CtrlK
BlogDocsLog inGet started
Tessl Logo

tessl/npm-keycloak--keycloak-admin-client

A comprehensive TypeScript client library for interacting with Keycloak's Administration API.

Pending
Quality

Pending

Does it follow best practices?

Impact

Pending

No eval scenarios have been run

SecuritybySnyk

Pending

The risk profile of this skill

Overview
Eval results
Files

user-storage-provider.mddocs/

User Storage Provider

User storage provider management enables administrators to control external user storage systems, including synchronization operations, user linking, and mapper synchronization for federated user stores like LDAP and database providers.

Capabilities

Provider Information

Retrieve information about user storage providers.

/**
 * Get the name and ID of a user storage provider
 * @param params - Parameters containing the provider ID
 * @returns Name response with provider ID and name
 */
name(params: { id: string }): Promise<NameResponse>;

User Management Operations

Manage users and synchronization for external user storage.

/**
 * Remove imported users from the provider
 * @param params - Parameters containing the provider ID
 * @returns void
 */
removeImportedUsers(params: { id: string }): Promise<void>;

/**
 * Synchronize users from the external storage provider
 * @param params - Parameters containing provider ID and optional action type
 * @returns Synchronization result with statistics
 */
sync(params: { id: string; action?: ActionType }): Promise<SynchronizationResultRepresentation>;

/**
 * Unlink users from the provider
 * @param params - Parameters containing the provider ID
 * @returns void
 */
unlinkUsers(params: { id: string }): Promise<void>;

Mapper Synchronization

Synchronize user attribute mappers between Keycloak and external storage.

/**
 * Synchronize user storage provider mappers
 * @param params - Parameters containing mapper ID, parent provider ID, and direction
 * @returns Synchronization result with statistics
 */
mappersSync(params: { 
  id: string; 
  parentId: string; 
  direction?: DirectionType 
}): Promise<SynchronizationResultRepresentation>;

Usage Examples

import KeycloakAdminClient from "@keycloak/keycloak-admin-client";

const kcAdminClient = new KeycloakAdminClient({
  baseUrl: 'http://localhost:8080',
  realmName: 'myrealm',
});

await kcAdminClient.auth({
  username: 'admin',
  password: 'admin',
  grantType: 'password',
  clientId: 'admin-cli',
});

// Get provider information
const providerInfo = await kcAdminClient.userStorageProvider.name({
  id: 'ldap-provider-id'
});
console.log('Provider:', providerInfo.name);

// Perform full synchronization from external storage
const syncResult = await kcAdminClient.userStorageProvider.sync({
  id: 'ldap-provider-id',
  action: 'triggerFullSync'
});

console.log('Sync results:', {
  added: syncResult.added,
  updated: syncResult.updated,
  removed: syncResult.removed,
  failed: syncResult.failed
});

// Synchronize only changed users
const changedUsersSync = await kcAdminClient.userStorageProvider.sync({
  id: 'ldap-provider-id',
  action: 'triggerChangedUsersSync'
});

// Synchronize mappers from Keycloak to external storage
const mapperSync = await kcAdminClient.userStorageProvider.mappersSync({
  id: 'mapper-id',
  parentId: 'ldap-provider-id',
  direction: 'keycloakToFed'
});

// Remove imported users (they will be re-imported on next access)
await kcAdminClient.userStorageProvider.removeImportedUsers({
  id: 'ldap-provider-id'
});

// Unlink users from provider
await kcAdminClient.userStorageProvider.unlinkUsers({
  id: 'ldap-provider-id'
});

Types

type ActionType = "triggerFullSync" | "triggerChangedUsersSync";
type DirectionType = "fedToKeycloak" | "keycloakToFed";

interface NameResponse {
  id: string;
  name: string;
}

interface SynchronizationResultRepresentation {
  status?: string;
  added?: number;
  updated?: number;
  removed?: number;
  failed?: number;
}

Common Use Cases

LDAP Integration: Synchronize users from LDAP/Active Directory servers, including full synchronization and incremental updates.

Database Federation: Manage users stored in external databases with custom user storage providers.

Bulk Operations: Remove or unlink large numbers of federated users when restructuring user storage.

Attribute Mapping: Synchronize user attributes between Keycloak and external systems using mapper synchronization.

docs

attack-detection.md

authentication-management.md

cache-management.md

client-configuration.md

client-management.md

client-policies.md

client-scopes.md

components.md

group-management.md

identity-providers.md

index.md

organization-management.md

realm-management.md

role-management.md

server-info.md

user-management.md

user-storage-provider.md

utility-functions.md

whoami.md

tile.json