Can I use Keycloak as a CLI?

Yes. KosmoKrator exposes a Keycloak CLI through kosmo integrations:call and the provider shortcut command. Commands can return JSON for scripts, CI, and coding agents.

Can I expose Keycloak through MCP?

Yes. The KosmoKrator MCP gateway can expose selected Keycloak tools to clients such as Claude Code, Cursor, Codex, and other MCP-compatible tools.

Where are Keycloak credentials stored?

Keycloak credentials are configured in KosmoKrator's local integration settings and reused by CLI, Lua, and MCP gateway surfaces.

Can I deny write access for Keycloak MCP tools?

Yes. Start the gateway with --write=deny for read-only clients, or use ask/allow only for trusted workspaces.

productivity

Keycloak MCP, CLI, and Lua Integration for AI Agents

Keycloak integration docs for AI agents: MCP gateway setup, Keycloak CLI commands, Lua API reference, credentials, and function schemas.

Keycloak for agents

Credentials can be configured manually in web or CLI hosts.

Use this integration from Lua code mode, the headless integrations CLI, or the KosmoKrator MCP gateway. The same package metadata powers all three surfaces.

Agent Surfaces

Keycloak CLIHeadless setup, JSON output, direct function calls. Keycloak MCPExpose selected tools to local MCP clients. Keycloak LuaAgent-facing namespace and Lua reference. FeedbackReport missing tools, auth issues, or bad metadata.

Machine-Readable Metadata

integration_slug: keycloak
route_slug: keycloak
package: keycloak
auth_strategy: bearer_token
cli_setup_supported: true
cli_runtime_supported: true
mcp_gateway_supported: true
lua_supported: true

