tessl/maven-org-keycloak--keycloak-core
Core Keycloak library providing fundamental authentication and authorization functionality
—
Pending
identity-management.mddocs/
Identity Management
Extensive data transfer objects for user management, realm configuration, client settings, roles, groups, and authorization policies. These representations form the core of Keycloak's identity and access management API.
Capabilities
User Management
User representation and management with comprehensive profile and security attributes.
/**
* User entity representation with profile and security information
*/
public class UserRepresentation extends AbstractUserRepresentation {
/**
* Get the user ID
* @return User identifier
*/
public String getId();
/**
* Set the user ID
* @param id User identifier
*/
public void setId(String id);
/**
* Get the username
* @return Username
*/
public String getUsername();
/**
* Set the username
* @param username Username
*/
public void setUsername(String username);
/**
* Get the email address
* @return Email address
*/
public String getEmail();
/**
* Set the email address
* @param email Email address
*/
public void setEmail(String email);
/**
* Get the first name
* @return First name
*/
public String getFirstName();
/**
* Set the first name
* @param firstName First name
*/
public void setFirstName(String firstName);
/**
* Get the last name
* @return Last name
*/
public String getLastName();
/**
* Set the last name
* @param lastName Last name
*/
public void setLastName(String lastName);
/**
* Check if user is enabled
* @return true if user is enabled
*/
public Boolean isEnabled();
/**
* Set user enabled status
* @param enabled Enabled status
*/
public void setEnabled(Boolean enabled);
/**
* Check if email is verified
* @return true if email is verified
*/
public Boolean isEmailVerified();
/**
* Set email verification status
* @param emailVerified Email verification status
*/
public void setEmailVerified(Boolean emailVerified);
/**
* Get the creation timestamp
* @return Creation timestamp in milliseconds
*/
public Long getCreatedTimestamp();
/**
* Set the creation timestamp
* @param createdTimestamp Creation timestamp in milliseconds
*/
public void setCreatedTimestamp(Long createdTimestamp);
/**
* Get user credentials
* @return List of credential representations
*/
public List<CredentialRepresentation> getCredentials();
/**
* Set user credentials
* @param credentials List of credential representations
*/
public void setCredentials(List<CredentialRepresentation> credentials);
/**
* Get required actions
* @return List of required action names
*/
public List<String> getRequiredActions();
/**
* Set required actions
* @param requiredActions List of required action names
*/
public void setRequiredActions(List<String> requiredActions);
/**
* Get user groups
* @return List of group paths
*/
public List<String> getGroups();
/**
* Set user groups
* @param groups List of group paths
*/
public void setGroups(List<String> groups);
/**
* Get realm roles
* @return List of realm role names
*/
public List<String> getRealmRoles();
/**
* Set realm roles
* @param realmRoles List of realm role names
*/
public void setRealmRoles(List<String> realmRoles);
/**
* Get client roles mapping
* @return Map of client ID to role names
*/
public Map<String, List<String>> getClientRoles();
/**
* Set client roles mapping
* @param clientRoles Map of client ID to role names
*/
public void setClientRoles(Map<String, List<String>> clientRoles);
/**
* Get federated identities
* @return List of federated identity representations
*/
public List<FederatedIdentityRepresentation> getFederatedIdentities();
/**
* Set federated identities
* @param federatedIdentities List of federated identity representations
*/
public void setFederatedIdentities(List<FederatedIdentityRepresentation> federatedIdentities);
/**
* Get user attributes
* @return Map of attribute names to values
*/
public Map<String, List<String>> getAttributes();
/**
* Set user attributes
* @param attributes Map of attribute names to values
*/
public void setAttributes(Map<String, List<String>> attributes);
/**
* Get single attribute value
* @param name Attribute name
* @return First attribute value or null
*/
public String singleAttribute(String name);
/**
* Get the not-before timestamp for invalidating sessions
* @return Not-before timestamp
*/
public Integer getNotBefore();
/**
* Set the not-before timestamp
* @param notBefore Not-before timestamp
*/
public void setNotBefore(Integer notBefore);
/**
* Get user consents
* @return List of user consent representations
*/
public List<UserConsentRepresentation> getConsents();
/**
* Set user consents
* @param consents List of user consent representations
*/
public void setConsents(List<UserConsentRepresentation> consents);
/**
* Get service account client ID (for service accounts)
* @return Client ID or null
*/
public String getServiceAccountClientId();
/**
* Set service account client ID
* @param serviceAccountClientId Client ID
*/
public void setServiceAccountClientId(String serviceAccountClientId);
}
/**
* Abstract base user representation
*/
public abstract class AbstractUserRepresentation {
/**
* Get the origin (for federated users)
* @return Origin identifier
*/
public String getOrigin();
/**
* Set the origin
* @param origin Origin identifier
*/
public void setOrigin(String origin);
/**
* Get the self link URL
* @return Self link URL
*/
public String getSelf();
/**
* Set the self link URL
* @param self Self link URL
*/
public void setSelf(String self);
}Realm Management
Realm configuration and settings representation.
