npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@n8n-dev/n8n-nodes-keycloak

v1.0.1

Published

Keycloak Admin REST API reference.

Readme

@n8n-dev/n8n-nodes-keycloak

keycloak Banner

npm version License: MIT


Stop writing keycloak API integrations by hand.

Every time you connect n8n to keycloak, you waste hours mapping endpoints, defining parameters, and debugging schemas. You copy-paste from docs, fix edge cases, and pray nothing breaks.

What if connecting n8n to keycloak took 5 minutes, not half a day?

This node gives you 21+ resources out of the box: Root, Realms Admin, User Storage Provider, Attack Detection, Authentication Management, and 16 more: with full CRUD operations, typed parameters, and zero manual configuration.


What You Get

  • Zero boilerplate: Resources, operations, and fields are pre-configured and ready to use
  • Full CRUD: Create, read, update, and delete support where the API allows it
  • Typed parameters: No more guessing field types
  • Built-in auth: API key authentication, ready to go
  • Declarative: Native n8n performance, no custom execute() overhead

Install

npm install @n8n-dev/n8n-nodes-keycloak

Or in n8n:

  1. Settings → Community Nodes → Install
  2. Search: @n8n-dev/n8n-nodes-keycloak
  3. Click Install

Quick Start

  1. Install the node (above)
  2. Add credentials: keycloak API → paste your API key
  3. Drag the keycloak node into your workflow
  4. Pick a resource → pick an operation → done.

That's it. No configuration files. No code. It just works.


