@keycloak/keycloak-admin-client 26.4.7 → 26.5.0

package/README.md

@@ -110,13 +110,19 @@ To build the source do a build:
 pnpm build
 ```
 
-Start the Keycloak server:
+Start the Keycloak server in development mode using port 8180. See the instructions in the [Keycloak server app](../../apps/keycloak-server/README.md).
 
 ```bash
-pnpm server:start
+cd ../../apps/keycloak-server
+pnpm start --http-port 8180
+```
+
+If you started your container manually make sure there is an admin user named `admin` with password `admin`, the server is started in development mode using port 8180 and the required features are enabled.
+
+```bash
+./kc.sh start-dev --http-port 8180 --features transient-users,oid4vc-vci,declarative-ui,quick-theme,spiffe,kubernetes-service-accounts,workflows,client-auth-federated,jwt-authorization-grant
 ```
 
-If you started your container manually make sure there is an admin user named 'admin' with password 'admin'.
 Then start the tests with:
 
 ```bash

package/lib/client.d.ts

@@ -17,14 +17,16 @@ import { Users } from "./resources/users.js";
 import { UserStorageProvider } from "./resources/userStorageProvider.js";
 import { WhoAmI } from "./resources/whoAmI.js";
 import { Credentials } from "./utils/auth.js";
+export type RequestOptions = Omit<RequestInit, "signal">;
 export interface TokenProvider {
     getAccessToken: () => Promise<string | undefined>;
 }
 export interface ConnectionConfig {
     baseUrl?: string;
     realmName?: string;
-    requestOptions?: RequestInit;
+    requestOptions?: RequestOptions;
     requestArgOptions?: Pick<RequestArgs, "catchNotFound">;
+    timeout?: number;
 }
 export declare class KeycloakAdminClient {
     #private;
@@ -50,12 +52,13 @@ export declare class KeycloakAdminClient {
     scope?: string;
     accessToken?: string;
     refreshToken?: string;
+    timeout?: number;
     constructor(connectionConfig?: ConnectionConfig);
     auth(credentials: Credentials): Promise<void>;
     registerTokenProvider(provider: TokenProvider): void;
     setAccessToken(token: string): void;
     getAccessToken(): Promise<string | undefined>;
-    getRequestOptions(): RequestInit | undefined;
+    getRequestOptions(): RequestOptions | undefined;
     getGlobalRequestArgOptions(): Pick<RequestArgs, "catchNotFound"> | undefined;
     setConfig(connectionConfig: ConnectionConfig): void;
 }

package/lib/client.js

@@ -42,12 +42,14 @@ export class KeycloakAdminClient {
     scope;
     accessToken;
     refreshToken;
+    timeout;
     #requestOptions;
     #globalRequestArgOptions;
     #tokenProvider;
     constructor(connectionConfig) {
         this.baseUrl = connectionConfig?.baseUrl || defaultBaseUrl;
         this.realmName = connectionConfig?.realmName || defaultRealm;
+        this.timeout = connectionConfig?.timeout;
         this.#requestOptions = connectionConfig?.requestOptions;
         this.#globalRequestArgOptions = connectionConfig?.requestArgOptions;
         // Initialize resources
@@ -75,7 +77,10 @@ export class KeycloakAdminClient {
             realmName: this.realmName,
             scope: this.scope,
             credentials,
-            requestOptions: this.#requestOptions,
+            requestOptions: {
+                ...this.#requestOptions,
+                ...(this.timeout ? { signal: AbortSignal.timeout(this.timeout) } : {}),
+            },
         });
         this.accessToken = accessToken;
         this.refreshToken = refreshToken;

package/lib/defs/certificateRepresentation.d.ts

@@ -6,4 +6,5 @@ export default interface CertificateRepresentation {
     publicKey?: string;
     certificate?: string;
     kid?: string;
+    jwks?: string;
 }

