gloak/admin

Sans-IO Keycloak Admin API helpers.

This module owns a small maintainable Admin subset: realms, users, groups, and clients. It builds authenticated gleam_http requests and decodes the matching responses. It does not acquire tokens, send HTTP, retry, paginate automatically, or hide Keycloak ownership decisions behind a runtime layer.

Examples

import gloak/admin

pub fn users(session) {
  admin.user_list_request(session, [])
}

Types

@superdocs Admin Models Client summary returned by client list responses.

pub type Client {
  Client(
    id: gloak.ClientUuid,
    client_id: gloak.ClientId,
    name: option.Option(String),
    state: gloak.ResourceState,
  )
}

Constructors

@superdocs Admin Models Group summary returned by group list responses.

pub type Group {
  Group(id: gloak.GroupId, name: String, path: String)
}

Constructors

@superdocs Admin Models Client creation payload accepted by client_create_request.

pub type NewClient {
  NewClient(
    client_id: gloak.ClientId,
    name: option.Option(String),
    state: gloak.ResourceState,
  )
}

Constructors

@superdocs Admin Models Group creation payload accepted by group_create_request.

pub type NewGroup {
  NewGroup(name: String)
}

Constructors

  • NewGroup(name: String)

@superdocs Admin Models User creation payload accepted by user_create_request.

pub type NewUser {
  NewUser(
    username: String,
    email: option.Option(String),
    first_name: option.Option(String),
    last_name: option.Option(String),
    state: gloak.ResourceState,
    email_verification: gloak.EmailVerification,
  )
}

Constructors

@superdocs Admin Models Realm summary returned by the Admin API.

pub type Realm {
  Realm(realm: gloak.Realm, state: gloak.ResourceState)
}

Constructors

@superdocs Admin Models Role summary returned by realm and client role list responses.

pub type Role {
  Role(
    id: String,
    name: String,
    description: option.Option(String),
    origin: gloak.RoleOrigin,
  )
}

Constructors

Session

opaque

@superdocs Admin Models Admin session bound to a Keycloak server, target realm, and bearer token.

pub opaque type Session

@superdocs Admin Models User profile returned by user list and user detail responses.

pub type User {
  User(
    id: gloak.UserId,
    username: String,
    email: option.Option(String),
    first_name: option.Option(String),
    last_name: option.Option(String),
    state: gloak.ResourceState,
  )
}

Constructors

Values

pub fn client_create_request(
  session: Session,
  client client: NewClient,
) -> request.Request(String)

@superdocs Clients Builds a request to create a client.

pub fn client_create_response(
  response: response.Response(String),
) -> Result(String, gloak.Error)

@superdocs Clients Decodes the Location of a successful create-client response.

pub fn client_delete_request(
  session: Session,
  id id: gloak.ClientUuid,
) -> request.Request(String)

@superdocs Clients Builds a request to delete a client by Keycloak UUID.

pub fn client_get_request(
  session: Session,
  id id: gloak.ClientUuid,
) -> request.Request(String)

@superdocs Clients Builds a request to fetch a client by Keycloak UUID.

pub fn client_list_request(
  session: Session,
  query query: List(#(String, String)),
) -> request.Request(String)

@superdocs Clients Builds a request to list clients in the target realm.

pub fn client_list_response(
  response: response.Response(String),
) -> Result(List(Client), gloak.Error)

@superdocs Clients Decodes a client list response.

pub fn client_role_list_request(
  session: Session,
  id id: gloak.ClientUuid,
  query query: List(#(String, String)),
) -> request.Request(String)

@superdocs Roles Builds a request to list roles for a client.

pub fn group_create_request(
  session: Session,
  group group: NewGroup,
) -> request.Request(String)

@superdocs Groups Builds a request to create a group.

pub fn group_create_response(
  response: response.Response(String),
) -> Result(String, gloak.Error)

@superdocs Groups Decodes the Location of a successful create-group response.

pub fn group_delete_request(
  session: Session,
  id id: gloak.GroupId,
) -> request.Request(String)

@superdocs Groups Builds a request to delete a group by id.

pub fn group_get_request(
  session: Session,
  id id: gloak.GroupId,
) -> request.Request(String)

@superdocs Groups Builds a request to fetch a group by id.

pub fn group_list_request(
  session: Session,
  query query: List(#(String, String)),
) -> request.Request(String)

@superdocs Groups Builds a request to list groups in the target realm.

pub fn group_list_response(
  response: response.Response(String),
) -> Result(List(Group), gloak.Error)

@superdocs Groups Decodes a group list response.

pub fn group_member_list_request(
  session: Session,
  id id: gloak.GroupId,
  query query: List(#(String, String)),
) -> request.Request(String)

@superdocs Groups Builds a request to list members of a group.

pub fn group_member_list_response(
  response: response.Response(String),
) -> Result(List(User), gloak.Error)

@superdocs Groups Decodes a group-member list response.

pub fn realm_list_request(
  session: Session,
) -> request.Request(String)

@superdocs Realms Builds a request to list realms visible to the session token.

pub fn realm_list_response(
  response: response.Response(String),
) -> Result(List(Realm), gloak.Error)

@superdocs Realms Decodes a realm list response.

pub fn realm_role_list_request(
  session: Session,
  query query: List(#(String, String)),
) -> request.Request(String)

@superdocs Roles Builds a request to list realm roles.

pub fn role_list_response(
  response: response.Response(String),
) -> Result(List(Role), gloak.Error)

@superdocs Roles Decodes a role list response.

pub fn session(
  server server: gloak.Server,
  realm realm: gloak.Realm,
  access_token access_token: gloak.AccessToken,
) -> Session

@superdocs Sessions Builds an Admin session from caller-managed token state.

pub fn unit_response(
  response: response.Response(String),
) -> Result(Nil, gloak.Error)

@superdocs Responses Decodes a response whose success body is intentionally ignored.

pub fn user_create_request(
  session: Session,
  user user: NewUser,
) -> request.Request(String)

@superdocs Users Builds a request to create a user.

pub fn user_create_response(
  response: response.Response(String),
) -> Result(String, gloak.Error)

@superdocs Users Decodes the Location of a successful create-user response.

pub fn user_delete_request(
  session: Session,
  id id: gloak.UserId,
) -> request.Request(String)

@superdocs Users Builds a request to delete a user by id.

pub fn user_get_request(
  session: Session,
  id id: gloak.UserId,
) -> request.Request(String)

@superdocs Users Builds a request to fetch a user by id.

pub fn user_join_group_request(
  session: Session,
  user_id user_id: gloak.UserId,
  group_id group_id: gloak.GroupId,
) -> request.Request(String)

@superdocs Groups Builds a request to add a user to a group.

pub fn user_leave_group_request(
  session: Session,
  user_id user_id: gloak.UserId,
  group_id group_id: gloak.GroupId,
) -> request.Request(String)

@superdocs Groups Builds a request to remove a user from a group.

pub fn user_list_request(
  session: Session,
  query query: List(#(String, String)),
) -> request.Request(String)

@superdocs Users Builds a request to list users in the target realm.

pub fn user_list_response(
  response: response.Response(String),
) -> Result(List(User), gloak.Error)

@superdocs Users Decodes a user list response.

pub fn user_reset_password_request(
  session: Session,
  id id: gloak.UserId,
  password password: String,
  password_state password_state: gloak.PasswordCredentialState,
) -> request.Request(String)

@superdocs Users Builds a request to reset a user’s password.

pub fn user_response(
  response: response.Response(String),
) -> Result(User, gloak.Error)

@superdocs Users Decodes a user detail response.

Search Document