-
Notifications
You must be signed in to change notification settings - Fork 290
/
Copy pathgocloak_iface.go
581 lines (577 loc) · 49.7 KB
/
gocloak_iface.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
// Code generated by ifacemaker; DO NOT EDIT.
package gocloak
import (
"context"
"io"
"github.com/go-resty/resty/v2"
"github.com/golang-jwt/jwt/v5"
)
// GoCloakIface ...
type GoCloakIface interface {
// GetRequest returns a request for calling endpoints.
GetRequest(ctx context.Context) *resty.Request
// GetRequestWithBearerAuthNoCache returns a JSON base request configured with an auth token and no-cache header.
GetRequestWithBearerAuthNoCache(ctx context.Context, token string) *resty.Request
// GetRequestWithBearerAuth returns a JSON base request configured with an auth token.
GetRequestWithBearerAuth(ctx context.Context, token string) *resty.Request
// GetRequestWithBearerAuthXMLHeader returns an XML base request configured with an auth token.
GetRequestWithBearerAuthXMLHeader(ctx context.Context, token string) *resty.Request
// GetRequestWithBasicAuth returns a form data base request configured with basic auth.
GetRequestWithBasicAuth(ctx context.Context, clientID, clientSecret string) *resty.Request
// RestyClient returns the internal resty g.
// This can be used to configure the g.
RestyClient() *resty.Client
// SetRestyClient overwrites the internal resty g.
SetRestyClient(restyClient *resty.Client)
// GetServerInfo fetches the server info.
GetServerInfo(ctx context.Context, accessToken string) (*ServerInfoRepresentation, error)
// GetUserInfo calls the UserInfo endpoint
GetUserInfo(ctx context.Context, accessToken, realm string) (*UserInfo, error)
// GetRawUserInfo calls the UserInfo endpoint and returns a raw json object
GetRawUserInfo(ctx context.Context, accessToken, realm string) (map[string]interface{}, error)
// GetCerts fetches certificates for the given realm from the public /open-id-connect/certs endpoint
GetCerts(ctx context.Context, realm string) (*CertResponse, error)
// GetIssuer gets the issuer of the given realm
GetIssuer(ctx context.Context, realm string) (*IssuerResponse, error)
// RetrospectToken calls the openid-connect introspect endpoint
RetrospectToken(ctx context.Context, accessToken, clientID, clientSecret, realm string) (*IntroSpectTokenResult, error)
// DecodeAccessToken decodes the accessToken
DecodeAccessToken(ctx context.Context, accessToken, realm string) (*jwt.Token, *jwt.MapClaims, error)
// DecodeAccessTokenCustomClaims decodes the accessToken and writes claims into the given claims
DecodeAccessTokenCustomClaims(ctx context.Context, accessToken, realm string, claims jwt.Claims) (*jwt.Token, error)
// GetToken uses TokenOptions to fetch a token.
GetToken(ctx context.Context, realm string, options TokenOptions) (*JWT, error)
// GetRequestingPartyToken returns a requesting party token with permissions granted by the server
GetRequestingPartyToken(ctx context.Context, token, realm string, options RequestingPartyTokenOptions) (*JWT, error)
// GetRequestingPartyPermissions returns a requesting party permissions granted by the server
GetRequestingPartyPermissions(ctx context.Context, token, realm string, options RequestingPartyTokenOptions) (*[]RequestingPartyPermission, error)
// GetRequestingPartyPermissionDecision returns a requesting party permission decision granted by the server
GetRequestingPartyPermissionDecision(ctx context.Context, token, realm string, options RequestingPartyTokenOptions) (*RequestingPartyPermissionDecision, error)
// RefreshToken refreshes the given token.
// May return a *APIError with further details about the issue.
RefreshToken(ctx context.Context, refreshToken, clientID, clientSecret, realm string) (*JWT, error)
// LoginAdmin performs a login with Admin client
LoginAdmin(ctx context.Context, username, password, realm string) (*JWT, error)
// LoginClient performs a login with client credentials
LoginClient(ctx context.Context, clientID, clientSecret, realm string, scopes ...string) (*JWT, error)
// LoginClientTokenExchange will exchange the presented token for a user's token
// Requires Token-Exchange is enabled: https://www.keycloak.org/docs/latest/securing_apps/index.html#_token-exchange
LoginClientTokenExchange(ctx context.Context, clientID, token, clientSecret, realm, targetClient, userID string) (*JWT, error)
// DirectNakedImpersonationTokenExchange performs "Direct Naked Impersonation"
// See: https://www.keycloak.org/docs/latest/securing_apps/index.html#direct-naked-impersonation
DirectNakedImpersonationTokenExchange(ctx context.Context, clientID, clientSecret, realm, userID string) (*JWT, error)
// LoginClientSignedJWT performs a login with client credentials and signed jwt claims
LoginClientSignedJWT(ctx context.Context, clientID, realm string, key interface{}, signedMethod jwt.SigningMethod, expiresAt *jwt.NumericDate) (*JWT, error)
// Login performs a login with user credentials and a client
Login(ctx context.Context, clientID, clientSecret, realm, username, password string) (*JWT, error)
// LoginOtp performs a login with user credentials and otp token
LoginOtp(ctx context.Context, clientID, clientSecret, realm, username, password, totp string) (*JWT, error)
// Logout logs out users with refresh token
Logout(ctx context.Context, clientID, clientSecret, realm, refreshToken string) error
// LogoutPublicClient performs a logout using a public client and the accessToken.