package/lib/defs/identityProviderRepresentation.d.ts

@@ -1,6 +1,13 @@
 /**
  * https://www.keycloak.org/docs-api/11.0/rest-api/index.html#_identityproviderrepresentation
  */
+export declare enum IdentityProviderType {
+    ANY = "ANY",
+    USER_AUTHENTICATION = "USER_AUTHENTICATION",
+    CLIENT_ASSERTION = "CLIENT_ASSERTION",
+    EXCHANGE_EXTERNAL_TOKEN = "EXCHANGE_EXTERNAL_TOKEN",
+    JWT_AUTHORIZATION_GRANT = "JWT_AUTHORIZATION_GRANT"
+}
 export default interface IdentityProviderRepresentation {
     addReadTokenRoleOnCreate?: boolean;
     alias?: string;
@@ -16,4 +23,5 @@ export default interface IdentityProviderRepresentation {
     storeToken?: boolean;
     trustEmail?: boolean;
     organizationId?: string;
+    types?: string[];
 }

package/lib/defs/identityProviderRepresentation.js

@@ -1,4 +1,11 @@
 /**
  * https://www.keycloak.org/docs-api/11.0/rest-api/index.html#_identityproviderrepresentation
  */
-export {};
+export var IdentityProviderType;
+(function (IdentityProviderType) {
+    IdentityProviderType["ANY"] = "ANY";
+    IdentityProviderType["USER_AUTHENTICATION"] = "USER_AUTHENTICATION";
+    IdentityProviderType["CLIENT_ASSERTION"] = "CLIENT_ASSERTION";
+    IdentityProviderType["EXCHANGE_EXTERNAL_TOKEN"] = "EXCHANGE_EXTERNAL_TOKEN";
+    IdentityProviderType["JWT_AUTHORIZATION_GRANT"] = "JWT_AUTHORIZATION_GRANT";
+})(IdentityProviderType || (IdentityProviderType = {}));

package/lib/defs/organizationInvitationRepresentation.d.ts

@@ -0,0 +1,15 @@
+export declare enum OrganizationInvitationStatus {
+    PENDING = "PENDING",
+    EXPIRED = "EXPIRED"
+}
+export default interface OrganizationInvitationRepresentation {
+    id?: string;
+    email?: string;
+    organizationId?: string;
+    firstName?: string;
+    lastName?: string;
+    sentDate?: number;
+    expiresAt?: number;
+    status?: OrganizationInvitationStatus;
+    inviteLink?: string;
+}

package/lib/defs/organizationInvitationRepresentation.js

@@ -0,0 +1,5 @@
+export var OrganizationInvitationStatus;
+(function (OrganizationInvitationStatus) {
+    OrganizationInvitationStatus["PENDING"] = "PENDING";
+    OrganizationInvitationStatus["EXPIRED"] = "EXPIRED";
+})(OrganizationInvitationStatus || (OrganizationInvitationStatus = {}));

package/lib/index.d.ts

@@ -4,3 +4,5 @@ export declare const requiredAction: typeof RequiredActionAlias;
 export default KeycloakAdminClient;
 export { NetworkError, fetchWithError } from "./utils/fetchWithError.js";
 export type { NetworkErrorOptions } from "./utils/fetchWithError.js";
+export type { default as OrganizationInvitationRepresentation } from "./defs/organizationInvitationRepresentation.js";
+export { OrganizationInvitationStatus } from "./defs/organizationInvitationRepresentation.js";

package/lib/index.js

@@ -3,3 +3,4 @@ import { RequiredActionAlias } from "./defs/requiredActionProviderRepresentation
 export const requiredAction = RequiredActionAlias;
 export default KeycloakAdminClient;
 export { NetworkError, fetchWithError } from "./utils/fetchWithError.js";
+export { OrganizationInvitationStatus } from "./defs/organizationInvitationRepresentation.js";

package/lib/resources/agent.js

@@ -128,6 +128,9 @@ export class Agent {
                 ...requestOptions,
                 headers: requestHeaders,
                 method,
+                ...(this.#client.timeout
+                    ? { signal: AbortSignal.timeout(this.#client.timeout) }
+                    : {}),
             });
             // now we get the response of the http request
             // if `resourceIdInLocationHeader` is true, we'll get the resourceId from the location header field