Function Catalog

Function	Type	Description
`keycloak.keycloak_delete_admin_realms_realm`	Write `write`	Delete the realm.
`keycloak.keycloak_delete_admin_realms_realm_admin_events`	Write `write`	Delete all admin events.
`keycloak.keycloak_delete_admin_realms_realm_attack_detection_brute_force_users`	Write `write`	Clear any user login failures for all users This can release temporary disabled users.
`keycloak.keycloak_delete_admin_realms_realm_attack_detection_brute_force_users_user_id`	Write `write`	Clear any user login failures for the user This can release temporary disabled user.
`keycloak.keycloak_delete_admin_realms_realm_authentication_config_id`	Write `write`	Delete authenticator configuration.
`keycloak.keycloak_delete_admin_realms_realm_authentication_executions_execution_id`	Write `write`	Delete execution.
`keycloak.keycloak_delete_admin_realms_realm_authentication_flows_id`	Write `write`	Delete an authentication flow.
`keycloak.keycloak_delete_admin_realms_realm_authentication_required_actions_alias`	Write `write`	Delete required action.
`keycloak.keycloak_delete_admin_realms_realm_authentication_required_actions_alias_config`	Write `write`	Delete RequiredAction configuration.
`keycloak.keycloak_delete_admin_realms_realm_client_scopes_client_scope_id`	Write `write`	Delete the client scope.
`keycloak.keycloak_delete_admin_realms_realm_client_scopes_client_scope_id_protocol_mappers_models_id`	Write `write`	Delete the mapper.
`keycloak.keycloak_delete_admin_realms_realm_client_scopes_client_scope_id_scope_mappings_clients_client`	Write `write`	Remove client-level roles from the client's scope.
`keycloak.keycloak_delete_admin_realms_realm_client_scopes_client_scope_id_scope_mappings_realm`	Write `write`	Remove a set of realm-level roles from the client's scope.
`keycloak.keycloak_delete_admin_realms_realm_client_templates_client_scope_id`	Write `write`	Delete the client scope.
`keycloak.keycloak_delete_admin_realms_realm_client_templates_client_scope_id_protocol_mappers_models_id`	Write `write`	Delete the mapper.
`keycloak.keycloak_delete_admin_realms_realm_client_templates_client_scope_id_scope_mappings_clients_client`	Write `write`	Remove client-level roles from the client's scope.
`keycloak.keycloak_delete_admin_realms_realm_client_templates_client_scope_id_scope_mappings_realm`	Write `write`	Remove a set of realm-level roles from the client's scope.
`keycloak.keycloak_delete_admin_realms_realm_clients_client_uuid`	Write `write`	Delete the client.
`keycloak.keycloak_delete_admin_realms_realm_clients_client_uuid_authz_resource_server_resource_resource_id`	Write `write`	DELETE /admin/realms/{realm}/clients/{client-uuid}/authz/resource-server/resource/{resource-id}.
`keycloak.keycloak_delete_admin_realms_realm_clients_client_uuid_authz_resource_server_scope_scope_id`	Write `write`	DELETE /admin/realms/{realm}/clients/{client-uuid}/authz/resource-server/scope/{scope-id}.
`keycloak.keycloak_delete_admin_realms_realm_clients_client_uuid_client_secret_rotated`	Write `write`	Invalidate the rotated secret for the client.
`keycloak.keycloak_delete_admin_realms_realm_clients_client_uuid_default_client_scopes_client_scope_id`	Write `write`	DELETE /admin/realms/{realm}/clients/{client-uuid}/default-client-scopes/{clientScopeId}.
`keycloak.keycloak_delete_admin_realms_realm_clients_client_uuid_nodes_node`	Write `write`	Unregister a cluster node from the client.
`keycloak.keycloak_delete_admin_realms_realm_clients_client_uuid_optional_client_scopes_client_scope_id`	Write `write`	DELETE /admin/realms/{realm}/clients/{client-uuid}/optional-client-scopes/{clientScopeId}.
`keycloak.keycloak_delete_admin_realms_realm_clients_client_uuid_protocol_mappers_models_id`	Write `write`	Delete the mapper.
`keycloak.keycloak_delete_admin_realms_realm_clients_client_uuid_roles_role_name`	Write `write`	Delete a role by name.
`keycloak.keycloak_delete_admin_realms_realm_clients_client_uuid_roles_role_name_composites`	Write `write`	Remove roles from the role's composite.
`keycloak.keycloak_delete_admin_realms_realm_clients_client_uuid_scope_mappings_clients_client`	Write `write`	Remove client-level roles from the client's scope.
`keycloak.keycloak_delete_admin_realms_realm_clients_client_uuid_scope_mappings_realm`	Write `write`	Remove a set of realm-level roles from the client's scope.
`keycloak.keycloak_delete_admin_realms_realm_clients_initial_access_id`	Write `write`	DELETE /admin/realms/{realm}/clients-initial-access/{id}.
`keycloak.keycloak_delete_admin_realms_realm_components_id`	Write `write`	DELETE /admin/realms/{realm}/components/{id}.
`keycloak.keycloak_delete_admin_realms_realm_default_default_client_scopes_client_scope_id`	Write `write`	DELETE /admin/realms/{realm}/default-default-client-scopes/{clientScopeId}.
`keycloak.keycloak_delete_admin_realms_realm_default_groups_group_id`	Write `write`	DELETE /admin/realms/{realm}/default-groups/{groupId}.
`keycloak.keycloak_delete_admin_realms_realm_default_optional_client_scopes_client_scope_id`	Write `write`	DELETE /admin/realms/{realm}/default-optional-client-scopes/{clientScopeId}.
`keycloak.keycloak_delete_admin_realms_realm_events`	Write `write`	Delete all events.
`keycloak.keycloak_delete_admin_realms_realm_groups_group_id`	Write `write`	DELETE /admin/realms/{realm}/groups/{group-id}.
`keycloak.keycloak_delete_admin_realms_realm_groups_group_id_role_mappings_clients_client_id`	Write `write`	Delete client-level roles from user or group role mapping.
`keycloak.keycloak_delete_admin_realms_realm_groups_group_id_role_mappings_realm`	Write `write`	Delete realm-level role mappings.
`keycloak.keycloak_delete_admin_realms_realm_identity_provider_instances_alias`	Write `write`	Delete the identity provider.
`keycloak.keycloak_delete_admin_realms_realm_identity_provider_instances_alias_mappers_id`	Write `write`	Delete a mapper for the identity provider.
`keycloak.keycloak_delete_admin_realms_realm_localization_locale`	Write `write`	DELETE /admin/realms/{realm}/localization/{locale}.
`keycloak.keycloak_delete_admin_realms_realm_localization_locale_key`	Write `write`	DELETE /admin/realms/{realm}/localization/{locale}/{key}.
`keycloak.keycloak_delete_admin_realms_realm_organizations_org_id`	Write `write`	Deletes the organization.
`keycloak.keycloak_delete_admin_realms_realm_organizations_org_id_groups_group_id`	Write `write`	Deletes the organization group and all its subgroups
`keycloak.keycloak_delete_admin_realms_realm_organizations_org_id_groups_group_id_members_user_id`	Write `write`	Removes a user from this organization group. The user remains a member of the organization.
`keycloak.keycloak_delete_admin_realms_realm_organizations_org_id_identity_providers_alias`	Write `write`	Breaks the association between the identity provider and the organization. The provider itself is not deleted. If no provider is found, or if it is not currently associated with the org, an error response is returned
`keycloak.keycloak_delete_admin_realms_realm_organizations_org_id_invitations_id`	Write `write`	Delete an invitation.
`keycloak.keycloak_delete_admin_realms_realm_organizations_org_id_members_member_id`	Write `write`	Breaks the association between the user and organization. The user itself is deleted in case the membership is managed, otherwise the user is not deleted. If no user is found, or if they are not a member of the organization, an error response is returned
`keycloak.keycloak_delete_admin_realms_realm_roles_by_id_role_id`	Write `write`	Delete the role.
`keycloak.keycloak_delete_admin_realms_realm_roles_by_id_role_id_composites`	Write `write`	Remove a set of roles from the role's composite.
`keycloak.keycloak_delete_admin_realms_realm_roles_role_name`	Write `write`	Delete a role by name.
`keycloak.keycloak_delete_admin_realms_realm_roles_role_name_composites`	Write `write`	Remove roles from the role's composite.
`keycloak.keycloak_delete_admin_realms_realm_sessions_session`	Write `write`	Any client that has an admin url will also be told to invalidate this particular session.
`keycloak.keycloak_delete_admin_realms_realm_users_user_id`	Write `write`	Delete the user.
`keycloak.keycloak_delete_admin_realms_realm_users_user_id_consents_client`	Write `write`	Revoke consent and offline tokens for particular client from user.
`keycloak.keycloak_delete_admin_realms_realm_users_user_id_credentials_credential_id`	Write `write`	Remove a credential for a user.
`keycloak.keycloak_delete_admin_realms_realm_users_user_id_federated_identity_provider`	Write `write`	Remove a social login provider from user.
`keycloak.keycloak_delete_admin_realms_realm_users_user_id_groups_group_id`	Write `write`	DELETE /admin/realms/{realm}/users/{user-id}/groups/{groupId}.
`keycloak.keycloak_delete_admin_realms_realm_users_user_id_role_mappings_clients_client_id`	Write `write`	Delete client-level roles from user or group role mapping.
`keycloak.keycloak_delete_admin_realms_realm_users_user_id_role_mappings_realm`	Write `write`	Delete realm-level role mappings.
`keycloak.keycloak_delete_admin_realms_realm_workflows_id`	Write `write`	Delete the workflow and its configuration.
`keycloak.keycloak_get_admin_realms`	Read `read`	Get accessible realms Returns a list of accessible realms. The list is filtered based on what realms the caller is allowed to view.
