python-keycloak is a Python package providing access to the Keycloak API.

These details have not been verified by PyPI

Project links

Project description

Python Keycloak

For review- see https://github.com/marcospereirampj/python-keycloak

python-keycloak is a Python package providing access to the Keycloak API.

Installation

Via Pypi Package:

$ pip install python-keycloak

Manually

$ python setup.py install

Dependencies

python-keycloak depends on:

Tests Dependencies

Bug reports

Please report bugs and feature requests at https://github.com/marcospereirampj/python-keycloak/issues

Documentation

The documentation for python-keycloak is available on readthedocs.

Contributors

Usage

from keycloak import KeycloakOpenID

# Configure client
keycloak_openid = KeycloakOpenID(server_url="http://localhost:8080/auth/",
                                 client_id="example_client",
                                 realm_name="example_realm",
                                 client_secret_key="secret")

# Get WellKnown
config_well_known = keycloak_openid.well_known()

# Get Code With Oauth Authorization Request
auth_url = keycloak_openid.auth_url(
    redirect_uri="your_call_back_url",
    scope="email",
    state="your_state_info")

# Get Access Token With Code
access_token = keycloak_openid.token(
    grant_type='authorization_code',
    code='the_code_you_get_from_auth_url_callback',
    redirect_uri="your_call_back_url")


# Get Token
token = keycloak_openid.token("user", "password")
token = keycloak_openid.token("user", "password", totp="012345")

# Get token using Token Exchange
token = keycloak_openid.exchange_token(token['access_token'], "my_client", "other_client", "some_user")

# Get Userinfo
userinfo = keycloak_openid.userinfo(token['access_token'])

# Refresh token
token = keycloak_openid.refresh_token(token['refresh_token'])

# Logout
keycloak_openid.logout(token['refresh_token'])

# Get Certs
certs = keycloak_openid.certs()

# Get RPT (Entitlement)
token = keycloak_openid.token("user", "password")
rpt = keycloak_openid.entitlement(token['access_token'], "resource_id")

# Introspect RPT
token_rpt_info = keycloak_openid.introspect(keycloak_openid.introspect(token['access_token'], rpt=rpt['rpt'],
                                                                       token_type_hint="requesting_party_token"))

# Introspect Token
token_info = keycloak_openid.introspect(token['access_token'])

# Decode Token
KEYCLOAK_PUBLIC_KEY = "-----BEGIN PUBLIC KEY-----\n" + keycloak_openid.public_key() + "\n-----END PUBLIC KEY-----"
options = {"verify_signature": True, "verify_aud": True, "verify_exp": True}
token_info = keycloak_openid.decode_token(token['access_token'], key=KEYCLOAK_PUBLIC_KEY, options=options)

# Get permissions by token
token = keycloak_openid.token("user", "password")
keycloak_openid.load_authorization_config("example-authz-config.json")
policies = keycloak_openid.get_policies(token['access_token'], method_token_info='decode', key=KEYCLOAK_PUBLIC_KEY)
permissions = keycloak_openid.get_permissions(token['access_token'], method_token_info='introspect')

# Get UMA-permissions by token
token = keycloak_openid.token("user", "password")
permissions = keycloak_openid.uma_permissions(token['access_token'])

# Get UMA-permissions by token with specific resource and scope requested
token = keycloak_openid.token("user", "password")
permissions = keycloak_openid.uma_permissions(token['access_token'], permissions="Resource#Scope")

# Get auth status for a specific resource and scope by token
token = keycloak_openid.token("user", "password")
auth_status = keycloak_openid.has_uma_access(token['access_token'], "Resource#Scope")


# KEYCLOAK ADMIN

from keycloak import KeycloakAdmin
from keycloak import KeycloakOpenIDConnection

keycloak_connection = KeycloakOpenIDConnection(
                        server_url="http://localhost:8080/",
                        username='example-admin',
                        password='secret',
                        realm_name="master",
                        user_realm_name="only_if_other_realm_than_master",
                        client_id="my_client",
                        client_secret_key="client-secret",
                        verify=True)

keycloak_admin = KeycloakAdmin(connection=keycloak_connection)

# Add user
new_user = keycloak_admin.create_user({"email": "example@example.com",
                                       "username": "example@example.com",
                                       "enabled": True,
                                       "firstName": "Example",
                                       "lastName": "Example"})