package/lib/resources/identityProviders.d.ts

@@ -3,6 +3,7 @@ import type IdentityProviderMapperRepresentation from "../defs/identityProviderM
 import type { IdentityProviderMapperTypeRepresentation } from "../defs/identityProviderMapperTypeRepresentation.js";
 import type IdentityProviderRepresentation from "../defs/identityProviderRepresentation.js";
 import type { ManagementPermissionReference } from "../defs/managementPermissionReference.js";
+import type CertificateRepresentation from "../defs/certificateRepresentation.js";
 import Resource from "./resource.js";
 export interface PaginatedQuery {
     first?: number;
@@ -11,6 +12,8 @@ export interface PaginatedQuery {
 export interface IdentityProvidersQuery extends PaginatedQuery {
     search?: string;
     realmOnly?: boolean;
+    type?: string;
+    capability?: string;
 }
 export declare class IdentityProviders extends Resource<{
     realm?: string;
@@ -32,6 +35,9 @@ export declare class IdentityProviders extends Resource<{
     } & {
         realm?: string;
     }) | undefined, options?: Pick<import("./agent.js").RequestArgs, "catchNotFound">) => Promise<IdentityProviderRepresentation | undefined>;
+    uploadCertificate: (query: {
+        realm?: string;
+    }, payload: FormData) => Promise<CertificateRepresentation>;
     update: (query: {
         alias: string;
     } & {

package/lib/resources/identityProviders.js

@@ -19,6 +19,10 @@ export class IdentityProviders extends Resource {
         urlParamKeys: ["alias"],
         catchNotFound: true,
     });
+    uploadCertificate = this.makeUpdateRequest({
+        method: "POST",
+        path: "/upload-certificate",
+    });
     update = this.makeUpdateRequest({
         method: "PUT",
         path: "/instances/{alias}",

package/lib/resources/organizations.d.ts

@@ -1,6 +1,7 @@
 import type { KeycloakAdminClient } from "../client.js";
 import IdentityProviderRepresentation from "../defs/identityProviderRepresentation.js";
 import type OrganizationRepresentation from "../defs/organizationRepresentation.js";
+import type OrganizationInvitationRepresentation from "../defs/organizationInvitationRepresentation.js";
 import UserRepresentation from "../defs/userRepresentation.js";
 import Resource from "./resource.js";
 interface PaginatedQuery {
@@ -16,6 +17,14 @@ interface MemberQuery extends PaginatedQuery {
     orgId: string;
     membershipType?: string;
 }
+interface InvitationQuery extends PaginatedQuery {
+    orgId: string;
+    status?: string;
+    email?: string;
+    search?: string;
+    firstName?: string;
+    lastName?: string;
+}
 export declare class Organizations extends Resource<{
     realm?: string;
 }> {
@@ -93,5 +102,26 @@ export declare class Organizations extends Resource<{
     } & {
         realm?: string;
     }) | undefined, options?: Pick<import("./agent.js").RequestArgs, "catchNotFound">) => Promise<string>;
+    listInvitations: (payload?: (InvitationQuery & {
+        realm?: string;
+    }) | undefined, options?: Pick<import("./agent.js").RequestArgs, "catchNotFound">) => Promise<OrganizationInvitationRepresentation[]>;
+    findInvitation: (payload?: ({
+        orgId: string;
+        invitationId: string;
+    } & {
+        realm?: string;
+    }) | undefined, options?: Pick<import("./agent.js").RequestArgs, "catchNotFound">) => Promise<OrganizationInvitationRepresentation>;
+    resendInvitation: (payload?: ({
+        orgId: string;
+        invitationId: string;
+    } & {
+        realm?: string;
+    }) | undefined, options?: Pick<import("./agent.js").RequestArgs, "catchNotFound">) => Promise<void>;
+    deleteInvitation: (payload?: ({
+        orgId: string;
+        invitationId: string;
+    } & {
+        realm?: string;
+    }) | undefined, options?: Pick<import("./agent.js").RequestArgs, "catchNotFound">) => Promise<void>;
 }
 export {};