`keycloak.keycloak_get_admin_realms_realm`	Read `read`	Get the top-level representation of the realm It will not include nested information like User and Client representations.
`keycloak.keycloak_get_admin_realms_realm_admin_events`	Read `read`	Get admin events Returns all admin events, or filters events based on URL query parameters listed here.
`keycloak.keycloak_get_admin_realms_realm_attack_detection_brute_force_users_user_id`	Read `read`	Get status of a username in brute force detection.
`keycloak.keycloak_get_admin_realms_realm_authentication_authenticator_providers`	Read `read`	Get authenticator providers Returns a stream of authenticator providers.
`keycloak.keycloak_get_admin_realms_realm_authentication_client_authenticator_providers`	Read `read`	Get client authenticator providers Returns a stream of client authenticator providers.
`keycloak.keycloak_get_admin_realms_realm_authentication_config_description_provider_id`	Read `read`	Get authenticator provider's configuration description.
`keycloak.keycloak_get_admin_realms_realm_authentication_config_id`	Read `read`	Get authenticator configuration.
`keycloak.keycloak_get_admin_realms_realm_authentication_executions_execution_id`	Read `read`	Get Single Execution.
`keycloak.keycloak_get_admin_realms_realm_authentication_executions_execution_id_config_id`	Read `read`	Get execution's configuration.
`keycloak.keycloak_get_admin_realms_realm_authentication_flows`	Read `read`	Get authentication flows Returns a stream of authentication flows.
`keycloak.keycloak_get_admin_realms_realm_authentication_flows_flow_alias_executions`	Read `read`	Get authentication executions for a flow.
`keycloak.keycloak_get_admin_realms_realm_authentication_flows_id`	Read `read`	Get authentication flow for id.
`keycloak.keycloak_get_admin_realms_realm_authentication_form_action_providers`	Read `read`	Get form action providers Returns a stream of form action providers.
`keycloak.keycloak_get_admin_realms_realm_authentication_form_providers`	Read `read`	Get form providers Returns a stream of form providers.
`keycloak.keycloak_get_admin_realms_realm_authentication_per_client_config_description`	Read `read`	Get configuration descriptions for all clients.
`keycloak.keycloak_get_admin_realms_realm_authentication_required_actions`	Read `read`	Get required actions Returns a stream of required actions.
`keycloak.keycloak_get_admin_realms_realm_authentication_required_actions_alias`	Read `read`	Get required action for alias.
`keycloak.keycloak_get_admin_realms_realm_authentication_required_actions_alias_config`	Read `read`	Get RequiredAction configuration.
`keycloak.keycloak_get_admin_realms_realm_authentication_required_actions_alias_config_description`	Read `read`	Get RequiredAction provider configuration description.
`keycloak.keycloak_get_admin_realms_realm_authentication_unregistered_required_actions`	Read `read`	Get unregistered required actions Returns a stream of unregistered required actions.
`keycloak.keycloak_get_admin_realms_realm_client_policies_policies`	Read `read`	GET /admin/realms/{realm}/client-policies/policies.
`keycloak.keycloak_get_admin_realms_realm_client_policies_profiles`	Read `read`	GET /admin/realms/{realm}/client-policies/profiles.
`keycloak.keycloak_get_admin_realms_realm_client_registration_policy_providers`	Read `read`	Base path for retrieve providers with the configProperties properly filled.
`keycloak.keycloak_get_admin_realms_realm_client_scopes`	Read `read`	Get client scopes belonging to the realm Returns a list of client scopes belonging to the realm.
`keycloak.keycloak_get_admin_realms_realm_client_scopes_client_scope_id`	Read `read`	Get representation of the client scope.
`keycloak.keycloak_get_admin_realms_realm_client_scopes_client_scope_id_protocol_mappers_models`	Read `read`	Get mappers.
`keycloak.keycloak_get_admin_realms_realm_client_scopes_client_scope_id_protocol_mappers_models_id`	Read `read`	Get mapper by id.
`keycloak.keycloak_get_admin_realms_realm_client_scopes_client_scope_id_protocol_mappers_protocol_protocol`	Read `read`	Get mappers by name for a specific protocol.
`keycloak.keycloak_get_admin_realms_realm_client_scopes_client_scope_id_scope_mappings`	Read `read`	Get all scope mappings for the client.
`keycloak.keycloak_get_admin_realms_realm_client_scopes_client_scope_id_scope_mappings_clients_client`	Read `read`	Get the roles associated with a client's scope Returns roles for the client.
`keycloak.keycloak_get_admin_realms_realm_client_scopes_client_scope_id_scope_mappings_clients_client_available`	Read `read`	The available client-level roles Returns the roles for the client that can be associated with the client's scope.
`keycloak.keycloak_get_admin_realms_realm_client_scopes_client_scope_id_scope_mappings_clients_client_composite`	Read `read`	Get effective client roles Returns the roles for the client that are associated with the client's scope.
`keycloak.keycloak_get_admin_realms_realm_client_scopes_client_scope_id_scope_mappings_realm`	Read `read`	Get realm-level roles associated with the client's scope.
`keycloak.keycloak_get_admin_realms_realm_client_scopes_client_scope_id_scope_mappings_realm_available`	Read `read`	Get realm-level roles that are available to attach to this client's scope.
`keycloak.keycloak_get_admin_realms_realm_client_scopes_client_scope_id_scope_mappings_realm_composite`	Read `read`	The method is really to show a comprehensive total view of realm-level roles associated with the client.
`keycloak.keycloak_get_admin_realms_realm_client_session_stats`	Read `read`	The key is the client id, the value is the number of sessions that currently are active with that client. Only clients that actually have a session associated with them will be in this map.
`keycloak.keycloak_get_admin_realms_realm_client_templates`	Read `read`	Get client scopes belonging to the realm Returns a list of client scopes belonging to the realm.
`keycloak.keycloak_get_admin_realms_realm_client_templates_client_scope_id`	Read `read`	Get representation of the client scope.
`keycloak.keycloak_get_admin_realms_realm_client_templates_client_scope_id_protocol_mappers_models`	Read `read`	Get mappers.
`keycloak.keycloak_get_admin_realms_realm_client_templates_client_scope_id_protocol_mappers_models_id`	Read `read`	Get mapper by id.
`keycloak.keycloak_get_admin_realms_realm_client_templates_client_scope_id_protocol_mappers_protocol_protocol`	Read `read`	Get mappers by name for a specific protocol.
`keycloak.keycloak_get_admin_realms_realm_client_templates_client_scope_id_scope_mappings`	Read `read`	Get all scope mappings for the client.
`keycloak.keycloak_get_admin_realms_realm_client_templates_client_scope_id_scope_mappings_clients_client`	Read `read`	Get the roles associated with a client's scope Returns roles for the client.
`keycloak.keycloak_get_admin_realms_realm_client_templates_client_scope_id_scope_mappings_clients_client_available`	Read `read`	The available client-level roles Returns the roles for the client that can be associated with the client's scope.
`keycloak.keycloak_get_admin_realms_realm_client_templates_client_scope_id_scope_mappings_clients_client_composite`	Read `read`	Get effective client roles Returns the roles for the client that are associated with the client's scope.
`keycloak.keycloak_get_admin_realms_realm_client_templates_client_scope_id_scope_mappings_realm`	Read `read`	Get realm-level roles associated with the client's scope.
`keycloak.keycloak_get_admin_realms_realm_client_templates_client_scope_id_scope_mappings_realm_available`	Read `read`	Get realm-level roles that are available to attach to this client's scope.
`keycloak.keycloak_get_admin_realms_realm_client_templates_client_scope_id_scope_mappings_realm_composite`	Read `read`	The method is really to show a comprehensive total view of realm-level roles associated with the client.
`keycloak.keycloak_get_admin_realms_realm_client_types`	Read `read`	This endpoint returns a list of both global and realm level client types and the attributes they set
`keycloak.keycloak_get_admin_realms_realm_clients`	Read `read`	If a client can’t be retrieved from the storage due to a problem with the underlying storage, it is silently removed from the returned list. This ensures that concurrent modifications to the list don’t prevent callers from retrieving this list.
`keycloak.keycloak_get_admin_realms_realm_clients_client_uuid`	Read `read`	Get representation of the client.
`keycloak.keycloak_get_admin_realms_realm_clients_client_uuid_authz_resource_server`	Read `read`	GET /admin/realms/{realm}/clients/{client-uuid}/authz/resource-server.
`keycloak.keycloak_get_admin_realms_realm_clients_client_uuid_authz_resource_server_permission`	Read `read`	GET /admin/realms/{realm}/clients/{client-uuid}/authz/resource-server/permission.
`keycloak.keycloak_get_admin_realms_realm_clients_client_uuid_authz_resource_server_permission_providers`	Read `read`	GET /admin/realms/{realm}/clients/{client-uuid}/authz/resource-server/permission/providers.
`keycloak.keycloak_get_admin_realms_realm_clients_client_uuid_authz_resource_server_permission_search`	Read `read`	GET /admin/realms/{realm}/clients/{client-uuid}/authz/resource-server/permission/search.
`keycloak.keycloak_get_admin_realms_realm_clients_client_uuid_authz_resource_server_policy`	Read `read`	GET /admin/realms/{realm}/clients/{client-uuid}/authz/resource-server/policy.
