python-keycloak/docs/source/modules/async.rst

.. admin:

Use Python Keycloak Asynchronously
==================================

Asynchronous admin client
-------------------------

Configure admin client
------------------------

.. code-block:: python


    admin = KeycloakAdmin(
                server_url="http://localhost:8080/",
                username='example-admin',
                password='secret',
                realm_name="master",
                user_realm_name="only_if_other_realm_than_master")


Configure admin client with connection
-----------------------------------------

.. code-block:: python

    from keycloak import KeycloakAdmin
    from keycloak import KeycloakOpenIDConnection

    keycloak_connection = KeycloakOpenIDConnection(
                            server_url="http://localhost:8080/",
                            username='example-admin',
                            password='secret',
                            realm_name="master",
                            user_realm_name="only_if_other_realm_than_master",
                            client_id="my_client",
                            client_secret_key="client-secret",
                            verify=True)

    keycloak_admin = KeycloakAdmin(connection=keycloak_connection)


Create user asynchronously
----------------------------

.. code-block:: python

    new_user = await keycloak_admin.a_create_user({"email": "example@example.com",
                                           "username": "example@example.com",
                                           "enabled": True,
                                           "firstName": "Example",
                                           "lastName": "Example"})


Add user asynchronously and raise exception if username already exists
-----------------------------------------------------------------------

The exist_ok currently defaults to True for backwards compatibility reasons.

.. code-block:: python

    new_user = await keycloak_admin.a_create_user({"email": "example@example.com",
                                           "username": "example@example.com",
                                           "enabled": True,
                                           "firstName": "Example",
                                           "lastName": "Example"},
                                            exist_ok=False)

Add user asynchronously and set password
----------------------------------------

.. code-block:: python

    new_user = await keycloak_admin.a_create_user({"email": "example@example.com",
                                           "username": "example@example.com",
                                           "enabled": True,
                                           "firstName": "Example",
                                           "lastName": "Example",
                                            "credentials": [{"value": "secret","type": "password",}]})


Add user asynchronous and specify a locale
-------------------------------------------

.. code-block:: python

    new_user = await keycloak_admin.a_create_user({"email": "example@example.fr",
                                           "username": "example@example.fr",
                                           "enabled": True,
                                           "firstName": "Example",
                                           "lastName": "Example",
                                           "attributes": {
                                               "locale": ["fr"]
                                           }})

Asynchronous User counter
------------------------------

.. code-block:: python

    count_users = await keycloak_admin.a_users_count()

Get users Returns a list of users asynchronously, filtered according to query parameters
-----------------------------------------------------------------------------------------

.. code-block:: python

    users = await keycloak_admin.a_get_users({})

Get user ID asynchronously from username
-----------------------------------------

.. code-block:: python

    user_id_keycloak = await keycloak_admin.a_get_user_id("username-keycloak")


Get user asynchronously
------------------------------

.. code-block:: python

    user = await keycloak_admin.a_get_user("user-id-keycloak")

Update user asynchronously
------------------------------

.. code-block:: python

    response = await keycloak_admin.a_update_user(user_id="user-id-keycloak",
                                          payload={'firstName': 'Example Update'})


Update user password asynchronously
------------------------------------

.. code-block:: python

    response = await keycloak_admin.a_set_user_password(user_id="user-id-keycloak", password="secret", temporary=True)


Get user credentials asynchronously
------------------------------------

.. code-block:: python

    credentials = await keycloak_admin.a_get_credentials(user_id='user_id')

Get user credential asynchronously by ID
-----------------------------------------

.. code-block:: python

    credential = await keycloak_admin.a_get_credential(user_id='user_id', credential_id='credential_id')

Delete user credential asynchronously
---------------------------------------

.. code-block:: python

    response = await keycloak_admin.a_delete_credential(user_id='user_id', credential_id='credential_id')

Delete User asynchronously
------------------------------

.. code-block:: python

    response = await  keycloak_admin.a_delete_user(user_id="user-id-keycloak")

Get consents granted asynchronously by the user
------------------------------------------------

.. code-block:: python

    consents = await keycloak_admin.a_consents_user(user_id="user-id-keycloak")

Send user action asynchronously
---------------------------------

.. code-block:: python

    response = await keycloak_admin.a_send_update_account(user_id="user-id-keycloak",
                                                  payload=['UPDATE_PASSWORD'])

Send verify email asynchronously
----------------------------------

.. code-block:: python

    response = await keycloak_admin.a_send_verify_email(user_id="user-id-keycloak")

Get sessions associated asynchronously with the user
-----------------------------------------------------

.. code-block:: python

    sessions = await keycloak_admin.a_get_sessions(user_id="user-id-keycloak")




