCodeLifespanLogin\": 1800,\n \"actionTokenGeneratedByAdminLifespan\": 43200,\n \"actionTokenGeneratedByUserLifespan\": 300,\n \"enabled\": true,\n \"sslRequired\": \"external\",\n \"registrationAllowed\": false,\n \"registrationEmailAsUsername\": false,\n \"rememberMe\": false,\n \"verifyEmail\": false,\n \"loginWithEmailAllowed\": true,\n \"duplicateEmailsAllowed\": false,\n \"resetPasswordAllowed\": false,\n \"editUsernameAllowed\": false,\n \"bruteForceProtected\": false,\n \"permanentLockout\": false,\n \"maxFailureWaitSeconds\": 900,\n \"minimumQuickLoginWaitSeconds\": 60,\n \"waitIncrementSeconds\": 60,\n \"quickLoginCheckMilliSeconds\": 1000,\n \"maxDeltaTimeSeconds\": 43200,\n \"failureFactor\": 30,\n \"defaultRoles\": [\n \"offline_access\",\n \"uma_authorization\"\n ],\n \"requiredCredentials\": [\n \"password\"\n ],\n \"otpPolicyType\": \"totp\",\n \"otpPolicyAlgorithm\": \"HmacSHA1\",\n \"otpPolicyInitialCounter\": 0,\n \"otpPolicyDigits\": 6,\n \"otpPolicyLookAheadWindow\": 1,\n \"otpPolicyPeriod\": 30,\n \"otpSupportedApplications\": [\n \"FreeOTP\",\n \"Google Authenticator\"\n ],\n \"webAuthnPolicyRpEntityName\": \"keycloak\",\n \"webAuthnPolicySignatureAlgorithms\": [\n \"ES256\"\n ],\n \"webAuthnPolicyRpId\": \"\",\n \"webAuthnPolicyAttestationConveyancePreference\": \"not specified\",\n \"webAuthnPolicyAuthenticatorAttachment\": \"not specified\",\n \"webAuthnPolicyRequireResidentKey\": \"not specified\",\n \"webAuthnPolicyUserVerificationRequirement\": \"not specified\",\n \"webAuthnPolicyCreateTimeout\": 0,\n \"webAuthnPolicyAvoidSameAuthenticatorRegister\": false,\n \"webAuthnPolicyAcceptableAaguids\": [],\n \"webAuthnPolicyPasswordlessRpEntityName\": \"keycloak\",\n \"webAuthnPolicyPasswordlessSignatureAlgorithms\": [\n \"ES256\"\n ],\n \"webAuthnPolicyPasswordlessRpId\": \"\",\n \"webAuthnPolicyPasswordlessAttestationConveyancePreference\": \"not specified\",\n \"webAuthnPolicyPasswordlessAuthenticatorAttachment\": \"not specified\",\n \"webAuthnPolicyPasswordlessRequireResidentKey\": \"not specified\",\n \"webAuthnPolicyPasswordlessUserVerificationRequirement\": \"not specified\",\n \"webAuthnPolicyPasswordlessCreateTimeout\": 0,\n \"webAuthnPolicyPasswordlessAvoidSameAuthenticatorRegister\": false,\n \"webAuthnPolicyPasswordlessAcceptableAaguids\": [],\n \"browserSecurityHeaders\": {\n \"contentSecurityPolicyReportOnly\": \"\",\n \"xContentTypeOptions\": \"nosniff\",\n \"xRobotsTag\": \"none\",\n \"xFrameOptions\": \"SAMEORIGIN\",\n \"contentSecurityPolicy\": \"frame-src 'self'; frame-ancestors 'self'; object-src 'none';\",\n \"xXSSProtection\": \"1; mode=block\",\n \"strictTransportSecurity\": \"max-age=31536000; includeSubDomains\"\n },\n \"smtpServer\": {},\n \"eventsEnabled\": false,\n \"eventsListeners\": [\n \"jboss-logging\"\n ],\n \"enabledEventTypes\": [],\n \"adminEventsEnabled\": false,\n \"adminEventsDetailsEnabled\": false,\n \"identityProviders\": [\n {\n \"alias\": \"keycloak-oidc\",\n \"internalId\": \"d79d0d65-8ee1-47f0-8611-f9e6eea71f20\",\n \"providerId\": \"keycloak-oidc\",\n \"enabled\": true,\n \"updateProfileFirstLoginMode\": \"on\",\n \"trustEmail\": false,\n \"storeToken\": false,\n \"addReadTokenRoleOnCreate\": false,\n \"authenticateByDefault\": false,\n \"linkOnly\": false,\n \"firstBrokerLoginFlowAlias\": \"first broker login\",\n \"config\": {\n \"clientId\": \"ssss\",\n \"tokenUrl\": \"http://localhost\",\n \"authorizationUrl\": \"http://localhost\",\n \"clientAuthMethod\": \"client_secret_basic\",\n \"syncMode\": \"IMPORT\",\n \"clientSecret\": \"assaasa\",\n \"useJwksUrl\": \"true\"\n }\n },\n {\n \"alias\": \"keycloak-oidc-2\",\n \"internalId\": \"7cf3fd74-8d3a-4c8d-b651-fcc885df8a31\",\n \"providerId\": \"keycloak-oidc\",\n \"enabled\": true,\n \"updateProfileFirstLoginMode\": \"on\",\n \"trustEmail\": false,\n \"storeToken\": false,\n \"addReadTokenRoleOnCreate\": false,\n \"authenticateByDefault\": false,\n \"linkOnly\": false,\n \"firstBrokerLoginFlowAlias\": \"first broker login\",\n \"config\": {}\n }\n ],\n \"identityProviderMappers\": [\n {\n \"id\": \"42c7b62d-4383-42c9-a8a0-65519e2c2543\",\n \"name\": \"test-mapper\",\n \"identityProviderAlias\": \"keycloak-oidc2\",\n \"identityProviderMapper\": \"keycloak-oidc\",\n \"config\": {}\n },\n {\n \"id\": \"ea65c956-24c7-4587-8fe7-c07222e3485d\",\n \"name\": \"test\",\n \"identityProviderAlias\": \"keycloak-oidc-2\",\n \"identityProviderMapper\": \"hardcoded-user-session-attribute-idp-mapper\",\n \"config\": {\n \"syncMode\": \"INHERIT\"\n }\n }\n ],\n \"internationalizationEnabled\": false,\n \"supportedLocales\": [],\n \"browserFlow\": \"browser\",\n \"registrationFlow\": \"registration\",\n \"directGrantFlow\": \"direct grant\",\n \"resetCredentialsFlow\": \"reset credentials\",\n \"clientAuthenticationFlow\": \"clients\",\n \"dockerAuthenticationFlow\": \"docker auth\",\n \"attributes\": {},\n \"userManagedAccessAllowed\": false\n}" - }, - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}" - ] - }, - "description": "Update realm" - }, - "response": [] - }, - { - "name": "Delete realm [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "DELETE", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}" - ] - }, - "description": "Delete realm" - }, - "response": [] - }, - { - "name": "Clear keys cache [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "POST", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/clear-keys-cache", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "clear-keys-cache" - ] - }, - "description": "Clear cache of external public keys (Public keys of clients or Identity providers)" - }, - "response": [] - }, - { - "name": "Clear realm cache [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "POST", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/clear-realm-cache", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "clear-realm-cache" - ] - }, - "description": "Clear realm cache" - }, - "response": [] - }, - { - "name": "Clear user cache [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "POST", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/clear-user-cache", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "clear-user-cache" - ] - }, - "description": "Clear user cache\n" - }, - "response": [] - }, - { - "name": "Base path for importing clients under this realm[SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "POST", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "value": "application/json", - "type": "text" - } - ], - "body": { - "mode": "raw", - "raw": "{ \n\t\"description\": \"some description\"\n}\n" - }, - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/client-description-converter", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "client-description-converter" - ] - }, - "description": "Base path for importing clients under this realm.\n" - }, - "response": [] - }, - { - "name": "Get client session stats Returns a JSON map [SAT]", - "protocolProfileBehavior": { - "disableBodyPruning": true - }, - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "value": "application/json", - "type": "text" - } - ], - "body": { - "mode": "raw", - "raw": "{ \n\t\"description\": \"some description\"\n}\n" - }, - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/client-session-stats", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "client-session-stats" - ] - }, - "description": "The key is the client id, the value is the number of sessions that currently are active with that client. Only clients that actually have a session associated with them will be in this map.\n\n\n" - }, - "response": [] - }, - { - "name": "Get credential registrators [SAT]", - "protocolProfileBehavior": { - "disableBodyPruning": true - }, - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "value": "application/json", - "type": "text" - } - ], - "body": { - "mode": "raw", - "raw": "{ \n\t\"description\": \"some description\"\n}\n" - }, - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/credential-registrators", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "credential-registrators" - ] - }, - "description": "Get credential registrators \n" - }, - "response": [] - }, - { - "name": "Get realm default client scopes [SAT]", - "protocolProfileBehavior": { - "disableBodyPruning": true - }, - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "value": "application/json", - "type": "text" - } - ], - "body": { - "mode": "raw", - "raw": "{ \n\t\"description\": \"some description\"\n}\n" - }, - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/default-default-client-scopes", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "default-default-client-scopes" - ] - }, - "description": "Only name and ids are returned.\n\n\n" - }, - "response": [] - }, - { - "name": "Update a realm default client scope [SAT]", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "PUT", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/default-default-client-scopes/{{clientScopeId}}", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "default-default-client-scopes", - "{{clientScopeId}}" - ] - }, - "description": "Update a realm default client scope" - }, - "response": [] - }, - { - "name": "Delete a realm default client scope[SAT]", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "DELETE", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "value": "application/json", - "type": "text", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/default-default-client-scopes/{{clientScopeId}}", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "default-default-client-scopes", - "{{clientScopeId}}" - ] - }, - "description": "Delete a realm default client scope\n\n" - }, - "response": [] - }, - { - "name": "Get group hierarchy [SAT]", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "value": "application/json", - "type": "text", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/default-groups", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "default-groups" - ] - }, - "description": "Get group hierarchy.\n\n\n" - }, - "response": [] - }, - { - "name": "Update group hierarchy [SAT]", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "PUT", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "value": "application/json", - "type": "text", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/default-groups/{{groupId}}", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "default-groups", - "{{groupId}}" - ] - }, - "description": "Update group hierarchy.\n\n\n" - }, - "response": [] - }, - { - "name": "Delete group hierarchy [SAT]", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "DELETE", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "value": "application/json", - "type": "text", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/default-groups/{{groupId}}", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "default-groups", - "{{groupId}}" - ] - }, - "description": "Delete group hierarchy.\n\n\n" - }, - "response": [] - }, - { - "name": "Get realm optional client scopes [SAT]", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "value": "application/json", - "type": "text", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/default-optional-client-scopes", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "default-optional-client-scopes" - ] - }, - "description": "Get realm optional client scopes\n\n\n" - }, - "response": [] - }, - { - "name": "Update realm optional client scopes [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "PUT", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/default-optional-client-scopes/{{realmClientScopeId}}", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "default-optional-client-scopes", - "{{realmClientScopeId}}" - ] - }, - "description": "Update realm optional client scopes\n\n\n" - }, - "response": [] - }, - { - "name": "Delete realm optional client scopes [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "DELETE", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/default-optional-client-scopes/{{realmClientScopeId}}", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "default-optional-client-scopes", - "{{realmClientScopeId}}" - ] - }, - "description": "Delete realm optional client scopes\n\n\n" - }, - "response": [] - }, - { - "name": "Get events [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/events", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "events" - ] - }, - "description": "Get events Returns all events, or filters them based on URL query parameters listed here\n\n\n\n" - }, - "response": [] - }, - { - "name": "Delete events [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "DELETE", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/events", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "events" - ] - }, - "description": "Delete all events\n\n\n\n" - }, - "response": [] - }, - { - "name": "Get events config [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/events/config", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "events", - "config" - ] - }, - "description": "Get the events provider configuration Returns JSON object with events provider configuration\n\n\n\n\n" - }, - "response": [] - }, - { - "name": "Update events config [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "PUT", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json" - } - ], - "body": { - "mode": "raw", - "raw": "{\n \"eventsEnabled\": false,\n \"eventsListeners\": [\n \"jboss-logging\"\n ],\n \"enabledEventTypes\": [\n \"LOGIN\",\n \"LOGIN_ERROR\",\n \"REGISTER\",\n \"REGISTER_ERROR\",\n \"LOGOUT\",\n \"LOGOUT_ERROR\",\n \"CODE_TO_TOKEN\",\n \"CODE_TO_TOKEN_ERROR\",\n \"CLIENT_LOGIN\",\n \"CLIENT_LOGIN_ERROR\",\n \"FEDERATED_IDENTITY_LINK\",\n \"FEDERATED_IDENTITY_LINK_ERROR\",\n \"REMOVE_FEDERATED_IDENTITY\",\n \"REMOVE_FEDERATED_IDENTITY_ERROR\",\n \"UPDATE_EMAIL\",\n \"UPDATE_EMAIL_ERROR\",\n \"UPDATE_PROFILE\",\n \"UPDATE_PROFILE_ERROR\",\n \"UPDATE_PASSWORD\",\n \"UPDATE_PASSWORD_ERROR\",\n \"UPDATE_TOTP\",\n \"UPDATE_TOTP_ERROR\",\n \"VERIFY_EMAIL\",\n \"VERIFY_EMAIL_ERROR\",\n \"REMOVE_TOTP\",\n \"REMOVE_TOTP_ERROR\",\n \"GRANT_CONSENT\",\n \"GRANT_CONSENT_ERROR\",\n \"UPDATE_CONSENT\",\n \"UPDATE_CONSENT_ERROR\",\n \"REVOKE_GRANT\",\n \"REVOKE_GRANT_ERROR\",\n \"SEND_VERIFY_EMAIL\",\n \"SEND_VERIFY_EMAIL_ERROR\",\n \"SEND_RESET_PASSWORD\",\n \"SEND_RESET_PASSWORD_ERROR\",\n \"SEND_IDENTITY_PROVIDER_LINK\",\n \"SEND_IDENTITY_PROVIDER_LINK_ERROR\",\n \"RESET_PASSWORD\",\n \"RESET_PASSWORD_ERROR\",\n \"RESTART_AUTHENTICATION\",\n \"RESTART_AUTHENTICATION_ERROR\",\n \"IDENTITY_PROVIDER_LINK_ACCOUNT\",\n \"IDENTITY_PROVIDER_LINK_ACCOUNT_ERROR\",\n \"IDENTITY_PROVIDER_FIRST_LOGIN\",\n \"IDENTITY_PROVIDER_FIRST_LOGIN_ERROR\",\n \"IDENTITY_PROVIDER_POST_LOGIN\",\n \"IDENTITY_PROVIDER_POST_LOGIN_ERROR\",\n \"IMPERSONATE\",\n \"IMPERSONATE_ERROR\",\n \"CUSTOM_REQUIRED_ACTION\",\n \"CUSTOM_REQUIRED_ACTION_ERROR\",\n \"EXECUTE_ACTIONS\",\n \"EXECUTE_ACTIONS_ERROR\",\n \"EXECUTE_ACTION_TOKEN\",\n \"EXECUTE_ACTION_TOKEN_ERROR\",\n \"CLIENT_REGISTER\",\n \"CLIENT_REGISTER_ERROR\",\n \"CLIENT_UPDATE\",\n \"CLIENT_UPDATE_ERROR\",\n \"CLIENT_DELETE\",\n \"CLIENT_DELETE_ERROR\",\n \"CLIENT_INITIATED_ACCOUNT_LINKING\",\n \"CLIENT_INITIATED_ACCOUNT_LINKING_ERROR\",\n \"TOKEN_EXCHANGE\",\n \"TOKEN_EXCHANGE_ERROR\",\n \"PERMISSION_TOKEN\"\n ],\n \"adminEventsEnabled\": false,\n \"adminEventsDetailsEnabled\": false\n}" - }, - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/events/config", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "events", - "config" - ] - }, - "description": "Update the events provider Change the events provider and/or its configuration\n\n\n\n" - }, - "response": [] - }, - { - "name": "Get group from path [SAT] ", - "protocolProfileBehavior": { - "disableBodyPruning": true - }, - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json" - } - ], - "body": { - "mode": "raw", - "raw": "{\n \"eventsEnabled\": false,\n \"eventsListeners\": [\n \"jboss-logging\"\n ],\n \"enabledEventTypes\": [\n \"LOGIN\",\n \"LOGIN_ERROR\",\n \"REGISTER\",\n \"REGISTER_ERROR\",\n \"LOGOUT\",\n \"LOGOUT_ERROR\",\n \"CODE_TO_TOKEN\",\n \"CODE_TO_TOKEN_ERROR\",\n \"CLIENT_LOGIN\",\n \"CLIENT_LOGIN_ERROR\",\n \"FEDERATED_IDENTITY_LINK\",\n \"FEDERATED_IDENTITY_LINK_ERROR\",\n \"REMOVE_FEDERATED_IDENTITY\",\n \"REMOVE_FEDERATED_IDENTITY_ERROR\",\n \"UPDATE_EMAIL\",\n \"UPDATE_EMAIL_ERROR\",\n \"UPDATE_PROFILE\",\n \"UPDATE_PROFILE_ERROR\",\n \"UPDATE_PASSWORD\",\n \"UPDATE_PASSWORD_ERROR\",\n \"UPDATE_TOTP\",\n \"UPDATE_TOTP_ERROR\",\n \"VERIFY_EMAIL\",\n \"VERIFY_EMAIL_ERROR\",\n \"REMOVE_TOTP\",\n \"REMOVE_TOTP_ERROR\",\n \"GRANT_CONSENT\",\n \"GRANT_CONSENT_ERROR\",\n \"UPDATE_CONSENT\",\n \"UPDATE_CONSENT_ERROR\",\n \"REVOKE_GRANT\",\n \"REVOKE_GRANT_ERROR\",\n \"SEND_VERIFY_EMAIL\",\n \"SEND_VERIFY_EMAIL_ERROR\",\n \"SEND_RESET_PASSWORD\",\n \"SEND_RESET_PASSWORD_ERROR\",\n \"SEND_IDENTITY_PROVIDER_LINK\",\n \"SEND_IDENTITY_PROVIDER_LINK_ERROR\",\n \"RESET_PASSWORD\",\n \"RESET_PASSWORD_ERROR\",\n \"RESTART_AUTHENTICATION\",\n \"RESTART_AUTHENTICATION_ERROR\",\n \"IDENTITY_PROVIDER_LINK_ACCOUNT\",\n \"IDENTITY_PROVIDER_LINK_ACCOUNT_ERROR\",\n \"IDENTITY_PROVIDER_FIRST_LOGIN\",\n \"IDENTITY_PROVIDER_FIRST_LOGIN_ERROR\",\n \"IDENTITY_PROVIDER_POST_LOGIN\",\n \"IDENTITY_PROVIDER_POST_LOGIN_ERROR\",\n \"IMPERSONATE\",\n \"IMPERSONATE_ERROR\",\n \"CUSTOM_REQUIRED_ACTION\",\n \"CUSTOM_REQUIRED_ACTION_ERROR\",\n \"EXECUTE_ACTIONS\",\n \"EXECUTE_ACTIONS_ERROR\",\n \"EXECUTE_ACTION_TOKEN\",\n \"EXECUTE_ACTION_TOKEN_ERROR\",\n \"CLIENT_REGISTER\",\n \"CLIENT_REGISTER_ERROR\",\n \"CLIENT_UPDATE\",\n \"CLIENT_UPDATE_ERROR\",\n \"CLIENT_DELETE\",\n \"CLIENT_DELETE_ERROR\",\n \"CLIENT_INITIATED_ACCOUNT_LINKING\",\n \"CLIENT_INITIATED_ACCOUNT_LINKING_ERROR\",\n \"TOKEN_EXCHANGE\",\n \"TOKEN_EXCHANGE_ERROR\",\n \"PERMISSION_TOKEN\"\n ],\n \"adminEventsEnabled\": false,\n \"adminEventsDetailsEnabled\": false\n}" - }, - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/group-by-path/dc", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "group-by-path", - "dc" - ] - }, - "description": "Get group from path \n\n\n\n" - }, - "response": [] - }, - { - "name": "Logout all users from session [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "POST", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/logout-all", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "logout-all" - ] - }, - "description": "Any client that has an admin url will also be told to invalidate any sessions they have.\n\n\n\n" - }, - "response": [] - }, - { - "name": "Partial export of existing realm into a JSON file [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "POST", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json" - } - ], - "body": { - "mode": "raw", - "raw": "{\n \"exportClients\": true,\n \"exportGroupsAndRoles\": true\n}" - }, - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/partial-export", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "partial-export" - ] - }, - "description": "Partial export of existing realm into a JSON file.\n\n\n\n" - }, - "response": [] - }, - { - "name": "Partial import from a JSON file to an existing realm [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "POST", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json" - } - ], - "body": { - "mode": "raw", - "raw": "{\n \"id\": \"heroes\",\n \"realm\": \"heroes\",\n \"notBefore\": 1589105644,\n \"revokeRefreshToken\": false,\n \"refreshTokenMaxReuse\": 0,\n \"accessTokenLifespan\": 300,\n \"accessTokenLifespanForImplicitFlow\": 900,\n \"ssoSessionIdleTimeout\": 1800,\n \"ssoSessionMaxLifespan\": 36000,\n \"ssoSessionIdleTimeoutRememberMe\": 0,\n \"ssoSessionMaxLifespanRememberMe\": 0,\n \"offlineSessionIdleTimeout\": 2592000,\n \"offlineSessionMaxLifespanEnabled\": false,\n \"offlineSessionMaxLifespan\": 5184000,\n \"clientSessionIdleTimeout\": 0,\n \"clientSessionMaxLifespan\": 0,\n \"accessCodeLifespan\": 60,\n \"accessCodeLifespanUserAction\": 300,\n \"accessCodeLifespanLogin\": 1800,\n \"actionTokenGeneratedByAdminLifespan\": 43200,\n \"actionTokenGeneratedByUserLifespan\": 300,\n \"enabled\": true,\n \"sslRequired\": \"external\",\n \"registrationAllowed\": false,\n \"registrationEmailAsUsername\": false,\n \"rememberMe\": false,\n \"verifyEmail\": false,\n \"loginWithEmailAllowed\": true,\n \"duplicateEmailsAllowed\": false,\n \"resetPasswordAllowed\": false,\n \"editUsernameAllowed\": false,\n \"bruteForceProtected\": false,\n \"permanentLockout\": false,\n \"maxFailureWaitSeconds\": 900,\n \"minimumQuickLoginWaitSeconds\": 60,\n \"waitIncrementSeconds\": 60,\n \"quickLoginCheckMilliSeconds\": 1000,\n \"maxDeltaTimeSeconds\": 43200,\n \"failureFactor\": 30,\n \"defaultRoles\": [\n \"offline_access\",\n \"uma_authorization\"\n ],\n \"requiredCredentials\": [\n \"password\"\n ],\n \"otpPolicyType\": \"totp\",\n \"otpPolicyAlgorithm\": \"HmacSHA1\",\n \"otpPolicyInitialCounter\": 0,\n \"otpPolicyDigits\": 6,\n \"otpPolicyLookAheadWindow\": 1,\n \"otpPolicyPeriod\": 30,\n \"otpSupportedApplications\": [\n \"FreeOTP\",\n \"Google Authenticator\"\n ],\n \"webAuthnPolicyRpEntityName\": \"keycloak\",\n \"webAuthnPolicySignatureAlgorithms\": [\n \"ES256\"\n ],\n \"webAuthnPolicyRpId\": \"\",\n \"webAuthnPolicyAttestationConveyancePreference\": \"not specified\",\n \"webAuthnPolicyAuthenticatorAttachment\": \"not specified\",\n \"webAuthnPolicyRequireResidentKey\": \"not specified\",\n \"webAuthnPolicyUserVerificationRequirement\": \"not specified\",\n \"webAuthnPolicyCreateTimeout\": 0,\n \"webAuthnPolicyAvoidSameAuthenticatorRegister\": false,\n \"webAuthnPolicyAcceptableAaguids\": [],\n \"webAuthnPolicyPasswordlessRpEntityName\": \"keycloak\",\n \"webAuthnPolicyPasswordlessSignatureAlgorithms\": [\n \"ES256\"\n ],\n \"webAuthnPolicyPasswordlessRpId\": \"\",\n \"webAuthnPolicyPasswordlessAttestationConveyancePreference\": \"not specified\",\n \"webAuthnPolicyPasswordlessAuthenticatorAttachment\": \"not specified\",\n \"webAuthnPolicyPasswordlessRequireResidentKey\": \"not specified\",\n \"webAuthnPolicyPasswordlessUserVerificationRequirement\": \"not specified\",\n \"webAuthnPolicyPasswordlessCreateTimeout\": 0,\n \"webAuthnPolicyPasswordlessAvoidSameAuthenticatorRegister\": false,\n \"webAuthnPolicyPasswordlessAcceptableAaguids\": [],\n \"scopeMappings\": [\n {\n \"clientScope\": \"offline_access\",\n \"roles\": [\n \"offline_access\"\n ]\n }\n ],\n \"clientScopes\": [\n {\n \"id\": \"c428dc50-0677-44ff-aee8-a3568046fd30\",\n \"name\": \"address\",\n \"description\": \"OpenID Connect built-in scope: address\",\n \"protocol\": \"openid-connect\",\n \"attributes\": {\n \"include.in.token.scope\": \"true\",\n \"display.on.consent.screen\": \"true\",\n \"consent.screen.text\": \"${addressScopeConsentText}\"\n },\n \"protocolMappers\": [\n {\n \"id\": \"b8adec7c-78a4-447d-a1f6-07945407de39\",\n \"name\": \"address\",\n \"protocol\": \"openid-connect\",\n \"protocolMapper\": \"oidc-address-mapper\",\n \"consentRequired\": false,\n \"config\": {\n \"user.attribute.formatted\": \"formatted\",\n \"user.attribute.country\": \"country\",\n \"user.attribute.postal_code\": \"postal_code\",\n \"userinfo.token.claim\": \"true\",\n \"user.attribute.street\": \"street\",\n \"id.token.claim\": \"true\",\n \"user.attribute.region\": \"region\",\n \"access.token.claim\": \"true\",\n \"user.attribute.locality\": \"locality\"\n }\n }\n ]\n },\n {\n \"id\": \"4f841085-b7be-4596-b99b-15422e16bf0b\",\n \"name\": \"email\",\n \"description\": \"OpenID Connect built-in scope: email +\",\n \"protocol\": \"openid-connect\",\n \"attributes\": {\n \"include.in.token.scope\": \"true\",\n \"display.on.consent.screen\": \"true\",\n \"consent.screen.text\": \"${emailScopeConsentText}\"\n },\n \"protocolMappers\": [\n {\n \"id\": \"62224d4c-7181-4790-a3c9-71cdbf1516a5\",\n \"name\": \"email\",\n \"protocol\": \"openid-connect\",\n \"protocolMapper\": \"oidc-usermodel-property-mapper\",\n \"consentRequired\": false,\n \"config\": {\n \"userinfo.token.claim\": \"true\",\n \"user.attribute\": \"email\",\n \"id.token.claim\": \"true\",\n \"access.token.claim\": \"true\",\n \"claim.name\": \"email\",\n \"jsonType.label\": \"String\"\n }\n },\n {\n \"id\": \"af6262f6-6b60-4e47-899e-248ebbe55705\",\n \"name\": \"protocol-mapper-2\",\n \"protocol\": \"openid-connect\",\n \"protocolMapper\": \"oidc-usermodel-property-mapper\",\n \"consentRequired\": false,\n \"config\": {}\n },\n {\n \"id\": \"e7b52fef-f525-4314-abf3-267d9f48082e\",\n \"name\": \"email verified\",\n \"protocol\": \"openid-connect\",\n \"protocolMapper\": \"oidc-usermodel-property-mapper\",\n \"consentRequired\": false,\n \"config\": {\n \"userinfo.token.claim\": \"true\",\n \"user.attribute\": \"emailVerified\",\n \"id.token.claim\": \"true\",\n \"access.token.claim\": \"true\",\n \"claim.name\": \"email_verified\",\n \"jsonType.label\": \"boolean\"\n }\n },\n {\n \"id\": \"ab13e658-d258-483a-b6d2-93cd7f45672d\",\n \"name\": \"protocol-mapper\",\n \"protocol\": \"openid-connect\",\n \"protocolMapper\": \"oidc-usermodel-property-mapper\",\n \"consentRequired\": false,\n \"config\": {}\n }\n ]\n },\n {\n \"id\": \"51925c34-1804-4159-a970-e1a65d3323c0\",\n \"name\": \"microprofile-jwt\",\n \"description\": \"Microprofile - JWT built-in scope\",\n \"protocol\": \"openid-connect\",\n \"attributes\": {\n \"include.in.token.scope\": \"true\",\n \"display.on.consent.screen\": \"false\"\n },\n \"protocolMappers\": [\n {\n \"id\": \"cccf4cd9-401d-48e9-ae86-5c2bf720220f\",\n \"name\": \"groups\",\n \"protocol\": \"openid-connect\",\n \"protocolMapper\": \"oidc-usermodel-realm-role-mapper\",\n \"consentRequired\": false,\n \"config\": {\n \"multivalued\": \"true\",\n \"user.attribute\": \"foo\",\n \"id.token.claim\": \"true\",\n \"access.token.claim\": \"true\",\n \"claim.name\": \"groups\",\n \"jsonType.label\": \"String\"\n }\n },\n {\n \"id\": \"b00e8121-fb23-44fa-9592-09e6d3650436\",\n \"name\": \"upn\",\n \"protocol\": \"openid-connect\",\n \"protocolMapper\": \"oidc-usermodel-property-mapper\",\n \"consentRequired\": false,\n \"config\": {\n \"userinfo.token.claim\": \"true\",\n \"user.attribute\": \"username\",\n \"id.token.claim\": \"true\",\n \"access.token.claim\": \"true\",\n \"claim.name\": \"upn\",\n \"jsonType.label\": \"String\"\n }\n }\n ]\n },\n {\n \"id\": \"42eb8c36-025e-424a-b43e-3e67305db9cb\",\n \"name\": \"offline_access\",\n \"description\": \"OpenID Connect built-in scope: offline_access\",\n \"protocol\": \"openid-connect\",\n \"attributes\": {\n \"consent.screen.text\": \"${offlineAccessScopeConsentText}\",\n \"display.on.consent.screen\": \"true\"\n }\n },\n {\n \"id\": \"22369324-bf37-426e-8704-f648f62d27f8\",\n \"name\": \"phone\",\n \"description\": \"OpenID Connect built-in scope: phone\",\n \"protocol\": \"openid-connect\",\n \"attributes\": {\n \"include.in.token.scope\": \"true\",\n \"display.on.consent.screen\": \"true\",\n \"consent.screen.text\": \"${phoneScopeConsentText}\"\n },\n \"protocolMappers\": [\n {\n \"id\": \"d7d5a1cc-f343-49b3-aa46-b42e6b274e83\",\n \"name\": \"phone number verified\",\n \"protocol\": \"openid-connect\",\n \"protocolMapper\": \"oidc-usermodel-attribute-mapper\",\n \"consentRequired\": false,\n \"config\": {\n \"userinfo.token.claim\": \"true\",\n \"user.attribute\": \"phoneNumberVerified\",\n \"id.token.claim\": \"true\",\n \"access.token.claim\": \"true\",\n \"claim.name\": \"phone_number_verified\",\n \"jsonType.label\": \"boolean\"\n }\n },\n {\n \"id\": \"d41cc5c8-9401-491f-adea-b5806c3adacd\",\n \"name\": \"phone number\",\n \"protocol\": \"openid-connect\",\n \"protocolMapper\": \"oidc-usermodel-attribute-mapper\",\n \"consentRequired\": false,\n \"config\": {\n \"userinfo.token.claim\": \"true\",\n \"user.attribute\": \"phoneNumber\",\n \"id.token.claim\": \"true\",\n \"access.token.claim\": \"true\",\n \"claim.name\": \"phone_number\",\n \"jsonType.label\": \"String\"\n }\n }\n ]\n },\n {\n \"id\": \"082e427a-aef5-4461-b8c3-970a90991b1e\",\n \"name\": \"profile\",\n \"description\": \"OpenID Connect built-in scope: profile\",\n \"protocol\": \"openid-connect\",\n \"attributes\": {\n \"include.in.token.scope\": \"true\",\n \"display.on.consent.screen\": \"true\",\n \"consent.screen.text\": \"${profileScopeConsentText}\"\n },\n \"protocolMappers\": [\n {\n \"id\": \"a322869a-9430-4aa9-b8b0-29bed1905160\",\n \"name\": \"locale\",\n \"protocol\": \"openid-connect\",\n \"protocolMapper\": \"oidc-usermodel-attribute-mapper\",\n \"consentRequired\": false,\n \"config\": {\n \"userinfo.token.claim\": \"true\",\n \"user.attribute\": \"locale\",\n \"id.token.claim\": \"true\",\n \"access.token.claim\": \"true\",\n \"claim.name\": \"locale\",\n \"jsonType.label\": \"String\"\n }\n },\n {\n \"id\": \"62e05562-a7e4-40a6-954e-13473ceb34c2\",\n \"name\": \"given name\",\n \"protocol\": \"openid-connect\",\n \"protocolMapper\": \"oidc-usermodel-property-mapper\",\n \"consentRequired\": false,\n \"config\": {\n \"userinfo.token.claim\": \"true\",\n \"user.attribute\": \"firstName\",\n \"id.token.claim\": \"true\",\n \"access.token.claim\": \"true\",\n \"claim.name\": \"given_name\",\n \"jsonType.label\": \"String\"\n }\n },\n {\n \"id\": \"9a98e8d2-238d-40da-b07c-968bc494ad5f\",\n \"name\": \"nickname\",\n \"protocol\": \"openid-connect\",\n \"protocolMapper\": \"oidc-usermodel-attribute-mapper\",\n \"consentRequired\": false,\n \"config\": {\n \"userinfo.token.claim\": \"true\",\n \"user.attribute\": \"nickname\",\n \"id.token.claim\": \"true\",\n \"access.token.claim\": \"true\",\n \"claim.name\": \"nickname\",\n \"jsonType.label\": \"String\"\n }\n },\n {\n \"id\": \"4ea62cf5-f2be-449b-8e62-19d82ee3bf25\",\n \"name\": \"gender\",\n \"protocol\": \"openid-connect\",\n \"protocolMapper\": \"oidc-usermodel-attribute-mapper\",\n \"consentRequired\": false,\n \"config\": {\n \"userinfo.token.claim\": \"true\",\n \"user.attribute\": \"gender\",\n \"id.token.claim\": \"true\",\n \"access.token.claim\": \"true\",\n \"claim.name\": \"gender\",\n \"jsonType.label\": \"String\"\n }\n },\n {\n \"id\": \"8003e7da-6bbe-41cb-b44a-8ae5fb5305e0\",\n \"name\": \"full name\",\n \"protocol\": \"openid-connect\",\n \"protocolMapper\": \"oidc-full-name-mapper\",\n \"consentRequired\": false,\n \"config\": {\n \"id.token.claim\": \"true\",\n \"access.token.claim\": \"true\",\n \"userinfo.token.claim\": \"true\"\n }\n },\n {\n \"id\": \"30e14266-1aeb-4a59-a337-3e6393a4a111\",\n \"name\": \"family name\",\n \"protocol\": \"openid-connect\",\n \"protocolMapper\": \"oidc-usermodel-property-mapper\",\n \"consentRequired\": false,\n \"config\": {\n \"userinfo.token.claim\": \"true\",\n \"user.attribute\": \"lastName\",\n \"id.token.claim\": \"true\",\n \"access.token.claim\": \"true\",\n \"claim.name\": \"family_name\",\n \"jsonType.label\": \"String\"\n }\n },\n {\n \"id\": \"c1d92d15-7d19-4260-af10-37a69b9cd193\",\n \"name\": \"website\",\n \"protocol\": \"openid-connect\",\n \"protocolMapper\": \"oidc-usermodel-attribute-mapper\",\n \"consentRequired\": false,\n \"config\": {\n \"userinfo.token.claim\": \"true\",\n \"user.attribute\": \"website\",\n \"id.token.claim\": \"true\",\n \"access.token.claim\": \"true\",\n \"claim.name\": \"website\",\n \"jsonType.label\": \"String\"\n }\n },\n {\n \"id\": \"5a559fe9-a688-4d6f-9b0f-aa03f041e3e3\",\n \"name\": \"birthdate\",\n \"protocol\": \"openid-connect\",\n \"protocolMapper\": \"oidc-usermodel-attribute-mapper\",\n \"consentRequired\": false,\n \"config\": {\n \"userinfo.token.claim\": \"true\",\n \"user.attribute\": \"birthdate\",\n \"id.token.claim\": \"true\",\n \"access.token.claim\": \"true\",\n \"claim.name\": \"birthdate\",\n \"jsonType.label\": \"String\"\n }\n },\n {\n \"id\": \"1cdde753-3ee5-441b-8df2-60da7ecca9d6\",\n \"name\": \"profile\",\n \"protocol\": \"openid-connect\",\n \"protocolMapper\": \"oidc-usermodel-attribute-mapper\",\n \"consentRequired\": false,\n \"config\": {\n \"userinfo.token.claim\": \"true\",\n \"user.attribute\": \"profile\",\n \"id.token.claim\": \"true\",\n \"access.token.claim\": \"true\",\n \"claim.name\": \"profile\",\n \"jsonType.label\": \"String\"\n }\n },\n {\n \"id\": \"6308310b-daee-461f-9eba-b8c922c04dfd\",\n \"name\": \"middle name\",\n \"protocol\": \"openid-connect\",\n \"protocolMapper\": \"oidc-usermodel-attribute-mapper\",\n \"consentRequired\": false,\n \"config\": {\n \"userinfo.token.claim\": \"true\",\n \"user.attribute\": \"middleName\",\n \"id.token.claim\": \"true\",\n \"access.token.claim\": \"true\",\n \"claim.name\": \"middle_name\",\n \"jsonType.label\": \"String\"\n }\n },\n {\n \"id\": \"b2871f34-48d3-437a-aa40-7c293ce63827\",\n \"name\": \"updated at\",\n \"protocol\": \"openid-connect\",\n \"protocolMapper\": \"oidc-usermodel-attribute-mapper\",\n \"consentRequired\": false,\n \"config\": {\n \"userinfo.token.claim\": \"true\",\n \"user.attribute\": \"updatedAt\",\n \"id.token.claim\": \"true\",\n \"access.token.claim\": \"true\",\n \"claim.name\": \"updated_at\",\n \"jsonType.label\": \"String\"\n }\n },\n {\n \"id\": \"45edbce1-716c-47c1-b1ca-28124ada1e9d\",\n \"name\": \"picture\",\n \"protocol\": \"openid-connect\",\n \"protocolMapper\": \"oidc-usermodel-attribute-mapper\",\n \"consentRequired\": false,\n \"config\": {\n \"userinfo.token.claim\": \"true\",\n \"user.attribute\": \"picture\",\n \"id.token.claim\": \"true\",\n \"access.token.claim\": \"true\",\n \"claim.name\": \"picture\",\n \"jsonType.label\": \"String\"\n }\n },\n {\n \"id\": \"609d8572-b194-4a2a-bc97-d9aecd26daaa\",\n \"name\": \"zoneinfo\",\n \"protocol\": \"openid-connect\",\n \"protocolMapper\": \"oidc-usermodel-attribute-mapper\",\n \"consentRequired\": false,\n \"config\": {\n \"userinfo.token.claim\": \"true\",\n \"user.attribute\": \"zoneinfo\",\n \"id.token.claim\": \"true\",\n \"access.token.claim\": \"true\",\n \"claim.name\": \"zoneinfo\",\n \"jsonType.label\": \"String\"\n }\n },\n {\n \"id\": \"ac373d8f-539c-4242-bdbe-def6b32a8582\",\n \"name\": \"username\",\n \"protocol\": \"openid-connect\",\n \"protocolMapper\": \"oidc-usermodel-property-mapper\",\n \"consentRequired\": false,\n \"config\": {\n \"userinfo.token.claim\": \"true\",\n \"user.attribute\": \"username\",\n \"id.token.claim\": \"true\",\n \"access.token.claim\": \"true\",\n \"claim.name\": \"preferred_username\",\n \"jsonType.label\": \"String\"\n }\n }\n ]\n },\n {\n \"id\": \"393eed37-8c38-4b75-aaac-c3e950cf43fc\",\n \"name\": \"role_list\",\n \"description\": \"SAML role list\",\n \"protocol\": \"saml\",\n \"attributes\": {\n \"consent.screen.text\": \"${samlRoleListScopeConsentText}\",\n \"display.on.consent.screen\": \"true\"\n },\n \"protocolMappers\": [\n {\n \"id\": \"7794d99d-0738-49c9-8b75-8acb188a78e5\",\n \"name\": \"role list\",\n \"protocol\": \"saml\",\n \"protocolMapper\": \"saml-role-list-mapper\",\n \"consentRequired\": false,\n \"config\": {\n \"single\": \"false\",\n \"attribute.nameformat\": \"Basic\",\n \"attribute.name\": \"Role\"\n }\n }\n ]\n },\n {\n \"id\": \"c799cfa9-fc42-4cf5-8cb2-b1730c4ec012\",\n \"name\": \"roles\",\n \"description\": \"OpenID Connect scope for add user roles to the access token\",\n \"protocol\": \"openid-connect\",\n \"attributes\": {\n \"include.in.token.scope\": \"false\",\n \"display.on.consent.screen\": \"true\",\n \"consent.screen.text\": \"${rolesScopeConsentText}\"\n },\n \"protocolMappers\": [\n {\n \"id\": \"efdc6358-b579-4600-8b66-b48a918c041f\",\n \"name\": \"client roles\",\n \"protocol\": \"openid-connect\",\n \"protocolMapper\": \"oidc-usermodel-client-role-mapper\",\n \"consentRequired\": false,\n \"config\": {\n \"multivalued\": \"true\",\n \"user.attribute\": \"foo\",\n \"access.token.claim\": \"true\",\n \"claim.name\": \"resource_access.${client_id}.roles\",\n \"jsonType.label\": \"String\"\n }\n },\n {\n \"id\": \"c1c51bdd-7165-4b8f-8ba2-eccb9dc32c17\",\n \"name\": \"audience resolve\",\n \"protocol\": \"openid-connect\",\n \"protocolMapper\": \"oidc-audience-resolve-mapper\",\n \"consentRequired\": false,\n \"config\": {}\n },\n {\n \"id\": \"c57a0d2e-d119-4ed3-ac27-2d83f86c066c\",\n \"name\": \"realm roles\",\n \"protocol\": \"openid-connect\",\n \"protocolMapper\": \"oidc-usermodel-realm-role-mapper\",\n \"consentRequired\": false,\n \"config\": {\n \"multivalued\": \"true\",\n \"user.attribute\": \"foo\",\n \"access.token.claim\": \"true\",\n \"claim.name\": \"realm_access.roles\",\n \"jsonType.label\": \"String\"\n }\n }\n ]\n },\n {\n \"id\": \"59df1f86-bf4b-4962-bc96-c64ed8f93327\",\n \"name\": \"test-client-scope\",\n \"protocol\": \"openid-connect\",\n \"attributes\": {\n \"include.in.token.scope\": \"true\",\n \"display.on.consent.screen\": \"true\"\n }\n },\n {\n \"id\": \"3a4f0249-9131-40c1-b8f4-027a778af023\",\n \"name\": \"web-origins\",\n \"description\": \"OpenID Connect scope for add allowed web origins to the access token\",\n \"protocol\": \"openid-connect\",\n \"attributes\": {\n \"include.in.token.scope\": \"false\",\n \"display.on.consent.screen\": \"false\",\n \"consent.screen.text\": \"\"\n },\n \"protocolMappers\": [\n {\n \"id\": \"2b84bf32-ed3f-4053-add2-d30eff142db0\",\n \"name\": \"allowed web origins\",\n \"protocol\": \"openid-connect\",\n \"protocolMapper\": \"oidc-allowed-origins-mapper\",\n \"consentRequired\": false,\n \"config\": {}\n }\n ]\n }\n ],\n \"defaultDefaultClientScopes\": [\n \"profile\",\n \"role_list\",\n \"web-origins\",\n \"email\",\n \"roles\"\n ],\n \"defaultOptionalClientScopes\": [\n \"phone\",\n \"offline_access\",\n \"microprofile-jwt\",\n \"test-client-scope\",\n \"address\"\n ],\n \"browserSecurityHeaders\": {\n \"contentSecurityPolicyReportOnly\": \"\",\n \"xContentTypeOptions\": \"nosniff\",\n \"xRobotsTag\": \"none\",\n \"xFrameOptions\": \"SAMEORIGIN\",\n \"contentSecurityPolicy\": \"frame-src 'self'; frame-ancestors 'self'; object-src 'none';\",\n \"xXSSProtection\": \"1; mode=block\",\n \"strictTransportSecurity\": \"max-age=31536000; includeSubDomains\"\n },\n \"smtpServer\": {},\n \"eventsEnabled\": false,\n \"eventsListeners\": [\n \"jboss-logging\"\n ],\n \"enabledEventTypes\": [],\n \"adminEventsEnabled\": false,\n \"adminEventsDetailsEnabled\": false,\n \"identityProviders\": [\n {\n \"alias\": \"keycloak-oidc\",\n \"internalId\": \"d79d0d65-8ee1-47f0-8611-f9e6eea71f20\",\n \"providerId\": \"keycloak-oidc\",\n \"enabled\": true,\n \"updateProfileFirstLoginMode\": \"on\",\n \"trustEmail\": false,\n \"storeToken\": false,\n \"addReadTokenRoleOnCreate\": false,\n \"authenticateByDefault\": false,\n \"linkOnly\": false,\n \"firstBrokerLoginFlowAlias\": \"first broker login\",\n \"config\": {\n \"clientId\": \"ssss\",\n \"tokenUrl\": \"http://localhost\",\n \"authorizationUrl\": \"http://localhost\",\n \"clientAuthMethod\": \"client_secret_basic\",\n \"syncMode\": \"IMPORT\",\n \"clientSecret\": \"**********\",\n \"useJwksUrl\": \"true\"\n }\n },\n {\n \"alias\": \"keycloak-oidc-2\",\n \"internalId\": \"7cf3fd74-8d3a-4c8d-b651-fcc885df8a31\",\n \"providerId\": \"keycloak-oidc\",\n \"enabled\": true,\n \"updateProfileFirstLoginMode\": \"on\",\n \"trustEmail\": false,\n \"storeToken\": false,\n \"addReadTokenRoleOnCreate\": false,\n \"authenticateByDefault\": false,\n \"linkOnly\": false,\n \"firstBrokerLoginFlowAlias\": \"first broker login\",\n \"config\": {}\n }\n ],\n \"identityProviderMappers\": [\n {\n \"id\": \"42c7b62d-4383-42c9-a8a0-65519e2c2543\",\n \"name\": \"test-mapper\",\n \"identityProviderAlias\": \"keycloak-oidc2\",\n \"identityProviderMapper\": \"keycloak-oidc\",\n \"config\": {}\n },\n {\n \"id\": \"ea65c956-24c7-4587-8fe7-c07222e3485d\",\n \"name\": \"test\",\n \"identityProviderAlias\": \"keycloak-oidc-2\",\n \"identityProviderMapper\": \"hardcoded-user-session-attribute-idp-mapper\",\n \"config\": {\n \"syncMode\": \"INHERIT\"\n }\n }\n ],\n \"components\": {\n \"org.keycloak.services.clientregistration.policy.ClientRegistrationPolicy\": [\n {\n \"id\": \"858f626c-d3b5-465b-b3ef-1a47deeb33b4\",\n \"name\": \"test\",\n \"providerId\": \"max-clients\",\n \"subType\": \"anonymous\",\n \"subComponents\": {},\n \"config\": {\n \"max-clients\": [\n \"200\"\n ]\n }\n },\n {\n \"id\": \"7a084caa-36f4-4ea4-8dcb-56b1b189c2fa\",\n \"name\": \"Trusted Hosts\",\n \"providerId\": \"trusted-hosts\",\n \"subType\": \"anonymous\",\n \"subComponents\": {},\n \"config\": {\n \"host-sending-registration-request-must-match\": [\n \"true\"\n ],\n \"client-uris-must-match\": [\n \"true\"\n ]\n }\n },\n {\n \"id\": \"94958c8d-2ca3-4680-8367-e187d295d707\",\n \"name\": \"Allowed Client Scopes\",\n \"providerId\": \"allowed-client-templates\",\n \"subType\": \"anonymous\",\n \"subComponents\": {},\n \"config\": {\n \"allow-default-scopes\": [\n \"true\"\n ]\n }\n },\n {\n \"id\": \"a07ec653-9fe9-4c92-a95e-676e6390bb7e\",\n \"name\": \"Full Scope Disabled\",\n \"providerId\": \"scope\",\n \"subType\": \"anonymous\",\n \"subComponents\": {},\n \"config\": {}\n },\n {\n \"id\": \"5fbc94d0-5743-480b-9c55-dfe2631ddcd1\",\n \"name\": \"Allowed Protocol Mapper Types\",\n \"providerId\": \"allowed-protocol-mappers\",\n \"subType\": \"anonymous\",\n \"subComponents\": {},\n \"config\": {\n \"allowed-protocol-mapper-types\": [\n \"oidc-usermodel-property-mapper\",\n \"saml-role-list-mapper\",\n \"oidc-address-mapper\",\n \"oidc-usermodel-attribute-mapper\",\n \"oidc-sha256-pairwise-sub-mapper\",\n \"saml-user-attribute-mapper\",\n \"saml-user-property-mapper\",\n \"oidc-full-name-mapper\"\n ]\n }\n },\n {\n \"id\": \"9790934a-913c-4027-8e9a-0c5b096a8b55\",\n \"name\": \"Allowed Protocol Mapper Types\",\n \"providerId\": \"allowed-protocol-mappers\",\n \"subType\": \"authenticated\",\n \"subComponents\": {},\n \"config\": {\n \"allowed-protocol-mapper-types\": [\n \"oidc-full-name-mapper\",\n \"saml-role-list-mapper\",\n \"saml-user-attribute-mapper\",\n \"oidc-usermodel-attribute-mapper\",\n \"oidc-sha256-pairwise-sub-mapper\",\n \"oidc-address-mapper\",\n \"oidc-usermodel-property-mapper\",\n \"saml-user-property-mapper\"\n ]\n }\n },\n {\n \"id\": \"11951897-c9f1-4f46-9df4-16e05dedd4a2\",\n \"name\": \"Consent Required\",\n \"providerId\": \"consent-required\",\n \"subType\": \"anonymous\",\n \"subComponents\": {},\n \"config\": {}\n },\n {\n \"id\": \"e3f35697-fc92-4d38-80d9-2f643dca22e0\",\n \"name\": \"Allowed Client Scopes\",\n \"providerId\": \"allowed-client-templates\",\n \"subType\": \"authenticated\",\n \"subComponents\": {},\n \"config\": {\n \"allow-default-scopes\": [\n \"true\"\n ]\n }\n },\n {\n \"id\": \"4751745f-877b-4414-80c5-27dbf3dc2e88\",\n \"name\": \"Max Clients Limit\",\n \"providerId\": \"max-clients\",\n \"subType\": \"anonymous\",\n \"subComponents\": {},\n \"config\": {\n \"max-clients\": [\n \"200\"\n ]\n }\n }\n ],\n \"org.keycloak.keys.KeyProvider\": [\n {\n \"id\": \"60ae5de8-bef8-40ad-ab08-ccd72894202e\",\n \"name\": \"hmac-generated\",\n \"providerId\": \"hmac-generated\",\n \"subComponents\": {},\n \"config\": {\n \"priority\": [\n \"100\"\n ],\n \"algorithm\": [\n \"HS256\"\n ]\n }\n },\n {\n \"id\": \"362b0a6a-8a0c-4394-851e-b6ad6be75ea1\",\n \"name\": \"aes-generated\",\n \"providerId\": \"aes-generated\",\n \"subComponents\": {},\n \"config\": {\n \"priority\": [\n \"100\"\n ]\n }\n },\n {\n \"id\": \"5208907e-04f6-43a9-b10f-77042a355be5\",\n \"name\": \"rsa-generated\",\n \"providerId\": \"rsa-generated\",\n \"subComponents\": {},\n \"config\": {\n \"priority\": [\n \"100\"\n ]\n }\n }\n ]\n },\n \"internationalizationEnabled\": false,\n \"supportedLocales\": [],\n \"authenticationFlows\": [\n {\n \"id\": \"5e435b45-5046-410c-86b1-4d0a2593600d\",\n \"alias\": \"Account verification options\",\n \"description\": \"Method with which to verity the existing account\",\n \"providerId\": \"basic-flow\",\n \"topLevel\": false,\n \"builtIn\": true,\n \"authenticationExecutions\": [\n {\n \"authenticator\": \"idp-email-verification\",\n \"requirement\": \"ALTERNATIVE\",\n \"priority\": 10,\n \"userSetupAllowed\": false,\n \"autheticatorFlow\": false\n },\n {\n \"requirement\": \"ALTERNATIVE\",\n \"priority\": 20,\n \"flowAlias\": \"Verify Existing Account by Re-authentication\",\n \"userSetupAllowed\": false,\n \"autheticatorFlow\": true\n }\n ]\n },\n {\n \"id\": \"a1aa24b3-544a-4d04-83ca-ad091df14325\",\n \"alias\": \"Authentication Options\",\n \"description\": \"Authentication options.\",\n \"providerId\": \"basic-flow\",\n \"topLevel\": false,\n \"builtIn\": true,\n \"authenticationExecutions\": [\n {\n \"authenticator\": \"basic-auth\",\n \"requirement\": \"REQUIRED\",\n \"priority\": 10,\n \"userSetupAllowed\": false,\n \"autheticatorFlow\": false\n },\n {\n \"authenticator\": \"basic-auth-otp\",\n \"requirement\": \"DISABLED\",\n \"priority\": 20,\n \"userSetupAllowed\": false,\n \"autheticatorFlow\": false\n },\n {\n \"authenticator\": \"auth-spnego\",\n \"requirement\": \"DISABLED\",\n \"priority\": 30,\n \"userSetupAllowed\": false,\n \"autheticatorFlow\": false\n }\n ]\n },\n {\n \"id\": \"8a496ed5-2356-4716-a195-fff21090ffc1\",\n \"alias\": \"Browser - Conditional OTP\",\n \"description\": \"Flow to determine if the OTP is required for the authentication\",\n \"providerId\": \"basic-flow\",\n \"topLevel\": false,\n \"builtIn\": true,\n \"authenticationExecutions\": [\n {\n \"authenticator\": \"conditional-user-configured\",\n \"requirement\": \"REQUIRED\",\n \"priority\": 10,\n \"userSetupAllowed\": false,\n \"autheticatorFlow\": false\n },\n {\n \"authenticator\": \"auth-otp-form\",\n \"requirement\": \"REQUIRED\",\n \"priority\": 20,\n \"userSetupAllowed\": false,\n \"autheticatorFlow\": false\n }\n ]\n },\n {\n \"id\": \"13383e81-1407-4405-a752-b995c06feea2\",\n \"alias\": \"Copy of browser\",\n \"description\": \"browser based authentication not cool bro\",\n \"providerId\": \"basic-flow\",\n \"topLevel\": true,\n \"builtIn\": false,\n \"authenticationExecutions\": [\n {\n \"authenticator\": \"auth-cookie\",\n \"requirement\": \"ALTERNATIVE\",\n \"priority\": 10,\n \"userSetupAllowed\": false,\n \"autheticatorFlow\": false\n },\n {\n \"authenticator\": \"auth-spnego\",\n \"requirement\": \"DISABLED\",\n \"priority\": 20,\n \"userSetupAllowed\": false,\n \"autheticatorFlow\": false\n },\n {\n \"authenticator\": \"identity-provider-redirector\",\n \"requirement\": \"ALTERNATIVE\",\n \"priority\": 25,\n \"userSetupAllowed\": false,\n \"autheticatorFlow\": false\n },\n {\n \"requirement\": \"ALTERNATIVE\",\n \"priority\": 30,\n \"flowAlias\": \"Copy of browser forms\",\n \"userSetupAllowed\": false,\n \"autheticatorFlow\": true\n }\n ]\n },\n {\n \"id\": \"4df02036-7ead-4411-95c6-57b637be611e\",\n \"alias\": \"Copy of browser Browser - Conditional OTP\",\n \"description\": \"Flow to determine if the OTP is required for the authentication\",\n \"providerId\": \"basic-flow\",\n \"topLevel\": false,\n \"builtIn\": false,\n \"authenticationExecutions\": [\n {\n \"authenticator\": \"conditional-user-configured\",\n \"requirement\": \"REQUIRED\",\n \"priority\": 10,\n \"userSetupAllowed\": false,\n \"autheticatorFlow\": false\n },\n {\n \"authenticator\": \"auth-otp-form\",\n \"requirement\": \"REQUIRED\",\n \"priority\": 20,\n \"userSetupAllowed\": false,\n \"autheticatorFlow\": false\n }\n ]\n },\n {\n \"id\": \"91d600e4-527b-4c10-ac47-f55a5bbddc7c\",\n \"alias\": \"Copy of browser forms\",\n \"description\": \"Username, password, otp and other auth forms.\",\n \"providerId\": \"basic-flow\",\n \"topLevel\": false,\n \"builtIn\": false,\n \"authenticationExecutions\": [\n {\n \"authenticator\": \"auth-username-password-form\",\n \"requirement\": \"REQUIRED\",\n \"priority\": 10,\n \"userSetupAllowed\": false,\n \"autheticatorFlow\": false\n },\n {\n \"requirement\": \"CONDITIONAL\",\n \"priority\": 20,\n \"flowAlias\": \"Copy of browser Browser - Conditional OTP\",\n \"userSetupAllowed\": false,\n \"autheticatorFlow\": true\n }\n ]\n },\n {\n \"id\": \"eeb72b2b-3568-4508-8c02-3de699518177\",\n \"alias\": \"Direct Grant - Conditional OTP\",\n \"description\": \"Flow to determine if the OTP is required for the authentication\",\n \"providerId\": \"basic-flow\",\n \"topLevel\": false,\n \"builtIn\": true,\n \"authenticationExecutions\": [\n {\n \"authenticator\": \"conditional-user-configured\",\n \"requirement\": \"REQUIRED\",\n \"priority\": 10,\n \"userSetupAllowed\": false,\n \"autheticatorFlow\": false\n },\n {\n \"authenticator\": \"direct-grant-validate-otp\",\n \"requirement\": \"REQUIRED\",\n \"priority\": 20,\n \"userSetupAllowed\": false,\n \"autheticatorFlow\": false\n }\n ]\n },\n {\n \"id\": \"4f09238b-c044-48f8-8def-febfabd7abb0\",\n \"alias\": \"First broker login - Conditional OTP\",\n \"description\": \"Flow to determine if the OTP is required for the authentication\",\n \"providerId\": \"basic-flow\",\n \"topLevel\": false,\n \"builtIn\": true,\n \"authenticationExecutions\": [\n {\n \"authenticator\": \"conditional-user-configured\",\n \"requirement\": \"REQUIRED\",\n \"priority\": 10,\n \"userSetupAllowed\": false,\n \"autheticatorFlow\": false\n },\n {\n \"authenticator\": \"auth-otp-form\",\n \"requirement\": \"REQUIRED\",\n \"priority\": 20,\n \"userSetupAllowed\": false,\n \"autheticatorFlow\": false\n }\n ]\n },\n {\n \"id\": \"a525d44c-6261-4b5f-8187-7991357d46b5\",\n \"alias\": \"Handle Existing Account\",\n \"description\": \"Handle what to do if there is existing account with same email/username like authenticated identity provider\",\n \"providerId\": \"basic-flow\",\n \"topLevel\": false,\n \"builtIn\": true,\n \"authenticationExecutions\": [\n {\n \"authenticator\": \"idp-confirm-link\",\n \"requirement\": \"REQUIRED\",\n \"priority\": 10,\n \"userSetupAllowed\": false,\n \"autheticatorFlow\": false\n },\n {\n \"requirement\": \"REQUIRED\",\n \"priority\": 20,\n \"flowAlias\": \"Account verification options\",\n \"userSetupAllowed\": false,\n \"autheticatorFlow\": true\n }\n ]\n },\n {\n \"id\": \"f1e669d0-1b44-44b5-8992-b60ae1958b4c\",\n \"alias\": \"Reset - Conditional OTP\",\n \"description\": \"Flow to determine if the OTP should be reset or not. Set to REQUIRED to force.