`keycloak.keycloak_get_admin_realms_realm_clients_client_uuid_authz_resource_server_policy_providers`	Read `read`	GET /admin/realms/{realm}/clients/{client-uuid}/authz/resource-server/policy/providers.
`keycloak.keycloak_get_admin_realms_realm_clients_client_uuid_authz_resource_server_policy_search`	Read `read`	GET /admin/realms/{realm}/clients/{client-uuid}/authz/resource-server/policy/search.
`keycloak.keycloak_get_admin_realms_realm_clients_client_uuid_authz_resource_server_resource`	Read `read`	GET /admin/realms/{realm}/clients/{client-uuid}/authz/resource-server/resource.
`keycloak.keycloak_get_admin_realms_realm_clients_client_uuid_authz_resource_server_resource_resource_id`	Read `read`	GET /admin/realms/{realm}/clients/{client-uuid}/authz/resource-server/resource/{resource-id}.
`keycloak.keycloak_get_admin_realms_realm_clients_client_uuid_authz_resource_server_resource_resource_id_attributes`	Read `read`	GET /admin/realms/{realm}/clients/{client-uuid}/authz/resource-server/resource/{resource-id}/attributes.
`keycloak.keycloak_get_admin_realms_realm_clients_client_uuid_authz_resource_server_resource_resource_id_permissions`	Read `read`	GET /admin/realms/{realm}/clients/{client-uuid}/authz/resource-server/resource/{resource-id}/permissions.
`keycloak.keycloak_get_admin_realms_realm_clients_client_uuid_authz_resource_server_resource_resource_id_scopes`	Read `read`	GET /admin/realms/{realm}/clients/{client-uuid}/authz/resource-server/resource/{resource-id}/scopes.
`keycloak.keycloak_get_admin_realms_realm_clients_client_uuid_authz_resource_server_resource_search`	Read `read`	GET /admin/realms/{realm}/clients/{client-uuid}/authz/resource-server/resource/search.
`keycloak.keycloak_get_admin_realms_realm_clients_client_uuid_authz_resource_server_scope`	Read `read`	GET /admin/realms/{realm}/clients/{client-uuid}/authz/resource-server/scope.
`keycloak.keycloak_get_admin_realms_realm_clients_client_uuid_authz_resource_server_scope_scope_id`	Read `read`	GET /admin/realms/{realm}/clients/{client-uuid}/authz/resource-server/scope/{scope-id}.
`keycloak.keycloak_get_admin_realms_realm_clients_client_uuid_authz_resource_server_scope_scope_id_permissions`	Read `read`	GET /admin/realms/{realm}/clients/{client-uuid}/authz/resource-server/scope/{scope-id}/permissions.
`keycloak.keycloak_get_admin_realms_realm_clients_client_uuid_authz_resource_server_scope_scope_id_resources`	Read `read`	GET /admin/realms/{realm}/clients/{client-uuid}/authz/resource-server/scope/{scope-id}/resources.
`keycloak.keycloak_get_admin_realms_realm_clients_client_uuid_authz_resource_server_scope_search`	Read `read`	GET /admin/realms/{realm}/clients/{client-uuid}/authz/resource-server/scope/search.
`keycloak.keycloak_get_admin_realms_realm_clients_client_uuid_authz_resource_server_settings`	Read `read`	GET /admin/realms/{realm}/clients/{client-uuid}/authz/resource-server/settings.
`keycloak.keycloak_get_admin_realms_realm_clients_client_uuid_certificates_attr`	Read `read`	Get key info.
`keycloak.keycloak_get_admin_realms_realm_clients_client_uuid_client_secret`	Read `read`	Get the client secret.
`keycloak.keycloak_get_admin_realms_realm_clients_client_uuid_client_secret_rotated`	Read `read`	Get the rotated client secret.
`keycloak.keycloak_get_admin_realms_realm_clients_client_uuid_default_client_scopes`	Read `read`	Get default client scopes. Only name and ids are returned.
`keycloak.keycloak_get_admin_realms_realm_clients_client_uuid_evaluate_scopes_generate_example_access_token`	Read `read`	Create JSON with payload of example access token.
`keycloak.keycloak_get_admin_realms_realm_clients_client_uuid_evaluate_scopes_generate_example_id_token`	Read `read`	Create JSON with payload of example id token.
`keycloak.keycloak_get_admin_realms_realm_clients_client_uuid_evaluate_scopes_generate_example_userinfo`	Read `read`	Create JSON with payload of example user info.
`keycloak.keycloak_get_admin_realms_realm_clients_client_uuid_evaluate_scopes_protocol_mappers`	Read `read`	This means protocol mappers assigned to this client directly and protocol mappers assigned to all client scopes of this client.
`keycloak.keycloak_get_admin_realms_realm_clients_client_uuid_evaluate_scopes_scope_mappings_role_container_id_granted`	Read `read`	This contains scope mappings, which this client has directly, as well as scope mappings, which are granted to all client scopes, which are linked with this client.
`keycloak.keycloak_get_admin_realms_realm_clients_client_uuid_evaluate_scopes_scope_mappings_role_container_id_not_granted`	Read `read`	Defacto all the other roles of particular role container, which are not in {@link #getGrantedScopeMappings()}
`keycloak.keycloak_get_admin_realms_realm_clients_client_uuid_installation_providers_provider_id`	Read `read`	GET /admin/realms/{realm}/clients/{client-uuid}/installation/providers/{providerId}.
`keycloak.keycloak_get_admin_realms_realm_clients_client_uuid_management_permissions`	Read `read`	Return object stating whether client Authorization permissions have been initialized or not and a reference.
`keycloak.keycloak_get_admin_realms_realm_clients_client_uuid_offline_session_count`	Read `read`	Get application offline session count Returns a number of offline user sessions associated with this client { "count": number }.
`keycloak.keycloak_get_admin_realms_realm_clients_client_uuid_offline_sessions`	Read `read`	Get offline sessions for client Returns a list of offline user sessions associated with this client.
`keycloak.keycloak_get_admin_realms_realm_clients_client_uuid_optional_client_scopes`	Read `read`	Get optional client scopes. Only name and ids are returned.
`keycloak.keycloak_get_admin_realms_realm_clients_client_uuid_protocol_mappers_models`	Read `read`	Get mappers.
`keycloak.keycloak_get_admin_realms_realm_clients_client_uuid_protocol_mappers_models_id`	Read `read`	Get mapper by id.
`keycloak.keycloak_get_admin_realms_realm_clients_client_uuid_protocol_mappers_protocol_protocol`	Read `read`	Get mappers by name for a specific protocol.
`keycloak.keycloak_get_admin_realms_realm_clients_client_uuid_roles`	Read `read`	Get all roles for the realm or client.
`keycloak.keycloak_get_admin_realms_realm_clients_client_uuid_roles_role_name`	Read `read`	Get a role by name.
`keycloak.keycloak_get_admin_realms_realm_clients_client_uuid_roles_role_name_composites`	Read `read`	Get composites of the role.
`keycloak.keycloak_get_admin_realms_realm_clients_client_uuid_roles_role_name_composites_clients_target_client_uuid`	Read `read`	Get client-level roles for the client that are in the role's composite.
`keycloak.keycloak_get_admin_realms_realm_clients_client_uuid_roles_role_name_composites_realm`	Read `read`	Get realm-level roles of the role's composite.
`keycloak.keycloak_get_admin_realms_realm_clients_client_uuid_roles_role_name_groups`	Read `read`	Returns a stream of groups that have the specified role name.
`keycloak.keycloak_get_admin_realms_realm_clients_client_uuid_roles_role_name_management_permissions`	Read `read`	Return object stating whether role Authorization permissions have been initialized or not and a reference.
`keycloak.keycloak_get_admin_realms_realm_clients_client_uuid_roles_role_name_users`	Read `read`	Returns a stream of users that have the specified role name.
`keycloak.keycloak_get_admin_realms_realm_clients_client_uuid_scope_mappings`	Read `read`	Get all scope mappings for the client.
`keycloak.keycloak_get_admin_realms_realm_clients_client_uuid_scope_mappings_clients_client`	Read `read`	Get the roles associated with a client's scope Returns roles for the client.
`keycloak.keycloak_get_admin_realms_realm_clients_client_uuid_scope_mappings_clients_client_available`	Read `read`	The available client-level roles Returns the roles for the client that can be associated with the client's scope.
`keycloak.keycloak_get_admin_realms_realm_clients_client_uuid_scope_mappings_clients_client_composite`	Read `read`	Get effective client roles Returns the roles for the client that are associated with the client's scope.
`keycloak.keycloak_get_admin_realms_realm_clients_client_uuid_scope_mappings_realm`	Read `read`	Get realm-level roles associated with the client's scope.
`keycloak.keycloak_get_admin_realms_realm_clients_client_uuid_scope_mappings_realm_available`	Read `read`	Get realm-level roles that are available to attach to this client's scope.
`keycloak.keycloak_get_admin_realms_realm_clients_client_uuid_scope_mappings_realm_composite`	Read `read`	The method is really to show a comprehensive total view of realm-level roles associated with the client.
`keycloak.keycloak_get_admin_realms_realm_clients_client_uuid_service_account_user`	Read `read`	Get a user dedicated to the service account.
`keycloak.keycloak_get_admin_realms_realm_clients_client_uuid_session_count`	Read `read`	Get application session count Returns a number of user sessions associated with this client { "count": number }.
`keycloak.keycloak_get_admin_realms_realm_clients_client_uuid_test_nodes_available`	Read `read`	Test if registered cluster nodes are available Tests availability by sending 'ping' request to all cluster nodes.
`keycloak.keycloak_get_admin_realms_realm_clients_client_uuid_user_sessions`	Read `read`	Get user sessions for client Returns a list of user sessions associated with this client.
