SupportKonsoleEntwicklerDemo startenKontakt

Dieser Inhalt ist in der von Ihnen ausgewählten Sprache nicht verfügbar.

Chapter 2. Admin REST API

Red Hat Single Sign-On comes with a fully functional Admin REST API with all features provided by the Admin Console.

To invoke the API you need to obtain an access token with the appropriate permissions. The required permissions are described in the Server Administration Guide.

You can obtain a token by enabling authentication for your application using Red Hat Single Sign-On; see the Securing Applications and Services Guide. You can also use direct access grant to obtain an access token.

2.1. Examples of using CURL

2.1.1. Authenticating with a username and password

Procedure

  1. Obtain an access token for the user in the realm master with username admin and password password: 

    curl \
  -d "client_id=admin-cli" \
  -d "username=admin" \
  -d "password=password" \
  -d "grant_type=password" \
  "http://localhost:8080/auth/realms/master/protocol/openid-connect/token"
    Note

    By default this token expires in 1 minute

    The result will be a JSON document.

  2. Invoke the API you need by extracting the value of the access_token property.

  3. Invoke the API by including the value in the Authorization header of requests to the API.

    The following example shows how to get the details of the master realm: 

    curl \
  -H "Authorization: bearer eyJhbGciOiJSUz..." \
  "http://localhost:8080/auth/admin/realms/master"

2.1.2. Authenticating with a service account

To authenticate against the Admin REST API using a client_id and a client_secret, perform this procedure.

Procedure

  1. Make sure the client is configured as follows:

    • client_id is a confidential client that belongs to the realm master
    • client_id has Service Accounts Enabled option enabled

    • client_id has a custom "Audience" mapper

      • Included Client Audience: security-admin-console
  2. Check that client_id has the role 'admin' assigned in the "Service Account Roles" tab. 
curl \
  -d "client_id=<YOUR_CLIENT_ID>" \
  -d "client_secret=<YOUR_CLIENT_SECRET>" \
  -d "grant_type=client_credentials" \
  "http://localhost:8080/auth/realms/master/protocol/openid-connect/token"

2.2. Additional resources

Red Hat logoGithubRedditYoutubeTwitter

Lernen

Testen, kaufen und verkaufen

Communitys

Über Red Hat Dokumentation

Wir helfen Red Hat Benutzern, mit unseren Produkten und Diensten innovativ zu sein und ihre Ziele zu erreichen – mit Inhalten, denen sie vertrauen können.

Mehr Inklusion in Open Source

Red Hat hat sich verpflichtet, problematische Sprache in unserem Code, unserer Dokumentation und unseren Web-Eigenschaften zu ersetzen. Weitere Einzelheiten finden Sie in Red Hat Blog.

Über Red Hat

Wir liefern gehärtete Lösungen, die es Unternehmen leichter machen, plattform- und umgebungsübergreifend zu arbeiten, vom zentralen Rechenzentrum bis zum Netzwerkrand.

© 2024 Red Hat, Inc.