LogoutPublicClient(ctx context.Context, clientID, realm, accessToken, refreshToken string) error
// LogoutAllSessions logs out all sessions of a user given an id.
LogoutAllSessions(ctx context.Context, accessToken, realm, userID string) error
// RevokeUserConsents revokes the given user consent.
RevokeUserConsents(ctx context.Context, accessToken, realm, userID, clientID string) error
// LogoutUserSession logs out a single sessions of a user given a session id
LogoutUserSession(ctx context.Context, accessToken, realm, session string) error
// ExecuteActionsEmail executes an actions email
ExecuteActionsEmail(ctx context.Context, token, realm string, params ExecuteActionsEmail) error
// SendVerifyEmail sends a verification e-mail to a user.
SendVerifyEmail(ctx context.Context, token, userID, realm string, params ...SendVerificationMailParams) error
// CreateGroup creates a new group.
CreateGroup(ctx context.Context, token, realm string, group Group) (string, error)
// CreateChildGroup creates a new child group
CreateChildGroup(ctx context.Context, token, realm, groupID string, group Group) (string, error)
// CreateComponent creates the given component.
CreateComponent(ctx context.Context, token, realm string, component Component) (string, error)
// CreateClient creates the given g.
CreateClient(ctx context.Context, accessToken, realm string, newClient Client) (string, error)
// CreateClientRepresentation creates a new client representation
CreateClientRepresentation(ctx context.Context, token, realm string, newClient Client) (*Client, error)
// CreateClientRole creates a new role for a client
CreateClientRole(ctx context.Context, token, realm, idOfClient string, role Role) (string, error)
// CreateClientScope creates a new client scope
CreateClientScope(ctx context.Context, token, realm string, scope ClientScope) (string, error)
// CreateClientScopeProtocolMapper creates a new protocolMapper under the given client scope
CreateClientScopeProtocolMapper(ctx context.Context, token, realm, scopeID string, protocolMapper ProtocolMappers) (string, error)
// UpdateGroup updates the given group.
UpdateGroup(ctx context.Context, token, realm string, updatedGroup Group) error
// UpdateGroupManagementPermissions updates the given group management permissions
UpdateGroupManagementPermissions(ctx context.Context, accessToken, realm string, idOfGroup string, managementPermissions ManagementPermissionRepresentation) (*ManagementPermissionRepresentation, error)
// UpdateClient updates the given Client
UpdateClient(ctx context.Context, token, realm string, updatedClient Client) error
// UpdateClientRepresentation updates the given client representation
UpdateClientRepresentation(ctx context.Context, accessToken, realm string, updatedClient Client) (*Client, error)
// UpdateClientManagementPermissions updates the given client management permissions
UpdateClientManagementPermissions(ctx context.Context, accessToken, realm string, idOfClient string, managementPermissions ManagementPermissionRepresentation) (*ManagementPermissionRepresentation, error)
// UpdateRole updates the given role.
UpdateRole(ctx context.Context, token, realm, idOfClient string, role Role) error
// UpdateClientScope updates the given client scope.
UpdateClientScope(ctx context.Context, token, realm string, scope ClientScope) error
// UpdateClientScopeProtocolMapper updates the given protocol mapper for a client scope
UpdateClientScopeProtocolMapper(ctx context.Context, token, realm, scopeID string, protocolMapper ProtocolMappers) error
// DeleteGroup deletes the group with the given groupID.
DeleteGroup(ctx context.Context, token, realm, groupID string) error
// DeleteClient deletes a given client
DeleteClient(ctx context.Context, token, realm, idOfClient string) error
// DeleteComponent deletes the component with the given id.
DeleteComponent(ctx context.Context, token, realm, componentID string) error
// DeleteClientRepresentation deletes a given client representation.
DeleteClientRepresentation(ctx context.Context, accessToken, realm, clientID string) error
// DeleteClientRole deletes a given role.
DeleteClientRole(ctx context.Context, token, realm, idOfClient, roleName string) error
// DeleteClientScope deletes the scope with the given id.