/**
* Realm configuration representation
*/
public class RealmRepresentation {
/**
* Get the realm ID
* @return Realm identifier
*/
public String getId();
/**
* Set the realm ID
* @param id Realm identifier
*/
public void setId(String id);
/**
* Get the realm name
* @return Realm name
*/
public String getRealm();
/**
* Set the realm name
* @param realm Realm name
*/
public void setRealm(String realm);
/**
* Get the display name
* @return Display name
*/
public String getDisplayName();
/**
* Set the display name
* @param displayName Display name
*/
public void setDisplayName(String displayName);
/**
* Get the display name for HTML contexts
* @return HTML display name
*/
public String getDisplayNameHtml();
/**
* Set the HTML display name
* @param displayNameHtml HTML display name
*/
public void setDisplayNameHtml(String displayNameHtml);
/**
* Check if realm is enabled
* @return true if enabled
*/
public Boolean isEnabled();
/**
* Set realm enabled status
* @param enabled Enabled status
*/
public void setEnabled(Boolean enabled);
/**
* Check if user registration is allowed
* @return true if registration allowed
*/
public Boolean isRegistrationAllowed();
/**
* Set registration allowed flag
* @param registrationAllowed Registration allowed flag
*/
public void setRegistrationAllowed(Boolean registrationAllowed);
/**
* Check if email as username is enabled
* @return true if email as username
*/
public Boolean isRegistrationEmailAsUsername();
/**
* Set email as username flag
* @param registrationEmailAsUsername Email as username flag
*/
public void setRegistrationEmailAsUsername(Boolean registrationEmailAsUsername);
/**
* Check if email verification is required
* @return true if verification required
*/
public Boolean isVerifyEmail();
/**
* Set email verification required flag
* @param verifyEmail Email verification flag
*/
public void setVerifyEmail(Boolean verifyEmail);
/**
* Check if login with email is enabled
* @return true if login with email enabled
*/
public Boolean isLoginWithEmailAllowed();
/**
* Set login with email flag
* @param loginWithEmailAllowed Login with email flag
*/
public void setLoginWithEmailAllowed(Boolean loginWithEmailAllowed);
/**
* Check if duplicate emails are allowed
* @return true if duplicate emails allowed
*/
public Boolean isDuplicateEmailsAllowed();
/**
* Set duplicate emails allowed flag
* @param duplicateEmailsAllowed Duplicate emails flag
*/
public void setDuplicateEmailsAllowed(Boolean duplicateEmailsAllowed);
/**
* Check if "remember me" is enabled
* @return true if remember me enabled
*/
public Boolean isRememberMe();
/**
* Set remember me flag
* @param rememberMe Remember me flag
*/
public void setRememberMe(Boolean rememberMe);
/**
* Check if edit username is allowed
* @return true if edit username allowed
*/
public Boolean isEditUsernameAllowed();
/**
* Set edit username allowed flag
* @param editUsernameAllowed Edit username flag
*/
public void setEditUsernameAllowed(Boolean editUsernameAllowed);
/**
* Check if reset password is allowed
* @return true if reset password allowed
*/
public Boolean isResetPasswordAllowed();
/**
* Set reset password allowed flag
* @param resetPasswordAllowed Reset password flag
*/
public void setResetPasswordAllowed(Boolean resetPasswordAllowed);
/**
* Get SSL required setting
* @return SSL required setting (none, external, all)
*/
public String getSslRequired();
/**
* Set SSL required setting
* @param sslRequired SSL required setting
*/
public void setSslRequired(String sslRequired);
/**
* Get password policy
* @return Password policy string
*/
public String getPasswordPolicy();
/**
* Set password policy
* @param passwordPolicy Password policy string
*/
public void setPasswordPolicy(String passwordPolicy);
/**
* Get OTP policy
* @return OTP policy representation
*/
public String getOtpPolicyType();
/**
* Set OTP policy type
* @param otpPolicyType OTP policy type
*/
public void setOtpPolicyType(String otpPolicyType);
/**
* Get users in the realm
* @return List of user representations
*/
public List<UserRepresentation> getUsers();
/**
* Set users in the realm
* @param users List of user representations
*/
public void setUsers(List<UserRepresentation> users);
/**
* Get clients in the realm
* @return List of client representations
*/
public List<ClientRepresentation> getClients();
/**
* Set clients in the realm
* @param clients List of client representations
*/
public void setClients(List<ClientRepresentation> clients);
/**
* Get roles in the realm