`keycloak.keycloak_get_admin_realms_realm_clients_initial_access`	Read `read`	GET /admin/realms/{realm}/clients-initial-access.
`keycloak.keycloak_get_admin_realms_realm_components`	Read `read`	GET /admin/realms/{realm}/components.
`keycloak.keycloak_get_admin_realms_realm_components_id`	Read `read`	GET /admin/realms/{realm}/components/{id}.
`keycloak.keycloak_get_admin_realms_realm_components_id_sub_component_types`	Read `read`	List of subcomponent types that are available to configure for a particular parent component.
`keycloak.keycloak_get_admin_realms_realm_credential_registrators`	Read `read`	GET /admin/realms/{realm}/credential-registrators.
`keycloak.keycloak_get_admin_realms_realm_default_default_client_scopes`	Read `read`	Get realm default client scopes. Only name and ids are returned.
`keycloak.keycloak_get_admin_realms_realm_default_groups`	Read `read`	Get group hierarchy. Only name and ids are returned.
`keycloak.keycloak_get_admin_realms_realm_default_optional_client_scopes`	Read `read`	Get realm optional client scopes. Only name and ids are returned.
`keycloak.keycloak_get_admin_realms_realm_events`	Read `read`	Get events Returns all events, or filters them based on URL query parameters listed here.
`keycloak.keycloak_get_admin_realms_realm_events_config`	Read `read`	Get the events provider configuration Returns JSON object with events provider configuration.
`keycloak.keycloak_get_admin_realms_realm_group_by_path_path`	Read `read`	GET /admin/realms/{realm}/group-by-path/{path}.
`keycloak.keycloak_get_admin_realms_realm_groups`	Read `read`	Get group hierarchy. Only `name` and `id` are returned. `subGroups` are only returned when using the `search` or `q` parameter. If none of these parameters is provided, the top-level groups are returned without `subGroups` being filled.
`keycloak.keycloak_get_admin_realms_realm_groups_count`	Read `read`	Returns the groups counts.
`keycloak.keycloak_get_admin_realms_realm_groups_group_id`	Read `read`	GET /admin/realms/{realm}/groups/{group-id}.
`keycloak.keycloak_get_admin_realms_realm_groups_group_id_children`	Read `read`	Return a paginated list of subgroups that have a parent group corresponding to the group on the URL.
`keycloak.keycloak_get_admin_realms_realm_groups_group_id_management_permissions`	Read `read`	Return object stating whether client Authorization permissions have been initialized or not and a reference.
`keycloak.keycloak_get_admin_realms_realm_groups_group_id_members`	Read `read`	Get users Returns a stream of users, filtered according to query parameters.
`keycloak.keycloak_get_admin_realms_realm_groups_group_id_role_mappings`	Read `read`	Get role mappings.
`keycloak.keycloak_get_admin_realms_realm_groups_group_id_role_mappings_clients_client_id`	Read `read`	Get client-level role mappings for the user or group, and the app.
`keycloak.keycloak_get_admin_realms_realm_groups_group_id_role_mappings_clients_client_id_available`	Read `read`	Get available client-level roles that can be mapped to the user or group.
`keycloak.keycloak_get_admin_realms_realm_groups_group_id_role_mappings_clients_client_id_composite`	Read `read`	Get effective client-level role mappings This recurses any composite roles.
`keycloak.keycloak_get_admin_realms_realm_groups_group_id_role_mappings_realm`	Read `read`	Get realm-level role mappings.
`keycloak.keycloak_get_admin_realms_realm_groups_group_id_role_mappings_realm_available`	Read `read`	Get realm-level roles that can be mapped.
`keycloak.keycloak_get_admin_realms_realm_groups_group_id_role_mappings_realm_composite`	Read `read`	Get effective realm-level role mappings This will recurse all composite roles to get the result.
`keycloak.keycloak_get_admin_realms_realm_identity_provider_instances`	Read `read`	List identity providers.
`keycloak.keycloak_get_admin_realms_realm_identity_provider_instances_alias`	Read `read`	Get the identity provider.
`keycloak.keycloak_get_admin_realms_realm_identity_provider_instances_alias_export`	Read `read`	Export public broker configuration for identity provider.
`keycloak.keycloak_get_admin_realms_realm_identity_provider_instances_alias_management_permissions`	Read `read`	Return object stating whether client Authorization permissions have been initialized or not and a reference.
`keycloak.keycloak_get_admin_realms_realm_identity_provider_instances_alias_mapper_types`	Read `read`	Get mapper types for identity provider.
`keycloak.keycloak_get_admin_realms_realm_identity_provider_instances_alias_mappers`	Read `read`	Get mappers for identity provider.
`keycloak.keycloak_get_admin_realms_realm_identity_provider_instances_alias_mappers_id`	Read `read`	Get mapper by id for the identity provider.
`keycloak.keycloak_get_admin_realms_realm_identity_provider_instances_alias_reload_keys`	Read `read`	Reaload keys for the identity provider if the provider supports it, "true" is returned if reload was performed, "false" if not.
`keycloak.keycloak_get_admin_realms_realm_identity_provider_providers_provider_id`	Read `read`	Get the identity provider factory for that provider id.
`keycloak.keycloak_get_admin_realms_realm_keys`	Read `read`	GET /admin/realms/{realm}/keys.
`keycloak.keycloak_get_admin_realms_realm_localization`	Read `read`	GET /admin/realms/{realm}/localization.
`keycloak.keycloak_get_admin_realms_realm_localization_locale`	Read `read`	GET /admin/realms/{realm}/localization/{locale}.
`keycloak.keycloak_get_admin_realms_realm_localization_locale_key`	Read `read`	GET /admin/realms/{realm}/localization/{locale}/{key}.
`keycloak.keycloak_get_admin_realms_realm_organizations`	Read `read`	Returns a paginated list of organizations filtered according to the specified parameters.
`keycloak.keycloak_get_admin_realms_realm_organizations_count`	Read `read`	Returns the organizations counts.
`keycloak.keycloak_get_admin_realms_realm_organizations_members_member_id_organizations`	Read `read`	Returns the organizations associated with the user that has the specified id.
`keycloak.keycloak_get_admin_realms_realm_organizations_org_id`	Read `read`	Returns the organization representation.
`keycloak.keycloak_get_admin_realms_realm_organizations_org_id_groups`	Read `read`	Returns organization groups. When `search` parameter is provided, groups are searched by name. When `q` parameter is provided, groups are searched by attributes. If neither parameter is provided, top-level groups are returned.
`keycloak.keycloak_get_admin_realms_realm_organizations_org_id_groups_group_by_path_path`	Read `read`	Returns the organization group with the specified path
`keycloak.keycloak_get_admin_realms_realm_organizations_org_id_groups_group_id`	Read `read`	Get organization group representation.
`keycloak.keycloak_get_admin_realms_realm_organizations_org_id_groups_group_id_children`	Read `read`	Returns a paginated stream of subgroups that belong to this organization group
`keycloak.keycloak_get_admin_realms_realm_organizations_org_id_groups_group_id_members`	Read `read`	Returns a paginated list of organization members that belong to this group
`keycloak.keycloak_get_admin_realms_realm_organizations_org_id_identity_providers`	Read `read`	Returns all identity providers associated with the organization.
`keycloak.keycloak_get_admin_realms_realm_organizations_org_id_identity_providers_alias`	Read `read`	Searches for an identity provider with the given alias. If one is found and is associated with the organization, it is returned. Otherwise, an error response with status NOT_FOUND is returned
`keycloak.keycloak_get_admin_realms_realm_organizations_org_id_identity_providers_alias_groups`	Read `read`	Returns organization groups that can be used in identity provider mappers. Only returns groups if the identity provider is associated with the organization.
`keycloak.keycloak_get_admin_realms_realm_organizations_org_id_invitations`	Read `read`	Get invitations for the organization.
`keycloak.keycloak_get_admin_realms_realm_organizations_org_id_invitations_id`	Read `read`	Get invitation by ID.
`keycloak.keycloak_get_admin_realms_realm_organizations_org_id_members`	Read `read`	Returns a paginated list of organization members filtered according to the specified parameters.
`keycloak.keycloak_get_admin_realms_realm_organizations_org_id_members_count`	Read `read`	Returns number of members in the organization.
`keycloak.keycloak_get_admin_realms_realm_organizations_org_id_members_member_id`	Read `read`	Searches for auser with the given id. If one is found, and is currently a member of the organization, returns it. Otherwise,an error response with status NOT_FOUND is returned
`keycloak.keycloak_get_admin_realms_realm_organizations_org_id_members_member_id_groups`	Read `read`	Searches for auser with the given id. If one is found, and is currently a member of the organization, returns the groups from the organizationwhere the user is member of. Otherwise, an error response with status NOT_FOUND is returned
`keycloak.keycloak_get_admin_realms_realm_organizations_org_id_members_member_id_organizations`	Read `read`	Returns the organizations associated with the user that has the specified id.
`keycloak.keycloak_get_admin_realms_realm_roles`	Read `read`	Get all roles for the realm or client.
`keycloak.keycloak_get_admin_realms_realm_roles_by_id_role_id`	Read `read`	Get a specific role's representation.