DeleteClientScope(ctx context.Context, token, realm, scopeID string) error
// DeleteClientScopeProtocolMapper deletes the given protocol mapper from the client scope
DeleteClientScopeProtocolMapper(ctx context.Context, token, realm, scopeID, protocolMapperID string) error
// GetClient returns a client
GetClient(ctx context.Context, token, realm, idOfClient string) (*Client, error)
// GetClientRepresentation returns a client representation
GetClientRepresentation(ctx context.Context, accessToken, realm, clientID string) (*Client, error)
// GetAdapterConfiguration returns a adapter configuration
GetAdapterConfiguration(ctx context.Context, accessToken, realm, clientID string) (*AdapterConfiguration, error)
// GetClientsDefaultScopes returns a list of the client's default scopes
GetClientsDefaultScopes(ctx context.Context, token, realm, idOfClient string) ([]*ClientScope, error)
// AddDefaultScopeToClient adds a client scope to the list of client's default scopes
AddDefaultScopeToClient(ctx context.Context, token, realm, idOfClient, scopeID string) error
// RemoveDefaultScopeFromClient removes a client scope from the list of client's default scopes
RemoveDefaultScopeFromClient(ctx context.Context, token, realm, idOfClient, scopeID string) error
// GetClientsOptionalScopes returns a list of the client's optional scopes
GetClientsOptionalScopes(ctx context.Context, token, realm, idOfClient string) ([]*ClientScope, error)
// AddOptionalScopeToClient adds a client scope to the list of client's optional scopes
AddOptionalScopeToClient(ctx context.Context, token, realm, idOfClient, scopeID string) error
// RemoveOptionalScopeFromClient deletes a client scope from the list of client's optional scopes
RemoveOptionalScopeFromClient(ctx context.Context, token, realm, idOfClient, scopeID string) error
// GetDefaultOptionalClientScopes returns a list of default realm optional scopes
GetDefaultOptionalClientScopes(ctx context.Context, token, realm string) ([]*ClientScope, error)
// GetDefaultDefaultClientScopes returns a list of default realm default scopes
GetDefaultDefaultClientScopes(ctx context.Context, token, realm string) ([]*ClientScope, error)
// GetClientScope returns a clientscope
GetClientScope(ctx context.Context, token, realm, scopeID string) (*ClientScope, error)
// GetClientScopes returns all client scopes
GetClientScopes(ctx context.Context, token, realm string) ([]*ClientScope, error)
// GetClientScopeProtocolMappers returns all protocol mappers of a client scope
GetClientScopeProtocolMappers(ctx context.Context, token, realm, scopeID string) ([]*ProtocolMappers, error)
// GetClientScopeProtocolMapper returns a protocol mapper of a client scope
GetClientScopeProtocolMapper(ctx context.Context, token, realm, scopeID, protocolMapperID string) (*ProtocolMappers, error)
// GetClientScopeMappings returns all scope mappings for the client
GetClientScopeMappings(ctx context.Context, token, realm, idOfClient string) (*MappingsRepresentation, error)
// GetRealmRoleGroups returns groups associated with the realm role
GetRealmRoleGroups(ctx context.Context, token, roleName, realm string) ([]*Group, error)
// GetClientScopeMappingsRealmRoles returns realm-level roles associated with the client’s scope
GetClientScopeMappingsRealmRoles(ctx context.Context, token, realm, idOfClient string) ([]*Role, error)
// GetClientScopeMappingsRealmRolesAvailable returns realm-level roles that are available to attach to this client’s scope
GetClientScopeMappingsRealmRolesAvailable(ctx context.Context, token, realm, idOfClient string) ([]*Role, error)
// CreateClientScopeMappingsRealmRoles create realm-level roles to the client’s scope
CreateClientScopeMappingsRealmRoles(ctx context.Context, token, realm, idOfClient string, roles []Role) error
// DeleteClientScopeMappingsRealmRoles deletes realm-level roles from the client’s scope
DeleteClientScopeMappingsRealmRoles(ctx context.Context, token, realm, idOfClient string, roles []Role) error
// GetClientScopeMappingsClientRoles returns roles associated with a client’s scope
GetClientScopeMappingsClientRoles(ctx context.Context, token, realm, idOfClient, idOfSelectedClient string) ([]*Role, error)
// GetClientScopeMappingsClientRolesAvailable returns available roles associated with a client’s scope
GetClientScopeMappingsClientRolesAvailable(ctx context.Context, token, realm, idOfClient, idOfSelectedClient string) ([]*Role, error)
// CreateClientScopeMappingsClientRoles creates client-level roles from the client’s scope
CreateClientScopeMappingsClientRoles(ctx context.Context, token, realm, idOfClient, idOfSelectedClient string, roles []Role) error
// DeleteClientScopeMappingsClientRoles deletes client-level roles from the client’s scope
DeleteClientScopeMappingsClientRoles(ctx context.Context, token, realm, idOfClient, idOfSelectedClient string, roles []Role) error
// GetClientSecret returns a client's secret
GetClientSecret(ctx context.Context, token, realm, idOfClient string) (*CredentialRepresentation, error)
// GetClientServiceAccount retrieves the service account "user" for a client if enabled
GetClientServiceAccount(ctx context.Context, token, realm, idOfClient string) (*User, error)
// RegenerateClientSecret triggers the creation of the new client secret.
