admin-controller Endpoints (TENANT-MANAGEMENT)

These endpoints can be used for role, group and user management in Keycloak within the own tenant. Administrative tenant-specific information can be retrieved as well.They are provided by the TENANT-MANAGEMENT service.

The access to the endpoints has to be limited to administrative users as specified with the permission for /tenant-management/api/admin/** endpoints in the authentication-prod.yml configuration file.

The endpoints are used by the ARCHITECT Service that provides yuuvis® architect. If you want to use this service, do not change the default access condition that is matched with the YUUVIS_TENANT_ADMIN role.

As of 2022 Autumn, in the default configuration, users with the YUUVIS_MANAGE_SETTINGS role are allowed to manage users of their own tenant as well. They have access to all endpoints /tenant-management/api/admin/users/**. However, the following operations are not allowed for them:

  • Assigning the YUUVIS_TENANT_ADMIN or YUUVIS_SYSTEM_INTEGRATOR roles.
  • Editing the data of users having the YUUVIS_TENANT_ADMIN or YUUVIS_SYSTEM_INTEGRATOR role.
  • Deleting users having the YUUVIS_TENANT_ADMIN or YUUVIS_SYSTEM_INTEGRATOR role.
HTTP Method
as of product version
PurposeResponse FormatDescription
GET
2020 Winter
Retrieve the Tenant data JSON

Retrieves the tenant data as given in the Keycloak identity provider for the tenant of the calling user.
/tenant-management/api/admin/tenant

GET
2020 Winter
Retrieve the Number of Users TXT

Retrieves the number of all users of the tenant.
/tenant-management/api/admin/users/count

POST
2020 Winter
CreateUserJSON

Creates a new user in the tenant with the given properties.
/tenant-management/api/admin/users

POST
2020 Winter
Create a User via CSVJSON

Creates users listed in a CSV-based file.
/api-tm/admin/users/batchcreate

Note: Keycloak does not offer an API for creating more than one user in one call. So you may want to create multiple users one by one by yourself.

GET
2020 Winter
Retrieve a UserJSON

Retrieves the data of the user specified by id.
/tenant-management/api/admin/users/{id}

PUT
2020 Winter
Update the Data of a UserHTTP status code

Updates the data of the user specified by id with the data passed in the request body in JSON format.
/tenant-management/api/admin/users/{id}

DELETE
2020 Winter
Delete a UserHTTP status code

Deletes the user specified by id.
/tenant-management/api/admin/users/{id}

GET
2020 Winter

Retrieve a List of UsersJSON

Retrieves a list of all users within the tenant. As 2021 Autumn, the list can be filtered by applying query parameters.
/tenant-management/api/admin/users

GET
2020 Winter
Retrieve the RolesJSON
POST
2021 Autumn
CreateRoleJSON

Creates a new role for the tenant with the properties specified in the JSON request body.
/tenant-management/api/admin/roles

DELETE
2021 Autumn
Delete a RoleJSON

Deletes the role specified by name.
/tenant-management/api/admin/role/{name}

GET
2021 Autumn
Retrieve the GroupsJSON

Retrieves all groups with the assigned roles and members for the tenant.
/tenant-management/api/admin/groups

POST
2021 Autumn
CreateGroupJSON

Creates a new group for the tenant with the properties specified in the JSON request body.
/tenant-management/api/admin/groups

GET
2021 Autumn
Retrieve a GroupJSON

Retrieves the group specified by id with the assigned roles and members for the tenant.
/tenant-management/api/admin/groups/{id}

PUT
2021 Autumn
UpdateGroupJSON

Updates the data of the group specified by id with the data passed in the request body in JSON format.
/tenant-management/api/admin/groups/{id}

DELETE
2021 Autumn
DeleteGroupJSON

Deletes the group specified by id.
/tenant-management/api/admin/groups/{id}

GET
2021 Spring

deprecated as of 2023 Autumn

Retrieve the Current Metrics JSONReads the current metrics of the specified tenant.
/tenant-management/api/admin/metrics