\",\n \"providerId\": \"basic-flow\",\n \"topLevel\": false,\n \"builtIn\": true,\n \"authenticationExecutions\": [\n {\n \"authenticator\": \"conditional-user-configured\",\n \"requirement\": \"REQUIRED\",\n \"priority\": 10,\n \"userSetupAllowed\": false,\n \"autheticatorFlow\": false\n },\n {\n \"authenticator\": \"reset-otp\",\n \"requirement\": \"REQUIRED\",\n \"priority\": 20,\n \"userSetupAllowed\": false,\n \"autheticatorFlow\": false\n }\n ]\n },\n {\n \"id\": \"f2566db0-e455-4a77-8627-08429f754095\",\n \"alias\": \"User creation or linking\",\n \"description\": \"Flow for the existing/non-existing user alternatives\",\n \"providerId\": \"basic-flow\",\n \"topLevel\": false,\n \"builtIn\": true,\n \"authenticationExecutions\": [\n {\n \"authenticatorConfig\": \"create unique user config\",\n \"authenticator\": \"idp-create-user-if-unique\",\n \"requirement\": \"ALTERNATIVE\",\n \"priority\": 10,\n \"userSetupAllowed\": false,\n \"autheticatorFlow\": false\n },\n {\n \"requirement\": \"ALTERNATIVE\",\n \"priority\": 20,\n \"flowAlias\": \"Handle Existing Account\",\n \"userSetupAllowed\": false,\n \"autheticatorFlow\": true\n }\n ]\n },\n {\n \"id\": \"777163da-9d74-471b-9125-aceef09f3c67\",\n \"alias\": \"Verify Existing Account by Re-authentication\",\n \"description\": \"Reauthentication of existing account\",\n \"providerId\": \"basic-flow\",\n \"topLevel\": false,\n \"builtIn\": true,\n \"authenticationExecutions\": [\n {\n \"authenticator\": \"idp-username-password-form\",\n \"requirement\": \"REQUIRED\",\n \"priority\": 10,\n \"userSetupAllowed\": false,\n \"autheticatorFlow\": false\n },\n {\n \"requirement\": \"CONDITIONAL\",\n \"priority\": 20,\n \"flowAlias\": \"First broker login - Conditional OTP\",\n \"userSetupAllowed\": false,\n \"autheticatorFlow\": true\n }\n ]\n },\n {\n \"id\": \"edc242a1-822e-4945-8d62-70b826fa8d88\",\n \"alias\": \"bff\",\n \"description\": \"new flow bff\",\n \"providerId\": \"generic\",\n \"topLevel\": false,\n \"builtIn\": false,\n \"authenticationExecutions\": []\n },\n {\n \"id\": \"bf2ffb04-39eb-4de9-b302-29f8d2735cbb\",\n \"alias\": \"browser\",\n \"description\": \"browser based authentication not cool bro\",\n \"providerId\": \"basic-flow\",\n \"topLevel\": true,\n \"builtIn\": true,\n \"authenticationExecutions\": [\n {\n \"authenticator\": \"auth-cookie\",\n \"requirement\": \"ALTERNATIVE\",\n \"priority\": 10,\n \"userSetupAllowed\": false,\n \"autheticatorFlow\": false\n },\n {\n \"authenticator\": \"auth-spnego\",\n \"requirement\": \"DISABLED\",\n \"priority\": 20,\n \"userSetupAllowed\": false,\n \"autheticatorFlow\": false\n },\n {\n \"authenticator\": \"identity-provider-redirector\",\n \"requirement\": \"ALTERNATIVE\",\n \"priority\": 25,\n \"userSetupAllowed\": false,\n \"autheticatorFlow\": false\n },\n {\n \"requirement\": \"ALTERNATIVE\",\n \"priority\": 30,\n \"flowAlias\": \"forms\",\n \"userSetupAllowed\": false,\n \"autheticatorFlow\": true\n }\n ]\n },\n {\n \"id\": \"76ec235d-ea17-47a1-8497-51b561630630\",\n \"alias\": \"browser-for-fun\",\n \"description\": \"browser based authentication\",\n \"providerId\": \"basic-flow\",\n \"topLevel\": true,\n \"builtIn\": true,\n \"authenticationExecutions\": [\n {\n \"authenticator\": \"reset-password\",\n \"requirement\": \"DISABLED\",\n \"priority\": 0,\n \"flowAlias\": \"bff\",\n \"userSetupAllowed\": false,\n \"autheticatorFlow\": true\n }\n ]\n },\n {\n \"id\": \"6ad9fe31-5e18-45c2-8d8e-ec64cde57c2a\",\n \"alias\": \"clients\",\n \"description\": \"Base authentication for clients\",\n \"providerId\": \"client-flow\",\n \"topLevel\": true,\n \"builtIn\": true,\n \"authenticationExecutions\": [\n {\n \"authenticator\": \"client-secret\",\n \"requirement\": \"ALTERNATIVE\",\n \"priority\": 10,\n \"userSetupAllowed\": false,\n \"autheticatorFlow\": false\n },\n {\n \"authenticator\": \"client-jwt\",\n \"requirement\": \"ALTERNATIVE\",\n \"priority\": 20,\n \"userSetupAllowed\": false,\n \"autheticatorFlow\": false\n },\n {\n \"authenticator\": \"client-secret-jwt\",\n \"requirement\": \"ALTERNATIVE\",\n \"priority\": 30,\n \"userSetupAllowed\": false,\n \"autheticatorFlow\": false\n },\n {\n \"authenticator\": \"client-x509\",\n \"requirement\": \"ALTERNATIVE\",\n \"priority\": 40,\n \"userSetupAllowed\": false,\n \"autheticatorFlow\": false\n }\n ]\n },\n {\n \"id\": \"66831086-47c5-4b7b-bd47-a90f1bf20723\",\n \"alias\": \"direct grant\",\n \"description\": \"OpenID Connect Resource Owner Grant\",\n \"providerId\": \"basic-flow\",\n \"topLevel\": true,\n \"builtIn\": true,\n \"authenticationExecutions\": [\n {\n \"authenticator\": \"direct-grant-validate-username\",\n \"requirement\": \"REQUIRED\",\n \"priority\": 10,\n \"userSetupAllowed\": false,\n \"autheticatorFlow\": false\n },\n {\n \"authenticator\": \"direct-grant-validate-password\",\n \"requirement\": \"REQUIRED\",\n \"priority\": 20,\n \"userSetupAllowed\": false,\n \"autheticatorFlow\": false\n },\n {\n \"requirement\": \"CONDITIONAL\",\n \"priority\": 30,\n \"flowAlias\": \"Direct Grant - Conditional OTP\",\n \"userSetupAllowed\": false,\n \"autheticatorFlow\": true\n }\n ]\n },\n {\n \"id\": \"97e96691-c3a9-49da-a532-d18b033455c6\",\n \"alias\": \"docker auth\",\n \"description\": \"Used by Docker clients to authenticate against the IDP\",\n \"providerId\": \"basic-flow\",\n \"topLevel\": true,\n \"builtIn\": true,\n \"authenticationExecutions\": [\n {\n \"authenticator\": \"docker-http-basic-authenticator\",\n \"requirement\": \"REQUIRED\",\n \"priority\": 10,\n \"userSetupAllowed\": false,\n \"autheticatorFlow\": false\n }\n ]\n },\n {\n \"id\": \"b18008dd-b315-4caa-8992-c0154ce7787c\",\n \"alias\": \"first broker login\",\n \"description\": \"Actions taken after first broker login with identity provider account, which is not yet linked to any Keycloak account\",\n \"providerId\": \"basic-flow\",\n \"topLevel\": true,\n \"builtIn\": true,\n \"authenticationExecutions\": [\n {\n \"authenticator\": \"idp-review-profile\",\n \"requirement\": \"REQUIRED\",\n \"priority\": 10,\n \"userSetupAllowed\": false,\n \"autheticatorFlow\": false\n },\n {\n \"requirement\": \"REQUIRED\",\n \"priority\": 20,\n \"flowAlias\": \"User creation or linking\",\n \"userSetupAllowed\": false,\n \"autheticatorFlow\": true\n }\n ]\n },\n {\n \"id\": \"bd4d3510-2799-4012-8882-027f7695cb4b\",\n \"alias\": \"forms\",\n \"description\": \"Username, password, otp and other auth forms.\",\n \"providerId\": \"basic-flow\",\n \"topLevel\": false,\n \"builtIn\": true,\n \"authenticationExecutions\": [\n {\n \"authenticator\": \"auth-username-password-form\",\n \"requirement\": \"REQUIRED\",\n \"priority\": 10,\n \"userSetupAllowed\": false,\n \"autheticatorFlow\": false\n },\n {\n \"requirement\": \"CONDITIONAL\",\n \"priority\": 20,\n \"flowAlias\": \"Browser - Conditional OTP\",\n \"userSetupAllowed\": false,\n \"autheticatorFlow\": true\n }\n ]\n },\n {\n \"id\": \"d91e3c14-54e1-419f-b1f1-43339a580141\",\n \"alias\": \"http challenge\",\n \"description\": \"An authentication flow based on challenge-response HTTP Authentication Schemes\",\n \"providerId\": \"basic-flow\",\n \"topLevel\": true,\n \"builtIn\": true,\n \"authenticationExecutions\": [\n {\n \"authenticator\": \"no-cookie-redirect\",\n \"requirement\": \"REQUIRED\",\n \"priority\": 10,\n \"userSetupAllowed\": false,\n \"autheticatorFlow\": false\n },\n {\n \"requirement\": \"REQUIRED\",\n \"priority\": 20,\n \"flowAlias\": \"Authentication Options\",\n \"userSetupAllowed\": false,\n \"autheticatorFlow\": true\n }\n ]\n },\n {\n \"id\": \"2b16b0c5-0560-4925-a117-7cbe6fa4f47f\",\n \"alias\": \"registration\",\n \"description\": \"registration flow\",\n \"providerId\": \"basic-flow\",\n \"topLevel\": true,\n \"builtIn\": true,\n \"authenticationExecutions\": [\n {\n \"authenticator\": \"registration-page-form\",\n \"requirement\": \"REQUIRED\",\n \"priority\": 10,\n \"flowAlias\": \"registration form\",\n \"userSetupAllowed\": false,\n \"autheticatorFlow\": true\n }\n ]\n },\n {\n \"id\": \"c8dbf2d2-889a-492c-81c1-d041dd38d605\",\n \"alias\": \"registration form\",\n \"description\": \"registration form\",\n \"providerId\": \"form-flow\",\n \"topLevel\": false,\n \"builtIn\": true,\n \"authenticationExecutions\": [\n {\n \"authenticator\": \"registration-user-creation\",\n \"requirement\": \"REQUIRED\",\n \"priority\": 20,\n \"userSetupAllowed\": false,\n \"autheticatorFlow\": false\n },\n {\n \"authenticator\": \"registration-profile-action\",\n \"requirement\": \"REQUIRED\",\n \"priority\": 40,\n \"userSetupAllowed\": false,\n \"autheticatorFlow\": false\n },\n {\n \"authenticator\": \"registration-password-action\",\n \"requirement\": \"REQUIRED\",\n \"priority\": 50,\n \"userSetupAllowed\": false,\n \"autheticatorFlow\": false\n },\n {\n \"authenticator\": \"registration-recaptcha-action\",\n \"requirement\": \"DISABLED\",\n \"priority\": 60,\n \"userSetupAllowed\": false,\n \"autheticatorFlow\": false\n }\n ]\n },\n {\n \"id\": \"b3c01cad-1f6b-4132-9a5c-80cc54b27ebb\",\n \"alias\": \"reset credentials\",\n \"description\": \"Reset credentials for a user if they forgot their password or something\",\n \"providerId\": \"basic-flow\",\n \"topLevel\": true,\n \"builtIn\": true,\n \"authenticationExecutions\": [\n {\n \"authenticator\": \"reset-credentials-choose-user\",\n \"requirement\": \"REQUIRED\",\n \"priority\": 10,\n \"userSetupAllowed\": false,\n \"autheticatorFlow\": false\n },\n {\n \"authenticator\": \"reset-credential-email\",\n \"requirement\": \"REQUIRED\",\n \"priority\": 20,\n \"userSetupAllowed\": false,\n \"autheticatorFlow\": false\n },\n {\n \"authenticator\": \"reset-password\",\n \"requirement\": \"REQUIRED\",\n \"priority\": 30,\n \"userSetupAllowed\": false,\n \"autheticatorFlow\": false\n },\n {\n \"requirement\": \"CONDITIONAL\",\n \"priority\": 40,\n \"flowAlias\": \"Reset - Conditional OTP\",\n \"userSetupAllowed\": false,\n \"autheticatorFlow\": true\n }\n ]\n },\n {\n \"id\": \"ce62a973-c672-478e-8756-09d8d27a6761\",\n \"alias\": \"saml ecp\",\n \"description\": \"SAML ECP Profile Authentication Flow\",\n \"providerId\": \"basic-flow\",\n \"topLevel\": true,\n \"builtIn\": true,\n \"authenticationExecutions\": [\n {\n \"authenticator\": \"http-basic-authenticator\",\n \"requirement\": \"REQUIRED\",\n \"priority\": 10,\n \"userSetupAllowed\": false,\n \"autheticatorFlow\": false\n }\n ]\n }\n ],\n \"authenticatorConfig\": [\n {\n \"id\": \"eb03d05e-0dcb-4533-9391-3e45a20fba4c\",\n \"config\": {\n \"update.profile.on.first.login\": \"missing\"\n }\n },\n {\n \"id\": \"fe4adbd1-838e-4655-b157-9421353fa7c9\",\n \"alias\": \"create unique user config\",\n \"config\": {\n \"require.password.update.after.registration\": \"false\"\n }\n }\n ],\n \"requiredActions\": [\n {\n \"alias\": \"CONFIGURE_TOTP\",\n \"name\": \"Configure OTP\",\n \"providerId\": \"CONFIGURE_TOTP\",\n \"enabled\": true,\n \"defaultAction\": false,\n \"priority\": 10,\n \"config\": {}\n },\n {\n \"alias\": \"terms_and_conditions\",\n \"name\": \"Terms and Conditions\",\n \"providerId\": \"terms_and_conditions\",\n \"enabled\": false,\n \"defaultAction\": false,\n \"priority\": 20,\n \"config\": {}\n },\n {\n \"alias\": \"UPDATE_PROFILE\",\n \"name\": \"Update Profile\",\n \"providerId\": \"UPDATE_PROFILE\",\n \"enabled\": true,\n \"defaultAction\": false,\n \"priority\": 40,\n \"config\": {}\n },\n {\n \"name\": \"Update Profile +\",\n \"providerId\": \"UPDATE_PASSWORD\",\n \"enabled\": true,\n \"defaultAction\": false,\n \"priority\": 40,\n \"config\": {}\n },\n {\n \"alias\": \"VERIFY_EMAIL\",\n \"name\": \"Verify Email\",\n \"providerId\": \"VERIFY_EMAIL\",\n \"enabled\": true,\n \"defaultAction\": false,\n \"priority\": 50,\n \"config\": {}\n },\n {\n \"alias\": \"update_user_locale\",\n \"name\": \"Update User Locale\",\n \"providerId\": \"update_user_locale\",\n \"enabled\": true,\n \"defaultAction\": false,\n \"priority\": 1000,\n \"config\": {}\n },\n {\n \"alias\": \"reset-password\",\n \"name\": \"new-reset-password\",\n \"providerId\": \"reset-password\",\n \"enabled\": true,\n \"defaultAction\": false,\n \"priority\": 1001,\n \"config\": {}\n }\n ],\n \"browserFlow\": \"browser\",\n \"registrationFlow\": \"registration\",\n \"directGrantFlow\": \"direct grant\",\n \"resetCredentialsFlow\": \"reset credentials\",\n \"clientAuthenticationFlow\": \"clients\",\n \"dockerAuthenticationFlow\": \"docker auth\",\n \"attributes\": {},\n \"keycloakVersion\": \"10.0.0\",\n \"userManagedAccessAllowed\": false\n}" - }, - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/partialImport", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "partialImport" - ] - }, - "description": "Partial import from a JSON file to an existing realm.\n\n\n" - }, - "response": [] - }, - { - "name": "Push the realm’s revocation policy [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "POST", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/push-revocation", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "push-revocation" - ] - }, - "description": "Push the realm’s revocation policy to any client that has an admin url associated with it.\n\n\n" - }, - "response": [] - }, - { - "name": "Remove a specific user session [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "DELETE", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/sessions/{{sessionId}}", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "sessions", - "{{sessionId}}" - ] - }, - "description": "Any client that has an admin url will also be told to invalidate this particular session.\n\n\n" - }, - "response": [] - }, - { - "name": "Test LDAP connection [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "POST", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json" - } - ], - "body": { - "mode": "raw", - "raw": "{\n\t\"config\": {}\n}" - }, - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/testLDAPConnection", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "testLDAPConnection" - ] - }, - "description": "Test LDAP connection\n\n\n" - }, - "response": [] - }, - { - "name": "Test SMTP connection [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "POST", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json" - } - ], - "body": { - "mode": "raw", - "raw": "{\n\t\"settings\": {}\n}" - }, - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/testSMTPConnection", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "testSMTPConnection" - ] - }, - "description": "Test SMTP connection\n\n\n" - }, - "response": [] - }, - { - "name": "Get users-management-permissions [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/users-management-permissions", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "users-management-permissions" - ] - }, - "description": "Get users-management-permissions\n\n" - }, - "response": [] - }, - { - "name": "Update users-management-permissions [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "PUT", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json" - } - ], - "body": { - "mode": "raw", - "raw": "{\n\t\"enabled\": false\n}" - }, - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/users-management-permissions", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "users-management-permissions" - ] - }, - "description": "Update users-management-permissions\n\n" - }, - "response": [] - } - ] - }, - { - "name": "Role Mapper", - "item": [ - { - "name": "Get role mappings [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/groups/{{groupId}}/role-mappings", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "groups", - "{{groupId}}", - "role-mappings" - ] - }, - "description": "Get role mappings\n\n" - }, - "response": [] - }, - { - "name": "Update role mappings [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "POST", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json" - } - ], - "body": { - "mode": "raw", - "raw": "[{\n\t\"attributes\": {},\n\t\"clientRole\": false,\n\t\"composite\": false,\n\t\"description\": \"added role mapping from rest api\",\n\t\"name\": \"Investigator\",\n\t\"containerId\": \"heroes\"\n}]" - }, - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/groups/{{groupId}}/role-mappings/realm", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "groups", - "{{groupId}}", - "role-mappings", - "realm" - ] - }, - "description": "Update role mappings\n\n" - }, - "response": [] - }, - { - "name": "Get realm-level role mappings [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/groups/{{groupId}}/role-mappings/realm", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "groups", - "{{groupId}}", - "role-mappings", - "realm" - ] - }, - "description": "Get realm-level role mappings\n\n" - }, - "response": [] - }, - { - "name": "Get available realm-level role mappings [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/groups/{{groupId}}/role-mappings/realm/available", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "groups", - "{{groupId}}", - "role-mappings", - "realm", - "available" - ] - }, - "description": "Get available realm-level role mappings\n\n" - }, - "response": [] - }, - { - "name": "Delete realm-level role mappings [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "DELETE", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json" - } - ], - "body": { - "mode": "raw", - "raw": "{\n\t\"attributes\": {},\n\t\"clientRole\": false,\n\t\"composite\": false,\n\t\"description\": \"added role mapping from rest api\",\n\t\"name\": \"investigator\"\n}" - }, - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/groups/{{groupId}}/role-mappings/realm", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "groups", - "{{groupId}}", - "role-mappings", - "realm" - ] - }, - "description": "Delete realm-level role mappings\n\n" - }, - "response": [] - }, - { - "name": "Get effective realm-level role mappings [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/groups/{{groupId}}/role-mappings/realm/composite", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "groups", - "{{groupId}}", - "role-mappings", - "realm", - "composite" - ] - }, - "description": "Get effective realm-level role mappings This will recurse all composite roles to get the result.\n" - }, - "response": [] - }, - { - "name": "Get role mappings [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/users/{{userId}}/role-mappings", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "users", - "{{userId}}", - "role-mappings" - ] - }, - "description": "Get role mappings\n" - }, - "response": [] - }, - { - "name": "Get realm-level role mappings [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/users/{{userId}}/role-mappings/realm", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "users", - "{{userId}}", - "role-mappings", - "realm" - ] - }, - "description": "Get realm-level role mappings" - }, - "response": [] - }, - { - "name": "Add realm-level role mappings to the user [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "POST", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json" - } - ], - "body": { - "mode": "raw", - "raw": "[{\n \"name\": \"offline_access_2\",\n \"description\": \"${role_offline-access}\",\n \"composite\": false,\n \"clientRole\": false,\n \"containerId\": \"heroes\"\n}]" - }, - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/users/{{userId}}/role-mappings/realm", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "users", - "{{userId}}", - "role-mappings", - "realm" - ] - }, - "description": "Add realm-level role mappings to the user" - }, - "response": [] - }, - { - "name": "Delete realm-level role mappings to the user [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "DELETE", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json" - } - ], - "body": { - "mode": "raw", - "raw": "[{\n \"name\": \"offline_access_2\",\n \"description\": \"${role_offline-access}\",\n \"composite\": false,\n \"clientRole\": false,\n \"containerId\": \"heroes\"\n}]" - }, - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/users/{{userId}}/role-mappings/realm", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "users", - "{{userId}}", - "role-mappings", - "realm" - ] - }, - "description": "Delete realm-level role mappings to the user" - }, - "response": [] - }, - { - "name": "Get realm-level roles that can be mapped [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/users/{{userId}}/role-mappings/realm/available", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "users", - "{{userId}}", - "role-mappings", - "realm", - "available" - ] - }, - "description": "Get realm-level roles that can be mapped" - }, - "response": [] - }, - { - "name": "Get effective realm-level roles that can be mapped [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/users/{{userId}}/role-mappings/realm/composite", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "users", - "{{userId}}", - "role-mappings", - "realm", - "composite" - ] - }, - "description": "Get effective realm-level role mappings This will recurse all composite roles to get the result" - }, - "response": [] - } - ] - }, - { - "name": "Roles", - "item": [ - { - "name": "Get client role users by role name", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "eyJhbGciOiJSUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJSSklZNEpoNF9qdDdvNmREY0NlUDFfS1l0akcxVExXVW9oMkQ2Tzk1bFNBIn0.eyJleHAiOjE3MDczMDgwNDksImlhdCI6MTcwNzMwNjI0OSwianRpIjoiNjI5MmUzODYtMjlhZC00MjA5LTk1NWItZGU3YTFhNTRmYWY4IiwiaXNzIjoiaHR0cHM6Ly9hY2NvdW50cy5kZXYuZDRzY2llbmNlLm9yZy9hdXRoL3JlYWxtcy9kNHNjaWVuY2UiLCJhdWQiOlsiJTJGZ2N1YmUlMkZkZXZzZWMlMkZTQUlURVNUIiwicmVhbG0tbWFuYWdlbWVudCIsIiUyRmdjdWJlIiwiJTJGZ2N1YmUlMkZkZXZzZWMiLCIlMkZnY3ViZSUyRmRldk5leHQlMkZOZXh0TmV4dCIsIiUyRmdjdWJlJTJGZGV2c2VjJTJGZGV2VlJFIiwiJTJGZ2N1YmUlMkZkZXZOZXh0IiwiYWNjb3VudCJdLCJzdWIiOiJmNjgzNDQwYi00Njg1LTQzMjAtYmRlNC05OTIzODg0NjE4ZmYiLCJ0eXAiOiJCZWFyZXIiLCJhenAiOiJpZC5kNHNjaWVuY2Uub3JnIiwicmVhbG1fYWNjZXNzIjp7InJvbGVzIjpbIkluZnJhc3RydWN0dXJlLU1hbmFnZXIiLCJvZmZsaW5lX2FjY2VzcyIsIkluZnJhc3RydWN0dXJlLUNsaWVudCIsInVtYV9hdXRob3JpemF0aW9uIl19LCJyZXNvdXJjZV9hY2Nlc3MiOnsiJTJGZ2N1YmUlMkZkZXZzZWMlMkZTQUlURVNUIjp7InJvbGVzIjpbIk1lbWJlciJdfSwiaWQuZDRzY2llbmNlLm9yZyI6eyJyb2xlcyI6WyJ1bWFfcHJvdGVjdGlvbiJdfSwicmVhbG0tbWFuYWdlbWVudCI6eyJyb2xlcyI6WyJ2aWV3LXVzZXJzIiwidmlldy1jbGllbnRzIiwidmlldy1hdXRob3JpemF0aW9uIiwicXVlcnktY2xpZW50cyIsInF1ZXJ5LWdyb3VwcyIsInF1ZXJ5LXVzZXJzIl19LCIlMkZnY3ViZSI6eyJyb2xlcyI6WyJJbmZyYXN0cnVjdHVyZS1NYW5hZ2VyIiwiTWVtYmVyIl19LCIlMkZnY3ViZSUyRmRldnNlYyI6eyJyb2xlcyI6WyJNZW1iZXIiXX0sIiUyRmdjdWJlJTJGZGV2TmV4dCUyRk5leHROZXh0Ijp7InJvbGVzIjpbIk1lbWJlciJdfSwiJTJGZ2N1YmUlMkZkZXZzZWMlMkZkZXZWUkUiOnsicm9sZXMiOlsiTWVtYmVyIl19LCIlMkZnY3ViZSUyRmRldk5leHQiOnsicm9sZXMiOlsiTWVtYmVyIl19LCJhY2NvdW50Ijp7InJvbGVzIjpbIm1hbmFnZS1hY2NvdW50IiwibWFuYWdlLWFjY291bnQtbGlua3MiLCJ2aWV3LXByb2ZpbGUiXX19LCJzY29wZSI6ImVtYWlsIHByb2ZpbGUiLCJjbGllbnRJZCI6ImlkLmQ0c2NpZW5jZS5vcmciLCJlbWFpbF92ZXJpZmllZCI6ZmFsc2UsImNsaWVudEhvc3QiOiI5My41Ny4yNDguMTQ1IiwicHJlZmVycmVkX3VzZXJuYW1lIjoic2VydmljZS1hY2NvdW50LWlkLmQ0c2NpZW5jZS5vcmciLCJjbGllbnRBZGRyZXNzIjoiOTMuNTcuMjQ4LjE0NSJ9.RjcL56LJLTebZGHdDnPP5nap5M-ox6s1VLVxuWGWqHzTH3HWGX52SAJINt9fXB5T5ga8XQ9-MIrAXMiNeVTDBfrfRETnmz9sEoakQawxfCm5VzaNoRPfLv79P-KI6P_MU9pM4DiHdQDqHzgGPYHbEK0viPLZR_G-J5hQ_ByXVJgu9uQEbJDikpf5MZxQzW5Cl3N0Lo5QvGkAkXiUJqMjJU36WvcO5Xsomc6gPpmQ2YcGznoyDfMJKxgZjkkoJVy0ZsI3yX81Hac_dDWocX0SoKukuVaOWopXYvEO5OGvgrbFPRb1iQhoJO2aYIX-gHVIBXFQYCj1RVkplU5eC3nWuA", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/clients/15675b6a-ff7e-4578-a0c2-c00eaa17024f/roles/Catalogue-Editor/users", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "clients", - "15675b6a-ff7e-4578-a0c2-c00eaa17024f", - "roles", - "Catalogue-Editor", - "users" - ] - }, - "description": "Get