RegenerateClientSecret(ctx context.Context, token, realm, idOfClient string) (*CredentialRepresentation, error)
// GetClientOfflineSessions returns offline sessions associated with the client
GetClientOfflineSessions(ctx context.Context, token, realm, idOfClient string, params ...GetClientUserSessionsParams) ([]*UserSessionRepresentation, error)
// GetClientUserSessions returns user sessions associated with the client
GetClientUserSessions(ctx context.Context, token, realm, idOfClient string, params ...GetClientUserSessionsParams) ([]*UserSessionRepresentation, error)
// CreateClientProtocolMapper creates a protocol mapper in client scope
CreateClientProtocolMapper(ctx context.Context, token, realm, idOfClient string, mapper ProtocolMapperRepresentation) (string, error)
// UpdateClientProtocolMapper updates a protocol mapper in client scope
UpdateClientProtocolMapper(ctx context.Context, token, realm, idOfClient, mapperID string, mapper ProtocolMapperRepresentation) error
// DeleteClientProtocolMapper deletes a protocol mapper in client scope
DeleteClientProtocolMapper(ctx context.Context, token, realm, idOfClient, mapperID string) error
// GetKeyStoreConfig get keystoreconfig of the realm
GetKeyStoreConfig(ctx context.Context, token, realm string) (*KeyStoreConfig, error)
// GetComponents get all components in realm
GetComponents(ctx context.Context, token, realm string) ([]*Component, error)
// GetComponentsWithParams get all components in realm with query params
GetComponentsWithParams(ctx context.Context, token, realm string, params GetComponentsParams) ([]*Component, error)
// GetComponent get exactly one component by ID
GetComponent(ctx context.Context, token, realm string, componentID string) (*Component, error)
// UpdateComponent updates the given component
UpdateComponent(ctx context.Context, token, realm string, component Component) error
// GetDefaultGroups returns a list of default groups
GetDefaultGroups(ctx context.Context, token, realm string) ([]*Group, error)
// AddDefaultGroup adds group to the list of default groups
AddDefaultGroup(ctx context.Context, token, realm, groupID string) error
// RemoveDefaultGroup removes group from the list of default groups
RemoveDefaultGroup(ctx context.Context, token, realm, groupID string) error
// GetRoleMappingByGroupID gets the role mappings by group
GetRoleMappingByGroupID(ctx context.Context, token, realm, groupID string) (*MappingsRepresentation, error)
// GetRoleMappingByUserID gets the role mappings by user
GetRoleMappingByUserID(ctx context.Context, token, realm, userID string) (*MappingsRepresentation, error)
// GetGroup get group with id in realm
GetGroup(ctx context.Context, token, realm, groupID string) (*Group, error)
// GetChildGroups get child groups of group with id in realm
GetChildGroups(ctx context.Context, token, realm, groupID string, params GetChildGroupsParams) ([]*Group, error)
// GetGroupByPath get group with path in realm
GetGroupByPath(ctx context.Context, token, realm, groupPath string) (*Group, error)
// GetGroups get all groups in realm
GetGroups(ctx context.Context, token, realm string, params GetGroupsParams) ([]*Group, error)
// GetGroupManagementPermissions returns whether group Authorization permissions have been initialized or not and a reference
// to the managed permissions
GetGroupManagementPermissions(ctx context.Context, token, realm string, idOfGroup string) (*ManagementPermissionRepresentation, error)
// GetGroupsByRole gets groups assigned with a specific role of a realm
GetGroupsByRole(ctx context.Context, token, realm string, roleName string) ([]*Group, error)
// GetGroupsByClientRole gets groups with specified roles assigned of given client within a realm
GetGroupsByClientRole(ctx context.Context, token, realm string, roleName string, clientID string) ([]*Group, error)
// GetGroupsCount gets the groups count in the realm
GetGroupsCount(ctx context.Context, token, realm string, params GetGroupsParams) (int, error)
// GetGroupMembers get a list of users of group with id in realm
GetGroupMembers(ctx context.Context, token, realm, groupID string, params GetGroupsParams) ([]*User, error)
// GetClientRoles get all roles for the given client in realm
GetClientRoles(ctx context.Context, token, realm, idOfClient string, params GetRoleParams) ([]*Role, error)