# Add user and raise exception if username already exists
# exist_ok currently defaults to True for backwards compatibility reasons
new_user = keycloak_admin.create_user({"email": "example@example.com",
                                       "username": "example@example.com",
                                       "enabled": True,
                                       "firstName": "Example",
                                       "lastName": "Example"},
                                      exist_ok=False)

# Add user and set password
new_user = keycloak_admin.create_user({"email": "example@example.com",
                                       "username": "example@example.com",
                                       "enabled": True,
                                       "firstName": "Example",
                                       "lastName": "Example",
                    "credentials": [{"value": "secret","type": "password",}]})

# Add user and specify a locale
new_user = keycloak_admin.create_user({"email": "example@example.fr",
                                       "username": "example@example.fr",
                                       "enabled": True,
                                       "firstName": "Example",
                                       "lastName": "Example",
                                       "attributes": {
                                           "locale": ["fr"]
                                       }})

# User counter
count_users = keycloak_admin.users_count()

# Get users Returns a list of users, filtered according to query parameters
users = keycloak_admin.get_users({})

# Get user ID from username
user_id_keycloak = keycloak_admin.get_user_id("username-keycloak")

# Get User
user = keycloak_admin.get_user("user-id-keycloak")

# Update User
response = keycloak_admin.update_user(user_id="user-id-keycloak",
                                      payload={'firstName': 'Example Update'})

# Update User Password
response = keycloak_admin.set_user_password(user_id="user-id-keycloak", password="secret", temporary=True)

# Get User Credentials
credentials = keycloak_admin.get_credentials(user_id='user_id')

# Get User Credential by ID
credential = keycloak_admin.get_credential(user_id='user_id', credential_id='credential_id')

# Delete User Credential
response = keycloak_admin.delete_credential(user_id='user_id', credential_id='credential_id')

# Delete User
response = keycloak_admin.delete_user(user_id="user-id-keycloak")

# Get consents granted by the user
consents = keycloak_admin.consents_user(user_id="user-id-keycloak")

# Send User Action
response = keycloak_admin.send_update_account(user_id="user-id-keycloak",
                                              payload=['UPDATE_PASSWORD'])

# Send Verify Email
response = keycloak_admin.send_verify_email(user_id="user-id-keycloak")

# Get sessions associated with the user
sessions = keycloak_admin.get_sessions(user_id="user-id-keycloak")

# Get themes, social providers, auth providers, and event listeners available on this server
server_info = keycloak_admin.get_server_info()

# Get clients belonging to the realm Returns a list of clients belonging to the realm
clients = keycloak_admin.get_clients()

# Get client - id (not client-id) from client by name
client_id = keycloak_admin.get_client_id("my-client")

# Get representation of the client - id of client (not client-id)
client = keycloak_admin.get_client(client_id="client_id")

# Get all roles for the realm or client
realm_roles = keycloak_admin.get_realm_roles()

# Get all roles for the realm or client that their names includes the searched text
realm_roles = keycloak_admin.get_realm_roles(search_text="CompanyA_")

# Get all roles for the client
client_roles = keycloak_admin.get_client_roles(client_id="client_id")

# Get client role
role = keycloak_admin.get_client_role(client_id="client_id", role_name="role_name")

# Warning: Deprecated
# Get client role id from name
role_id = keycloak_admin.get_client_role_id(client_id="client_id", role_name="test")

# Create client role
keycloak_admin.create_client_role(client_role_id='client_id', payload={'name': 'roleName', 'clientRole': True})

# Assign client role to user. Note that BOTH role_name and role_id appear to be required.
keycloak_admin.assign_client_role(client_id="client_id", user_id="user_id", role_id="role_id", role_name="test")

# Retrieve client roles of a user.
keycloak_admin.get_client_roles_of_user(user_id="user_id", client_id="client_id")

# Retrieve available client roles of a user.
keycloak_admin.get_available_client_roles_of_user(user_id="user_id", client_id="client_id")

# Retrieve composite client roles of a user.
keycloak_admin.get_composite_client_roles_of_user(user_id="user_id", client_id="client_id")

# Delete client roles of a user.
keycloak_admin.delete_client_roles_of_user(client_id="client_id", user_id="user_id", roles={"id": "role-id"})
keycloak_admin.delete_client_roles_of_user(client_id="client_id", user_id="user_id", roles=[{"id": "role-id_1"}, {"id": "role-id_2"}])