* @return Roles representation
*/
public RolesRepresentation getRoles();
/**
* Set roles in the realm
* @param roles Roles representation
*/
public void setRoles(RolesRepresentation roles);
/**
* Get groups in the realm
* @return List of group representations
*/
public List<GroupRepresentation> getGroups();
/**
* Set groups in the realm
* @param groups List of group representations
*/
public void setGroups(List<GroupRepresentation> groups);
/**
* Get default roles
* @return List of default role names
*/
public List<String> getDefaultRoles();
/**
* Set default roles
* @param defaultRoles List of default role names
*/
public void setDefaultRoles(List<String> defaultRoles);
/**
* Get required credentials
* @return List of required credential types
*/
public List<String> getRequiredCredentials();
/**
* Set required credentials
* @param requiredCredentials List of required credential types
*/
public void setRequiredCredentials(List<String> requiredCredentials);
/**
* Get custom attributes
* @return Map of custom attributes
*/
public Map<String, Object> getAttributes();
/**
* Set custom attributes
* @param attributes Map of custom attributes
*/
public void setAttributes(Map<String, Object> attributes);
}Client Management
OAuth2/OIDC client configuration representation.
/**
* OAuth2/OIDC client configuration representation
*/
public class ClientRepresentation {
/**
* Get the client ID
* @return Client identifier
*/
public String getId();
/**
* Set the client ID
* @param id Client identifier
*/
public void setId(String id);
/**
* Get the client identifier (clientId)
* @return Client identifier
*/
public String getClientId();
/**
* Set the client identifier
* @param clientId Client identifier
*/
public void setClientId(String clientId);
/**
* Get the client name
* @return Client name
*/
public String getName();
/**
* Set the client name
* @param name Client name
*/
public void setName(String name);
/**
* Get the client description
* @return Client description
*/
public String getDescription();
/**
* Set the client description
* @param description Client description
*/
public void setDescription(String description);
/**
* Get the root URL
* @return Root URL
*/
public String getRootUrl();
/**
* Set the root URL
* @param rootUrl Root URL
*/
public void setRootUrl(String rootUrl);
/**
* Get the admin URL
* @return Admin URL
*/
public String getAdminUrl();
/**
* Set the admin URL
* @param adminUrl Admin URL
*/
public void setAdminUrl(String adminUrl);
/**
* Get the base URL
* @return Base URL
*/
public String getBaseUrl();
/**
* Set the base URL
* @param baseUrl Base URL
*/
public void setBaseUrl(String baseUrl);
/**
* Check if client is enabled
* @return true if enabled
*/
public Boolean isEnabled();
/**
* Set client enabled status
* @param enabled Enabled status
*/
public void setEnabled(Boolean enabled);
/**
* Check if always display in console
* @return true if always display
*/
public Boolean isAlwaysDisplayInConsole();
/**
* Set always display in console flag
* @param alwaysDisplayInConsole Always display flag
*/
public void setAlwaysDisplayInConsole(Boolean alwaysDisplayInConsole);
/**
* Get client authenticator type
* @return Authenticator type
*/
public String getClientAuthenticatorType();
/**
* Set client authenticator type
* @param clientAuthenticatorType Authenticator type
*/
public void setClientAuthenticatorType(String clientAuthenticatorType);
/**
* Get valid redirect URIs
* @return List of valid redirect URIs
*/
public List<String> getRedirectUris();
/**
* Set valid redirect URIs
* @param redirectUris List of valid redirect URIs
*/
public void setRedirectUris(List<String> redirectUris);
/**
* Get web origins
* @return List of web origins for CORS
*/
public List<String> getWebOrigins();
/**
* Set web origins
* @param webOrigins List of web origins for CORS
*/
public void setWebOrigins(List<String> webOrigins);
/**
* Get not-before timestamp
* @return Not-before timestamp
*/
public Integer getNotBefore();
/**
* Set not-before timestamp
* @param notBefore Not-before timestamp
*/
public void setNotBefore(Integer notBefore);
/**
* Check if bearer-only client
* @return true if bearer-only
*/
public Boolean isBearerOnly();
/**
* Set bearer-only flag
* @param bearerOnly Bearer-only flag
*/
public void setBearerOnly(Boolean bearerOnly);
/**
* Check if consent required
* @return true if consent required
*/
public Boolean isConsentRequired();
/**
* Set consent required flag
* @param consentRequired Consent required flag
*/