// GetClientRoleByID gets role for the given client in realm using role ID
GetClientRoleByID(ctx context.Context, token, realm, roleID string) (*Role, error)
// GetClientRolesByUserID returns all client roles assigned to the given user
GetClientRolesByUserID(ctx context.Context, token, realm, idOfClient, userID string) ([]*Role, error)
// GetClientRolesByGroupID returns all client roles assigned to the given group
GetClientRolesByGroupID(ctx context.Context, token, realm, idOfClient, groupID string) ([]*Role, error)
// GetCompositeClientRolesByRoleID returns all client composite roles associated with the given client role
GetCompositeClientRolesByRoleID(ctx context.Context, token, realm, idOfClient, roleID string) ([]*Role, error)
// GetCompositeClientRolesByUserID returns all client roles and composite roles assigned to the given user
GetCompositeClientRolesByUserID(ctx context.Context, token, realm, idOfClient, userID string) ([]*Role, error)
// GetAvailableClientRolesByUserID returns all available client roles to the given user
GetAvailableClientRolesByUserID(ctx context.Context, token, realm, idOfClient, userID string) ([]*Role, error)
// GetAvailableClientRolesByGroupID returns all available roles to the given group
GetAvailableClientRolesByGroupID(ctx context.Context, token, realm, idOfClient, groupID string) ([]*Role, error)
// GetCompositeClientRolesByGroupID returns all client roles and composite roles assigned to the given group
GetCompositeClientRolesByGroupID(ctx context.Context, token, realm, idOfClient, groupID string) ([]*Role, error)
// GetClientRole get a role for the given client in a realm by role name
GetClientRole(ctx context.Context, token, realm, idOfClient, roleName string) (*Role, error)
// GetClients gets all clients in realm
GetClients(ctx context.Context, token, realm string, params GetClientsParams) ([]*Client, error)
// GetClientManagementPermissions returns whether client Authorization permissions have been initialized or not and a reference
// to the managed permissions
GetClientManagementPermissions(ctx context.Context, token, realm string, idOfClient string) (*ManagementPermissionRepresentation, error)
// CreateRealmRole creates a role in a realm
CreateRealmRole(ctx context.Context, token string, realm string, role Role) (string, error)
// GetRealmRole returns a role from a realm by role's name
GetRealmRole(ctx context.Context, token, realm, roleName string) (*Role, error)
// GetRealmRoleByID returns a role from a realm by role's ID
GetRealmRoleByID(ctx context.Context, token, realm, roleID string) (*Role, error)
// GetRealmRoles get all roles of the given realm.
GetRealmRoles(ctx context.Context, token, realm string, params GetRoleParams) ([]*Role, error)
// GetRealmRolesByUserID returns all roles assigned to the given user
GetRealmRolesByUserID(ctx context.Context, token, realm, userID string) ([]*Role, error)
// GetRealmRolesByGroupID returns all roles assigned to the given group
GetRealmRolesByGroupID(ctx context.Context, token, realm, groupID string) ([]*Role, error)
// UpdateRealmRole updates a role in a realm
UpdateRealmRole(ctx context.Context, token, realm, roleName string, role Role) error
// UpdateRealmRoleByID updates a role in a realm by role's ID
UpdateRealmRoleByID(ctx context.Context, token, realm, roleID string, role Role) error
// DeleteRealmRole deletes a role in a realm by role's name
DeleteRealmRole(ctx context.Context, token, realm, roleName string) error
// AddRealmRoleToUser adds realm-level role mappings
AddRealmRoleToUser(ctx context.Context, token, realm, userID string, roles []Role) error
// DeleteRealmRoleFromUser deletes realm-level role mappings
DeleteRealmRoleFromUser(ctx context.Context, token, realm, userID string, roles []Role) error
// AddRealmRoleToGroup adds realm-level role mappings
AddRealmRoleToGroup(ctx context.Context, token, realm, groupID string, roles []Role) error
// DeleteRealmRoleFromGroup deletes realm-level role mappings
DeleteRealmRoleFromGroup(ctx context.Context, token, realm, groupID string, roles []Role) error
// AddRealmRoleComposite adds a role to the composite.
AddRealmRoleComposite(ctx context.Context, token, realm, roleName string, roles []Role) error
// DeleteRealmRoleComposite deletes a role from the composite.