`keycloak.keycloak_get_admin_realms_realm_roles_by_id_role_id_composites`	Read `read`	Get role's children Returns a set of role's children provided the role is a composite.
`keycloak.keycloak_get_admin_realms_realm_roles_by_id_role_id_composites_clients_client_uuid`	Read `read`	Get client-level roles for the client that are in the role's composite.
`keycloak.keycloak_get_admin_realms_realm_roles_by_id_role_id_composites_realm`	Read `read`	Get realm-level roles that are in the role's composite.
`keycloak.keycloak_get_admin_realms_realm_roles_by_id_role_id_management_permissions`	Read `read`	Return object stating whether role Authorization permissions have been initialized or not and a reference.
`keycloak.keycloak_get_admin_realms_realm_roles_role_name`	Read `read`	Get a role by name.
`keycloak.keycloak_get_admin_realms_realm_roles_role_name_composites`	Read `read`	Get composites of the role.
`keycloak.keycloak_get_admin_realms_realm_roles_role_name_composites_clients_target_client_uuid`	Read `read`	Get client-level roles for the client that are in the role's composite.
`keycloak.keycloak_get_admin_realms_realm_roles_role_name_composites_realm`	Read `read`	Get realm-level roles of the role's composite.
`keycloak.keycloak_get_admin_realms_realm_roles_role_name_groups`	Read `read`	Returns a stream of groups that have the specified role name.
`keycloak.keycloak_get_admin_realms_realm_roles_role_name_management_permissions`	Read `read`	Return object stating whether role Authorization permissions have been initialized or not and a reference.
`keycloak.keycloak_get_admin_realms_realm_roles_role_name_users`	Read `read`	Returns a stream of users that have the specified role name.
`keycloak.keycloak_get_admin_realms_realm_users`	Read `read`	Returns a stream of users. Note that the 'credentials' field in the returned UserRepresentation objects is typically not populated for performance reasons. If specific credential metadata is required, use the dedicated 'GET /admin/realms/{realm}/users/{user-id}/credentials' endpoint.
`keycloak.keycloak_get_admin_realms_realm_users_count`	Read `read`	It can be called in three different ways. 1. Don’t specify any criteria and pass {@code null}. The number of all users within that realm will be returned. 2. If {@code search} is specified other criteria such as {@code last} will be ignored even though you set them. The {@code search} string will be matched against the first and last name, the username and the email of a user. 3. If {@code search} is unspecified but any of {@code last}, {@code first}, {@code email} or {@code username} those crit
`keycloak.keycloak_get_admin_realms_realm_users_management_permissions`	Read `read`	GET /admin/realms/{realm}/users-management-permissions.
`keycloak.keycloak_get_admin_realms_realm_users_profile`	Read `read`	Get the configuration for the user profile
`keycloak.keycloak_get_admin_realms_realm_users_profile_metadata`	Read `read`	Get the UserProfileMetadata from the configuration
`keycloak.keycloak_get_admin_realms_realm_users_user_id`	Read `read`	Get representation of the user.
`keycloak.keycloak_get_admin_realms_realm_users_user_id_configured_user_storage_credential_types`	Read `read`	Returned values can contain for example "password", "otp" etc. This will always return empty list for "local" users, which are not backed by any user storage
`keycloak.keycloak_get_admin_realms_realm_users_user_id_consents`	Read `read`	Get consents granted by the user.
`keycloak.keycloak_get_admin_realms_realm_users_user_id_credentials`	Read `read`	GET /admin/realms/{realm}/users/{user-id}/credentials.
`keycloak.keycloak_get_admin_realms_realm_users_user_id_federated_identity`	Read `read`	Get social logins associated with the user.
`keycloak.keycloak_get_admin_realms_realm_users_user_id_groups`	Read `read`	GET /admin/realms/{realm}/users/{user-id}/groups.
`keycloak.keycloak_get_admin_realms_realm_users_user_id_groups_count`	Read `read`	GET /admin/realms/{realm}/users/{user-id}/groups/count.
`keycloak.keycloak_get_admin_realms_realm_users_user_id_offline_sessions_client_uuid`	Read `read`	Get offline sessions associated with the user and client.
`keycloak.keycloak_get_admin_realms_realm_users_user_id_role_mappings`	Read `read`	Get role mappings.
`keycloak.keycloak_get_admin_realms_realm_users_user_id_role_mappings_clients_client_id`	Read `read`	Get client-level role mappings for the user or group, and the app.
`keycloak.keycloak_get_admin_realms_realm_users_user_id_role_mappings_clients_client_id_available`	Read `read`	Get available client-level roles that can be mapped to the user or group.
`keycloak.keycloak_get_admin_realms_realm_users_user_id_role_mappings_clients_client_id_composite`	Read `read`	Get effective client-level role mappings This recurses any composite roles.
`keycloak.keycloak_get_admin_realms_realm_users_user_id_role_mappings_realm`	Read `read`	Get realm-level role mappings.
`keycloak.keycloak_get_admin_realms_realm_users_user_id_role_mappings_realm_available`	Read `read`	Get realm-level roles that can be mapped.
`keycloak.keycloak_get_admin_realms_realm_users_user_id_role_mappings_realm_composite`	Read `read`	Get effective realm-level role mappings This will recurse all composite roles to get the result.
`keycloak.keycloak_get_admin_realms_realm_users_user_id_sessions`	Read `read`	Get sessions associated with the user.
`keycloak.keycloak_get_admin_realms_realm_users_user_id_unmanaged_attributes`	Read `read`	GET /admin/realms/{realm}/users/{user-id}/unmanagedAttributes.
`keycloak.keycloak_get_admin_realms_realm_workflows`	Read `read`	List workflows filtered by name and paginated using first and max parameters.
`keycloak.keycloak_get_admin_realms_realm_workflows_id`	Read `read`	Get the workflow representation. Optionally exclude the workflow id from the response.
`keycloak.keycloak_get_admin_realms_realm_workflows_scheduled_resource_id`	Read `read`	Return workflows that have scheduled steps for the given resource identifier.
`keycloak.keycloak_post_admin_realms`	Write `write`	Realm name must be unique.
`keycloak.keycloak_post_admin_realms_realm_authentication_config`	Write `write`	Create new authenticator configuration.
`keycloak.keycloak_post_admin_realms_realm_authentication_executions`	Write `write`	Add new authentication execution.
`keycloak.keycloak_post_admin_realms_realm_authentication_executions_execution_id_config`	Write `write`	Update execution with new configuration.
`keycloak.keycloak_post_admin_realms_realm_authentication_executions_execution_id_lower_priority`	Write `write`	Lower execution's priority.
`keycloak.keycloak_post_admin_realms_realm_authentication_executions_execution_id_raise_priority`	Write `write`	Raise execution's priority.
`keycloak.keycloak_post_admin_realms_realm_authentication_flows`	Write `write`	Create a new authentication flow.
`keycloak.keycloak_post_admin_realms_realm_authentication_flows_flow_alias_copy`	Write `write`	Copy existing authentication flow under a new name The new name is given as 'newName' attribute of the passed JSON object.
`keycloak.keycloak_post_admin_realms_realm_authentication_flows_flow_alias_executions_execution`	Write `write`	Add new authentication execution to a flow.
`keycloak.keycloak_post_admin_realms_realm_authentication_flows_flow_alias_executions_flow`	Write `write`	Add new flow with new execution to existing flow.
`keycloak.keycloak_post_admin_realms_realm_authentication_register_required_action`	Write `write`	Register a new required actions.
`keycloak.keycloak_post_admin_realms_realm_authentication_required_actions_alias_lower_priority`	Write `write`	Lower required action's priority.
`keycloak.keycloak_post_admin_realms_realm_authentication_required_actions_alias_raise_priority`	Write `write`	Raise required action's priority.
`keycloak.keycloak_post_admin_realms_realm_client_description_converter`	Write `write`	Base path for importing clients under this realm.
`keycloak.keycloak_post_admin_realms_realm_client_scopes`	Write `write`	Create a new client scope Client Scope’s name must be unique!.
`keycloak.keycloak_post_admin_realms_realm_client_scopes_client_scope_id_protocol_mappers_add_models`	Write `write`	Create multiple mappers.
`keycloak.keycloak_post_admin_realms_realm_client_scopes_client_scope_id_protocol_mappers_models`	Write `write`	Create a mapper.
`keycloak.keycloak_post_admin_realms_realm_client_scopes_client_scope_id_scope_mappings_clients_client`	Write `write`	Add client-level roles to the client's scope.
`keycloak.keycloak_post_admin_realms_realm_client_scopes_client_scope_id_scope_mappings_realm`	Write `write`	Add a set of realm-level roles to the client's scope.
`keycloak.keycloak_post_admin_realms_realm_client_templates`	Write `write`	Create a new client scope Client Scope’s name must be unique!.
`keycloak.keycloak_post_admin_realms_realm_client_templates_client_scope_id_protocol_mappers_add_models`	Write `write`	Create multiple mappers.
`keycloak.keycloak_post_admin_realms_realm_client_templates_client_scope_id_protocol_mappers_models`	Write `write`	Create a mapper.
`keycloak.keycloak_post_admin_realms_realm_client_templates_client_scope_id_scope_mappings_clients_client`	Write `write`	Add client-level roles to the client's scope.
`keycloak.keycloak_post_admin_realms_realm_client_templates_client_scope_id_scope_mappings_realm`	Write `write`	Add a set of realm-level roles to the client's scope.