public void setConsentRequired(Boolean consentRequired);
/**
* Check if standard flow enabled
* @return true if standard flow enabled
*/
public Boolean isStandardFlowEnabled();
/**
* Set standard flow enabled flag
* @param standardFlowEnabled Standard flow flag
*/
public void setStandardFlowEnabled(Boolean standardFlowEnabled);
/**
* Check if implicit flow enabled
* @return true if implicit flow enabled
*/
public Boolean isImplicitFlowEnabled();
/**
* Set implicit flow enabled flag
* @param implicitFlowEnabled Implicit flow flag
*/
public void setImplicitFlowEnabled(Boolean implicitFlowEnabled);
/**
* Check if direct access grants enabled
* @return true if direct access grants enabled
*/
public Boolean isDirectAccessGrantsEnabled();
/**
* Set direct access grants enabled flag
* @param directAccessGrantsEnabled Direct access grants flag
*/
public void setDirectAccessGrantsEnabled(Boolean directAccessGrantsEnabled);
/**
* Check if service accounts enabled
* @return true if service accounts enabled
*/
public Boolean isServiceAccountsEnabled();
/**
* Set service accounts enabled flag
* @param serviceAccountsEnabled Service accounts flag
*/
public void setServiceAccountsEnabled(Boolean serviceAccountsEnabled);
/**
* Check if public client
* @return true if public client
*/
public Boolean isPublicClient();
/**
* Set public client flag
* @param publicClient Public client flag
*/
public void setPublicClient(Boolean publicClient);
/**
* Check if frontchannel logout
* @return true if frontchannel logout
*/
public Boolean isFrontchannelLogout();
/**
* Set frontchannel logout flag
* @param frontchannelLogout Frontchannel logout flag
*/
public void setFrontchannelLogout(Boolean frontchannelLogout);
/**
* Get the protocol (openid-connect, saml, etc.)
* @return Protocol name
*/
public String getProtocol();
/**
* Set the protocol
* @param protocol Protocol name
*/
public void setProtocol(String protocol);
/**
* Get client attributes
* @return Map of client attributes
*/
public Map<String, String> getAttributes();
/**
* Set client attributes
* @param attributes Map of client attributes
*/
public void setAttributes(Map<String, String> attributes);
/**
* Get authentication flow bindings
* @return Map of flow bindings
*/
public Map<String, String> getAuthenticationFlowBindingOverrides();
/**
* Set authentication flow bindings
* @param authenticationFlowBindingOverrides Map of flow bindings
*/
public void setAuthenticationFlowBindingOverrides(Map<String, String> authenticationFlowBindingOverrides);
/**
* Get full scope allowed flag
* @return true if full scope allowed
*/
public Boolean isFullScopeAllowed();
/**
* Set full scope allowed flag
* @param fullScopeAllowed Full scope allowed flag
*/
public void setFullScopeAllowed(Boolean fullScopeAllowed);
/**
* Get node re-registration timeout
* @return Timeout in seconds
*/
public Integer getNodeReRegistrationTimeout();
/**
* Set node re-registration timeout
* @param nodeReRegistrationTimeout Timeout in seconds
*/
public void setNodeReRegistrationTimeout(Integer nodeReRegistrationTimeout);
/**
* Get registered nodes
* @return Map of registered nodes
*/
public Map<String, Integer> getRegisteredNodes();
/**
* Set registered nodes
* @param registeredNodes Map of registered nodes
*/
public void setRegisteredNodes(Map<String, Integer> registeredNodes);
/**
* Get protocol mappers
* @return List of protocol mapper representations
*/
public List<ProtocolMapperRepresentation> getProtocolMappers();
/**
* Set protocol mappers
* @param protocolMappers List of protocol mapper representations
*/
public void setProtocolMappers(List<ProtocolMapperRepresentation> protocolMappers);
/**
* Get client scopes
* @return List of client scope names
*/
public List<String> getDefaultClientScopes();
/**
* Set default client scopes
* @param defaultClientScopes List of client scope names
*/
public void setDefaultClientScopes(List<String> defaultClientScopes);
/**
* Get optional client scopes
* @return List of optional client scope names
*/
public List<String> getOptionalClientScopes();
/**
* Set optional client scopes
* @param optionalClientScopes List of optional client scope names
*/
public void setOptionalClientScopes(List<String> optionalClientScopes);
/**
* Get access settings
* @return Access settings map
*/
public Map<String, Boolean> getAccess();
/**
* Set access settings
* @param access Access settings map
*/
public void setAccess(Map<String, Boolean> access);
}Role Management
Role representation and role mapping functionality.