# Get the client authorization settings
client_authz_settings = get_client_authz_settings(client_id="client_id")

# Get all client authorization resources
client_resources = get_client_authz_resources(client_id="client_id")

# Get all client authorization scopes
client_scopes = get_client_authz_scopes(client_id="client_id")

# Get all client authorization permissions
client_permissions = get_client_authz_permissions(client_id="client_id")

# Get all client authorization policies
client_policies = get_client_authz_policies(client_id="client_id")

# Create new group
group = keycloak_admin.create_group({"name": "Example Group"})

# Get all groups
groups = keycloak_admin.get_groups()

# Get group
group = keycloak_admin.get_group(group_id='group_id')

# Get group by name
group = keycloak_admin.get_group_by_path(path='/group/subgroup', search_in_subgroups=True)

# Function to trigger user sync from provider
sync_users(storage_id="storage_di", action="action")

# Get client role id from name
role_id = keycloak_admin.get_client_role_id(client_id=client_id, role_name="test")

# Assign client role to user. Note that BOTH role_name and role_id appear to be required.
keycloak_admin.assign_client_role(client_id=client_id, user_id=user_id, role_id=role_id, role_name="test")

# Assign realm roles to user
keycloak_admin.assign_realm_roles(user_id=user_id, roles=realm_roles)

# Assign realm roles to client's scope
keycloak_admin.assign_realm_roles_to_client_scope(client_id=client_id, roles=realm_roles)

# Get realm roles assigned to client's scope
keycloak_admin.get_realm_roles_of_client_scope(client_id=client_id)

# Remove realm roles assigned to client's scope
keycloak_admin.delete_realm_roles_of_client_scope(client_id=client_id, roles=realm_roles)

another_client_id = keycloak_admin.get_client_id("my-client-2")

# Assign client roles to client's scope
keycloak_admin.assign_client_roles_to_client_scope(client_id=another_client_id, client_roles_owner_id=client_id, roles=client_roles)

# Get client roles assigned to client's scope
keycloak_admin.get_client_roles_of_client_scope(client_id=another_client_id, client_roles_owner_id=client_id)

# Remove client roles assigned to client's scope
keycloak_admin.delete_client_roles_of_client_scope(client_id=another_client_id, client_roles_owner_id=client_id, roles=client_roles)

# Get all IDP Providers
idps = keycloak_admin.get_idps()

# Get a specific IDP Provider, using its alias
idp = keycloak_admin.get_idp("idp-alias")

# Create a new Realm
keycloak_admin.create_realm(payload={"realm": "demo"}, skip_exists=False)

# Changing Realm
keycloak_admin = KeycloakAdmin(realm_name="main", ...)
keycloak_admin.get_users() # Get user in main realm
keycloak_admin.realm_name = "demo" # Change realm to 'demo'
keycloak_admin.get_users() # Get users in realm 'demo'
keycloak_admin.create_user(...) # Creates a new user in 'demo'

# KEYCLOAK UMA

from keycloak import KeycloakOpenIDConnection
from keycloak import KeycloakUMA

keycloak_connection = KeycloakOpenIDConnection(
                        server_url="http://localhost:8080/",
                        realm_name="master",
                        client_id="my_client",
                        client_secret_key="client-secret")

keycloak_uma = KeycloakUMA(connection=keycloak_connection)

# Create a resource set
resource_set = keycloak_uma.resource_set_create({
                "name": "example_resource",
                "scopes": ["example:read", "example:write"],
                "type": "urn:example"})

# List resource sets
resource_sets = uma.resource_set_list()

# get resource set
latest_resource = uma.resource_set_read(resource_set["_id"])

# update resource set
latest_resource["name"] = "New Resource Name"
uma.resource_set_update(resource_set["_id"], latest_resource)