DeleteRealmRoleComposite(ctx context.Context, token, realm, roleName string, roles []Role) error
// GetCompositeRealmRoles returns all realm composite roles associated with the given realm role
GetCompositeRealmRoles(ctx context.Context, token, realm, roleName string) ([]*Role, error)
// GetCompositeRolesByRoleID returns all realm composite roles associated with the given client role
GetCompositeRolesByRoleID(ctx context.Context, token, realm, roleID string) ([]*Role, error)
// GetCompositeRealmRolesByRoleID returns all realm composite roles associated with the given client role
GetCompositeRealmRolesByRoleID(ctx context.Context, token, realm, roleID string) ([]*Role, error)
// GetCompositeRealmRolesByUserID returns all realm roles and composite roles assigned to the given user
GetCompositeRealmRolesByUserID(ctx context.Context, token, realm, userID string) ([]*Role, error)
// GetCompositeRealmRolesByGroupID returns all realm roles and composite roles assigned to the given group
GetCompositeRealmRolesByGroupID(ctx context.Context, token, realm, groupID string) ([]*Role, error)
// GetAvailableRealmRolesByUserID returns all available realm roles to the given user
GetAvailableRealmRolesByUserID(ctx context.Context, token, realm, userID string) ([]*Role, error)
// GetAvailableRealmRolesByGroupID returns all available realm roles to the given group
GetAvailableRealmRolesByGroupID(ctx context.Context, token, realm, groupID string) ([]*Role, error)
// GetRealm returns top-level representation of the realm
GetRealm(ctx context.Context, token, realm string) (*RealmRepresentation, error)
// GetRealms returns top-level representation of all realms
GetRealms(ctx context.Context, token string) ([]*RealmRepresentation, error)
// CreateRealm creates a realm
CreateRealm(ctx context.Context, token string, realm RealmRepresentation) (string, error)
// UpdateRealm updates a given realm
UpdateRealm(ctx context.Context, token string, realm RealmRepresentation) error
// DeleteRealm removes a realm
DeleteRealm(ctx context.Context, token, realm string) error
// ClearRealmCache clears realm cache
ClearRealmCache(ctx context.Context, token, realm string) error
// ClearUserCache clears realm cache
ClearUserCache(ctx context.Context, token, realm string) error
// ClearKeysCache clears realm cache
ClearKeysCache(ctx context.Context, token, realm string) error
// GetAuthenticationFlows get all authentication flows from a realm
GetAuthenticationFlows(ctx context.Context, token, realm string) ([]*AuthenticationFlowRepresentation, error)
// GetAuthenticationFlow get an authentication flow with the given ID
GetAuthenticationFlow(ctx context.Context, token, realm string, authenticationFlowID string) (*AuthenticationFlowRepresentation, error)
// CreateAuthenticationFlow creates a new Authentication flow in a realm
CreateAuthenticationFlow(ctx context.Context, token, realm string, flow AuthenticationFlowRepresentation) error
// UpdateAuthenticationFlow a given Authentication Flow
UpdateAuthenticationFlow(ctx context.Context, token, realm string, flow AuthenticationFlowRepresentation, authenticationFlowID string) (*AuthenticationFlowRepresentation, error)
// DeleteAuthenticationFlow deletes a flow in a realm with the given ID
DeleteAuthenticationFlow(ctx context.Context, token, realm, flowID string) error
// GetAuthenticationExecutions retrieves all executions of a given flow
GetAuthenticationExecutions(ctx context.Context, token, realm, flow string) ([]*ModifyAuthenticationExecutionRepresentation, error)
// CreateAuthenticationExecution creates a new execution for the given flow name in the given realm
CreateAuthenticationExecution(ctx context.Context, token, realm, flow string, execution CreateAuthenticationExecutionRepresentation) error
// UpdateAuthenticationExecution updates an authentication execution for the given flow in the given realm
UpdateAuthenticationExecution(ctx context.Context, token, realm, flow string, execution ModifyAuthenticationExecutionRepresentation) error
// DeleteAuthenticationExecution delete a single execution with the given ID
DeleteAuthenticationExecution(ctx context.Context, token, realm, executionID string) error
// CreateAuthenticationExecutionFlow creates a new execution for the given flow name in the given realm
CreateAuthenticationExecutionFlow(ctx context.Context, token, realm, flow string, executionFlow CreateAuthenticationExecutionFlowRepresentation) error
// CreateUser creates the given user in the given realm and returns it's userID
// Note: Keycloak has not documented what members of the User object are actually being accepted, when creating a user.
// Things like RealmRoles must be attached using followup calls to the respective functions.