package/lib/resources/organizations.js

@@ -82,4 +82,25 @@ export class Organizations extends Resource {
         path: "/{orgId}/identity-providers/{alias}",
         urlParamKeys: ["orgId", "alias"],
     });
+    // Organization Invitations Management
+    listInvitations = this.makeRequest({
+        method: "GET",
+        path: "/{orgId}/invitations",
+        urlParamKeys: ["orgId"],
+    });
+    findInvitation = this.makeRequest({
+        method: "GET",
+        path: "/{orgId}/invitations/{invitationId}",
+        urlParamKeys: ["orgId", "invitationId"],
+    });
+    resendInvitation = this.makeRequest({
+        method: "POST",
+        path: "/{orgId}/invitations/{invitationId}/resend",
+        urlParamKeys: ["orgId", "invitationId"],
+    });
+    deleteInvitation = this.makeRequest({
+        method: "DELETE",
+        path: "/{orgId}/invitations/{invitationId}",
+        urlParamKeys: ["orgId", "invitationId"],
+    });
 }

package/lib/resources/workflows.d.ts

@@ -6,11 +6,30 @@ export declare class Workflows extends Resource<{
 }> {
     constructor(client: KeycloakAdminClient);
     find: (payload?: any, options?: Pick<import("./agent.js").RequestArgs, "catchNotFound">) => Promise<any>;
+    findOne: (payload?: ({
+        id: string;
+        includeId: boolean;
+    } & {
+        realm?: string;
+    }) | undefined, options?: Pick<import("./agent.js").RequestArgs, "catchNotFound">) => Promise<WorkflowRepresentation | undefined>;
+    update: (query: {
+        id: string;
+    } & {
+        realm?: string;
+    }, payload: WorkflowRepresentation) => Promise<void>;
     create: (payload?: (WorkflowRepresentation & {
         realm?: string;
     }) | undefined, options?: Pick<import("./agent.js").RequestArgs, "catchNotFound">) => Promise<{
         id: string;
     }>;
+    createAsYaml: (payload?: ({
+        realm: string;
+        yaml: string;
+    } & {
+        realm?: string;
+    }) | undefined, options?: Pick<import("./agent.js").RequestArgs, "catchNotFound">) => Promise<{
+        id: string;
+    }>;
     delById: (payload?: ({
         id: string;
     } & {

package/lib/resources/workflows.js

@@ -13,9 +13,28 @@ export class Workflows extends Resource {
         method: "GET",
         path: "/",
     });
+    findOne = this.makeRequest({
+        method: "GET",
+        path: "/{id}",
+        urlParamKeys: ["id"],
+        queryParamKeys: ["includeId"],
+        catchNotFound: true,
+    });
+    update = this.makeUpdateRequest({
+        method: "PUT",
+        path: "/{id}",
+        urlParamKeys: ["id"],
+    });
     create = this.makeRequest({
         method: "POST",
+        headers: { "Content-Type": "application/json" },
+        returnResourceIdInLocationHeader: { field: "id" },
+    });
+    createAsYaml = this.makeRequest({
+        method: "POST",
+        headers: { "Content-Type": "application/yaml", Accept: "application/yaml" },
         returnResourceIdInLocationHeader: { field: "id" },
+        payloadKey: "yaml",
     });
     delById = this.makeRequest({
         method: "DELETE",

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@keycloak/keycloak-admin-client",
-  "version": "26.4.7",
+  "version": "26.5.0",
   "description": "A client to interact with Keycloak's Administration API",
   "type": "module",
   "main": "lib/index.js",
@@ -37,14 +37,14 @@
     "url-template": "^3.1.1"
   },
   "devDependencies": {
-    "@faker-js/faker": "^10.0.0",
+    "@faker-js/faker": "^10.2.0",
     "@types/chai": "^5.2.2",
     "@types/lodash-es": "^4.17.12",
     "@types/mocha": "^10.0.10",
-    "@types/node": "^24.5.2",
-    "chai": "^6.0.1",
-    "lodash-es": "^4.17.21",
-    "mocha": "^11.7.2",
+    "@types/node": "^24.9.1",
+    "chai": "^6.2.2",
+    "lodash-es": "^4.17.22",
+    "mocha": "^11.7.5",
     "ts-node": "^10.9.2"
   },
   "author": {