all roles for the realm or client" - }, - "response": [] - }, - { - "name": "Get all roles for the realm or client [SAT]", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/clients/{{clientId}}/roles", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "clients", - "{{clientId}}", - "roles" - ] - }, - "description": "Get all roles for the realm or client" - }, - "response": [] - }, - { - "name": "Create a new role for the realm or client [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "POST", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json" - } - ], - "body": { - "mode": "raw", - "raw": "{\n \"name\": \"Strong\",\n \"composite\": false,\n \"clientRole\": true,\n \"containerId\": \"5725d549-faac-4a30-bab3-7b8370c19ce3\"\n }" - }, - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/clients/{{clientId}}/roles", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "clients", - "{{clientId}}", - "roles" - ] - }, - "description": "Create a new role for the realm or client" - }, - "response": [] - }, - { - "name": "Get a role by name [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/clients/{{clientId}}/roles/Sneaky", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "clients", - "{{clientId}}", - "roles", - "Sneaky" - ] - }, - "description": "Get a role by name" - }, - "response": [] - }, - { - "name": "Update a role by name [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "PUT", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json" - } - ], - "body": { - "mode": "raw", - "raw": "{\n \"id\": \"647ba3cc-5d4d-4a5a-a67f-ed594f43a5b6\",\n \"name\": \"Sneaky\",\n \"composite\": false,\n \"clientRole\": true,\n \"containerId\": \"5725d549-faac-4a30-bab3-7b8370c19ce3\",\n \"attributes\": {}\n}" - }, - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/clients/{{clientId}}/roles/Sneaky", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "clients", - "{{clientId}}", - "roles", - "Sneaky" - ] - }, - "description": "Update a role by name" - }, - "response": [] - }, - { - "name": "Delete a role by name [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "DELETE", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/clients/{{clientId}}/roles/Sneaky", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "clients", - "{{clientId}}", - "roles", - "Sneaky" - ] - }, - "description": "Delete a role by name" - }, - "response": [] - }, - { - "name": "Get a role by name composite [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/clients/{{clientId}}/roles/Sneaky/composites", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "clients", - "{{clientId}}", - "roles", - "Sneaky", - "composites" - ] - }, - "description": "Get a role by name" - }, - "response": [] - }, - { - "name": "Update a role by name composite [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "POST", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json" - } - ], - "body": { - "mode": "raw", - "raw": "[{\n \"name\": \"Sneaky-sub\",\n \"composite\": false,\n \"clientRole\": true,\n \"containerId\": \"647ba3cc-5d4d-4a5a-a67f-ed594f43a5b6\",\n \"attributes\": {},\n \"description\": \"sub comp\"\n}]" - }, - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/clients/{{clientId}}/roles/Sneaky/composites", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "clients", - "{{clientId}}", - "roles", - "Sneaky", - "composites" - ] - }, - "description": "Update a role by name" - }, - "response": [] - }, - { - "name": "Delete a role by name composite [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "DELETE", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json" - } - ], - "body": { - "mode": "raw", - "raw": "[{\n \"name\": \"Sneaky-sub\",\n \"composite\": false,\n \"clientRole\": true,\n \"containerId\": \"647ba3cc-5d4d-4a5a-a67f-ed594f43a5b6\",\n \"attributes\": {},\n \"description\": \"sub comp\"\n}]" - }, - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/clients/{{clientId}}/roles/Sneaky/composites", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "clients", - "{{clientId}}", - "roles", - "Sneaky", - "composites" - ] - }, - "description": "Remove roles from the role’s composite" - }, - "response": [] - }, - { - "name": "Get an app-level roles for specified app role's composite [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/clients/{{clientId}}/roles/Sneaky/composites/clients/{{clientId}}", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "clients", - "{{clientId}}", - "roles", - "Sneaky", - "composites", - "clients", - "{{clientId}}" - ] - }, - "description": "An app-level roles for the specified app for the role’s composite" - }, - "response": [] - }, - { - "name": "Get realm-level roles of the role’s composite [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/clients/{{clientId}}/roles/Sneaky/composites/realm", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "clients", - "{{clientId}}", - "roles", - "Sneaky", - "composites", - "realm" - ] - }, - "description": "Get realm-level roles of the role’s composite" - }, - "response": [] - }, - { - "name": "Return List of Groups that have the specified role name [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/clients/{{clientId}}/roles/Sneaky/groups", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "clients", - "{{clientId}}", - "roles", - "Sneaky", - "groups" - ] - }, - "description": "Return List of Groups that have the specified role name" - }, - "response": [] - }, - { - "name": "Return initialized auth permissions [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/clients/{{clientId}}/roles/Sneaky/management/permissions", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "clients", - "{{clientId}}", - "roles", - "Sneaky", - "management", - "permissions" - ] - }, - "description": "Return object stating whether role Authoirzation permissions have been initialized or not and a reference" - }, - "response": [] - }, - { - "name": "Update initialized auth permissions [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "PUT", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json" - } - ], - "body": { - "mode": "raw", - "raw": "{\n\t\"enabled\": false\n}" - }, - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/clients/{{clientId}}/roles/Sneaky/management/permissions", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "clients", - "{{clientId}}", - "roles", - "Sneaky", - "management", - "permissions" - ] - } - }, - "response": [] - }, - { - "name": "Return List of Users that have the specified role name [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/clients/{{clientId}}/roles/Sneaky/users", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "clients", - "{{clientId}}", - "roles", - "Sneaky", - "users" - ] - }, - "description": "Return List of Users that have the specified role name" - }, - "response": [] - }, - { - "name": "Get all roles for the realm or client [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/roles", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "roles" - ] - }, - "description": "Get all roles for the realm or client" - }, - "response": [] - }, - { - "name": "Create a new role for the realm or client [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "POST", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json" - } - ], - "body": { - "mode": "raw", - "raw": "{\n \"name\": \"Fighter\",\n \"composite\": false,\n \"clientRole\": false,\n \"containerId\": \"heroes\"\n }" - }, - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/roles", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "roles" - ] - }, - "description": "Create a new role for the realm or client" - }, - "response": [] - }, - { - "name": "Get a role by name[SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/roles/{{roleName}}", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "roles", - "{{roleName}}" - ] - }, - "description": "Get a role by name" - }, - "response": [] - }, - { - "name": "Delete a role by name[SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "DELETE", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/roles/{{roleName}}", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "roles", - "{{roleName}}" - ] - }, - "description": "Delete a role by name" - }, - "response": [] - }, - { - "name": "Update a role by name[SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "PUT", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json" - } - ], - "body": { - "mode": "raw", - "raw": "{\n \"id\": \"ea522e2b-1e8f-42f6-9cc6-981fd5dd2114\",\n \"name\": \"Investigator\",\n \"composite\": false,\n \"clientRole\": false,\n \"containerId\": \"heroes\",\n \"attributes\": {}\n}" - }, - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/roles/{{roleName}}", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "roles", - "{{roleName}}" - ] - }, - "description": "Update a role by name" - }, - "response": [] - }, - { - "name": "Add a composite to the role [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "POST", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json" - } - ], - "body": { - "mode": "raw", - "raw": "[\n {\n \"name\": \"Sub-Investigator\",\n \"composite\": false,\n \"clientRole\": false,\n \"containerId\": \"Investigator\",\n \"description\": \"desc\"\n\t}\n]" - }, - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/roles/{{roleName}}/composites", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "roles", - "{{roleName}}", - "composites" - ] - }, - "description": "Add a composite to the role\n" - }, - "response": [] - }, - { - "name": "Delete a composite to the role [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "DELETE", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json" - } - ], - "body": { - "mode": "raw", - "raw": "{\n \"name\": \"Sub-Investigator\",\n \"composite\": false,\n \"clientRole\": false,\n \"containerId\": \"Investigator\",\n \"attributes\": {}\n}" - }, - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/roles/{{roleName}}/composites", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "roles", - "{{roleName}}", - "composites" - ] - }, - "description": "Delete a composite to the role\n" - }, - "response": [] - }, - { - "name": "Get a composite to the role [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/roles/{{roleName}}/composites", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "roles", - "{{roleName}}", - "composites" - ] - }, - "description": "Get a composite to the role\n" - }, - "response": [] - }, - { - "name": "Get an app-level roles for the specified app [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/roles/{{roleName}}/composites/clients/{{clientId}}", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "roles", - "{{roleName}}", - "composites", - "clients", - "{{clientId}}" - ] - }, - "description": "An app-level roles for the specified app for the role’s composite" - }, - "response": [] - }, - { - "name": "Get realm-level roles of the role’s composite [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/roles/{{roleName}}/composites/realm", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "roles", - "{{roleName}}", - "composites", - "realm" - ] - }, - "description": "Get realm-level roles of the role’s composite" - }, - "response": [] - }, - { - "name": "Return List of Groups that have the specified role name [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/roles/{{roleName}}/groups", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "roles", - "{{roleName}}", - "groups" - ] - }, - "description": "Return List of Groups that have the specified role name" - }, - "response": [] - }, - { - "name": "Get Authoirzation permissions have been initialized [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/roles/{{roleName}}/management/permissions", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "roles", - "{{roleName}}", - "management", - "permissions" - ] - }, - "description": "Return object stating whether role Authoirzation permissions have been initialized or not and a reference" - }, - "response": [] - }, - { - "name": "Update Authoirzation permissions have been initialized [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "PUT", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json" - } - ], - "body": { - "mode": "raw", - "raw": "{\n\t\"enabled\": false\n}" - }, - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/roles/{{roleName}}/management/permissions", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "roles", - "{{roleName}}", - "management", - "permissions" - ] - }, - "description": "Return object stating whether role Authoirzation permissions have been initialized or not and a reference" - }, - "response": [] - }, - { - "name": "Return List of Users that have the specified role name [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/roles/{{roleName}}/users", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "roles", - "{{roleName}}", - "users" - ] - }, - "description": "Return List of Users that have the specified role name\n" - }, - "response": [] - } - ] - }, - { - "name": "Roles (by ID)", - "item": [ - { - "name": "Get a specific role’s representation [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/roles-by-id/{{roleId}}", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "roles-by-id", - "{{roleId}}" - ] - }, - "description": "Get a specific role’s representation" - }, - "response": [] - }, - { - "name": "Update a specific role’s representation [SAT] Copy", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "PUT", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json" - } - ], - "body": { - "mode": "raw", - "raw": "{\n \"id\": \"ea522e2b-1e8f-42f6-9cc6-981fd5dd2114\",\n \"name\": \"Investigator\",\n \"composite\": false,\n \"clientRole\": false,\n \"containerId\": \"heroes\",\n \"attributes\": {}\n}" - }, - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/roles-by-id/{{roleId}}", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "roles-by-id", - "{{roleId}}" - ] - }, - "description": "Update a specific role’s representation" - }, - "response": [] - }, - { - "name": "Update a specific role’s representation [SAT] Copy Copy", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "DELETE", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/roles-by-id/{{roleId}}", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "roles-by-id", - "{{roleId}}" - ] - }, - "description": "Update a specific role’s representation" - }, - "response": [] - }, - { - "name": "Make the role a composite role by associating some child roles [SAT]", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "POST", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json" - } - ], - "body": { - "mode": "raw", - "raw": "{\n \"id\": \"ea522e2b-1e8f-42f6-9cc6-981fd5dd2114\",\n \"name\": \"Investigator\",\n \"composite\": false,\n \"clientRole\": false,\n \"containerId\": \"heroes\",\n \"attributes\": {}\n}" - }, - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/roles-by-id/{{roleId}}/composites", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "roles-by-id", - "{{roleId}}", - "composites" - ] - }, - "description": "Make the role a composite role by associating some child roles" - }, - "response": [] - }, - { - "name": "Get role’s children by providing the role is a composite [SAT]", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/roles-by-id/{{roleId}}/composites", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "roles-by-id", - "{{roleId}}", - "composites" - ] - }, - "description": "Get role’s children Returns a set of role’s children provided the role is a composite." - }, - "response": [] - }, - { - "name": "Delete role’s children by providing the role is a composite [SAT]", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "DELETE", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json" - } - ], - "body": { - "mode": "raw", - "raw": "{\n \"id\": \"ea522e2b-1e8f-42f6-9cc6-981fd5dd2114\",\n \"name\": \"Investigator\",\n \"composite\": false,\n \"clientRole\": false,\n \"containerId\": \"heroes\",\n \"attributes\": {}\n}" - }, - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/roles-by-id/{{roleId}}/composites", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "roles-by-id", - "{{roleId}}", - "composites" - ] - }, - "description": "Delete role’s children Returns a set of role’s children provided the role is a composite." - }, - "response": [] - }, - { - "name": "Get client-level roles for the client that are in the role’s composite [SAT]", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/roles-by-id/{{roleId}}/composites/clients/{{clientId}}", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "roles-by-id", - "{{roleId}}", - "composites", - "clients", - "{{clientId}}" - ] - }, - "description": "Get client-level roles for the client that are in the role’s composite" - }, - "response": [] - }, - { - "name": "Get realm-level roles that are in the role’s composite [SAT]", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/roles-by-id/{{roleId}}/composites/realm", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "roles-by-id", - "{{roleId}}", - "composites", - "realm" - ] - }, - "description": "Get realm-level roles that are in the role’s composite" - }, - "response": [] - }, - { - "name": "Get role Authoirzation permissions [SAT]", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/roles-by-id/{{roleId}}/management/permissions", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "roles-by-id", - "{{roleId}}", - "management", - "permissions" - ] - }, - "description": "Return object stating whether role Authoirzation permissions have been initialized or not and a reference" - }, - "response": [] - }, - { - "name": "Get role Authoirzation permissions [SAT] Copy", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "PUT", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json" - } - ], - "body": { - "mode": "raw", - "raw": "{\n \"enabled\": false\n}" - }, - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/roles-by-id/{{roleId}}/management/permissions", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "roles-by-id", - "{{roleId}}", - "management", - "permissions" - ] - }, - "description": "Return object stating whether role Authoirzation permissions have been initialized or not and a reference" - }, - "response": [] - } - ] - }, - { - "name": "Scope Mappings", - "item": [ - { - "name": "Get all scope mappings for the client [SAT]", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/client-scopes/{{realmClientScopeId}}/scope-mappings", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "client-scopes", - "{{realmClientScopeId}}", - "scope-mappings" - ] - }, - "description": "Get all scope mappings for the client" - }, - "response": [] - }, - { - "name": "Add client-level roles to the client’s scope [SAT]", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "POST", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json" - } - ], - "body": { - "mode": "raw", - "raw": "{\n \"id\": \"ea522e2b-1e8f-42f6-9cc6-981fd5dd2114\",\n \"name\": \"Investigator\",\n \"composite\": false,\n \"clientRole\": false,\n \"containerId\": \"heroes\",\n \"attributes\": {}\n}" - }, - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/client-scopes/{{realmClientScopeId}}/scope-mappings/clients/{{clientId}}", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "client-scopes", - "{{realmClientScopeId}}", - "scope-mappings", - "clients", - "{{clientId}}" - ] - }, - "description": "Add client-level roles to the client’s scope" - }, - "response": [] - }, - { - "name": "Get the roles associated with a client’s scope Returns roles for the client [SAT]", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/client-scopes/{{realmClientScopeId}}/scope-mappings/clients/{{clientId}}", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "client-scopes", - "{{realmClientScopeId}}", - "scope-mappings", - "clients", - "{{clientId}}" - ] - }, - "description": "Get the roles associated with a client’s scope Returns roles for the client." - }, - "response": [] - }, - { - "name": "Get the roles associated with a client’s scope Returns roles for the client [SAT]", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "DELETE", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json" - } - ], - "body": { - "mode": "raw", - "raw": "{\n \"id\": \"ea522e2b-1e8f-42f6-9cc6-981fd5dd2114\",\n \"name\": \"Investigator\",\n \"composite\": false,\n \"clientRole\": false,\n \"containerId\": \"heroes\",\n \"attributes\": {}\n}" - }, - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/client-scopes/{{realmClientScopeId}}/scope-mappings/clients/{{clientId}}", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "client-scopes", - "{{realmClientScopeId}}", - "scope-mappings", - "clients", - "{{clientId}}" - ] - }, - "description": "Get the roles associated with a client’s scope Returns roles for the client." - }, - "response": [] - }, - { - "name": "Get the roles of the client [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/client-scopes/{{realmClientScopeId}}/scope-mappings/clients/{{clientId}}/available", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "client-scopes", - "{{realmClientScopeId}}", - "scope-mappings", - "clients", - "{{clientId}}", - "available" - ] - }, - "description": "The available client-level roles Returns the roles for the client that can be associated with the client’s scope" - }, - "response": [] - }, - { - "name": "Get the effective client roles [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/client-scopes/{{realmClientScopeId}}/scope-mappings/clients/{{clientId}}/composite", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "client-scopes", - "{{realmClientScopeId}}", - "scope-mappings", - "clients", - "{{clientId}}", - "composite" - ] - }, - "description": "Get effective client roles Returns the roles for the client that are associated with the client’s scope." - }, - "response": [] - }, - { - "name": "Add a set of realm-level roles to the client’s scope [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "POST", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json" - } - ], - "body": { - "mode": "raw", - "raw": "{\n \"id\": \"ea522e2b-1e8f-42f6-9cc6-981fd5dd2114\",\n \"name\": \"Investigator\",\n \"composite\": false,\n \"clientRole\": false,\n \"containerId\": \"heroes\",\n \"attributes\": {}\n}" - }, - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/client-scopes/{{realmClientScopeId}}/scope-mappings/realm", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "client-scopes", - "{{realmClientScopeId}}", - "scope-mappings", - "realm" - ] - }, - "description": "Add a set of realm-level roles to the client’s scope" - }, - "response": [] - }, - { - "name": "Get realm-level roles associated with the client’s scope [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/client-scopes/{{realmClientScopeId}}/scope-mappings/realm", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "client-scopes", - "{{realmClientScopeId}}", - "scope-mappings", - "realm" - ] - }, - "description": "Get realm-level roles associated with the client’s scope" - }, - "response": [] - }, - { - "name": "Get realm-level roles associated with the client’s scope [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "DELETE", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json" - } - ], - "body": { - "mode": "raw", - "raw": "{\n \"id\": \"ea522e2b-1e8f-42f6-9cc6-981fd5dd2114\",\n \"name\": \"Investigator\",\n \"composite\": false,\n \"clientRole\": false,\n \"containerId\": \"heroes\",\n \"attributes\": {}\n}" - }, - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/client-scopes/{{realmClientScopeId}}/scope-mappings/realm", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "client-scopes", - "{{realmClientScopeId}}", - "scope-mappings", - "realm" - ] - }, - "description": "Get realm-level roles associated with the client’s scope" - }, - "response": [] - }, - { - "name": "Get realm-level roles that are available to attach to this client’s scope [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/client-scopes/{{realmClientScopeId}}/scope-mappings/realm/available", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "client-scopes", - "{{realmClientScopeId}}", - "scope-mappings", - "realm", - "available" - ] - }, - "description": "Get realm-level roles that are available to attach to this client’s scope" - }, - "response": [] - }, - { - "name": "Get a comprehensive total view of realm-level roles associated with the client [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/client-scopes/{{realmClientScopeId}}/scope-mappings/realm/composite", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "client-scopes", - "{{realmClientScopeId}}", - "scope-mappings", - "realm", - "composite" - ] - }, - "description": "Get effective realm-level roles associated with the client’s scope What this does is recurse any composite roles associated with the client’s scope and adds the roles to this lists.