CreateUser(ctx context.Context, token, realm string, user User) (string, error)
// DeleteUser delete a given user
DeleteUser(ctx context.Context, token, realm, userID string) error
// GetUserByID fetches a user from the given realm with the given userID
GetUserByID(ctx context.Context, accessToken, realm, userID string) (*User, error)
// GetUserCount gets the user count in the realm
GetUserCount(ctx context.Context, token string, realm string, params GetUsersParams) (int, error)
// GetUserGroups get all groups for user
GetUserGroups(ctx context.Context, token, realm, userID string, params GetGroupsParams) ([]*Group, error)
// GetUsers get all users in realm
GetUsers(ctx context.Context, token, realm string, params GetUsersParams) ([]*User, error)
// GetUsersByRoleName returns all users have a given role
GetUsersByRoleName(ctx context.Context, token, realm, roleName string, params GetUsersByRoleParams) ([]*User, error)
// GetUsersByClientRoleName returns all users have a given client role
GetUsersByClientRoleName(ctx context.Context, token, realm, idOfClient, roleName string, params GetUsersByRoleParams) ([]*User, error)
// SetPassword sets a new password for the user with the given id. Needs elevated privileges
SetPassword(ctx context.Context, token, userID, realm, password string, temporary bool) error
// UpdateUser updates a given user
UpdateUser(ctx context.Context, token, realm string, user User) error
// AddUserToGroup puts given user to given group
AddUserToGroup(ctx context.Context, token, realm, userID, groupID string) error
// DeleteUserFromGroup deletes given user from given group
DeleteUserFromGroup(ctx context.Context, token, realm, userID, groupID string) error
// GetUserSessions returns user sessions associated with the user
GetUserSessions(ctx context.Context, token, realm, userID string) ([]*UserSessionRepresentation, error)
// GetUserOfflineSessionsForClient returns offline sessions associated with the user and client
GetUserOfflineSessionsForClient(ctx context.Context, token, realm, userID, idOfClient string) ([]*UserSessionRepresentation, error)
// AddClientRolesToUser adds client-level role mappings
AddClientRolesToUser(ctx context.Context, token, realm, idOfClient, userID string, roles []Role) error
// AddClientRoleToUser adds client-level role mappings
//
// Deprecated: replaced by AddClientRolesToUser
AddClientRoleToUser(ctx context.Context, token, realm, idOfClient, userID string, roles []Role) error
// AddClientRolesToGroup adds a client role to the group
AddClientRolesToGroup(ctx context.Context, token, realm, idOfClient, groupID string, roles []Role) error
// AddClientRoleToGroup adds a client role to the group
//
// Deprecated: replaced by AddClientRolesToGroup
AddClientRoleToGroup(ctx context.Context, token, realm, idOfClient, groupID string, roles []Role) error
// DeleteClientRolesFromUser adds client-level role mappings
DeleteClientRolesFromUser(ctx context.Context, token, realm, idOfClient, userID string, roles []Role) error
// DeleteClientRoleFromUser adds client-level role mappings
//
// Deprecated: replaced by DeleteClientRolesFrom
DeleteClientRoleFromUser(ctx context.Context, token, realm, idOfClient, userID string, roles []Role) error
// DeleteClientRoleFromGroup removes a client role from from the group
DeleteClientRoleFromGroup(ctx context.Context, token, realm, idOfClient, groupID string, roles []Role) error
// AddClientRoleComposite adds roles as composite
AddClientRoleComposite(ctx context.Context, token, realm, roleID string, roles []Role) error
// DeleteClientRoleComposite deletes composites from a role
DeleteClientRoleComposite(ctx context.Context, token, realm, roleID string, roles []Role) error
// GetUserFederatedIdentities gets all user federated identities
GetUserFederatedIdentities(ctx context.Context, token, realm, userID string) ([]*FederatedIdentityRepresentation, error)
// CreateUserFederatedIdentity creates an user federated identity
CreateUserFederatedIdentity(ctx context.Context, token, realm, userID, providerID string, federatedIdentityRep FederatedIdentityRepresentation) error
// DeleteUserFederatedIdentity deletes an user federated identity
DeleteUserFederatedIdentity(ctx context.Context, token, realm, userID, providerID string) error
// GetUserBruteForceDetectionStatus fetches a user status regarding brute force protection
GetUserBruteForceDetectionStatus(ctx context.Context, accessToken, realm, userID string) (*BruteForceStatus, error)
// CreateIdentityProvider creates an identity provider in a realm
CreateIdentityProvider(ctx context.Context, token string, realm string, providerRep IdentityProviderRepresentation) (string, error)
// GetIdentityProviders returns list of identity providers in a realm
GetIdentityProviders(ctx context.Context, token, realm string) ([]*IdentityProviderRepresentation, error)
// GetIdentityProvider gets the identity provider in a realm
GetIdentityProvider(ctx context.Context, token, realm, alias string) (*IdentityProviderRepresentation, error)
// UpdateIdentityProvider updates the identity provider in a realm
UpdateIdentityProvider(ctx context.Context, token, realm, alias string, providerRep IdentityProviderRepresentation) error
// DeleteIdentityProvider deletes the identity provider in a realm
DeleteIdentityProvider(ctx context.Context, token, realm, alias string) error
// ExportIDPPublicBrokerConfig exports the broker config for a given alias
ExportIDPPublicBrokerConfig(ctx context.Context, token, realm, alias string) (*string, error)
// ImportIdentityProviderConfig parses and returns the identity provider config at a given URL