Resources

  • Get themes social providers auth providers and event listeners available on this server
  • Post Import a realm Imports a realm from a full representation of that realm
  • Delete the realm
  • Get the top level representation of the realm It will not include nested information like User and Client representations
  • Put Update the top level information of the realm Any user roles or client information in the representation will be ignored
  • Delete all admin events
  • Get admin events Returns all admin events or filters events based on URL query parameters listed here
  • Post Clear cache of external public keys Public keys of clients or Identity providers
  • Post Clear realm cache
  • Post Clear user cache
  • Post Base path for importing clients under this realm
  • Get client session stats Returns a JSON map
  • Get Credential Registrators
  • Get realm default client scopes
  • Delete Default Default Client Scopes
  • Put Default Default Client Scopes
  • Get group hierarchy
  • Delete Default Groups
  • Put Default Groups
  • Get realm optional client scopes
  • Delete Default Optional Client Scopes
  • Put Default Optional Client Scopes
  • Delete all events
  • Get events Returns all events or filters them based on URL query parameters listed here
  • Get the events provider configuration Returns JSON object with events provider configuration
  • Put Update the events provider Change the events provider and or its configuration
  • Get Group By Path
  • Post Removes all user sessions
  • Post Partial export of existing realm into a JSON file
  • Post Partial import from a JSON file to an existing realm
  • Post Push the realm s revocation policy to any client that has an admin URL associated with it
  • Delete Remove a specific user session
  • Post Test LDAP connection
  • Post Test SMTP Connection
  • Get Users Management Permissions
  • Put Users Management Permissions
  • Get Need this for admin console to display simple name of provider when displaying client detail KEYCLOAK 4328
  • Get Need this for admin console to display simple name of provider when displaying user detail KEYCLOAK 4328
  • Post Remove imported users
  • Post Trigger sync of users Action can be triggerFullSync or triggerChangedUsersSync
  • Post Unlink imported users from a storage provider
  • Post Trigger sync of mapper data related to ldap mapper roles groups direction is fedToKeycloak or keycloakToFed
  • Delete Clear any user login failures for all users This can release temporary disabled users
  • Get status of a username in brute force detection
  • Get authenticator providers Returns a list of authenticator providers
  • Get client authenticator providers Returns a list of client authenticator providers
  • Get authenticator provider s configuration description
  • Delete authenticator configuration
  • Get authenticator configuration
  • Put Update authenticator configuration
  • Post Add new authentication execution
  • Delete execution
  • Get Single Execution
  • Post Update execution with new configuration
  • Post Lower execution s priority
  • Post Raise execution s priority
  • Get authentication flows Returns a list of authentication flows
  • Post Create a new authentication flow
  • Post Copy existing authentication flow under a new name The new name is given as newName attribute of the passed JSON object
  • Get authentication executions for a flow
  • Put Update authentication executions of a flow
  • Post Add new authentication execution to a flow
  • Post Add new flow with new execution to existing flow
  • Delete an authentication flow
  • Put Update an authentication flow
  • Get form action providers Returns a list of form action providers
  • Get form providers Returns a list of form providers
  • Get configuration descriptions for all clients
  • Post Register a new required actions
  • Get required actions Returns a list of required actions
  • Delete required action
  • Put Update required action
  • Post Lower required action s priority
  • Post Raise required action s priority
  • Get unregistered required actions Returns a list of unregistered required actions
  • Get Base path for retrieve providers with the configProperties properly filled
  • Get client scopes belonging to the realm Returns a list of client scopes belonging to the realm
  • Post Create a new client scope Client Scope s name must be unique
  • Delete the client scope
  • Put Update the client scope
  • Delete the mapper
  • Get mapper by ID
  • Put Update the mapper
  • Post Create multiple mappers
  • Post Create a mapper
  • Get mappers by name for a specific protocol
  • Delete the mapper
  • Get mapper by ID
  • Put Update the mapper
  • Post Create multiple mappers
  • Post Create a mapper
  • Get mappers by name for a specific protocol
  • Get all scope mappings for the client
  • Delete Remove client level roles from the client s scope
  • Get the roles associated with a client s scope Returns roles for the client
  • Post Add client level roles to the client s scope
  • Get The available client level roles Returns the roles for the client that can be associated with the client s scope
  • Get effective client roles Returns the roles for the client that are associated with the client s scope
  • Delete Remove a set of realm level roles from the client s scope
  • Get realm level roles associated with the client s scope
  • Post Add a set of realm level roles to the client s scope
  • Get realm level roles that are available to attach to this client s scope
  • Get effective realm level roles associated with the client s scope What this does is recurse any composite roles associated with the client s scope and adds the roles to this lists
  • Get all scope mappings for the client
  • Delete Remove client level roles from the client s scope
  • Get the roles associated with a client s scope Returns roles for the client
  • Post Add client level roles to the client s scope
  • Get The available client level roles Returns the roles for the client that can be associated with the client s scope
  • Get effective client roles Returns the roles for the client that are associated with the client s scope
  • Delete Remove a set of realm level roles from the client s scope
  • Get realm level roles associated with the client s scope
  • Post Add a set of realm level roles to the client s scope
  • Get realm level roles that are available to attach to this client s scope
  • Get effective realm level roles associated with the client s scope What this does is recurse any composite roles associated with the client s scope and adds the roles to this lists
  • Get clients belonging to the realm Returns a list of clients belonging to the realm
  • Post Create a new client Client s client ID must be unique
  • Delete the client
  • Put Update the client
  • Get the client secret
  • Post Generate a new secret for the client
  • Get default client scopes
  • Delete Clients Default Client Scopes
  • Put Clients Default Client Scopes
  • Get Create JSON with payload of example access token
  • Get Return list of all protocol mappers which will be used when generating tokens issued for particular client
  • Get effective scope mapping of all roles of particular role container which this client is defacto allowed to have in the accessToken issued for him
  • Get roles which this client doesn t have scope for and can t have them in the accessToken issued for him
  • Get Clients Installation Providers
  • Get Return object stating whether client Authorization permissions have been initialized or not and a reference
  • Put Return object stating whether client Authorization permissions have been initialized or not and a reference
  • Post Register a cluster node with the client Manually register cluster node to this client usually it s not needed to call this directly as adapter should handle by sending registration request to Keycloak
  • Delete Unregister a cluster node from the client
  • Get application offline session count Returns a number of offline user sessions associated with this client count number
  • Get offline sessions for client Returns a list of offline user sessions associated with this client
  • Get optional client scopes