\n\nThe method is really to show a comprehensive total view of realm-level roles associated with the client.\n\n" - }, - "response": [] - }, - { - "name": "Get all scope mappings for the client [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/clients/{{clientId}}/scope-mappings", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "clients", - "{{clientId}}", - "scope-mappings" - ] - }, - "description": "Get all scope mappings for the client\n\n" - }, - "response": [] - }, - { - "name": "Add client-level roles to the client’s scope [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "POST", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json" - } - ], - "body": { - "mode": "raw", - "raw": "{\n \"id\": \"ea522e2b-1e8f-42f6-9cc6-981fd5dd2114\",\n \"name\": \"Investigator\",\n \"composite\": false,\n \"clientRole\": false,\n \"containerId\": \"heroes\",\n \"attributes\": {}\n}" - }, - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/clients/{{clientId}}/scope-mappings/clients/{{clientId}}", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "clients", - "{{clientId}}", - "scope-mappings", - "clients", - "{{clientId}}" - ] - }, - "description": "Add client-level roles to the client’s scope\n\n" - }, - "response": [] - }, - { - "name": "Delete client-level roles to the client’s scope [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "DELETE", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json" - } - ], - "body": { - "mode": "raw", - "raw": "{\n \"id\": \"ea522e2b-1e8f-42f6-9cc6-981fd5dd2114\",\n \"name\": \"Investigator\",\n \"composite\": false,\n \"clientRole\": false,\n \"containerId\": \"heroes\",\n \"attributes\": {}\n}" - }, - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/clients/{{clientId}}/scope-mappings/clients/{{clientId}}", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "clients", - "{{clientId}}", - "scope-mappings", - "clients", - "{{clientId}}" - ] - }, - "description": "Delete client-level roles to the client’s scope\n\n" - }, - "response": [] - }, - { - "name": "Get client-level roles to the client’s scope [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/clients/{{clientId}}/scope-mappings/clients/{{clientId}}", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "clients", - "{{clientId}}", - "scope-mappings", - "clients", - "{{clientId}}" - ] - }, - "description": "Get the roles associated with a client’s scope Returns roles for the client.\n" - }, - "response": [] - }, - { - "name": "Get available client-level roles to the client’s scope [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/clients/{{clientId}}/scope-mappings/clients/{{clientId}}/available", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "clients", - "{{clientId}}", - "scope-mappings", - "clients", - "{{clientId}}", - "available" - ] - }, - "description": "The available client-level roles Returns the roles for the client that can be associated with the client’s scope" - }, - "response": [] - }, - { - "name": "Get effective client-level roles to the client’s scope [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/clients/{{clientId}}/scope-mappings/clients/{{clientId}}/composite", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "clients", - "{{clientId}}", - "scope-mappings", - "clients", - "{{clientId}}", - "composite" - ] - }, - "description": "Get effective client roles Returns the roles for the client that are associated with the client’s scope." - }, - "response": [] - }, - { - "name": "Add a set of realm-level roles to the client’s scope [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "POST", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json" - } - ], - "body": { - "mode": "raw", - "raw": "{\n \"id\": \"ea522e2b-1e8f-42f6-9cc6-981fd5dd2114\",\n \"name\": \"Investigator2\",\n \"composite\": false,\n \"clientRole\": false,\n \"containerId\": \"heroes\",\n \"attributes\": {}\n}" - }, - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/clients/{{clientId}}/scope-mappings/realm", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "clients", - "{{clientId}}", - "scope-mappings", - "realm" - ] - }, - "description": "Add a set of realm-level roles to the client’s scope\n" - }, - "response": [] - }, - { - "name": "Delete a set of realm-level roles to the client’s scope [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "DELETE", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json" - } - ], - "body": { - "mode": "raw", - "raw": "{\n \"id\": \"ea522e2b-1e8f-42f6-9cc6-981fd5dd2114\",\n \"name\": \"Investigator2\",\n \"composite\": false,\n \"clientRole\": false,\n \"containerId\": \"heroes\",\n \"attributes\": {}\n}" - }, - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/clients/{{clientId}}/scope-mappings/realm", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "clients", - "{{clientId}}", - "scope-mappings", - "realm" - ] - }, - "description": "Delete a set of realm-level roles to the client’s scope\n" - }, - "response": [] - }, - { - "name": "Get realm-level roles associated with the client’s scope [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/clients/{{clientId}}/scope-mappings/realm", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "clients", - "{{clientId}}", - "scope-mappings", - "realm" - ] - }, - "description": "Get realm-level roles associated with the client’s scope" - }, - "response": [] - }, - { - "name": "Get realm-level roles that are available to attach to this client’s scope [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/clients/{{clientId}}/scope-mappings/realm/available", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "clients", - "{{clientId}}", - "scope-mappings", - "realm", - "available" - ] - }, - "description": "Get realm-level roles that are available to attach to this client’s scope\n" - }, - "response": [] - }, - { - "name": "Get effective realm-level roles that are available to attach to this client’s scope [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/clients/{{clientId}}/scope-mappings/realm/composite", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "clients", - "{{clientId}}", - "scope-mappings", - "realm", - "composite" - ] - }, - "description": "Get effective realm-level roles associated with the client’s scope What this does is recurse any composite roles associated with the client’s scope and adds the roles to this lists." - }, - "response": [] - } - ] - }, - { - "name": "User Storage Provider", - "item": [ - { - "name": "Display simple name of usage provider [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/user-storage/{{userStorageId}}/name", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "user-storage", - "{{userStorageId}}", - "name" - ] - }, - "description": "Need this for admin console to display simple name of provider when displaying user detail" - }, - "response": [] - }, - { - "name": "Remove imported users [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "POST", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/user-storage/{{userStorageId}}/remove-imported-users", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "user-storage", - "{{userStorageId}}", - "remove-imported-users" - ] - }, - "description": "Remove imported users" - }, - "response": [] - }, - { - "name": "Trigger sync [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "POST", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/user-storage/{{userStorageId}}/sync", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "user-storage", - "{{userStorageId}}", - "sync" - ], - "query": [ - { - "key": "action", - "value": "", - "disabled": true - } - ] - }, - "description": "Trigger sync of users Action can be \"triggerFullSync\" or \"triggerChangedUsersSync\"" - }, - "response": [] - }, - { - "name": "Unlink imported users from a storage provider [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "POST", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/user-storage/{{userStorageId}}/unlink-users", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "user-storage", - "{{userStorageId}}", - "unlink-users" - ] - }, - "description": "Unlink imported users from a storage provider" - }, - "response": [] - }, - { - "name": "Trigger sync to ldap mapper [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "POST", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/user-storage/{{ldapParentId}}/mappers/{{ldapMapperId}}/sync", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "user-storage", - "{{ldapParentId}}", - "mappers", - "{{ldapMapperId}}", - "sync" - ], - "query": [ - { - "key": "direction", - "value": "", - "disabled": true - } - ] - }, - "description": "Trigger sync of mapper data related to ldap mapper (roles, groups, …​) direction is \"fedToKeycloak\" or \"keycloakToFed\"" - }, - "response": [] - } - ] - }, - { - "name": "Users", - "item": [ - { - "name": "Get users [SAT]", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/users", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "users" - ], - "query": [ - { - "key": "briefRepresentation", - "value": "", - "disabled": true - }, - { - "key": "email", - "value": "", - "disabled": true - }, - { - "key": "first", - "value": "", - "disabled": true - }, - { - "key": "firstName", - "value": "", - "disabled": true - }, - { - "key": "lastName", - "value": "", - "disabled": true - }, - { - "key": "max", - "value": "", - "disabled": true - }, - { - "key": "search", - "value": "", - "disabled": true - }, - { - "key": "username", - "value": "", - "disabled": true - } - ] - }, - "description": "Get users Returns a list of users, filtered according to query parameters" - }, - "response": [ - { - "name": "Get users [SAT]", - "originalRequest": { - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/users", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "users" - ] - } - }, - "status": "OK", - "code": 200, - "_postman_previewlanguage": "json", - "header": [ - { - "key": "Cache-Control", - "value": "no-cache" - }, - { - "key": "X-XSS-Protection", - "value": "1; mode=block" - }, - { - "key": "X-Frame-Options", - "value": "SAMEORIGIN" - }, - { - "key": "Date", - "value": "Sun, 10 May 2020 19:05:12 GMT" - }, - { - "key": "Connection", - "value": "keep-alive" - }, - { - "key": "Strict-Transport-Security", - "value": "max-age=31536000; includeSubDomains" - }, - { - "key": "X-Content-Type-Options", - "value": "nosniff" - }, - { - "key": "Content-Type", - "value": "application/json" - }, - { - "key": "Content-Length", - "value": "1527" - } - ], - "cookie": [], - "body": "[\n {\n \"id\": \"5d2e6c0b-924e-4496-b619-d8b8947e38a4\",\n \"createdTimestamp\": 1588880797165,\n \"username\": \"batman\",\n \"enabled\": true,\n \"totp\": false,\n \"emailVerified\": true,\n \"firstName\": \"Bruce\",\n \"lastName\": \"Wayne\",\n \"email\": \"batman@bat.com\",\n \"disableableCredentialTypes\": [],\n \"requiredActions\": [],\n \"notBefore\": 0,\n \"access\": {\n \"manageGroupMembership\": true,\n \"view\": true,\n \"mapRoles\": true,\n \"impersonate\": true,\n \"manage\": true\n }\n },\n {\n \"id\": \"51ec35b0-909d-421e-a5a4-6ad230d341c3\",\n \"createdTimestamp\": 1588881104954,\n \"username\": \"spiderman\",\n \"enabled\": true,\n \"totp\": false,\n \"emailVerified\": true,\n \"firstName\": \"Peter\",\n \"lastName\": \"Parker\",\n \"email\": \"spidy@sense.com\",\n \"disableableCredentialTypes\": [],\n \"requiredActions\": [],\n \"notBefore\": 0,\n \"access\": {\n \"manageGroupMembership\": true,\n \"view\": true,\n \"mapRoles\": true,\n \"impersonate\": true,\n \"manage\": true\n }\n },\n {\n \"id\": \"56f6c53f-5150-4b42-9757-4c3dd4e7d947\",\n \"createdTimestamp\": 1588881160516,\n \"username\": \"superman\",\n \"enabled\": true,\n \"totp\": false,\n \"emailVerified\": true,\n \"firstName\": \"Clark\",\n \"lastName\": \"Kent\",\n \"email\": \"superman@kael.com\",\n \"disableableCredentialTypes\": [],\n \"requiredActions\": [],\n \"notBefore\": 0,\n \"access\": {\n \"manageGroupMembership\": true,\n \"view\": true,\n \"mapRoles\": true,\n \"impersonate\": true,\n \"manage\": true\n }\n },\n {\n \"id\": \"1c4f1960-8817-4108-8672-7b36ebd3372d\",\n \"createdTimestamp\": 1588880747548,\n \"username\": \"thor\",\n \"enabled\": true,\n \"totp\": false,\n \"emailVerified\": true,\n \"firstName\": \"Thor\",\n \"lastName\": \"Thunder\",\n \"email\": \"thor@god.com\",\n \"disableableCredentialTypes\": [],\n \"requiredActions\": [],\n \"notBefore\": 0,\n \"access\": {\n \"manageGroupMembership\": true,\n \"view\": true,\n \"mapRoles\": true,\n \"impersonate\": true,\n \"manage\": true\n }\n }\n]" - } - ] - }, - { - "name": "Create user [SAT]", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "POST", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json" - } - ], - "body": { - "mode": "raw", - "raw": "{\n \"createdTimestamp\": 1588880747548,\n \"username\": \"Strange\",\n \"enabled\": true,\n \"totp\": false,\n \"emailVerified\": true,\n \"firstName\": \"Stephen\",\n \"lastName\": \"Strange\",\n \"email\": \"drstranger@marvel.com\",\n \"disableableCredentialTypes\": [],\n \"requiredActions\": [],\n \"notBefore\": 0,\n \"access\": {\n \"manageGroupMembership\": true,\n \"view\": true,\n \"mapRoles\": true,\n \"impersonate\": true,\n \"manage\": true\n },\n \"realmRoles\": [\t\"mb-user\" ]\n }" - }, - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/users", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "users" - ] - }, - "description": "Create a new user Username must be unique." - }, - "response": [] - }, - { - "name": "Returns the number of users that match the given criteria [SAT]", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/users/count", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "users", - "count" - ], - "query": [ - { - "key": "email", - "value": "", - "disabled": true - }, - { - "key": "firstName", - "value": "", - "disabled": true - }, - { - "key": "lastName", - "value": "", - "disabled": true - }, - { - "key": "search", - "value": "", - "disabled": true - }, - { - "key": "username", - "value": "", - "disabled": true - } - ] - }, - "description": "It can be called in three different ways. 1. Don’t specify any criteria and pass {@code null}. The number of all users within that realm will be returned.

2. If {@code search} is specified other criteria such as {@code last} will be ignored even though you set them. The {@code search} string will be matched against the first and last name, the username and the email of a user.

3. If {@code search} is unspecified but any of {@code last}, {@code first}, {@code email} or {@code username} those criteria are matched against their respective fields on a user entity. Combined with a logical and." - }, - "response": [] - }, - { - "name": "Get representation of the user [SAT]", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/users/{{userId}}", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "users", - "{{userId}}" - ] - }, - "description": "Get representation of the user" - }, - "response": [ - { - "name": "Get user [SAT]", - "originalRequest": { - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/users/{{userId}}", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "users", - "{{userId}}" - ] - } - }, - "status": "OK", - "code": 200, - "_postman_previewlanguage": "json", - "header": [ - { - "key": "Cache-Control", - "value": "no-cache" - }, - { - "key": "X-XSS-Protection", - "value": "1; mode=block" - }, - { - "key": "X-Frame-Options", - "value": "SAMEORIGIN" - }, - { - "key": "Date", - "value": "Sun, 10 May 2020 19:17:07 GMT" - }, - { - "key": "Connection", - "value": "keep-alive" - }, - { - "key": "Strict-Transport-Security", - "value": "max-age=31536000; includeSubDomains" - }, - { - "key": "X-Content-Type-Options", - "value": "nosniff" - }, - { - "key": "Content-Type", - "value": "application/json" - }, - { - "key": "Content-Length", - "value": "408" - } - ], - "cookie": [], - "body": "{\n \"id\": \"56f6c53f-5150-4b42-9757-4c3dd4e7d947\",\n \"createdTimestamp\": 1588881160516,\n \"username\": \"superman\",\n \"enabled\": true,\n \"totp\": false,\n \"emailVerified\": true,\n \"firstName\": \"Clark\",\n \"lastName\": \"Kent\",\n \"email\": \"superman@kael.com\",\n \"disableableCredentialTypes\": [],\n \"requiredActions\": [],\n \"federatedIdentities\": [],\n \"notBefore\": 0,\n \"access\": {\n \"manageGroupMembership\": true,\n \"view\": true,\n \"mapRoles\": true,\n \"impersonate\": true,\n \"manage\": true\n }\n}" - } - ] - }, - { - "name": "Update the user [SAT]", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "PUT", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json" - } - ], - "body": { - "mode": "raw", - "raw": "{\n \"id\": \"56f6c53f-5150-4b42-9757-4c3dd4e7d947\",\n \"createdTimestamp\": 1588881160516,\n \"username\": \"Superman\",\n \"enabled\": true,\n \"totp\": false,\n \"emailVerified\": true,\n \"firstName\": \"Clark\",\n \"lastName\": \"Kent\",\n \"email\": \"superman@kael.com\",\n \"disableableCredentialTypes\": [],\n \"requiredActions\": [],\n \"federatedIdentities\": [],\n \"notBefore\": 0,\n \"access\": {\n \"manageGroupMembership\": true,\n \"view\": true,\n \"mapRoles\": true,\n \"impersonate\": true,\n \"manage\": true\n }\n}" - }, - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/users/{{userId}}", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "users", - "{{userId}}" - ] - }, - "description": "Update the user" - }, - "response": [] - }, - { - "name": "Delete the user [SAT]", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "DELETE", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/users/{{userId}}", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "users", - "{{userId}}" - ] - }, - "description": "Delete the user" - }, - "response": [] - }, - { - "name": "Return credential types [SAT]", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/users/{{userId}}/configured-user-storage-credential-types", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "users", - "{{userId}}", - "configured-user-storage-credential-types" - ] - }, - "description": "Return credential types, which are provided by the user storage where user is stored\n\nReturned values can contain for example \"password\", \"otp\" etc. This will always return empty list for \"local\" users, which are not backed by any user storage" - }, - "response": [] - }, - { - "name": "Get consents granted by the user [SAT]", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/users/{{userId}}/consents", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "users", - "{{userId}}", - "consents" - ] - }, - "description": "Get consents granted by the user" - }, - "response": [] - }, - { - "name": "Delete consents granted by the user [SAT]", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "DELETE", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/users/{{userId}}/consents/{{clientId}}", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "users", - "{{userId}}", - "consents", - "{{clientId}}" - ] - }, - "description": "Delete consents granted by the user" - }, - "response": [] - }, - { - "name": "Get credentials [SAT]", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/users/{{userId}}/credentials", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "users", - "{{userId}}", - "credentials" - ] - }, - "description": "Get credentials " - }, - "response": [ - { - "name": "Get credentials [SAT]", - "originalRequest": { - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/users/{{userId}}/credentials", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "users", - "{{userId}}", - "credentials" - ] - } - }, - "status": "OK", - "code": 200, - "_postman_previewlanguage": "json", - "header": [ - { - "key": "Cache-Control", - "value": "no-cache" - }, - { - "key": "X-XSS-Protection", - "value": "1; mode=block" - }, - { - "key": "X-Frame-Options", - "value": "SAMEORIGIN" - }, - { - "key": "Date", - "value": "Sun, 10 May 2020 19:31:10 GMT" - }, - { - "key": "Connection", - "value": "keep-alive" - }, - { - "key": "Strict-Transport-Security", - "value": "max-age=31536000; includeSubDomains" - }, - { - "key": "X-Content-Type-Options", - "value": "nosniff" - }, - { - "key": "Content-Type", - "value": "application/json" - }, - { - "key": "Content-Length", - "value": "171" - } - ], - "cookie": [], - "body": "[\n {\n \"id\": \"f5e75065-30a9-422b-a22b-8ba1fb1a9fb4\",\n \"type\": \"password\",\n \"createdDate\": 1588881169980,\n \"credentialData\": \"{\\\"hashIterations\\\":27500,\\\"algorithm\\\":\\\"pbkdf2-sha256\\\"}\"\n }\n]" - } - ] - }, - { - "name": "Remove a credential for a user [SAT]", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "DELETE", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/users/{{userId}}/credentials/{{credentialsId}}", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "users", - "{{userId}}", - "credentials", - "{{credentialsId}}" - ] - }, - "description": "Remove a credential for a user" - }, - "response": [] - }, - { - "name": "Move a credential to a position behind another credential [SAT]", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "POST", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/users/{{userId}}/credentials/{{credentialsId}}/moveAfter/{{newPreviousCredentialId}}", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "users", - "{{userId}}", - "credentials", - "{{credentialsId}}", - "moveAfter", - "{{newPreviousCredentialId}}" - ] - }, - "description": "Move a credential to a position behind another credential" - }, - "response": [] - }, - { - "name": "Move a credential to a first position in the credentials list of the user [SAT]", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "POST", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/users/{{userId}}/credentials/{{credentialsId}}/moveToFirst", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "users", - "{{userId}}", - "credentials", - "{{credentialsId}}", - "moveToFirst" - ] - }, - "description": "Move a credential to a first position in the credentials list of the user" - }, - "response": [] - }, - { - "name": "Update a credential label for a user [SAT]", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "PUT", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "text/plain" - } - ], - "body": { - "mode": "raw", - "raw": "\"label\"" - }, - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/users/{{userId}}/credentials/{{credentialsId}}/userLabel", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "users", - "{{userId}}", - "credentials", - "{{credentialsId}}", - "userLabel" - ] - }, - "description": "Update a credential label for a user" - }, - "response": [] - }, - { - "name": "Disable all credentials for a user of a specific type [SAT]", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "PUT", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json" - } - ], - "body": { - "mode": "raw", - "raw": "[]" - }, - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/users/{{userId}}/disable-credential-types", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "users", - "{{userId}}", - "disable-credential-types" - ] - }, - "description": "Disable all credentials for a user of a specific type" - }, - "response": [] - }, - { - "name": "Send an update account email to the user [SAT]", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "PUT", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json" - } - ], - "body": { - "mode": "raw", - "raw": "[\"UPDATE_PASSWORD\"]" - }, - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/users/{{userId}}/execute-actions-email", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "users", - "{{userId}}", - "execute-actions-email" - ], - "query": [ - { - "key": "client_id", - "value": "", - "disabled": true - }, - { - "key": "lifespan", - "value": "", - "disabled": true - }, - { - "key": "redirect_uri", - "value": "", - "disabled": true - } - ] - }, - "description": "Send a update account email to the user An