/**
* Role representation
*/
public class RoleRepresentation {
/**
* Get the role ID
* @return Role identifier
*/
public String getId();
/**
* Set the role ID
* @param id Role identifier
*/
public void setId(String id);
/**
* Get the role name
* @return Role name
*/
public String getName();
/**
* Set the role name
* @param name Role name
*/
public void setName(String name);
/**
* Get the role description
* @return Role description
*/
public String getDescription();
/**
* Set the role description
* @param description Role description
*/
public void setDescription(String description);
/**
* Check if role is composite
* @return true if composite role
*/
public Boolean isComposite();
/**
* Set composite role flag
* @param composite Composite role flag
*/
public void setComposite(Boolean composite);
/**
* Check if client role
* @return true if client role
*/
public Boolean isClientRole();
/**
* Set client role flag
* @param clientRole Client role flag
*/
public void setClientRole(Boolean clientRole);
/**
* Get the container ID (realm or client)
* @return Container identifier
*/
public String getContainerId();
/**
* Set the container ID
* @param containerId Container identifier
*/
public void setContainerId(String containerId);
/**
* Get composite role details
* @return Composite role representation
*/
public RoleRepresentation.Composites getComposites();
/**
* Set composite role details
* @param composites Composite role representation
*/
public void setComposites(RoleRepresentation.Composites composites);
/**
* Get role attributes
* @return Map of role attributes
*/
public Map<String, List<String>> getAttributes();
/**
* Set role attributes
* @param attributes Map of role attributes
*/
public void setAttributes(Map<String, List<String>> attributes);
/**
* Composite role information
*/
public static class Composites {
/**
* Get realm composite roles
* @return List of realm role names
*/
public List<String> getRealm();
/**
* Set realm composite roles
* @param realm List of realm role names
*/
public void setRealm(List<String> realm);
/**
* Get client composite roles
* @return Map of client ID to role names
*/
public Map<String, List<String>> getClient();
/**
* Set client composite roles
* @param client Map of client ID to role names
*/
public void setClient(Map<String, List<String>> client);
}
}
/**
* Roles container representation
*/
public class RolesRepresentation {
/**
* Get realm roles
* @return List of realm role representations
*/
public List<RoleRepresentation> getRealm();
/**
* Set realm roles
* @param realm List of realm role representations
*/
public void setRealm(List<RoleRepresentation> realm);
/**
* Get client roles
* @return Map of client ID to role representations
*/
public Map<String, List<RoleRepresentation>> getClient();
/**
* Set client roles
* @param client Map of client ID to role representations
*/
public void setClient(Map<String, List<RoleRepresentation>> client);
}Group Management
Group representation with hierarchical structure support.
