tessl/npm-keycloak--keycloak-admin-client
A comprehensive TypeScript client library for interacting with Keycloak's Administration API.
—
Pending
Quality
Pending
Does it follow best practices?
Impact
Pending
No eval scenarios have been run
Securityby
Pending
The risk profile of this skill
client-policies.mddocs/
Client Policies
Client policies and profiles provide fine-grained control over client configuration and behavior in Keycloak, allowing administrators to enforce security policies and configuration standards across all registered clients.
Capabilities
Client Profiles
List and manage client profiles which define configurations and executors that can be applied to clients.
/**
* List client profiles with optional global profile inclusion
* @param params - Query parameters for profile listing
* @returns ClientProfilesRepresentation containing all profiles
*/
listProfiles(params?: { includeGlobalProfiles?: boolean }): Promise<ClientProfilesRepresentation>;
/**
* Create or update client profiles
* @param profiles - Client profiles representation to create/update
* @returns void
*/
createProfiles(profiles: ClientProfilesRepresentation): Promise<void>;Client Policies
List and manage client policies which define conditions and apply profiles to matching clients.
/**
* List client policies with optional global policy inclusion
* @param params - Query parameters for policy listing
* @returns ClientPoliciesRepresentation containing all policies
*/
listPolicies(params?: { includeGlobalPolicies?: boolean }): Promise<ClientPoliciesRepresentation>;
/**
* Update client policies
* @param policies - Client policies representation to update
* @returns void
*/
updatePolicy(policies: ClientPoliciesRepresentation): Promise<void>;Usage Examples
import KeycloakAdminClient from "@keycloak/keycloak-admin-client";
const kcAdminClient = new KeycloakAdminClient({
baseUrl: 'http://localhost:8080',
realmName: 'myrealm',
});
await kcAdminClient.auth({
username: 'admin',
password: 'admin',
grantType: 'password',
clientId: 'admin-cli',
});
// List all client profiles including global ones
const profiles = await kcAdminClient.clientPolicies.listProfiles({
includeGlobalProfiles: true
});
// List client policies
const policies = await kcAdminClient.clientPolicies.listPolicies({
includeGlobalPolicies: true
});
// Update client policies
await kcAdminClient.clientPolicies.updatePolicy({
policies: [
{
name: "secure-clients-policy",
description: "Enforce security settings for all clients",
enabled: true,
conditions: [
{
condition: "any-client",
configuration: {}
}
],
profiles: ["security-profile"]
}
]
});Types
interface ClientProfilesRepresentation {
profiles?: ClientProfileRepresentation[];
globalProfiles?: ClientProfileRepresentation[];
}
interface ClientPoliciesRepresentation {
policies?: ClientPolicyRepresentation[];
globalPolicies?: ClientPolicyRepresentation[];
}
interface ClientProfileRepresentation {
name?: string;
description?: string;
executors?: ClientPolicyExecutorRepresentation[];
}
interface ClientPolicyRepresentation {
name?: string;
description?: string;
enabled?: boolean;
conditions?: ClientPolicyConditionRepresentation[];
profiles?: string[];
}
interface ClientPolicyExecutorRepresentation {
executor?: string;
configuration?: Record<string, any>;
}
interface ClientPolicyConditionRepresentation {
condition?: string;
configuration?: Record<string, any>;
}docs
attack-detection.mdauthentication-management.mdcache-management.mdclient-configuration.mdclient-management.mdclient-policies.mdclient-scopes.mdcomponents.mdgroup-management.mdidentity-providers.mdindex.mdorganization-management.mdrealm-management.mdrole-management.mdserver-info.mduser-management.mduser-storage-provider.mdutility-functions.mdwhoami.md