email contains a link the user can click to perform a set of required actions." - }, - "response": [] - }, - { - "name": "Deprecated: Reset password email [SAT]", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "PUT", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/users/{{userId}}/reset-password-email?client_id=Mb-kcng-app", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "users", - "{{userId}}", - "reset-password-email" - ], - "query": [ - { - "key": "client_id", - "value": "Mb-kcng-app" - }, - { - "key": "lifespan", - "value": "", - "disabled": true - }, - { - "key": "redirect_uri", - "value": "", - "disabled": true - } - ] - }, - "description": "Reset password email (with only client ID)" - }, - "response": [] - }, - { - "name": "Get social logins associated with the user [SAT]", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/users/{{userId}}/federated-identity", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "users", - "{{userId}}", - "federated-identity" - ] - }, - "description": "Get social logins associated with the user" - }, - "response": [] - }, - { - "name": "Add a social login provider to the user [SAT]", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "POST", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json" - } - ], - "body": { - "mode": "raw", - "raw": "{\n\t\"userId\": \"56f6c53f-5150-4b42-9757-4c3dd4e7d947\",\n\t\"userName\": \"superman\"\n}" - }, - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/users/{{userId}}/federated-identity/{{socialProvider}}", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "users", - "{{userId}}", - "federated-identity", - "{{socialProvider}}" - ] - }, - "description": "Add a social login provider to the user" - }, - "response": [] - }, - { - "name": "Remove a social login provider from user [SAT]", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "DELETE", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/users/{{userId}}/federated-identity/{{socialProvider}}", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "users", - "{{userId}}", - "federated-identity", - "{{socialProvider}}" - ] - }, - "description": "Remove a social login provider from user\n" - }, - "response": [] - }, - { - "name": "Get groups [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/users/{{userId}}/groups", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "users", - "{{userId}}", - "groups" - ] - }, - "description": "Get groups\n" - }, - "response": [ - { - "name": "Get groups [SAT] ", - "originalRequest": { - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/users/{{userId}}/groups", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "users", - "{{userId}}", - "groups" - ] - } - }, - "status": "OK", - "code": 200, - "_postman_previewlanguage": "json", - "header": [ - { - "key": "Cache-Control", - "value": "no-cache" - }, - { - "key": "X-XSS-Protection", - "value": "1; mode=block" - }, - { - "key": "X-Frame-Options", - "value": "SAMEORIGIN" - }, - { - "key": "Date", - "value": "Sun, 10 May 2020 20:09:10 GMT" - }, - { - "key": "Connection", - "value": "keep-alive" - }, - { - "key": "Strict-Transport-Security", - "value": "max-age=31536000; includeSubDomains" - }, - { - "key": "X-Content-Type-Options", - "value": "nosniff" - }, - { - "key": "Content-Type", - "value": "application/json" - }, - { - "key": "Content-Length", - "value": "72" - } - ], - "cookie": [], - "body": "[\n {\n \"id\": \"2043c1bb-cf4b-47e3-9e07-49384d7d857a\",\n \"name\": \"dc\",\n \"path\": \"/dc\"\n }\n]" - } - ] - }, - { - "name": "Get groups count [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/users/{{userId}}/groups/count", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "users", - "{{userId}}", - "groups", - "count" - ] - }, - "description": "Get groups count\n" - }, - "response": [] - }, - { - "name": "Add group [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "PUT", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/users/{{userId}}/groups/{{groupId}}", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "users", - "{{userId}}", - "groups", - "{{groupId}}" - ] - }, - "description": "Add group\n" - }, - "response": [] - }, - { - "name": "Delete group [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "DELETE", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/users/{{userId}}/groups/{{groupId}}", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "users", - "{{userId}}", - "groups", - "{{groupId}}" - ] - }, - "description": "Delete group\n" - }, - "response": [] - }, - { - "name": "Impersonate the user [SAT] ", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "POST", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/users/{{userId}}/impersonation", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "users", - "{{userId}}", - "impersonation" - ] - }, - "description": "Impersonate the user\n" - }, - "response": [ - { - "name": "Impersonate the user [SAT] ", - "originalRequest": { - "method": "POST", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/users/{{userId}}/impersonation", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "users", - "{{userId}}", - "impersonation" - ] - } - }, - "status": "OK", - "code": 200, - "_postman_previewlanguage": "json", - "header": [ - { - "key": "Set-Cookie", - "value": "KEYCLOAK_IDENTITY=; Version=1; Comment=Expiring cookie; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Max-Age=0; Path=/auth/realms/heroes/; HttpOnly" - }, - { - "key": "Set-Cookie", - "value": "KEYCLOAK_IDENTITY_LEGACY=; Version=1; Comment=Expiring cookie; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Max-Age=0; Path=/auth/realms/heroes/; HttpOnly" - }, - { - "key": "Set-Cookie", - "value": "KEYCLOAK_SESSION=; Version=1; Comment=Expiring cookie; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Max-Age=0; Path=/auth/realms/heroes/" - }, - { - "key": "Set-Cookie", - "value": "KEYCLOAK_SESSION_LEGACY=; Version=1; Comment=Expiring cookie; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Max-Age=0; Path=/auth/realms/heroes/" - }, - { - "key": "Set-Cookie", - "value": "KEYCLOAK_IDENTITY=; Version=1; Comment=Expiring cookie; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Max-Age=0; Path=/auth/realms/heroes; HttpOnly" - }, - { - "key": "Set-Cookie", - "value": "KEYCLOAK_IDENTITY_LEGACY=; Version=1; Comment=Expiring cookie; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Max-Age=0; Path=/auth/realms/heroes; HttpOnly" - }, - { - "key": "Set-Cookie", - "value": "KEYCLOAK_SESSION=; Version=1; Comment=Expiring cookie; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Max-Age=0; Path=/auth/realms/heroes" - }, - { - "key": "Set-Cookie", - "value": "KEYCLOAK_SESSION_LEGACY=; Version=1; Comment=Expiring cookie; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Max-Age=0; Path=/auth/realms/heroes" - }, - { - "key": "Set-Cookie", - "value": "KEYCLOAK_REMEMBER_ME=; Version=1; Comment=Expiring cookie; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Max-Age=0; Path=/auth/realms/heroes/; HttpOnly" - }, - { - "key": "Set-Cookie", - "value": "KEYCLOAK_IDENTITY=eyJhbGciOiJIUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICIxYmVmYmM2NS0zN2EyLTQxZTctYjM2NC1lMjc0NWQ4NDRmNzcifQ.eyJleHAiOjE1ODkxNzc2MDEsImlhdCI6MTU4OTE0MTYwMSwianRpIjoiYTM4NzRjZTMtYmRiZS00Y2NkLTljZjktMmRkMDM3YmEyZmFiIiwiaXNzIjoiaHR0cDovLzEyNy4wLjAuMTo4MDgwL2F1dGgvcmVhbG1zL2hlcm9lcyIsInN1YiI6IjU2ZjZjNTNmLTUxNTAtNGI0Mi05NzU3LTRjM2RkNGU3ZDk0NyIsInR5cCI6IlNlcmlhbGl6ZWQtSUQiLCJzZXNzaW9uX3N0YXRlIjoiZjkzNWE4Y2YtNjk2MC00ODdmLWFiZDItNjc5ZmY5ZDc0ZTBmIiwic3RhdGVfY2hlY2tlciI6InpFLURFaWV0REhjQUFkQ3lDektRZFA3Ql8tSFlzai11UGxhZnlhVmhtYWsifQ.RN1S2lUJwxLPgzzVUC6Qgh72zr0wTU0PwqSZNnCzHeo; Version=1; Path=/auth/realms/heroes/; SameSite=None; Secure; HttpOnly" - }, - { - "key": "Set-Cookie", - "value": "KEYCLOAK_IDENTITY_LEGACY=eyJhbGciOiJIUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICIxYmVmYmM2NS0zN2EyLTQxZTctYjM2NC1lMjc0NWQ4NDRmNzcifQ.eyJleHAiOjE1ODkxNzc2MDEsImlhdCI6MTU4OTE0MTYwMSwianRpIjoiYTM4NzRjZTMtYmRiZS00Y2NkLTljZjktMmRkMDM3YmEyZmFiIiwiaXNzIjoiaHR0cDovLzEyNy4wLjAuMTo4MDgwL2F1dGgvcmVhbG1zL2hlcm9lcyIsInN1YiI6IjU2ZjZjNTNmLTUxNTAtNGI0Mi05NzU3LTRjM2RkNGU3ZDk0NyIsInR5cCI6IlNlcmlhbGl6ZWQtSUQiLCJzZXNzaW9uX3N0YXRlIjoiZjkzNWE4Y2YtNjk2MC00ODdmLWFiZDItNjc5ZmY5ZDc0ZTBmIiwic3RhdGVfY2hlY2tlciI6InpFLURFaWV0REhjQUFkQ3lDektRZFA3Ql8tSFlzai11UGxhZnlhVmhtYWsifQ.RN1S2lUJwxLPgzzVUC6Qgh72zr0wTU0PwqSZNnCzHeo; Version=1; Path=/auth/realms/heroes/; HttpOnly" - }, - { - "key": "Set-Cookie", - "value": "KEYCLOAK_SESSION=heroes/56f6c53f-5150-4b42-9757-4c3dd4e7d947/f935a8cf-6960-487f-abd2-679ff9d74e0f; Version=1; Expires=Mon, 11-May-2020 06:13:21 GMT; Max-Age=36000; Path=/auth/realms/heroes/; SameSite=None; Secure" - }, - { - "key": "Set-Cookie", - "value": "KEYCLOAK_SESSION_LEGACY=heroes/56f6c53f-5150-4b42-9757-4c3dd4e7d947/f935a8cf-6960-487f-abd2-679ff9d74e0f; Version=1; Expires=Mon, 11-May-2020 06:13:21 GMT; Max-Age=36000; Path=/auth/realms/heroes/" - }, - { - "key": "P3P", - "value": "CP=\"This is not a P3P policy!\"" - }, - { - "key": "X-XSS-Protection", - "value": "1; mode=block" - }, - { - "key": "X-Frame-Options", - "value": "SAMEORIGIN" - }, - { - "key": "Date", - "value": "Sun, 10 May 2020 20:13:21 GMT" - }, - { - "key": "Connection", - "value": "keep-alive" - }, - { - "key": "Strict-Transport-Security", - "value": "max-age=31536000; includeSubDomains" - }, - { - "key": "X-Content-Type-Options", - "value": "nosniff" - }, - { - "key": "Content-Type", - "value": "application/json" - }, - { - "key": "Content-Length", - "value": "93" - } - ], - "cookie": [], - "body": "{\n \"redirect\": \"http://127.0.0.1:8080/auth/realms/heroes/account/applications\",\n \"sameRealm\": true\n}" - } - ] - }, - { - "name": "Logout user [SAT]", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "POST", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/users/{{userId}}/logout", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "users", - "{{userId}}", - "logout" - ] - }, - "description": "Remove all user sessions associated with the user Also send notification to all clients that have an admin URL to invalidate the sessions for the particular user.\n" - }, - "response": [] - }, - { - "name": "Get offline sessions associated with the user and client [SAT]", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/users/{{userId}}/offline-sessions/{{clientId}}", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "users", - "{{userId}}", - "offline-sessions", - "{{clientId}}" - ] - }, - "description": "Get offline sessions associated with the user and client\n" - }, - "response": [] - }, - { - "name": "Set up a new password for the user [SAT]", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "PUT", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json" - } - ], - "body": { - "mode": "raw", - "raw": "{\"type\":\"password\",\"value\":\"test\",\"temporary\":false}" - }, - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/users/{{userId}}/reset-password", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "users", - "{{userId}}", - "reset-password" - ] - }, - "description": "Set up a new password for the user.\n" - }, - "response": [] - }, - { - "name": "Send an email-verification email [SAT]", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "PUT", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/users/{{userId}}/send-verify-email", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "users", - "{{userId}}", - "send-verify-email" - ], - "query": [ - { - "key": "client_id", - "value": "", - "disabled": true - }, - { - "key": "redirect_uri", - "value": "", - "disabled": true - } - ] - }, - "description": "Send an email-verification email to the user An email contains a link the user can click to verify their email address." - }, - "response": [] - }, - { - "name": "Get sessions associated with the user [SAT]", - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token}}", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/users/{{userId}}/sessions", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "users", - "{{userId}}", - "sessions" - ] - }, - "description": "Get sessions associated with the user" - }, - "response": [ - { - "name": "Get sessions associated with the user [SAT]", - "originalRequest": { - "method": "GET", - "header": [ - { - "key": "Content-Type", - "name": "Content-Type", - "type": "text", - "value": "application/json", - "disabled": true - } - ], - "url": { - "raw": "{{keycloak_url}}/admin/realms/{{realm}}/users/{{userId}}/sessions", - "host": [ - "{{keycloak_url}}" - ], - "path": [ - "admin", - "realms", - "{{realm}}", - "users", - "{{userId}}", - "sessions" - ] - } - }, - "status": "OK", - "code": 200, - "_postman_previewlanguage": "json", - "header": [ - { - "key": "Cache-Control", - "value": "no-cache" - }, - { - "key": "X-XSS-Protection", - "value": "1; mode=block" - }, - { - "key": "X-Frame-Options", - "value": "SAMEORIGIN" - }, - { - "key": "Date", - "value": "Sun, 10 May 2020 20:27:50 GMT" - }, - { - "key": "Connection", - "value": "keep-alive" - }, - { - "key": "Strict-Transport-Security", - "value": "max-age=31536000; includeSubDomains" - }, - { - "key": "X-Content-Type-Options", - "value": "nosniff" - }, - { - "key": "Content-Type", - "value": "application/json" - }, - { - "key": "Content-Length", - "value": "204" - } - ], - "cookie": [], - "body": "[\n {\n \"id\": \"f935a8cf-6960-487f-abd2-679ff9d74e0f\",\n \"username\": \"superman\",\n \"userId\": \"56f6c53f-5150-4b42-9757-4c3dd4e7d947\",\n \"ipAddress\": \"172.17.0.1\",\n \"start\": 1589141601000,\n \"lastAccess\": 1589141601000,\n \"clients\": {}\n }\n]" - } - ] - } - ] - } - ], - "event": [ - { - "listen": "prerequest", - "script": { - "type": "text/javascript", - "exec": [ - "console.log(\"executing pre-request script\");", - "", - "pm.variables.unset('current_username');", - "pm.variables.unset('current_password');", - "pm.variables.unset('current_context');", - "pm.variables.unset('current_url-encoded-context');", - "pm.variables.unset('current_iam-url');", - "pm.variables.unset('current_client_id');", - "pm.variables.unset('current_uma-token');", - "pm.variables.unset('current_access-token');", - "", - "var username = pm.variables.get('username');", - "", - "console.log('current username', pm.variables.get('username'));", - "", - "var scope_context = pm.variables.get('scope_context');", - "", - "if (!scope_context) {", - " throw new Error(\"scope_context not defined\" );", - "}", - "", - "console.log('current context', scope_context);", - "pm.environment.set('current_context', scope_context);", - "", - "var urlEncodedContext = encodeURIComponent(scope_context);", - "pm.environment.set('current_url-encoded-context', urlEncodedContext);", - "", - "", - "", - "var pwd_key = 'password_' + username;", - "if (pm.variables.has('key_password')) {", - " pwd_key = pm.variables.get('key_password')", - "}", - "", - "if (pm.variables.has(pwd_key)) {", - " password = pm.variables.get(pwd_key);", - "} else {", - " throw new Error(\"missing password for username \" + username + \". Set a global password (type secret) with key \" + pwd_key);", - "}", - "pm.environment.set('current_password', password );", - "console.log('password ****** from', pwd_key );", - "", - "pm.environment.set('current_username', username);", - "pm.environment.set('current_password', password);", - "", - "var iamURL;", - "var clientID;", - "var prefix;", - "", - "if(scope_context.startsWith('/gcube')){", - " prefix = \"gcube_\";", - "} else if(scope_context.startsWith('/pred4s')) {", - " prefix = \"pred4s_\";", - "} else if(scope_context.startsWith('/d4science.research-infrastructures')) { ", - " prefix = \"d4science_\";", - "} else {", - " throw new Error(\"missing context parameters \" + context);", - "}", - "", - "var proxy_disabled = pm.variables.has(proxy_disabled) && pm.variables.get('proxy_disabled') == \"true\";", - "", - "var key_iamURL = prefix + \"iam_url\";", - "var key_client = prefix + \"client-id\";", - "", - "if (proxy_disabled) {", - " console.log(\"proxy disabled, bypassing proxy\")", - " key_iamURL += \"_noproxy\";", - "}", - "", - "console.log(\"key_iamURL\", key_iamURL);", - "console.log(\"key_client\", key_client);", - "", - "iamURL = pm.variables.get(key_iamURL) ;", - "clientID = pm.variables.get(key_client);", - "", - "console.log(\"current iamURL\", iamURL);", - "console.log(\"current clientID\", clientID);", - "", - "pm.environment.set('current_iam-url', iamURL);", - "pm.environment.set('current_client-id', clientID);", - "", - "pm.environment.set('keycloak_url', iamURL + '/auth') ;" - ] - } - }, - { - "listen": "test", - "script": { - "type": "text/javascript", - "exec": [ - "" - ] - } - } - ], - "variable": [ - { - "key": "password_mister.blonde", - "value": "oxv:3662" - }, - { - "key": "password_mister.brown", - "value": "pqm-6054" - }, - { - "key": "password_mister.pink", - "value": "pum*7692" - }, - { - "key": "password_mister.white", - "value": "pav_0026" - }, - { - "key": "password_mister.blue", - "value": "mbsl-2367" - }, - { - "key": "password_mister.orange", - "value": "mrsn-3188" - }, - { - "key": "iam-url", - "value": "" - }, - { - "key": "client-id", - "value": "" - }, - { - "key": "gcube_client-id", - "value": "next.d4science.org" - }, - { - "key": "gcube_iam_url_noproxy", - "value": "https://url.gcube.d4science.org", - "type": "string" - }, - { - "key": "gcube_iam_url", - "value": "https://accounts.dev.d4science.org", - "type": "string" - }, - { - "key": "pred4s_iam_url", - "value": "https://url.pred4s.d4science.org", - "type": "string" - }, - { - "key": "pred4s_client-id", - "value": "pre.d4science.org", - "type": "string" - }, - { - "key": "d4science_iam_url", - "value": "https://url.d4science.org", - "type": "string" - }, - { - "key": "c_client", - "value": "services.d4science.org", - "type": "string" - }, - { - "key": "d4science_iam_url_noproxy", - "value": "https://accounts.d4science.org", - "type": "string" - }, - { - "key": "pred4s_iam_url_noproxy", - "value": "https://accounts.pre.d4science.org", - "type": "string" - } - ] -} \ No newline at end of file diff --git a/src/main/java/org/gcube/keycloack/KkClientFactory.java b/src/main/java/org/gcube/keycloack/KkClientFactory.java deleted file mode 100644 index 6369974..0000000 --- a/src/main/java/org/gcube/keycloack/KkClientFactory.java +++ /dev/null @@ -1,162 +0,0 @@ -package org.gcube.keycloack; - -import java.util.List; - -import org.gcube.common.encryption.encrypter.StringEncrypter; -import org.gcube.common.resources.gcore.ServiceEndpoint; -import org.gcube.common.security.providers.SecretManagerProvider; -import org.gcube.service.idm.is.client.InfrastrctureServiceClient; -import org.gcube.smartgears.ContextProvider; -import org.gcube.smartgears.context.application.ApplicationContext; -import org.keycloak.admin.client.Keycloak; -import org.keycloak.admin.client.KeycloakBuilder; -import org.keycloak.admin.client.resource.ClientResource; -import org.keycloak.admin.client.resource.RealmResource; -import org.keycloak.representations.idm.ClientRepresentation; - -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -import jakarta.ws.rs.NotFoundException; - -public class KkClientFactory { - private static final Logger logger = LoggerFactory.getLogger(KkClientFactory.class); - - private final static String RUNTIME_RESOURCE_NAME = "IAM"; - private final static String CATEGORY = "Service"; - private final static String REALM_D4S = "d4science"; - private final static boolean IS_ROOT_SERVICE = true; - - // the singleton obj - - private static KkClientFactory singleton = new KkClientFactory(); - - /** - * keycloak configuration obtained from IS in the private constructor - * using the singleton pattern, it's retrieved from IS only for the first access, then kept in the singleton object - */ - private KeycloakServerConfig config_keycloak; - - public static KkClientFactory getSingleton() { - if (singleton == null) - singleton = new KkClientFactory(); - return singleton; - } - - /** - * Private constructor - * obtains the is_config_keycloak from IS - */ - private KkClientFactory() { - logger.info("Building KeycloakAPICredentials object"); - try { - if (this.config_keycloak == null) - setIsKeycloackInstance(); - - - if (this.config_keycloak == null) - setTestKeycloackInstance(); - - } catch (Exception e) { - logger.error("error obtaining IAM configuration from IS {} ", e); - } - logger.info("KeycloakAPICredentials object built {} - {}", config_keycloak.getServerUrl(), config_keycloak.getRealm() ); - } - - - public void setTestKeycloackInstance() { - this.config_keycloak = KeycloakServerConfig.getTestConfig(); - } - - - public void setIsKeycloackInstance() throws Exception { - this.config_keycloak = lookupPropertiesFromIs(RUNTIME_RESOURCE_NAME, CATEGORY, REALM_D4S, IS_ROOT_SERVICE); - } - - public static String encodeClientIdContext(String context) { - return context.replace("/", "%2F"); - } - - public KeycloackApiClient createtKeycloakInstance(String context) { - return keycloackInstanceFromConfig(this.config_keycloak, context); - } - - public static KeycloackApiClient keycloackInstanceFromConfig(KeycloakServerConfig config, String context) { - - Keycloak kclient = KeycloakBuilder.builder() - .serverUrl(config.getServerUrl()) - .realm(config.getRealm()) - .grantType(config.getGrantType()) - .clientId(config.getClientId()) // - .clientSecret(config.getClientSecret()).build(); - - return new KeycloackApiClient(kclient, config.getRealm(), context); - } - - - public RealmResource getKKRealmForCurrentContext() { - String ctx = SecretManagerProvider.get().getContext(); - return getKKRealmForContext(ctx); - } - - public RealmResource getKKRealmForContext(String ctx) { - logger.info("Searching client for contex"); - - - KeycloackApiClient keycloackApiClient = createtKeycloakInstance(ctx); - RealmResource realm = keycloackApiClient.kclient.realm(keycloackApiClient.realmName); - return realm; - } - - - public ClientResource getKKClientForCurrentContext() { - String ctx = SecretManagerProvider.get().getContext(); - return getKKClientForContext(ctx); - } - public ClientResource getKKClientForContext(String ctx) { - logger.info("Searching client for contex"); - - RealmResource realm = getKKRealmForContext(ctx); - - List clients = realm.clients().findByClientId(encodeClientIdContext(ctx)); - - if (clients.size() == 0) { - return null; - } - String id = clients.get(0).getId(); - return realm.clients().get(id); - } - - /** - * Read the properties from the infrastructure - * - * @throws Exception - */ - private KeycloakServerConfig lookupPropertiesFromIs(String resource_name, String category, String accessPointName, boolean root_service) - throws Exception { - - logger.info("Starting creating KeycloakAPICredentials"); - - - - ServiceEndpoint.AccessPoint accessPoint = InfrastrctureServiceClient.getAccesspointFromIS(resource_name, - category, accessPointName, root_service); - - if (accessPoint == null) { - String error_log = "Unable to retrieve service endpoint " + accessPointName; - - logger.error(error_log); - throw new NotFoundException(error_log); - } - - String keycloakURL = accessPoint.address(); - String realm = accessPoint.name(); - String clientId = accessPoint.username(); - String clientSecret = StringEncrypter.getEncrypter().decrypt(accessPoint.password()); - - KeycloakServerConfig config = new KeycloakServerConfig(keycloakURL, realm, clientId, clientSecret); - logger.info("Found accesspoint URL = " + keycloakURL); - return config; - - } -} diff --git a/src/main/java/org/gcube/service/idm/controller/KKRolesClient.java b/src/main/java/org/gcube/service/idm/controller/KKRolesClient.java index 81c5fdc..ee9cc9f 100644 --- a/src/main/java/org/gcube/service/idm/controller/KKRolesClient.java +++ b/src/main/java/org/gcube/service/idm/controller/KKRolesClient.java @@ -2,8 +2,10 @@ package org.gcube.service.idm.controller; import java.util.List; -import org.gcube.keycloack.KkClientFactory; +import org.gcube.service.idm.keycloack.KkClientFactory; import org.keycloak.admin.client.resource.ClientResource; +import org.keycloak.admin.client.resource.RoleResource; +import org.keycloak.admin.client.resource.RolesResource; import org.keycloak.representations.idm.RoleRepresentation; import org.slf4j.LoggerFactory; @@ -12,9 +14,19 @@ public class KKRolesClient { public static List getRoles() { logger.info("Searching users for context"); - ClientResource client = KkClientFactory.getSingleton().getKKClientForCurrentContext(); - List roles = client.roles().list(); + ClientResource