# delete resource set
uma.resource_set_delete(resource_id=resource_set["_id"])

Project details

These details have not been verified by PyPI

Project links

Release history Release notifications | RSS feed

7.0.3

Jan 28, 2026

7.0.2

Jan 8, 2026

7.0.1

Jan 5, 2026

7.0.0

Jan 4, 2026

6.0.0

Dec 28, 2025

5.12.0

Dec 27, 2025

5.11.0

Dec 27, 2025

5.10.0

Dec 27, 2025

5.9.0

Dec 27, 2025

5.8.1

Aug 19, 2025

5.8.0

Aug 19, 2025

5.7.0

Jul 17, 2025

5.6.1

Jul 17, 2025

5.6.0

Jun 22, 2025

5.5.1

May 25, 2025

5.5.0

Apr 9, 2025

5.4.0

Apr 8, 2025

5.3.1

Feb 3, 2025

5.3.0

Feb 2, 2025

5.2.0

Jan 30, 2025

5.1.2

Jan 26, 2025

5.1.1

Dec 15, 2024

5.1.0

Dec 14, 2024

5.0.0

Dec 10, 2024

4.7.3

Nov 29, 2024

4.7.2

Nov 17, 2024

4.7.1

Nov 13, 2024

4.7.0

Nov 3, 2024

4.6.3

Oct 26, 2024

4.6.2

Oct 5, 2024

4.6.1

Oct 5, 2024

4.6.0

Oct 4, 2024

4.5.1

Oct 2, 2024

4.5.0

Sep 28, 2024

4.4.0

Sep 14, 2024

4.3.0

Aug 1, 2024

4.2.3

Jul 24, 2024

4.2.2

Jul 16, 2024

4.2.1

Jul 11, 2024

4.2.0

Jun 22, 2024

4.1.0

Jun 6, 2024

4.0.1

Jun 4, 2024

4.0.0

Apr 27, 2024

3.12.0

Apr 10, 2024

3.11.1

Apr 8, 2024

3.11.0

Apr 8, 2024

3.10.2

Apr 8, 2024

3.10.1

Apr 8, 2024

3.10.0

Apr 8, 2024

3.9.3

Apr 8, 2024

3.9.2

Apr 8, 2024

3.9.1

Feb 26, 2024

3.9.0

Feb 16, 2024

3.8.4

Feb 15, 2024

3.8.3

Feb 14, 2024

3.8.2

Feb 14, 2024

3.8.1

Feb 13, 2024

3.8.0

Feb 13, 2024

3.7.1

Feb 13, 2024

3.7.0

Nov 13, 2023

3.6.1

Nov 13, 2023

This version

3.6.0

Nov 13, 2023

3.5.0

Nov 13, 2023

3.4.0

Nov 13, 2023

3.3.0

Jun 27, 2023

3.2.0

Jun 23, 2023

3.1.1

Jun 23, 2023

3.1.0

Jun 23, 2023

3.0.0

May 28, 2023

2.16.6

May 28, 2023

2.16.5

May 28, 2023

2.16.4

May 28, 2023

2.16.3

May 15, 2023

2.16.2

May 9, 2023

2.16.1

May 1, 2023

2.16.0

Apr 28, 2023

2.15.4

Apr 28, 2023

2.15.3

Apr 6, 2023

2.15.2

Apr 5, 2023

2.15.1

Apr 5, 2023

2.15.0

Apr 5, 2023

2.14.0

Mar 17, 2023

2.13.2

Mar 6, 2023

2.13.1

Mar 5, 2023

2.13.0

Mar 5, 2023

2.12.2

Mar 5, 2023

2.12.1

Mar 5, 2023

2.12.0

Feb 10, 2023

2.11.1

Feb 8, 2023

2.11.0

Feb 8, 2023

2.10.0

Feb 8, 2023

2.9.0

Jan 11, 2023

2.8.0

Dec 29, 2022

2.7.0

Dec 24, 2022

2.6.1

Dec 13, 2022

2.6.0

Oct 3, 2022

2.5.0

Aug 19, 2022

2.4.0

Aug 19, 2022

2.3.0

Aug 13, 2022

2.2.0

Aug 12, 2022

2.1.1

Jul 19, 2022

2.1.0

Jul 18, 2022

2.0.0

Jul 17, 2022

1.9.1

Jul 13, 2022

1.9.0

Jul 13, 2022

1.8.1

Jul 13, 2022

1.8.0

Jun 22, 2022

1.7.0

Jun 16, 2022

1.6.0

Jun 13, 2022

1.5.0

Jun 3, 2022

1.4.0

Jun 2, 2022

1.3.0

May 31, 2022

1.2.0

May 31, 2022

1.1.1

May 27, 2022

1.1.0

May 26, 2022

1.0.1

May 25, 2022

1.0.0

May 25, 2022

0.29.1

May 24, 2022

0.29.0

May 23, 2022

0.28.3

May 23, 2022

0.28.2

May 19, 2022

0.28.1

May 19, 2022

0.28.0

May 19, 2022

0.27.1

May 18, 2022

0.27.0

Feb 16, 2022

0.26.1

Aug 30, 2021

0.25.0

Jun 1, 2021

0.24.0

Dec 18, 2020

0.23.0

Nov 19, 2020

0.22.0

Aug 16, 2020

0.21.0

Jun 30, 2020

0.20.0