Asynchronous OpenID Client
===========================

Asynchronous Configure client OpenID
-------------------------------------

.. code-block:: python

    from keycloak import KeycloakOpenID

    # Configure client
    # For versions older than 18 /auth/ must be added at the end of the server_url.
    keycloak_openid = KeycloakOpenID(server_url="http://localhost:8080/",
                                     client_id="example_client",
                                     realm_name="example_realm",
                                     client_secret_key="secret")


Get .well_know asynchronously
------------------------------

.. code-block:: python

    config_well_known = await keycloak_openid.a_well_known()


Get code asynchronously with OAuth authorization request
---------------------------------------------------------

.. code-block:: python

    auth_url = await keycloak_openid.a_auth_url(
        redirect_uri="your_call_back_url",
        scope="email",
        state="your_state_info")


Get access token asynchronously with code
----------------------------------------------

.. code-block:: python

    access_token = await keycloak_openid.a_token(
        grant_type='authorization_code',
        code='the_code_you_get_from_auth_url_callback',
        redirect_uri="your_call_back_url")


Get access asynchronously token with user and password
-------------------------------------------------------

.. code-block:: python

    token = await keycloak_openid.a_token("user", "password")
    token = await keycloak_openid.a_token("user", "password", totp="012345")


Get token asynchronously using Token Exchange
----------------------------------------------

.. code-block:: python

    token = await keycloak_openid.a_exchange_token(token['access_token'],
                "my_client", "other_client", "some_user")


Refresh token asynchronously
----------------------------------------------

.. code-block:: python

    token = await keycloak_openid.a_refresh_token(token['refresh_token'])

Get UserInfo asynchronously
----------------------------------------------

.. code-block:: python

    userinfo = await keycloak_openid.a_userinfo(token['access_token'])

Logout asynchronously
----------------------------------------------

.. code-block:: python

    await keycloak_openid.a_logout(token['refresh_token'])

Get certs asynchronously
----------------------------------------------

.. code-block:: python

    certs = await keycloak_openid.a_certs()

Introspect RPT asynchronously
----------------------------------------------

.. code-block:: python

    token_rpt_info = await keycloak_openid.a_introspect(await keycloak_openid.a_introspect(token['access_token'],
                                                                           rpt=rpt['rpt'],
                                                                           token_type_hint="requesting_party_token"))

Introspect token asynchronously
----------------------------------------------

.. code-block:: python

    token_info = await keycloak_openid.a_introspect(token['access_token'])


Decode token asynchronously
----------------------------------------------

.. code-block:: python

    token_info = await keycloak_openid.a_decode_token(token['access_token'])
    # Without validation
    token_info = await keycloak_openid.a_decode_token(token['access_token'], validate=False)


Get UMA-permissions asynchronously by token
----------------------------------------------

.. code-block:: python

    token = await keycloak_openid.a_token("user", "password")
    permissions = await keycloak_openid.a_uma_permissions(token['access_token'])

Get UMA-permissions asynchronously by token with specific resource and scope requested
---------------------------------------------------------------------------------------

.. code-block:: python

    token = await keycloak_openid.a_token("user", "password")
    permissions = await keycloak_openid.a_uma_permissions(token['access_token'], permissions="Resource#Scope")

Get auth status asynchronously for a specific resource and scope by token
--------------------------------------------------------------------------

.. code-block:: python

    token = await keycloak_openid.a_token("user", "password")
    auth_status = await keycloak_openid.a_has_uma_access(token['access_token'], "Resource#Scope")




Asynchronous UMA
========================


Asynchronous Configure client UMA
----------------------------------

.. code-block:: python

    from keycloak import KeycloakOpenIDConnection
    from keycloak import KeycloakUMA

    keycloak_connection = KeycloakOpenIDConnection(
                            server_url="http://localhost:8080/",
                            realm_name="master",
                            client_id="my_client",
                            client_secret_key="client-secret")

    keycloak_uma = KeycloakUMA(connection=keycloak_connection)


Create a resource set asynchronously
---------------------------------------

.. code-block:: python

    resource_set = await keycloak_uma.a_resource_set_create({
                    "name": "example_resource",
                    "scopes": ["example:read", "example:write"],
                    "type": "urn:example"})

List resource sets asynchronously
----------------------------------

.. code-block:: python

    resource_sets = await uma.a_resource_set_list()

Get resource set asynchronously
--------------------------------

.. code-block:: python

    latest_resource = await uma.a_resource_set_read(resource_set["_id"])

Update resource set asynchronously
-------------------------------------

.. code-block:: python

    latest_resource["name"] = "New Resource Name"
    await uma.a_resource_set_update(resource_set["_id"], latest_resource)

Delete resource set asynchronously
------------------------------------
.. code-block:: python

    await uma.a_resource_set_delete(resource_id=resource_set["_id"])