  • Delete Clients Optional Client Scopes
  • Put Clients Optional Client Scopes
  • Post Push the client s revocation policy to its admin URL If the client has an admin URL push revocation policy to it
  • Post Generate a new registration access token for the client
  • Get a user dedicated to the service account
  • Get application session count Returns a number of user sessions associated with this client count number
  • Get Test if registered cluster nodes are available Tests availability by sending ping request to all cluster nodes
  • Get user sessions for client Returns a list of user sessions associated with this client
  • Get Clients Initial Access
  • Post Create a new initial access token
  • Delete Clients Initial Access
  • Get key info
  • Post Get a keystore file for the client containing private key and public certificate
  • Post Generate a new certificate with new key pair
  • Post Generate a new keypair and certificate and get the private key file Generates a keypair and certificate and serves the private key in a specified keystore format
  • Post Upload certificate and eventually private key
  • Post Upload only certificate not private key
  • Get all roles for the realm or client
  • Post Create a new role for the realm or client
  • Delete a role by name
  • Put Update a role by name
  • Delete Remove roles from the role s composite
  • Get composites of the role
  • Post Add a composite to the role
  • Get An app level roles for the specified app for the role s composite
  • Get realm level roles of the role s composite
  • Get Return List of Groups that have the specified role name
  • Get Return object stating whether role Authoirzation permissions have been initialized or not and a reference
  • Put Return object stating whether role Authoirzation permissions have been initialized or not and a reference
  • Get Return List of Users that have the specified role name
  • Get all roles for the realm or client
  • Post Create a new role for the realm or client
  • Delete a role by name
  • Put Update a role by name
  • Delete Remove roles from the role s composite
  • Get composites of the role
  • Post Add a composite to the role
  • Get An app level roles for the specified app for the role s composite
  • Get realm level roles of the role s composite
  • Get Return List of Groups that have the specified role name
  • Get Return object stating whether role Authoirzation permissions have been initialized or not and a reference
  • Put Return object stating whether role Authoirzation permissions have been initialized or not and a reference
  • Get Return List of Users that have the specified role name
  • Get Components
  • Post Components
  • Delete Components
  • Put Components
  • Get List of subcomponent types that are available to configure for a particular parent component
  • Get group hierarchy
  • Post create or add a top level realm groupSet or create child
  • Get Returns the groups counts
  • Delete Groups
  • Put Update group ignores subgroups
  • Post Set or create child
  • Get Return object stating whether client Authorization permissions have been initialized or not and a reference
  • Put Return object stating whether client Authorization permissions have been initialized or not and a reference
  • Get users Returns a list of users filtered according to query parameters
  • Get role mappings
  • Delete realm level role mappings
  • Get realm level role mappings
  • Post Add realm level role mappings to the user
  • Get realm level roles that can be mapped
  • Get effective realm level role mappings This will recurse all composite roles to get the result
  • Get role mappings
  • Delete realm level role mappings
  • Get realm level role mappings
  • Post Add realm level role mappings to the user
  • Get realm level roles that can be mapped
  • Get effective realm level role mappings This will recurse all composite roles to get the result
  • Delete client level roles from user role mapping
  • Get client level role mappings for the user and the app
  • Post Add client level roles to the user role mapping
  • Get available client level roles that can be mapped to the user
  • Get effective client level role mappings This recurses any composite roles
  • Delete client level roles from user role mapping
  • Get client level role mappings for the user and the app
  • Post Add client level roles to the user role mapping
  • Get available client level roles that can be mapped to the user
  • Get effective client level role mappings This recurses any composite roles
  • Post Import identity provider from uploaded JSON file
  • Get identity providers
  • Post Create a new identity provider
  • Delete the identity provider
  • Put Update the identity provider
  • Get Export public broker configuration for identity provider
  • Get Return object stating whether client Authorization permissions have been initialized or not and a reference
  • Put Return object stating whether client Authorization permissions have been initialized or not and a reference
  • Get mapper types for identity provider
  • Get mappers for identity provider
  • Post Add a mapper to identity provider
  • Delete a mapper for the identity provider
  • Put Update a mapper for the identity provider
  • Get identity providers
  • Get Keys
  • Delete the role
  • Get a specific role s representation
  • Put Update the role
  • Delete Remove a set of roles from the role s composite
  • Get role s children Returns a set of role s children provided the role is a composite
  • Post Make the role a composite role by associating some child roles
  • Get client level roles for the client that are in the role s composite
  • Get realm level roles that are in the role s composite
  • Get Return object stating whether role Authoirzation permissions have been initialized or not and a reference
  • Put Return object stating whether role Authoirzation permissions have been initialized or not and a reference
  • Get users Returns a list of users filtered according to query parameters
  • Post Create a new user Username must be unique
  • Get Returns the number of users that match the given criteria
  • Delete the user
  • Put Update the user
  • Get Return credential types which are provided by the user storage where user is stored
  • Get consents granted by the user
  • Delete Revoke consent and offline tokens for particular client from user
  • Get Users Credentials
  • Delete Remove a credential for a user
  • Post Move a credential to a position behind another credential
  • Post Move a credential to a first position in the credentials list of the user
  • Put Update a credential label for a user
  • Put Disable all credentials for a user of a specific type
  • Put Send a update account email to the user An email contains a link the user can click to perform a set of required actions
  • Get social logins associated with the user
  • Delete Remove a social login provider from user
  • Post Add a social login provider to the user
  • Get Users Groups
  • Get Users Groups Count
  • Delete Users Groups
  • Put Users Groups
  • Post Impersonate the user
  • Post Remove all user sessions associated with the user Also send notification to all clients that have an admin URL to invalidate the sessions for the particular user
  • Get offline sessions associated with the user and client
  • Put Set up a new password for the user
  • Put Send an email verification email to the user An email contains a link the user can click to verify their email address
  • Get sessions associated with the user

Why This Node?

Without this node:

  • Hours of manual API integration
  • Copy-pasting from keycloak docs
  • Debugging auth, pagination, error handling
  • Maintaining your own client code

With this node:

  • Install → configure → use. 5 minutes.
  • Auto-generated from the official keycloak OpenAPI spec
  • Always up to date when the API changes
  • Native n8n performance

Auto-Generated

This node was auto-generated from the official keycloak OpenAPI specification using @n8n-dev/n8n-openapi-node-ultimate, then validated against the live API so you get accurate types and real parameters, not guesswork.

When the keycloak API updates, this node updates too.


License

MIT © kelvinzer0