/**
* Group representation with hierarchical structure
*/
public class GroupRepresentation {
/**
* Get the group ID
* @return Group identifier
*/
public String getId();
/**
* Set the group ID
* @param id Group identifier
*/
public void setId(String id);
/**
* Get the group name
* @return Group name
*/
public String getName();
/**
* Set the group name
* @param name Group name
*/
public void setName(String name);
/**
* Get the group path
* @return Full group path
*/
public String getPath();
/**
* Set the group path
* @param path Full group path
*/
public void setPath(String path);
/**
* Get group attributes
* @return Map of group attributes
*/
public Map<String, List<String>> getAttributes();
/**
* Set group attributes
* @param attributes Map of group attributes
*/
public void setAttributes(Map<String, List<String>> attributes);
/**
* Get realm roles
* @return List of realm role names
*/
public List<String> getRealmRoles();
/**
* Set realm roles
* @param realmRoles List of realm role names
*/
public void setRealmRoles(List<String> realmRoles);
/**
* Get client roles
* @return Map of client ID to role names
*/
public Map<String, List<String>> getClientRoles();
/**
* Set client roles
* @param clientRoles Map of client ID to role names
*/
public void setClientRoles(Map<String, List<String>> clientRoles);
/**
* Get subgroups
* @return List of subgroup representations
*/
public List<GroupRepresentation> getSubGroups();
/**
* Set subgroups
* @param subGroups List of subgroup representations
*/
public void setSubGroups(List<GroupRepresentation> subGroups);
/**
* Get access settings
* @return Access settings map
*/
public Map<String, Boolean> getAccess();
/**
* Set access settings
* @param access Access settings map
*/
public void setAccess(Map<String, Boolean> access);
}Usage Examples
import org.keycloak.representations.idm.*;
import java.util.*;
// Create user representation
UserRepresentation user = new UserRepresentation();
user.setUsername("john.doe");
user.setEmail("john.doe@example.com");
user.setFirstName("John");
user.setLastName("Doe");
user.setEnabled(true);
user.setEmailVerified(true);
// Set user attributes
Map<String, List<String>> attributes = new HashMap<>();
attributes.put("department", Arrays.asList("Engineering"));
attributes.put("location", Arrays.asList("New York"));
user.setAttributes(attributes);
// Set user roles
user.setRealmRoles(Arrays.asList("user", "developer"));
Map<String, List<String>> clientRoles = new HashMap<>();
clientRoles.put("my-app", Arrays.asList("app-user", "viewer"));
user.setClientRoles(clientRoles);
// Set user groups
user.setGroups(Arrays.asList("/Engineering", "/Engineering/Backend"));
// Create realm representation
RealmRepresentation realm = new RealmRepresentation();
realm.setRealm("my-company");
realm.setDisplayName("My Company");
realm.setEnabled(true);
realm.setRegistrationAllowed(true);
realm.setVerifyEmail(true);
realm.setLoginWithEmailAllowed(true);
realm.setPasswordPolicy("length(8) and digits(1) and lowerCase(1) and upperCase(1)");
// Create client representation
ClientRepresentation client = new ClientRepresentation();
client.setClientId("my-web-app");
client.setName("My Web Application");
client.setEnabled(true);
client.setPublicClient(false);
client.setStandardFlowEnabled(true);
client.setDirectAccessGrantsEnabled(true);
client.setServiceAccountsEnabled(true);
// Set client URLs
client.setRootUrl("https://myapp.example.com");
client.setRedirectUris(Arrays.asList("https://myapp.example.com/auth/callback"));
client.setWebOrigins(Arrays.asList("https://myapp.example.com"));
// Set client attributes
Map<String, String> clientAttributes = new HashMap<>();
clientAttributes.put("access.token.lifespan", "300");
clientAttributes.put("client.session.idle.timeout", "1800");
client.setAttributes(clientAttributes);
// Create role representations
RoleRepresentation adminRole = new RoleRepresentation();
adminRole.setName("admin");
adminRole.setDescription("Administrator role");
adminRole.setComposite(false);
RoleRepresentation userRole = new RoleRepresentation();
userRole.setName("user");
userRole.setDescription("Standard user role");
userRole.setComposite(false);
// Create group representation with hierarchy
GroupRepresentation engineeringGroup = new GroupRepresentation();
engineeringGroup.setName("Engineering");
engineeringGroup.setPath("/Engineering");
GroupRepresentation backendGroup = new GroupRepresentation();
backendGroup.setName("Backend");
backendGroup.setPath("/Engineering/Backend");
engineeringGroup.setSubGroups(Arrays.asList(backendGroup));
// Set group roles
engineeringGroup.setRealmRoles(Arrays.asList("developer"));
Map<String, List<String>> groupClientRoles = new HashMap<>();
groupClientRoles.put("my-web-app", Arrays.asList("app-developer"));
engineeringGroup.setClientRoles(groupClientRoles);Install with Tessl CLI
npx tessl i tessl/maven-org-keycloak--keycloak-core