`keycloak.keycloak_post_admin_realms_realm_clients`	Write `write`	Create a new client Client’s client_id must be unique!.
`keycloak.keycloak_post_admin_realms_realm_clients_client_uuid_authz_resource_server_import`	Write `write`	POST /admin/realms/{realm}/clients/{client-uuid}/authz/resource-server/import.
`keycloak.keycloak_post_admin_realms_realm_clients_client_uuid_authz_resource_server_permission`	Write `write`	POST /admin/realms/{realm}/clients/{client-uuid}/authz/resource-server/permission.
`keycloak.keycloak_post_admin_realms_realm_clients_client_uuid_authz_resource_server_permission_evaluate`	Write `write`	POST /admin/realms/{realm}/clients/{client-uuid}/authz/resource-server/permission/evaluate.
`keycloak.keycloak_post_admin_realms_realm_clients_client_uuid_authz_resource_server_policy`	Write `write`	POST /admin/realms/{realm}/clients/{client-uuid}/authz/resource-server/policy.
`keycloak.keycloak_post_admin_realms_realm_clients_client_uuid_authz_resource_server_policy_evaluate`	Write `write`	POST /admin/realms/{realm}/clients/{client-uuid}/authz/resource-server/policy/evaluate.
`keycloak.keycloak_post_admin_realms_realm_clients_client_uuid_authz_resource_server_resource`	Write `write`	POST /admin/realms/{realm}/clients/{client-uuid}/authz/resource-server/resource.
`keycloak.keycloak_post_admin_realms_realm_clients_client_uuid_authz_resource_server_scope`	Write `write`	POST /admin/realms/{realm}/clients/{client-uuid}/authz/resource-server/scope.
`keycloak.keycloak_post_admin_realms_realm_clients_client_uuid_certificates_attr_download`	Write `write`	Get a keystore file for the client, containing private key and public certificate.
`keycloak.keycloak_post_admin_realms_realm_clients_client_uuid_certificates_attr_generate`	Write `write`	Generate a new certificate with new key pair.
`keycloak.keycloak_post_admin_realms_realm_clients_client_uuid_certificates_attr_generate_and_download`	Write `write`	Generate a new keypair and certificate, and get the private key file Generates a keypair and certificate and serves the private key in a specified keystore format. Only generated public certificate is saved in Keycloak DB - the private key is not.
`keycloak.keycloak_post_admin_realms_realm_clients_client_uuid_certificates_attr_upload`	Write `write`	Upload certificate and eventually private key.
`keycloak.keycloak_post_admin_realms_realm_clients_client_uuid_certificates_attr_upload_certificate`	Write `write`	Upload only certificate, not private key.
`keycloak.keycloak_post_admin_realms_realm_clients_client_uuid_client_secret`	Write `write`	Generate a new secret for the client.
`keycloak.keycloak_post_admin_realms_realm_clients_client_uuid_nodes`	Write `write`	Register a cluster node with the client Manually register cluster node to this client - usually it’s not needed to call this directly as adapter should handle by sending registration request to Keycloak.
`keycloak.keycloak_post_admin_realms_realm_clients_client_uuid_protocol_mappers_add_models`	Write `write`	Create multiple mappers.
`keycloak.keycloak_post_admin_realms_realm_clients_client_uuid_protocol_mappers_models`	Write `write`	Create a mapper.
`keycloak.keycloak_post_admin_realms_realm_clients_client_uuid_push_revocation`	Write `write`	Push the client's revocation policy to its admin URL If the client has an admin URL, push revocation policy to it.
`keycloak.keycloak_post_admin_realms_realm_clients_client_uuid_registration_access_token`	Write `write`	Generate a new registration access token for the client.
`keycloak.keycloak_post_admin_realms_realm_clients_client_uuid_roles`	Write `write`	Create a new role for the realm or client.
`keycloak.keycloak_post_admin_realms_realm_clients_client_uuid_roles_role_name_composites`	Write `write`	Add a composite to the role.
`keycloak.keycloak_post_admin_realms_realm_clients_client_uuid_scope_mappings_clients_client`	Write `write`	Add client-level roles to the client's scope.
`keycloak.keycloak_post_admin_realms_realm_clients_client_uuid_scope_mappings_realm`	Write `write`	Add a set of realm-level roles to the client's scope.
`keycloak.keycloak_post_admin_realms_realm_clients_initial_access`	Write `write`	Create a new initial access token.
`keycloak.keycloak_post_admin_realms_realm_components`	Write `write`	POST /admin/realms/{realm}/components.
`keycloak.keycloak_post_admin_realms_realm_groups`	Write `write`	This will update the group and set the parent if it exists. Create it and set the parent if the group doesn’t exist.
`keycloak.keycloak_post_admin_realms_realm_groups_group_id_children`	Write `write`	This will just set the parent if it exists. Create it and set the parent if the group doesn’t exist.
`keycloak.keycloak_post_admin_realms_realm_groups_group_id_role_mappings_clients_client_id`	Write `write`	Add client-level roles to the user or group role mapping.
`keycloak.keycloak_post_admin_realms_realm_groups_group_id_role_mappings_realm`	Write `write`	Add realm-level role mappings to the user.
`keycloak.keycloak_post_admin_realms_realm_identity_provider_import_config`	Write `write`	Import identity provider from uploaded JSON file
`keycloak.keycloak_post_admin_realms_realm_identity_provider_instances`	Write `write`	Create a new identity provider.
`keycloak.keycloak_post_admin_realms_realm_identity_provider_instances_alias_mappers`	Write `write`	Add a mapper to identity provider.
`keycloak.keycloak_post_admin_realms_realm_identity_provider_upload_certificate`	Write `write`	Uploads a certificate, prepares the jwks or public key associated, and returns the certificate representation.
`keycloak.keycloak_post_admin_realms_realm_localization_locale`	Write `write`	Import localization from uploaded JSON file.
`keycloak.keycloak_post_admin_realms_realm_logout_all`	Write `write`	Any client that has an admin url will also be told to invalidate any sessions they have.
`keycloak.keycloak_post_admin_realms_realm_organizations`	Write `write`	Creates a new organization.
`keycloak.keycloak_post_admin_realms_realm_organizations_org_id_groups`	Write `write`	Creates a new top-level group in the organization. If the group representation includes an ID, moves the existing organization group to be a top-level group. If no ID is provided, creates a new top-level group.
`keycloak.keycloak_post_admin_realms_realm_organizations_org_id_groups_group_id_children`	Write `write`	Creates a new subgroup under this organization group. If the group representation includes an ID, moves the existing group to be a child of this group. If no ID is provided, creates a new subgroup.
`keycloak.keycloak_post_admin_realms_realm_organizations_org_id_identity_providers`	Write `write`	Adds, or associates, an existing identity provider with the organization. If no identity provider is found, or if it is already associated with the organization, an error response is returned
`keycloak.keycloak_post_admin_realms_realm_organizations_org_id_invitations_id_resend`	Write `write`	Resend an invitation.
`keycloak.keycloak_post_admin_realms_realm_organizations_org_id_members`	Write `write`	Adds, or associates, an existing user with the organization. If no user is found, or if it is already associated with the organization, an error response is returned
`keycloak.keycloak_post_admin_realms_realm_organizations_org_id_members_invite_existing_user`	Write `write`	Invites an existing user to the organization, using the specified user id.
`keycloak.keycloak_post_admin_realms_realm_organizations_org_id_members_invite_user`	Write `write`	If the user with the given e-mail address exists, it sends an invitation link, otherwise it sends a registration link.
`keycloak.keycloak_post_admin_realms_realm_partial_export`	Write `write`	Partial export of existing realm into a JSON file.
`keycloak.keycloak_post_admin_realms_realm_partial_import`	Write `write`	Partial import from a JSON file to an existing realm.
`keycloak.keycloak_post_admin_realms_realm_push_revocation`	Write `write`	Push the realm's revocation policy to any client that has an admin url associated with it.
`keycloak.keycloak_post_admin_realms_realm_roles`	Write `write`	Create a new role for the realm or client.
`keycloak.keycloak_post_admin_realms_realm_roles_by_id_role_id_composites`	Write `write`	Make the role a composite role by associating some child roles.
`keycloak.keycloak_post_admin_realms_realm_roles_role_name_composites`	Write `write`	Add a composite to the role.
`keycloak.keycloak_post_admin_realms_realm_test_smtpconnection`	Write `write`	Test SMTP connection with current logged in user.
`keycloak.keycloak_post_admin_realms_realm_users`	Write `write`	Create a new user Username must be unique.
`keycloak.keycloak_post_admin_realms_realm_users_user_id_credentials_credential_id_move_after_new_previous_credential_id`	Write `write`	Move a credential to a position behind another credential.
`keycloak.keycloak_post_admin_realms_realm_users_user_id_credentials_credential_id_move_to_first`	Write `write`	Move a credential to a first position in the credentials list of the user.
`keycloak.keycloak_post_admin_realms_realm_users_user_id_federated_identity_provider`	Write `write`	Add a social login provider to the user.
`keycloak.keycloak_post_admin_realms_realm_users_user_id_impersonation`	Write `write`	Impersonate the user.