client = KkClientFactory.getSingleton().getKKClient(); + RolesResource roles_resource = client.roles(); + + List roles = roles_resource.list(); return roles; } + public static RoleRepresentation getRoleByName(String name) { + logger.info("Searching users for context"); + ClientResource client = KkClientFactory.getSingleton().getKKClient(); + RolesResource roles_resource = client.roles(); + RoleResource r = roles_resource.get(name); + return r.toRepresentation(); + } + } diff --git a/src/main/java/org/gcube/service/idm/controller/KKUserClient.java b/src/main/java/org/gcube/service/idm/controller/KKUserClient.java index 715912f..9e070d1 100644 --- a/src/main/java/org/gcube/service/idm/controller/KKUserClient.java +++ b/src/main/java/org/gcube/service/idm/controller/KKUserClient.java @@ -3,47 +3,107 @@ package org.gcube.service.idm.controller; import java.util.List; import org.gcube.common.security.providers.SecretManagerProvider; -import org.gcube.keycloack.KeycloackApiClient; -import org.gcube.keycloack.KkClientFactory; +import org.gcube.service.idm.keycloack.KeycloackApiClient; +import org.gcube.service.idm.keycloack.KkClientFactory; import org.keycloak.admin.client.resource.ClientResource; import org.keycloak.admin.client.resource.RealmResource; +import org.keycloak.admin.client.resource.UserResource; +import org.keycloak.admin.client.resource.UsersResource; import org.keycloak.representations.idm.ClientRepresentation; import org.keycloak.representations.idm.UserRepresentation; import org.slf4j.LoggerFactory; +import jakarta.ws.rs.NotFoundException; + public class KKUserClient { private static final org.slf4j.Logger logger = LoggerFactory.getLogger(KKUserClient.class); - - public static List getUserByEmail(String email) { - logger.info("Searching user by email: {}", email); - - RealmResource realm = KkClientFactory.getSingleton().getKKRealmForCurrentContext(); - List users = realm.users() - .searchByEmail(email, true); + public static UsersResource users(){ + RealmResource realm = KkClientFactory.getSingleton().getKKRealm(); + UsersResource users = realm.users(); return users; } - public static List getUserByUsername(String username) { + /** + * Search for users based on the given filters. + * + * @param username a value contained in username + * @param firstName a value contained in first name + * @param lastName a value contained in last name + * @param email a value contained in email + * @param emailVerified whether the email has been verified + * @param idpAlias the alias of the Identity Provider + * @param idpUserId the userId at the Identity Provider + * @param firstResult the position of the first result to retrieve + * @param maxResults the maximum number of results to retrieve + * @param enabled only return enabled or disabled users + * @param briefRepresentation Only return basic information (only guaranteed to + * return id, username, created, first + * and last name, email, enabled state, email + * verification state, federation link, and access. + * Note that it means that namely user attributes, + * required actions, and not before are not + * returned.) + * @return a list of {@link UserRepresentation} + */ + public static List search(String username, + String firstName, + String lastName, + String email, + Boolean emailVerified, + String idpAlias, + String idpUserId, + Integer firstResult, + Integer maxResults, + Boolean enabled, + Boolean briefRepresentation) { + logger.info("Searching users with params"); + RealmResource realm = KkClientFactory.getSingleton().getKKRealm(); + List users = realm.users().search(username, firstName, lastName, email, emailVerified, + idpAlias, idpUserId, firstResult, maxResults, enabled, briefRepresentation); + + return users; + } + + public static UserRepresentation getUserByEmail(String email) { + logger.info("Searching user by email: {}", email); + + RealmResource realm = KkClientFactory.getSingleton().getKKRealm(); + UserRepresentation user = realm.users() + .searchByEmail(email, true).stream().findFirst().orElse(null); + return user; + } + + public static UserRepresentation getUserById(String username) { logger.info("Searching user by username: {}", username); - RealmResource realm = KkClientFactory.getSingleton().getKKRealmForCurrentContext(); - List users = realm.users() - .search(username, true); - return users; + RealmResource realm = KkClientFactory.getSingleton().getKKRealm(); + UserRepresentation user = realm.users().search(username).stream().findFirst().orElse(null); + return user; + } + + public static UserRepresentation getUserByUsername(String username) { + logger.info("Searching user by username: {}", username); + + RealmResource realm = KkClientFactory.getSingleton().getKKRealm(); + UserRepresentation user = realm.users() + .search(username, true).stream().findFirst().orElse(null); + return user; } public static List searchUsersByRole(String roleName, Integer firstResult, Integer maxResults) { logger.info("Searching users by role: {}", roleName); - ClientResource client = KkClientFactory.getSingleton().getKKClientForCurrentContext(); + ClientResource client = KkClientFactory.getSingleton().getKKClient(); List users = client.roles().get(roleName) .getUserMembers(firstResult, maxResults); return users; } - public static List users(Integer firstResult, Integer maxResults) { - RealmResource realm = KkClientFactory.getSingleton().getKKRealmForCurrentContext(); + public static List users( + Integer firstResult, + Integer maxResults) { + RealmResource realm = KkClientFactory.getSingleton().getKKRealm(); List users = realm.users() .list(firstResult, maxResults); @@ -51,7 +111,7 @@ public class KKUserClient { } public static List clients() { - RealmResource realm = KkClientFactory.getSingleton().getKKRealmForCurrentContext(); + RealmResource realm = KkClientFactory.getSingleton().getKKRealm(); String ctx = SecretManagerProvider.get().getContext(); KeycloackApiClient keycloackApiClient = KkClientFactory.getSingleton() diff --git a/src/main/java/org/gcube/service/idm/is/InfrastrctureServiceClient.java b/src/main/java/org/gcube/service/idm/is/InfrastrctureServiceClient.java new file mode 100644 index 0000000..c2ec2e5 --- /dev/null +++ b/src/main/java/org/gcube/service/idm/is/InfrastrctureServiceClient.java @@ -0,0 +1,172 @@ +package org.gcube.service.idm.is; + +import static org.gcube.resources.discovery.icclient.ICFactory.clientFor; +import static org.gcube.resources.discovery.icclient.ICFactory.queryFor; + +import java.util.ArrayList; +import java.util.List; +import java.util.stream.Stream; + +import org.gcube.common.encryption.encrypter.StringEncrypter; +import org.gcube.common.resources.gcore.ServiceEndpoint; +import org.gcube.common.security.AuthorizedTasks; +import org.gcube.common.security.secrets.Secret; +import org.gcube.resources.discovery.client.api.DiscoveryClient; +import org.gcube.resources.discovery.client.queries.api.SimpleQuery; +import org.gcube.smartgears.ContextProvider; +import org.gcube.smartgears.context.application.ApplicationContext; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import jakarta.ws.rs.NotFoundException; + +/** + * Utility class to query EndPoints and search for AccessPoints from IS + * @author Alfredo Oliviero (ISTI - CNR) + */ + +public class InfrastrctureServiceClient { + private static final Logger logger = LoggerFactory.getLogger(InfrastrctureServiceClient.class); + + /** + * obatins from IS the list of ServiceEndpoint matching the parameters + * + * @param resource_name + * @param category + * @param accessPointName + * @param is_root_service + * @return the list of EndPoints matching the parameters + * @throws Exception + */ + + public static List getEndopintsFromIS(String resource_name, String category, + boolean root_service) { + SimpleQuery query = queryFor(ServiceEndpoint.class); + + if (resource_name != null) { + query.addCondition("$resource/Profile/Name/text() eq '" + resource_name + "'"); + } + if (category != null){ + query.addCondition("$resource/Profile/Category/text() eq '" + category + "'"); + } + DiscoveryClient client = clientFor(ServiceEndpoint.class); + + ApplicationContext ctx = ContextProvider.get(); + + String infra_context = "/" + ctx.container().configuration().infrastructure(); + Secret secret = ctx.container().authorizationProvider().getSecretForContext(infra_context); + + List endpoints = null; + + try { + if (root_service) { + + endpoints = AuthorizedTasks.executeSafely(() -> { + // esegui la query + List toReturn = client.submit(query); + return toReturn; + }, secret); + } else { + endpoints = client.submit(query); + } + } catch (Throwable e) { + e.printStackTrace(); + } + + return endpoints; + + } + + + /** + * obatains the list of AccessPoints matching the parameters + * + * @param resource_name + * @param category + * @param accessPointName + * @param is_root_service + * @return the list of AccessPoints + * @throws Exception + */ + public static List getAccessPointsFromIS(String resource_name, String category, + String accessPointName, boolean is_root_service) throws Exception { + + List resources = getEndopintsFromIS(resource_name, category, is_root_service); + + if (resources.size() == 0) { + logger.error("There is no Runtime Resource having name " + resource_name + " and Category " + + category + " in this scope."); + return null; + } + + List response = new ArrayList(); + resources.forEach(res -> { + Stream access_points_res = res.profile().accessPoints().stream(); + + if (accessPointName == null) { + access_points_res = access_points_res.filter(ap -> ap.name().equals(accessPointName)); + } + + access_points_res.forEach(a -> response.add(a)); + }); + return response; + } + + /** + * obatains the list of AccessPoints matching the parameters, and returns the first one + * + * @param resource_name + * @param category + * @param accessPointName + * @return an AccessPoints matching the parameters + * @throws Exception + */ + public static ServiceEndpoint.AccessPoint getAccessPointFromIS(String resource_name, String category, + String accessPointName, boolean root_service) throws Exception { + + List access_points = getAccessPointsFromIS(resource_name, category, accessPointName, root_service); + + if (access_points.size() == 0) { + logger.error("Unable to retrieve service endpoint " + accessPointName); + return null; + } + + return access_points.get(0); + + } + + /** + * Reads the service configuration from the IS + * @param resourceName + * @param category + * @param accessPointName + * @param is_root_service + * @return + * @throws Exception + */ + public static IsServerConfig serviceConfigFromIS(String resourceName, String category, String accessPointName, boolean is_root_service) + throws Exception { + + logger.info("Starting creating service credentials"); + ServiceEndpoint.AccessPoint accessPoint = InfrastrctureServiceClient.getAccessPointFromIS(resourceName, + category, accessPointName, is_root_service); + + if (accessPoint == null) { + String error_log = "Unable to retrieve service endpoint " + accessPointName; + + logger.error(error_log); + throw new NotFoundException(error_log); + } + + String service_url = accessPoint.address(); + String name = accessPoint.name(); + String clientId = accessPoint.username(); + String clientSecret = StringEncrypter.getEncrypter().decrypt(accessPoint.password()); + + IsServerConfig config = new IsServerConfig(service_url, name, clientId, clientSecret); + logger.info("Found AccessPoint URL = " + service_url); + return config; + + } + +} diff --git a/src/main/java/org/gcube/keycloack/KeycloakServerConfig.java b/src/main/java/org/gcube/service/idm/is/IsServerConfig.java similarity index 57% rename from src/main/java/org/gcube/keycloack/KeycloakServerConfig.java rename to src/main/java/org/gcube/service/idm/is/IsServerConfig.java index 10f307e..5202b68 100644 --- a/src/main/java/org/gcube/keycloack/KeycloakServerConfig.java +++ b/src/main/java/org/gcube/service/idm/is/IsServerConfig.java @@ -1,8 +1,8 @@ -package org.gcube.keycloack; +package org.gcube.service.idm.is; import org.keycloak.OAuth2Constants; -public class KeycloakServerConfig { +public class IsServerConfig { private String serverUrl; private String realm; private String clientId; @@ -30,27 +30,16 @@ public class KeycloakServerConfig { return grantType; } - public KeycloakServerConfig(String serverUrl, String realm, String clientId, String clientSecret) { + public IsServerConfig(String serverUrl, String realm, String clientId, String clientSecret) { this.serverUrl = serverUrl; this.realm = realm; this.clientId = clientId; this.clientSecret = clientSecret; } - public KeycloakServerConfig(String serverUrl, String realm, String clientId, String clientSecret, + public IsServerConfig(String serverUrl, String realm, String clientId, String clientSecret, String grantType) { this(serverUrl, realm, clientId, clientSecret); this.grantType = grantType; } - - //TODO: REMOVE - static KeycloakServerConfig getTestConfig(){ - String serverUrl = "https://accounts.dev.d4science.org/auth"; - String realm = "d4science"; - String clientId = "id.d4science.org"; - String clientSecret = "09c26f24-3c65-4039-9fa0-e5cc4f4032cd"; - - return new KeycloakServerConfig(serverUrl, realm, clientId, clientSecret); - } - } diff --git a/src/main/java/org/gcube/service/idm/is/client/InfrastrctureServiceClient.java b/src/main/java/org/gcube/service/idm/is/client/InfrastrctureServiceClient.java deleted file mode 100644 index c360a76..0000000 --- a/src/main/java/org/gcube/service/idm/is/client/InfrastrctureServiceClient.java +++ /dev/null @@ -1,96 +0,0 @@ -package org.gcube.service.idm.is.client; - -import static org.gcube.resources.discovery.icclient.ICFactory.clientFor; -import static org.gcube.resources.discovery.icclient.ICFactory.queryFor; - -import java.util.List; - -import org.gcube.common.resources.gcore.ServiceEndpoint; -// import org.gcube.common.scope.api.ScopeProvider; -import org.gcube.common.security.AuthorizedTasks; -import org.gcube.resources.discovery.client.api.DiscoveryClient; -import org.gcube.resources.discovery.client.queries.api.SimpleQuery; -import org.gcube.smartgears.ContextProvider; -import org.gcube.smartgears.context.application.ApplicationContext; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -import org.gcube.common.security.secrets.Secret; - -public class InfrastrctureServiceClient { - private static final Logger logger = LoggerFactory.getLogger(InfrastrctureServiceClient.class); - - /** - * Retrieve endpoints information from IS for DB - * - * @return list of endpoints for ckan database - * @throws Throwable - */ - public static List getEndopintsFromIS(String resource_name, String category, - boolean root_service) { - SimpleQuery query = queryFor(ServiceEndpoint.class); - query.addCondition("$resource/Profile/Name/text() eq '" + resource_name + "'"); - query.addCondition("$resource/Profile/Category/text() eq '" + category + "'"); - DiscoveryClient client = clientFor(ServiceEndpoint.class); - - ApplicationContext ctx = ContextProvider.get(); - - String infra_context = "/" + ctx.container().configuration().infrastructure(); - Secret secret = ctx.container().authorizationProvider().getSecretForContext(infra_context); - - List endpoints = null; - - try { - if (root_service) { - - endpoints = AuthorizedTasks.executeSafely(() -> { - // esegui la query - List toReturn = client.submit(query); - return toReturn; - }, secret); - } else { - endpoints = client.submit(query); - } - } catch (Throwable e) { - // TODO Auto-generated catch block - e.printStackTrace(); - } - - return endpoints; - - } - - /** - * @param resource_name - * @param category - * @param accessPointName - * @return - * @throws Exception - */ - public static ServiceEndpoint.AccessPoint getAccesspointFromIS(String resource_name, String category, - String accessPointName, boolean root_service) throws Exception { - - List resources = getEndopintsFromIS(resource_name, category, root_service); - - if (resources.size() == 0) { - logger.error("There is no Runtime Resource having name " + resource_name + " and Category " - + category + " in this scope."); - return null; - } - - for (ServiceEndpoint res : resources) { - ServiceEndpoint.AccessPoint accessPoint = res.profile().accessPoints().stream() - .filter(ap -> ap.name().equals(accessPointName)) - .findFirst().orElse(null); - if (accessPoint != null) { - return accessPoint; - } - } - - String error_log = "Unable to retrieve service endpoint " + accessPointName; - logger.error(error_log); - - return null; - } - -} diff --git a/src/main/java/org/gcube/keycloack/ErrorMessages.java b/src/main/java/org/gcube/service/idm/keycloack/ErrorMessages.java similarity index 98% rename from src/main/java/org/gcube/keycloack/ErrorMessages.java rename to src/main/java/org/gcube/service/idm/keycloack/ErrorMessages.java index 1c5e190..3f91562 100644 --- a/src/main/java/org/gcube/keycloack/ErrorMessages.java +++ b/src/main/java/org/gcube/service/idm/keycloack/ErrorMessages.java @@ -1,4 +1,4 @@ -package org.gcube.keycloack; +package org.gcube.service.idm.keycloack; public class ErrorMessages { diff --git a/src/main/java/org/gcube/keycloack/KeycloackApiClient.java b/src/main/java/org/gcube/service/idm/keycloack/KeycloackApiClient.java similarity index 94% rename from src/main/java/org/gcube/keycloack/KeycloackApiClient.java rename to src/main/java/org/gcube/service/idm/keycloack/KeycloackApiClient.java index d65deed..8f3c516 100644 --- a/src/main/java/org/gcube/keycloack/KeycloackApiClient.java +++ b/src/main/java/org/gcube/service/idm/keycloack/KeycloackApiClient.java @@ -1,4 +1,4 @@ -package org.gcube.keycloack; +package org.gcube.service.idm.keycloack; import org.keycloak.admin.client.Keycloak; diff --git a/src/main/java/org/gcube/service/idm/keycloack/KkClientFactory.java b/src/main/java/org/gcube/service/idm/keycloack/KkClientFactory.java new file mode 100644 index 0000000..67e9471 --- /dev/null +++ b/src/main/java/org/gcube/service/idm/keycloack/KkClientFactory.java @@ -0,0 +1,131 @@ +package org.gcube.service.idm.keycloack; + +import java.util.List; + +import org.gcube.common.security.providers.SecretManagerProvider; +import org.gcube.service.idm.is.InfrastrctureServiceClient; +import org.gcube.service.idm.is.IsServerConfig; +import org.keycloak.admin.client.Keycloak; +import org.keycloak.admin.client.KeycloakBuilder; +import org.keycloak.admin.client.resource.ClientResource; +import org.keycloak.admin.client.resource.RealmResource; +import org.keycloak.representations.idm.ClientRepresentation; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +public class KkClientFactory { + private static final Logger logger = LoggerFactory.getLogger(KkClientFactory.class); + + private final static String RUNTIME_RESOURCE_NAME = "IAM"; + private final static String CATEGORY = "Service"; + private final static String REALM_D4S = "d4science"; + private final static boolean IS_ROOT_SERVICE = true; + + // the singleton obj + + private static KkClientFactory singleton = new KkClientFactory(); + + /** + * keycloak configuration obtained from IS in the private constructor + * using the singleton pattern, it's retrieved from IS only for the first + * access, then kept in the singleton object + */ + private IsServerConfig config; + + public static KkClientFactory getSingleton() { + if (singleton == null) + singleton = new KkClientFactory(); + return singleton; + } + + /** + * Private constructor + * obtains the config from IS + */ + private KkClientFactory() { + logger.info("Building KeycloakAPICredentials object"); + try { + if (this.config == null) { + this.config = InfrastrctureServiceClient.serviceConfigFromIS(RUNTIME_RESOURCE_NAME, CATEGORY, REALM_D4S, + IS_ROOT_SERVICE); + } + + // if (this.config_keycloak == null) + // this.config = IsServerConfig.getTestConfig(); + + } catch ( + + Exception e) { + logger.error("error obtaining IAM configuration from IS {} ", e); + } + logger.info("KeycloakAPICredentials object built {} - {}", config.getServerUrl(), config.getRealm()); + } + + public void setIsConfig() throws Exception { + this.config = InfrastrctureServiceClient.serviceConfigFromIS(RUNTIME_RESOURCE_NAME, CATEGORY, REALM_D4S, + IS_ROOT_SERVICE); + } + + public static String encodeClientIdContext(String context) { + return context.replace("/", "%2F"); + } + + public KeycloackApiClient createtKeycloakInstance(String context) { + return createtKeycloakInstance(this.config, context); + } + + public static KeycloackApiClient createtKeycloakInstance(IsServerConfig config, String context) { + + Keycloak kclient = KeycloakBuilder.builder() + .serverUrl(config.getServerUrl()) + .realm(config.getRealm()) + .grantType(config.getGrantType()) + .clientId(config.getClientId()) // + .clientSecret(config.getClientSecret()).build(); + + return new KeycloackApiClient(kclient, config.getRealm(), context); + } + + public RealmResource getKKRealm() { + String ctx = SecretManagerProvider.get().getContext(); + return getKKRealm(ctx); + } + + public RealmResource getKKRealm(String ctx) { + logger.info("Searching client for contex"); + + KeycloackApiClient keycloackApiClient = createtKeycloakInstance(ctx); + RealmResource realm = keycloackApiClient.kclient.realm(keycloackApiClient.realmName); + return realm; + } + + public ClientResource getKKClient() { + String ctx = SecretManagerProvider.get().getContext(); + return getKKClient(ctx); + } + + public ClientResource getKKClient(String ctx) { + logger.info("Searching client for contex"); + + RealmResource realm = getKKRealm(ctx); + + List clients = realm.clients().findByClientId(encodeClientIdContext(ctx)); + + if (clients.size() == 0) { + return null; + } + String id = clients.get(0).getId(); + return realm.clients().get(id); + } + + // TODO: REMOVE + static IsServerConfig getTestConfig() { + String serverUrl = "https://accounts.dev.d4science.org/auth"; + String realm = "d4science"; + String clientId = "id.d4science.org"; + String clientSecret = "09c26f24-3c65-4039-9fa0-e5cc4f4032cd"; + + return new IsServerConfig(serverUrl, realm, clientId, clientSecret); + } + +} diff --git a/src/main/java/org/gcube/keycloack/flusso.txt b/src/main/java/org/gcube/service/idm/keycloack/flusso.txt similarity index 100% rename from src/main/java/org/gcube/keycloack/flusso.txt rename to src/main/java/org/gcube/service/idm/keycloack/flusso.txt diff --git a/src/main/java/org/gcube/service/idm/liferay/LiferayClientFactory.java b/src/main/java/org/gcube/service/idm/liferay/LiferayClientFactory.java new file mode 100644 index 0000000..0363ab9 --- /dev/null +++ b/src/main/java/org/gcube/service/idm/liferay/LiferayClientFactory.java @@ -0,0 +1,89 @@ +package org.gcube.service.idm.liferay; + +import org.gcube.common.encryption.encrypter.StringEncrypter; +import org.gcube.common.resources.gcore.ServiceEndpoint; +import org.gcube.service.idm.is.InfrastrctureServiceClient; +import org.gcube.service.idm.is.IsServerConfig; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import jakarta.ws.rs.NotFoundException; + +public class LiferayClientFactory { + private static final Logger logger = LoggerFactory.getLogger(LoggerFactory.class); + + // Service endpoint properties + private final static String RUNTIME_RESOURCE_NAME = "D4Science Infrastructure Gateway"; + private final static String CATEGORY = "Portal"; + private final static String REALM_D4S = "d4science"; + private final static boolean IS_ROOT_SERVICE = true; + + private static LiferayClientFactory singleton = new LiferayClientFactory(); + + /** + * keycloak configuration obtained from IS in the private constructor + * using the singleton pattern, it's retrieved from IS only for the first access, then kept in the singleton object + */ + private IsServerConfig config; + + public static LiferayClientFactory getSingleton() { + if (singleton == null) + singleton = new LiferayClientFactory(); + return singleton; + } + + /** + * Private constructor + * obtains the config from IS + */ + private LiferayClientFactory() { + logger.info("Building LiferayClientFactory object"); + try { + if (this.config == null) + setIsInstance(); + // if (this.config_keycloak == null) + // setTestKeycloackInstance(); + + } catch (Exception e) { + logger.error("error obtaining Liferay configuration from IS {} ", e); + } + logger.info("Liferay object built {} - {}", config.getServerUrl(), config.getRealm() ); + } + + public void setIsInstance() throws Exception { + this.config = lookupPropertiesFromIs(RUNTIME_RESOURCE_NAME, CATEGORY, REALM_D4S, IS_ROOT_SERVICE); + } + + /** + * Read the