admin-controller Endpoints (TENANT-MANAGEMENT)
These endpoints can be used for role, group and user management in Keycloak within the own tenant. Administrative tenant-specific information can be retrieved as well.They are provided by the TENANT-MANAGEMENT service.
The access to the endpoints has to be limited to administrative users as specified with the permission for /tenant-management/api/admin/** endpoints in the authentication-prod.yml configuration file.
The endpoints are used by the ARCHITECT Service that provides yuuvis® architect. If you want to use this service, do not change the default access condition that is matched with the YUUVIS_TENANT_ADMIN role.
As of 2022 Autumn, in the default configuration, users with the YUUVIS_MANAGE_SETTINGS role are allowed to manage users of their own tenant as well. They have access to all endpoints /tenant-management/api/admin/users/**. However, the following operations are not allowed for them:
- Assigning the YUUVIS_TENANT_ADMIN or YUUVIS_SYSTEM_INTEGRATOR roles.
- Editing the data of users having the YUUVIS_TENANT_ADMIN or YUUVIS_SYSTEM_INTEGRATOR role.
- Deleting users having the YUUVIS_TENANT_ADMIN or YUUVIS_SYSTEM_INTEGRATOR role.
| HTTP Method as of product version | Purpose | Response Format | Description |
|---|---|---|---|
| GET 2020 Winter | Retrieve the Tenant data | JSON | Retrieves the tenant data as given in the Keycloak identity provider for the tenant of the calling user. |
| GET 2020 Winter | Retrieve the Number of Users | TXT | Retrieves the number of all users of the tenant. |
| POST 2020 Winter | Create a User | JSON | Creates a new user in the tenant with the given properties. |
| POST 2020 Winter | Create a User via CSV | JSON | Creates users listed in a CSV-based file. Note: Keycloak does not offer an API for creating more than one user in one call. So you may want to create multiple users one by one by yourself. |
| GET 2020 Winter | Retrieve a User | JSON | Retrieves the data of the user specified by |
| PUT 2020 Winter | Update the Data of a User | HTTP status code | Updates the data of the user specified by |
| DELETE 2020 Winter | Delete a User | HTTP status code | Deletes the user specified by |
GET | Retrieve a List of Users | JSON | Retrieves a list of all users within the tenant. As 2021 Autumn, the list can be filtered by applying query parameters. |
| GET 2020 Winter | Retrieve the Roles | JSON | Gets all roles. |
| POST 2021 Autumn | Create a Role | JSON | Creates a new role for the tenant with the properties specified in the JSON request body. |
| DELETE 2021 Autumn | Delete a Role | JSON | Deletes the role specified by |
| GET 2021 Autumn | Retrieve the Groups | JSON | Retrieves all groups with the assigned roles and members for the tenant. |
| POST 2021 Autumn | Create a Group | JSON | Creates a new group for the tenant with the properties specified in the JSON request body. |
| GET 2021 Autumn | Retrieve a Group | JSON | Retrieves the group specified by |
| PUT 2021 Autumn | Update a Group | JSON | Updates the data of the group specified by |
| DELETE 2021 Autumn | Delete a Group | JSON | Deletes the group specified by |
GET deprecated as of 2023 Autumn | Retrieve the Current Metrics | JSON | Reads the current metrics of the specified tenant./tenant-management/api/admin/metrics |