`keycloak.keycloak_post_admin_realms_realm_users_user_id_logout`	Write `write`	Remove all user sessions associated with the user Also send notification to all clients that have an admin URL to invalidate the sessions for the particular user.
`keycloak.keycloak_post_admin_realms_realm_users_user_id_role_mappings_clients_client_id`	Write `write`	Add client-level roles to the user or group role mapping.
`keycloak.keycloak_post_admin_realms_realm_users_user_id_role_mappings_realm`	Write `write`	Add realm-level role mappings to the user.
`keycloak.keycloak_post_admin_realms_realm_workflows`	Write `write`	Create a new workflow from the provided representation.
`keycloak.keycloak_post_admin_realms_realm_workflows_id_activate_type_resource_id`	Write `write`	Activate the workflow for the given resource type and identifier. Optionally schedule the first step using the notBefore parameter.
`keycloak.keycloak_post_admin_realms_realm_workflows_id_deactivate_type_resource_id`	Write `write`	Deactivate the workflow for the given resource type and identifier.
`keycloak.keycloak_post_admin_realms_realm_workflows_migrate`	Write `write`	Migrate scheduled resources from one step to another step in the same or in a different workflow.
`keycloak.keycloak_put_admin_realms_realm`	Write `write`	This will only update top-level attributes of the realm.
`keycloak.keycloak_put_admin_realms_realm_authentication_config_id`	Write `write`	Update authenticator configuration.
`keycloak.keycloak_put_admin_realms_realm_authentication_flows_flow_alias_executions`	Write `write`	Update authentication executions of a Flow.
`keycloak.keycloak_put_admin_realms_realm_authentication_flows_id`	Write `write`	Update an authentication flow.
`keycloak.keycloak_put_admin_realms_realm_authentication_required_actions_alias`	Write `write`	Update required action.
`keycloak.keycloak_put_admin_realms_realm_authentication_required_actions_alias_config`	Write `write`	Update RequiredAction configuration.
`keycloak.keycloak_put_admin_realms_realm_client_policies_policies`	Write `write`	PUT /admin/realms/{realm}/client-policies/policies.
`keycloak.keycloak_put_admin_realms_realm_client_policies_profiles`	Write `write`	PUT /admin/realms/{realm}/client-policies/profiles.
`keycloak.keycloak_put_admin_realms_realm_client_scopes_client_scope_id`	Write `write`	Update the client scope.
`keycloak.keycloak_put_admin_realms_realm_client_scopes_client_scope_id_protocol_mappers_models_id`	Write `write`	Update the mapper.
`keycloak.keycloak_put_admin_realms_realm_client_templates_client_scope_id`	Write `write`	Update the client scope.
`keycloak.keycloak_put_admin_realms_realm_client_templates_client_scope_id_protocol_mappers_models_id`	Write `write`	Update the mapper.
`keycloak.keycloak_put_admin_realms_realm_client_types`	Write `write`	This endpoint allows you to update a realm level client type
`keycloak.keycloak_put_admin_realms_realm_clients_client_uuid`	Write `write`	Update the client.
`keycloak.keycloak_put_admin_realms_realm_clients_client_uuid_authz_resource_server`	Write `write`	PUT /admin/realms/{realm}/clients/{client-uuid}/authz/resource-server.
`keycloak.keycloak_put_admin_realms_realm_clients_client_uuid_authz_resource_server_resource_resource_id`	Write `write`	PUT /admin/realms/{realm}/clients/{client-uuid}/authz/resource-server/resource/{resource-id}.
`keycloak.keycloak_put_admin_realms_realm_clients_client_uuid_authz_resource_server_scope_scope_id`	Write `write`	PUT /admin/realms/{realm}/clients/{client-uuid}/authz/resource-server/scope/{scope-id}.
`keycloak.keycloak_put_admin_realms_realm_clients_client_uuid_default_client_scopes_client_scope_id`	Write `write`	PUT /admin/realms/{realm}/clients/{client-uuid}/default-client-scopes/{clientScopeId}.
`keycloak.keycloak_put_admin_realms_realm_clients_client_uuid_management_permissions`	Write `write`	Return object stating whether client Authorization permissions have been initialized or not and a reference.
`keycloak.keycloak_put_admin_realms_realm_clients_client_uuid_optional_client_scopes_client_scope_id`	Write `write`	PUT /admin/realms/{realm}/clients/{client-uuid}/optional-client-scopes/{clientScopeId}.
`keycloak.keycloak_put_admin_realms_realm_clients_client_uuid_protocol_mappers_models_id`	Write `write`	Update the mapper.
`keycloak.keycloak_put_admin_realms_realm_clients_client_uuid_roles_role_name`	Write `write`	Update a role by name.
`keycloak.keycloak_put_admin_realms_realm_clients_client_uuid_roles_role_name_management_permissions`	Write `write`	Return object stating whether role Authorization permissions have been initialized or not and a reference.
`keycloak.keycloak_put_admin_realms_realm_components_id`	Write `write`	PUT /admin/realms/{realm}/components/{id}.
`keycloak.keycloak_put_admin_realms_realm_default_default_client_scopes_client_scope_id`	Write `write`	PUT /admin/realms/{realm}/default-default-client-scopes/{clientScopeId}.
`keycloak.keycloak_put_admin_realms_realm_default_groups_group_id`	Write `write`	PUT /admin/realms/{realm}/default-groups/{groupId}.
`keycloak.keycloak_put_admin_realms_realm_default_optional_client_scopes_client_scope_id`	Write `write`	PUT /admin/realms/{realm}/default-optional-client-scopes/{clientScopeId}.
`keycloak.keycloak_put_admin_realms_realm_events_config`	Write `write`	Update the events provider Change the events provider and/or its configuration
`keycloak.keycloak_put_admin_realms_realm_groups_group_id`	Write `write`	Update group, ignores subgroups.
`keycloak.keycloak_put_admin_realms_realm_groups_group_id_management_permissions`	Write `write`	Return object stating whether client Authorization permissions have been initialized or not and a reference.
`keycloak.keycloak_put_admin_realms_realm_identity_provider_instances_alias`	Write `write`	Update the identity provider.
`keycloak.keycloak_put_admin_realms_realm_identity_provider_instances_alias_management_permissions`	Write `write`	Return object stating whether client Authorization permissions have been initialized or not and a reference.
`keycloak.keycloak_put_admin_realms_realm_identity_provider_instances_alias_mappers_id`	Write `write`	Update a mapper for the identity provider.
`keycloak.keycloak_put_admin_realms_realm_localization_locale_key`	Write `write`	PUT /admin/realms/{realm}/localization/{locale}/{key}.
`keycloak.keycloak_put_admin_realms_realm_organizations_org_id`	Write `write`	Updates the organization.
`keycloak.keycloak_put_admin_realms_realm_organizations_org_id_groups_group_id`	Write `write`	Updates the organization group's name, description, and attributes. Subgroups are not affected.
`keycloak.keycloak_put_admin_realms_realm_organizations_org_id_groups_group_id_members_user_id`	Write `write`	Adds an organization member to this group. The user must be a member of the organization.
`keycloak.keycloak_put_admin_realms_realm_roles_by_id_role_id`	Write `write`	Update the role.
`keycloak.keycloak_put_admin_realms_realm_roles_by_id_role_id_management_permissions`	Write `write`	Return object stating whether role Authorization permissions have been initialized or not and a reference.
`keycloak.keycloak_put_admin_realms_realm_roles_role_name`	Write `write`	Update a role by name.
`keycloak.keycloak_put_admin_realms_realm_roles_role_name_management_permissions`	Write `write`	Return object stating whether role Authorization permissions have been initialized or not and a reference.
`keycloak.keycloak_put_admin_realms_realm_users_management_permissions`	Write `write`	PUT /admin/realms/{realm}/users-management-permissions.
`keycloak.keycloak_put_admin_realms_realm_users_profile`	Write `write`	Set the configuration for the user profile
`keycloak.keycloak_put_admin_realms_realm_users_user_id`	Write `write`	Update the user.
`keycloak.keycloak_put_admin_realms_realm_users_user_id_credentials_credential_id_user_label`	Write `write`	Update a credential label for a user.
`keycloak.keycloak_put_admin_realms_realm_users_user_id_disable_credential_types`	Write `write`	Disable all credentials for a user of a specific type.
`keycloak.keycloak_put_admin_realms_realm_users_user_id_execute_actions_email`	Write `write`	An email contains a link the user can click to perform a set of required actions. The redirectUri and clientId parameters are optional. If no redirect is given, then there will be no link back to click after actions have completed. Redirect uri must be a valid uri for the particular clientId.
`keycloak.keycloak_put_admin_realms_realm_users_user_id_groups_group_id`	Write `write`	PUT /admin/realms/{realm}/users/{user-id}/groups/{groupId}.
`keycloak.keycloak_put_admin_realms_realm_users_user_id_reset_password`	Write `write`	Set up a new password for the user.
`keycloak.keycloak_put_admin_realms_realm_users_user_id_reset_password_email`	Write `write`	The redirectUri and clientId parameters are optional. The default for the redirect is the account client. This endpoint has been deprecated. Please use the execute-actions-email passing a list with UPDATE_PASSWORD within it.
`keycloak.keycloak_put_admin_realms_realm_users_user_id_send_verify_email`	Write `write`	The redirectUri, clientId and lifespan parameters are optional. The default for the redirect is the account client. The default for the lifespan is 12 hours
`keycloak.keycloak_put_admin_realms_realm_workflows_id`	Write `write`	Update the workflow configuration. This method does not update the workflow steps.