Apr 11, 2020

0.19.0

Feb 19, 2020

0.18.0

Dec 11, 2019

0.17.6

Oct 11, 2019

0.17.5

Aug 30, 2019

0.17.4

Jun 25, 2019

0.17.3

Jun 25, 2019

0.17.2

Jun 4, 2019

0.17.1

May 27, 2019

0.17.0

May 27, 2019

0.16.0

Mar 21, 2019

0.15.0

Mar 9, 2019

0.14.4

Dec 16, 2018

0.14.3

Dec 15, 2018

0.14.2

Dec 15, 2018

0.14.1

Dec 15, 2018

0.13.3

Oct 25, 2018

0.13.2

Aug 30, 2018

0.13.1

Aug 5, 2018

0.12.0

Jan 25, 2018

0.11.1

Dec 14, 2017

0.11.0

Dec 12, 2017

0.10.2

Oct 23, 2017

0.9.0

Sep 5, 2017

0.8.4

Aug 24, 2017

0.8.2

Aug 24, 2017

0.8.0

Aug 24, 2017

0.7.0

Aug 23, 2017

0.6.5

Aug 23, 2017

0.6.4

Aug 23, 2017

0.6.2

Aug 23, 2017

0.6.0

Aug 23, 2017

0.5.1

Aug 22, 2017

0.5.0

Aug 21, 2017

0.4.1

Aug 15, 2017

0.4.0

Aug 15, 2017

0.3.1

Aug 15, 2017

0.2.0

Aug 15, 2017

0.0.0

May 19, 2022

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

python_keycloak-3.6.0.tar.gz (47.2 kB view details)

Uploaded Nov 13, 2023 Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

The dropdown lists show the available interpreters, ABIs, and platforms. Enable javascript to be able to filter the list of wheel files.

python_keycloak-3.6.0-py3-none-any.whl (59.4 kB view details)

Uploaded Nov 13, 2023 Python 3

File details

Details for the file python_keycloak-3.6.0.tar.gz.

File metadata

Download URL: python_keycloak-3.6.0.tar.gz
Upload date: Nov 13, 2023
Size: 47.2 kB
Tags: Source
Uploaded using Trusted Publishing? No
Uploaded via: twine/4.0.2 CPython/3.10.13

File hashes

Hashes for python_keycloak-3.6.0.tar.gz
Algorithm	Hash digest
SHA256	`f2be89e4f37bbe022433fcde67d1c97cc49733f829b6ffa0491582b76bf379a4`
MD5	`5b4d89a231426796c438ab1f26e0a2ac`
BLAKE2b-256	`4d0c74dcfd9196185c16b579f011eae81a763159abcc97e09f28d695ffe11acd`

See more details on using hashes here.

File details

Details for the file python_keycloak-3.6.0-py3-none-any.whl.

File metadata

Download URL: python_keycloak-3.6.0-py3-none-any.whl
Upload date: Nov 13, 2023
Size: 59.4 kB
Tags: Python 3
Uploaded using Trusted Publishing? No
Uploaded via: twine/4.0.2 CPython/3.10.13

File hashes

Hashes for python_keycloak-3.6.0-py3-none-any.whl
Algorithm	Hash digest
SHA256	`84516e214b55e719bf44f20acb173281da074bf541ec974ee8ff2dfadc94e8a3`
MD5	`325b762c941c7a56602ee8be4038bfe4`
BLAKE2b-256	`23db832fcc80e5d122f4f76a1deab8669d72c25ac177f93a71f11e5825dccbc1`

See more details on using hashes here.

python-keycloak 3.6.0

Navigation

Verified details

Maintainers

Unverified details

Project links

Meta

Classifiers

Project description

Python Keycloak

Installation

Via Pypi Package:

Manually

Dependencies

Tests Dependencies

Bug reports

Documentation

Contributors

Usage

Project details

Verified details

Maintainers

Unverified details

Project links

Meta

Classifiers

Release history Release notifications | RSS feed

Download files

Source Distribution

Built Distribution

File details

File metadata

File hashes

File details

File metadata

File hashes