properties from the infrastructure + * + * @throws Exception + */ + private IsServerConfig lookupPropertiesFromIs(String resource_name, String category, String accessPointName, boolean root_service) + throws Exception { + + logger.info("Starting creating KeycloakAPICredentials"); + ServiceEndpoint.AccessPoint accessPoint = InfrastrctureServiceClient.getAccessPointFromIS(resource_name, + category, accessPointName, root_service); + + if (accessPoint == null) { + String error_log = "Unable to retrieve service endpoint " + accessPointName; + + logger.error(error_log); + throw new NotFoundException(error_log); + } + + String service_url = accessPoint.address(); + String name = accessPoint.name(); + String clientId = accessPoint.username(); + String clientSecret = StringEncrypter.getEncrypter().decrypt(accessPoint.password()); + + IsServerConfig config = new IsServerConfig(service_url, name, clientId, clientSecret); + logger.info("Found accesspoint URL = " + service_url); + return config; + + } + + + +} diff --git a/src/main/java/org/gcube/service/idm/rest/RolesAPI.java b/src/main/java/org/gcube/service/idm/rest/RolesAPI.java index 2a723b9..135c640 100644 --- a/src/main/java/org/gcube/service/idm/rest/RolesAPI.java +++ b/src/main/java/org/gcube/service/idm/rest/RolesAPI.java @@ -1,17 +1,17 @@ package org.gcube.service.idm.rest; -import java.util.ArrayList; -import java.util.HashMap; import java.util.List; -import java.util.Map; import org.gcube.service.idm.IdMManager; import org.gcube.service.idm.controller.KKRolesClient; -import org.gcube.service.idm.controller.KKUserClient; +import org.gcube.service.idm.keycloack.KkClientFactory; import org.gcube.service.idm.serializers.ContextSerializator; import org.gcube.service.rest.ResponseBean; import org.gcube.service.rest.ResponseBeanPaginated; import org.gcube.smartgears.annotations.ManagedBy; +import org.keycloak.admin.client.resource.ClientResource; +import org.keycloak.admin.client.resource.RoleResource; +import org.keycloak.admin.client.resource.RolesResource; import org.keycloak.representations.idm.RoleRepresentation; import org.keycloak.representations.idm.UserRepresentation; import org.slf4j.LoggerFactory; @@ -19,29 +19,39 @@ import org.slf4j.LoggerFactory; import com.fasterxml.jackson.core.JsonProcessingException; import com.fasterxml.jackson.databind.ObjectMapper; -import jakarta.validation.constraints.Min; import jakarta.ws.rs.DefaultValue; import jakarta.ws.rs.GET; import jakarta.ws.rs.Path; +import jakarta.ws.rs.PathParam; import jakarta.ws.rs.Produces; import jakarta.ws.rs.QueryParam; +import jakarta.ws.rs.core.MediaType; import jakarta.ws.rs.core.Response; import jakarta.ws.rs.core.Response.Status; @ManagedBy(IdMManager.class) @Path("roles") public class RolesAPI { - private static final org.slf4j.Logger logger = LoggerFactory.getLogger(RolesAPI.class); + private static final org.slf4j.Logger logger = LoggerFactory.getLogger(RolesAPI.class); @GET @Path("/") - @Produces({ "application/json;charset=UTF-8", "application/vnd.api+json" }) - public Response roles() { + @Produces(MediaType.APPLICATION_JSON) + public Response search(@QueryParam("search") @DefaultValue("") String search, + @QueryParam("first") Integer firstResult, + @QueryParam("max") Integer maxResults, + @QueryParam("briefRepresentation") @DefaultValue("true") boolean briefRepresentation) { + Status status = Status.OK; - ResponseBean responseBean = new ResponseBean();; - + ResponseBean responseBean; + if (firstResult != null || maxResults != null) { + responseBean = new ResponseBeanPaginated(firstResult, maxResults); + } else { + responseBean = new ResponseBean(); + } try { - List roles = KKRolesClient.getRoles(); + ClientResource client = KkClientFactory.getSingleton().getKKClient(); + List roles = client.roles().list(search, firstResult, maxResults, briefRepresentation); responseBean.setResult(roles); responseBean.setSuccess(true); @@ -51,6 +61,78 @@ public class RolesAPI { String jsonData = objectMapper.writeValueAsString(responseBean); return Response.ok(jsonData).build(); + } catch (JsonProcessingException e) { + e.printStackTrace(); + return Response.serverError().build(); + } catch (Exception e) { + logger.error("Unable to retrieve users with the requested role", e); + responseBean.setMessage(e.getMessage()); + status = Status.INTERNAL_SERVER_ERROR; + return Response.status(status).entity(responseBean).build(); + } + } + + @GET + @Path("/{name}") + @Produces({ "application/json;charset=UTF-8", "application/vnd.api+json" }) + public Response role( + @PathParam("name") String role_name) { + Status status = Status.OK; + ResponseBean responseBean = new ResponseBean(); + + try { + RoleRepresentation role = KKRolesClient.getRoleByName(role_name); + + responseBean.setResult(role); + responseBean.setSuccess(true); + + ObjectMapper objectMapper = ContextSerializator.getSerializer(); + + String jsonData = objectMapper.writeValueAsString(responseBean); + return Response.ok(jsonData).build(); + + } catch (JsonProcessingException e) { + e.printStackTrace(); + return Response.serverError().build(); + } catch (Exception e) { + logger.error("Unable to retrieve users with the requested role", e); + responseBean.setMessage(e.getMessage()); + status = Status.INTERNAL_SERVER_ERROR; + return Response.status(status).entity(responseBean).build(); + + } + } + + @GET + @Path("/{role_name}/users") + @Produces({ "application/json;charset=UTF-8", "application/vnd.api+json" }) + public Response usersForRole( + @PathParam("role_name") String role_name, + @QueryParam("first") Integer firstResult, + @QueryParam("max") Integer maxResults) { + Status status = Status.OK; + ResponseBean responseBean; + if (firstResult != null || maxResults != null) { + responseBean = new ResponseBeanPaginated(firstResult, maxResults); + } else { + responseBean = new ResponseBean(); + } + try { + + ClientResource client = KkClientFactory.getSingleton().getKKClient(); + RolesResource roles_resource = client.roles(); + RoleResource r = roles_resource.get(role_name); + + List users = r.getUserMembers(firstResult, maxResults); + + responseBean.setResult(users); + responseBean.setSuccess(true); + + ObjectMapper objectMapper = ContextSerializator.getSerializer(); + + String jsonData = objectMapper.writeValueAsString(responseBean); + return Response.ok(jsonData).build(); + } catch (JsonProcessingException e) { e.printStackTrace(); return Response.serverError().build(); diff --git a/src/main/java/org/gcube/service/idm/rest/UserApi.java b/src/main/java/org/gcube/service/idm/rest/UserApi.java new file mode 100644 index 0000000..5badf7e --- /dev/null +++ b/src/main/java/org/gcube/service/idm/rest/UserApi.java @@ -0,0 +1,233 @@ +package org.gcube.service.idm.rest; + +import java.lang.reflect.MalformedParametersException; +import java.util.List; + +import org.gcube.common.security.Owner; +import org.gcube.common.security.providers.SecretManagerProvider; +import org.gcube.common.security.secrets.Secret; +import org.gcube.service.idm.IdMManager; +import org.gcube.service.idm.controller.KKUserClient; +import org.gcube.service.idm.keycloack.KkClientFactory; +import org.gcube.service.idm.serializers.ContextSerializator; +import org.gcube.service.rest.ResponseBean; +import org.gcube.service.rest.ResponseBeanPaginated; +import org.gcube.smartgears.annotations.ManagedBy; +import org.keycloak.admin.client.resource.RealmResource; +import org.keycloak.representations.idm.UserRepresentation; +import org.slf4j.LoggerFactory; + +import com.fasterxml.jackson.core.JsonProcessingException; +import com.fasterxml.jackson.databind.ObjectMapper; + +import jakarta.ws.rs.DefaultValue; +import jakarta.ws.rs.GET; +import jakarta.ws.rs.Path; +import jakarta.ws.rs.PathParam; +import jakarta.ws.rs.Produces; +import jakarta.ws.rs.QueryParam; +import jakarta.ws.rs.core.MediaType; +import jakarta.ws.rs.core.Response; +import jakarta.ws.rs.core.Response.Status; + +@ManagedBy(IdMManager.class) +@Path("users") +public class UserApi { + private static final org.slf4j.Logger logger = LoggerFactory.getLogger(UserApi.class); + + @GET + @Path("/me/owner") + @Produces({ "application/json;charset=UTF-8", "application/vnd.api+json" }) + public Response getCurrentUsers() { + + Status status = Status.OK; + ResponseBean responseBean = new ResponseBean(); + + try { + + Secret secret = SecretManagerProvider.get(); + Owner owner = secret.getOwner(); + + // UserResource user = KKUserClient.getUserById(); + responseBean.setResult(owner); + responseBean.setSuccess(true); + + ObjectMapper objectMapper = ContextSerializator.getSerializer(); + + String jsonData = objectMapper.writeValueAsString(responseBean); + return Response.ok(jsonData).build(); + + } catch (JsonProcessingException e) { + e.printStackTrace(); + return Response.serverError().build(); + } catch (Exception e) { + logger.error("Unable to retrieve users with the requested role", e); + responseBean.setMessage(e.getMessage()); + status = Status.INTERNAL_SERVER_ERROR; + return Response.status(status).entity(responseBean).build(); + } + } + + // @GET + // @Path("/{username}") + // @Produces({ "application/json;charset=UTF-8", "application/vnd.api+json" }) + // public Response getUser( + // @PathParam("username") String username) { + // return getUserParameter(username, null); + // } + + @GET + @Path("/{username}/{parameter}") + @Produces({ "application/json;charset=UTF-8", "application/vnd.api+json" }) + public Response getUserParameter( + + @PathParam("username") String username, + @PathParam("parameter") String parameter) { + + Status status = Status.OK; + ResponseBean responseBean = new ResponseBean(); + + if (username.equals("me")) { + Secret secret = SecretManagerProvider.get(); + Owner owner = secret.getOwner(); + username = owner.getId(); + } + + try { + + UserRepresentation user = KKUserClient.getUserByUsername(username); + + if (parameter == null) + responseBean.setResult(user); + + // UserResource user = KKUserClient.getUserById(); + + if (parameter.equals("profile") || parameter == null) + responseBean.setResult(user); + + else if (parameter.equals("email")) + responseBean.setResult(user.getEmail()); + + else if (parameter.equals("roles_realm")) + responseBean.setResult(user.getRealmRoles()); + + else if (parameter.equals("roles_clients")) + responseBean.setResult(user.getClientRoles()); + + else if (parameter.equals("groups")) + responseBean.setResult(user.getGroups()); + + else if (parameter.equals("id")) + responseBean.setResult(user.getId()); + + else if (parameter.equals("username")) + responseBean.setResult(user.getUsername()); + + else if (parameter.equals("name")) + responseBean.setResult(user.getFirstName() + " " + user.getLastName()); + + else if (parameter.equals("attributes")) + responseBean.setResult(user.getAttributes()); + + else if (parameter.equals("organization")) + responseBean.setResult(user.getAttributes().get("organizations")); + + else + throw new MalformedParametersException("unknow parameter " + parameter); + + responseBean.setSuccess(true); + + ObjectMapper objectMapper = ContextSerializator.getSerializer(); + + String jsonData = objectMapper.writeValueAsString(responseBean); + return Response.ok(jsonData).build(); + + } catch (JsonProcessingException e) { + e.printStackTrace(); + return Response.serverError().build(); + } catch (Exception e) { + logger.error("Unable to retrieve users with the requested role", e); + responseBean.setMessage(e.getMessage()); + status = Status.INTERNAL_SERVER_ERROR; + return Response.status(status).entity(responseBean).build(); + } + } + + @GET + @Path("/search") + @Produces(MediaType.APPLICATION_JSON) + public Response search(@QueryParam("username") String username, + @QueryParam("firstName") String firstName, + @QueryParam("lastName") String lastName, + @QueryParam("email") String email, + @QueryParam("emailVerified") @DefaultValue("true") Boolean emailVerified, + @QueryParam("idpAlias") String idpAlias, + @QueryParam("idpUserId") String idpUserId, + @QueryParam("first") Integer firstResult, + @QueryParam("max") Integer maxResults, + @QueryParam("enabled") @DefaultValue("true") Boolean enabled, + @QueryParam("briefRepresentation") @DefaultValue("true") Boolean briefRepresentation) { + + Status status = Status.OK; + ResponseBean responseBean; + if (firstResult != null || maxResults != null) { + responseBean = new ResponseBeanPaginated(firstResult, maxResults); + } else { + responseBean = new ResponseBean(); + } + try { + + RealmResource realm = KkClientFactory.getSingleton().getKKRealm(); + + List users = realm.users().search(username, firstName, lastName, email, emailVerified, + idpAlias, idpUserId, firstResult, maxResults, enabled, briefRepresentation); + + responseBean.setResult(users); + responseBean.setSuccess(true); + + ObjectMapper objectMapper = ContextSerializator.getSerializer(); + + String jsonData = objectMapper.writeValueAsString(responseBean); + return Response.ok(jsonData).build(); + + } catch (JsonProcessingException e) { + e.printStackTrace(); + return Response.serverError().build(); + } catch (Exception e) { + logger.error("Unable to retrieve users with the requested role", e); + responseBean.setMessage(e.getMessage()); + status = Status.INTERNAL_SERVER_ERROR; + return Response.status(status).entity(responseBean).build(); + } + } + + @GET + @Path("/{username}") + @Produces(MediaType.APPLICATION_JSON) + public Response getById(@PathParam("username") String id) { + + Status status = Status.OK; + ResponseBean responseBean = new ResponseBean(); + + try { + UserRepresentation user = KKUserClient.getUserById(id); + + responseBean.setResult(user); + responseBean.setSuccess(true); + + ObjectMapper objectMapper = ContextSerializator.getSerializer(); + + String jsonData = objectMapper.writeValueAsString(responseBean); + return Response.ok(jsonData).build(); + + } catch (JsonProcessingException e) { + e.printStackTrace(); + return Response.serverError().build(); + } catch (Exception e) { + logger.error("Unable to retrieve users with the requested role", e); + responseBean.setMessage(e.getMessage()); + status = Status.INTERNAL_SERVER_ERROR; + return Response.status(status).entity(responseBean).build(); + } + } +} diff --git a/src/main/java/org/gcube/service/idm/rest/UsersSocialAPI.java b/src/main/java/org/gcube/service/idm/rest/UsersSocialAPI.java index 7d38e3b..6d4f9b5 100644 --- a/src/main/java/org/gcube/service/idm/rest/UsersSocialAPI.java +++ b/src/main/java/org/gcube/service/idm/rest/UsersSocialAPI.java @@ -5,27 +5,19 @@ import java.util.HashMap; import java.util.List; import java.util.Map; -import jakarta.ws.rs.DefaultValue; -import jakarta.ws.rs.GET; -import jakarta.ws.rs.Path; -import jakarta.ws.rs.Produces; -import jakarta.ws.rs.QueryParam; -import jakarta.ws.rs.core.Response; -import jakarta.ws.rs.core.Response.Status; - -import org.gcube.common.authorization.library.policies.Users; import org.gcube.common.security.Owner; import org.gcube.common.security.providers.SecretManagerProvider; import org.gcube.common.security.secrets.Secret; -import org.gcube.keycloack.ErrorMessages; import org.gcube.service.idm.IdMManager; import org.gcube.service.idm.controller.KKUserClient; +import org.gcube.service.idm.keycloack.ErrorMessages; import org.gcube.service.idm.serializers.ContextSerializator; import org.gcube.service.rest.ResponseBean; import org.gcube.service.rest.ResponseBeanPaginated; import org.gcube.smartgears.annotations.ManagedBy; import org.gcube.vomanagement.usermanagement.UserManager; import org.gcube.vomanagement.usermanagement.model.GCubeUser; +import org.keycloak.admin.client.resource.UsersResource; import org.keycloak.representations.idm.UserRepresentation; import org.slf4j.LoggerFactory; @@ -35,12 +27,18 @@ import com.webcohesion.enunciate.metadata.rs.ResponseCode; import com.webcohesion.enunciate.metadata.rs.StatusCodes; import jakarta.validation.ValidationException; -import jakarta.validation.constraints.Min; import jakarta.validation.constraints.NotNull; +import jakarta.ws.rs.DefaultValue; +import jakarta.ws.rs.GET; +import jakarta.ws.rs.Path; +import jakarta.ws.rs.Produces; +import jakarta.ws.rs.QueryParam; import jakarta.ws.rs.core.MediaType; +import jakarta.ws.rs.core.Response; +import jakarta.ws.rs.core.Response.Status; @ManagedBy(IdMManager.class) -@Path("users") +@Path("social/users") // @ResourceGroup("Users APIs") // @ResourceLabel("Greetings APIs") // @RequestHeaders({ @@ -48,7 +46,7 @@ import jakarta.ws.rs.core.MediaType; // href=\"https://dev.d4science.org/how-to-access-resources\">https://dev.d4science.org/how-to-access-resources") // }) public class UsersSocialAPI { - private static final org.slf4j.Logger logger = LoggerFactory.getLogger(Users.class); + private static final org.slf4j.Logger logger = LoggerFactory.getLogger(UsersSocialAPI.class); // private static final List GLOBAL_ROLES_ALLOWED_BY_LOCAL_CALL_METHOD = // Arrays.asList("DataMiner-Manager", @@ -59,11 +57,11 @@ public class UsersSocialAPI { @Produces({ "application/json;charset=UTF-8", "application/vnd.api+json" }) public Response getUsernamesByRole( @QueryParam("role-name") String roleName, - @QueryParam("firstResult") @DefaultValue("0") @Min(value = 0, message = "from cannot be negative") int firstResult, - @QueryParam("maxResults") @DefaultValue("10000") @Min(value = 0, message = "quantity cannot be negative") int maxResults) { + @QueryParam("first") Integer firstResult, + @QueryParam("max") Integer maxResults) { Status status = Status.OK; ResponseBean responseBean; - if (firstResult > 0 || maxResults > 0) { + if (firstResult != null || maxResults != null) { responseBean = new ResponseBeanPaginated(firstResult, maxResults); } else { responseBean = new ResponseBean(); @@ -100,22 +98,37 @@ public class UsersSocialAPI { @Path("/get-all-fullnames-and-usernames") @Produces({ "application/json;charset=UTF-8", "application/vnd.api+json" }) public Response getAllUsernamesFullnames( - @QueryParam("firstResult") @DefaultValue("0") @Min(value = 0, message = "from cannot be negative") int firstResult, - @QueryParam("maxResults") @DefaultValue("100000") @Min(value = 0, message = "quantity cannot be negative") int maxResults) { + @QueryParam("emailVerified") Boolean emailVerified, + + @QueryParam("enabled") Boolean enabled, + @QueryParam("briefRepresentation") @DefaultValue("true") Boolean briefRepresentation, + + @QueryParam("first") Integer firstResult, + @QueryParam("max") Integer maxResults) { Status status = Status.OK; - ResponseBean responseBean = new ResponseBean(); - Map usernamesAndFullnames = new HashMap(); - + ResponseBean responseBean; + if (firstResult != null || maxResults != null ) { + responseBean = new ResponseBeanPaginated(firstResult, maxResults); + } else { + responseBean = new ResponseBean(); + } try { + UsersResource users_resource = KKUserClient.users(); + List users = users_resource.search(emailVerified, firstResult, maxResults, enabled, + briefRepresentation); - List users = KKUserClient.users(firstResult, maxResults); - if (users != null) { - for (UserRepresentation user : users) { - usernamesAndFullnames.put(user.getUsername(), user.getEmail()); - } + if (briefRepresentation) { + Map usernamesAndFullnames = new HashMap(); + + users.forEach(user -> usernamesAndFullnames.put(user.getUsername(), user.getEmail())); + responseBean.setResult(usernamesAndFullnames); + } else { + Map usernamesAndUsers = new HashMap(); + users.forEach(user -> usernamesAndUsers.put(user.getUsername(), user)); + responseBean.setResult(usernamesAndUsers); } - responseBean.setResult(usernamesAndFullnames); + responseBean.setSuccess(true); } catch (Exception e) { logger.error("Unable to retrieve users", e); @@ -272,12 +285,18 @@ public class UsersSocialAPI { @Path("/get-all-usernames") @Produces({ "application/json;charset=UTF-8", "application/vnd.api+json" }) public Response getUsernamesByRole( - @QueryParam("firstResult") @DefaultValue("0") @Min(value = 0, message = "from cannot be negative") int firstResult, - @QueryParam("maxResults") @DefaultValue("100000") @Min(value = 0, message = "quantity cannot be negative") int maxResults) { + @QueryParam("first") Integer firstResult, + @QueryParam("max") Integer maxResults) { Status status = Status.OK; - ResponseBean responseBean = new ResponseBean(); + ResponseBean responseBean; + if (firstResult != null || maxResults != null) { + responseBean = new ResponseBeanPaginated(firstResult, maxResults); + } else { + responseBean = new ResponseBean(); + } List usernames = new ArrayList(); try { + List users = KKUserClient.users(firstResult, maxResults); if (users != null) { for (UserRepresentation user : users) { @@ -312,8 +331,8 @@ public class UsersSocialAPI { Status status = Status.OK; ResponseBean responseBean = new ResponseBean(); try { - List users = KKUserClient.getUserByUsername(username); - boolean user_exists = users != null && users.size() > 0; + UserRepresentation user = KKUserClient.getUserByUsername(username); + boolean user_exists = user != null; responseBean.setResult(user_exists); responseBean.setSuccess(true); diff --git a/src/main/java/org/gcube/service/idm/serializers/ServiceEndpointAccessPointSerializer.java b/src/main/java/org/gcube/service/idm/serializers/ServiceEndpointAccessPointSerializer.java new file mode 100644 index 0000000..0231b3b --- /dev/null +++ b/src/main/java/org/gcube/service/idm/serializers/ServiceEndpointAccessPointSerializer.java @@ -0,0 +1,64 @@ +package org.gcube.service.idm.serializers; + +import java.io.IOException; + +import org.gcube.common.encryption.encrypter.StringEncrypter; +import org.gcube.common.resources.gcore.ServiceEndpoint; + +import com.fasterxml.jackson.core.JsonGenerator; +import com.fasterxml.jackson.databind.SerializerProvider; +import com.fasterxml.jackson.databind.ser.std.StdSerializer; + +/** + * Jackson serializer for ServiceEndpoint.AccessPoint + * + * @author Alfredo Oliviero (ISTI-CNR) + * + */ + +public class ServiceEndpointAccessPointSerializer extends StdSerializer { + + protected ServiceEndpointAccessPointSerializer(Class t) { + super(t); + } + + public ServiceEndpointAccessPointSerializer() { + super(ServiceEndpoint.AccessPoint.class, true); + } + + @Override + public void serialize(ServiceEndpoint.AccessPoint accessPoint, JsonGenerator jgen, SerializerProvider provider) + throws IOException { + jgen.writeStartObject(); + + String error = null; + String clientSecret = null; + try { + clientSecret = StringEncrypter.getEncrypter().decrypt(accessPoint.password()); + } catch (Exception e) { + error = e.getMessage(); + } + + jgen.writeStringField("address", accessPoint.address()); + jgen.writeStringField("name", accessPoint.name()); + jgen.writeStringField("description", accessPoint.description()); + + try { + jgen.writeStringField("username", accessPoint.username()); + } catch (Exception e) { + jgen.writeStringField("username", null); + } + try { + jgen.writeStringField("tostring", accessPoint.toString()); + } catch (Exception e) { + jgen.writeStringField("tostring", null); + } + if (error != null) { + jgen.writeStringField("key_error", error); + jgen.writeBooleanField("key_decoded", false); + } else { + jgen.writeBooleanField("key_decoded", true); + } + jgen.writeEndObject(); + } +} diff --git a/src/main/java/org/gcube/service/rest/ResponseBeanPaginated.java b/src/main/java/org/gcube/service/rest/ResponseBeanPaginated.java index bf17e08..eee23a7 100644 --- a/src/main/java/org/gcube/service/rest/ResponseBeanPaginated.java +++ b/src/main/java/org/gcube/service/rest/ResponseBeanPaginated.java @@ -1,7 +1,5 @@ package org.gcube.service.rest; -import java.io.Serializable; - /** * Response bean * diff --git a/todo.md b/todo.md new file mode 100644 index 0000000..58ea7bc --- /dev/null +++ b/todo.md @@ -0,0 +1,26 @@ +# CONFIGURAZIONE +* come ottengo la configurazione di keycloak? devo interrogare IS? file di configurazione? + * lucio dice di chiedere a IS + * luca dice che non va chiesto a IS ma ha un indirizzo fisso che ottengo dal contesto + +* [x] verificare configurazione keycloak +* [ ] caching realm e client keycloak? + +risoluzione liferay + +endpoint "D4science Infrastructure Gateway" +service "Portal" + +# API +* [ ] getEmail: non trovo in owner. da dove si prende? +* [ ] accesso al profilo utente + * [ ] come risolvere liferay? + * [ ] implementare metodi relativi a profile +* [ ] API full rest +* [ ] esecuzione in container +* [ ] implementare tutta la gestione profilo + +* [ ] leggere parametri da file di container.ini + +* [ ] rivedere gestione errori +* [x] formalizzare formato risposta