ImportIdentityProviderConfig(ctx context.Context, token, realm, fromURL, providerID string) (map[string]string, error)
// ImportIdentityProviderConfigFromFile parses and returns the identity provider config from a given file
ImportIdentityProviderConfigFromFile(ctx context.Context, token, realm, providerID, fileName string, fileBody io.Reader) (map[string]string, error)
// CreateIdentityProviderMapper creates an instance of an identity provider mapper associated with the given alias
CreateIdentityProviderMapper(ctx context.Context, token, realm, alias string, mapper IdentityProviderMapper) (string, error)
// GetIdentityProviderMapper gets the mapper by id for the given identity provider alias in a realm
GetIdentityProviderMapper(ctx context.Context, token string, realm string, alias string, mapperID string) (*IdentityProviderMapper, error)
// DeleteIdentityProviderMapper deletes an instance of an identity provider mapper associated with the given alias and mapper ID
DeleteIdentityProviderMapper(ctx context.Context, token, realm, alias, mapperID string) error
// GetIdentityProviderMappers returns list of mappers associated with an identity provider
GetIdentityProviderMappers(ctx context.Context, token, realm, alias string) ([]*IdentityProviderMapper, error)
// GetIdentityProviderMapperByID gets the mapper of an identity provider
GetIdentityProviderMapperByID(ctx context.Context, token, realm, alias, mapperID string) (*IdentityProviderMapper, error)
// UpdateIdentityProviderMapper updates mapper of an identity provider
UpdateIdentityProviderMapper(ctx context.Context, token, realm, alias string, mapper IdentityProviderMapper) error
// GetResource returns a client's resource with the given id, using access token from admin
GetResource(ctx context.Context, token, realm, idOfClient, resourceID string) (*ResourceRepresentation, error)
// GetResourceClient returns a client's resource with the given id, using access token from client
GetResourceClient(ctx context.Context, token, realm, resourceID string) (*ResourceRepresentation, error)
// GetResources returns resources associated with the client, using access token from admin
GetResources(ctx context.Context, token, realm, idOfClient string, params GetResourceParams) ([]*ResourceRepresentation, error)
// GetResourcesClient returns resources associated with the client, using access token from client
GetResourcesClient(ctx context.Context, token, realm string, params GetResourceParams) ([]*ResourceRepresentation, error)
// GetResourceServer returns resource server settings.
// The access token must have the realm view_clients role on its service
// account to be allowed to call this endpoint.
GetResourceServer(ctx context.Context, token, realm, idOfClient string) (*ResourceServerRepresentation, error)
// UpdateResource updates a resource associated with the client, using access token from admin
UpdateResource(ctx context.Context, token, realm, idOfClient string, resource ResourceRepresentation) error
// UpdateResourceClient updates a resource associated with the client, using access token from client
UpdateResourceClient(ctx context.Context, token, realm string, resource ResourceRepresentation) error
// CreateResource creates a resource associated with the client, using access token from admin
CreateResource(ctx context.Context, token, realm string, idOfClient string, resource ResourceRepresentation) (*ResourceRepresentation, error)
// CreateResourceClient creates a resource associated with the client, using access token from client
CreateResourceClient(ctx context.Context, token, realm string, resource ResourceRepresentation) (*ResourceRepresentation, error)
// DeleteResource deletes a resource associated with the client (using an admin token)
DeleteResource(ctx context.Context, token, realm, idOfClient, resourceID string) error
// DeleteResourceClient deletes a resource associated with the client (using a client token)
DeleteResourceClient(ctx context.Context, token, realm, resourceID string) error
// GetScope returns a client's scope with the given id
GetScope(ctx context.Context, token, realm, idOfClient, scopeID string) (*ScopeRepresentation, error)
// GetScopes returns scopes associated with the client
GetScopes(ctx context.Context, token, realm, idOfClient string, params GetScopeParams) ([]*ScopeRepresentation, error)
// CreateScope creates a scope associated with the client
CreateScope(ctx context.Context, token, realm, idOfClient string, scope ScopeRepresentation) (*ScopeRepresentation, error)
// GetPermissionScope gets the permission scope associated with the client
GetPermissionScope(ctx context.Context, token, realm, idOfClient string, idOfScope string) (*PolicyRepresentation, error)
// UpdatePermissionScope updates a permission scope associated with the client
UpdatePermissionScope(ctx context.Context, token, realm, idOfClient string, idOfScope string, policy PolicyRepresentation) error
// UpdateScope updates a scope associated with the client
UpdateScope(ctx context.Context, token, realm, idOfClient string, scope ScopeRepresentation) error
// DeleteScope deletes a scope associated with the client
DeleteScope(ctx context.Context, token, realm, idOfClient, scopeID string) error
// GetPolicy returns a client's policy with the given id
GetPolicy(ctx context.Context, token, realm, idOfClient, policyID string) (*PolicyRepresentation, error)
// GetPolicies returns policies associated with the client
GetPolicies(ctx context.Context, token, realm, idOfClient string, params GetPolicyParams) ([]*PolicyRepresentation, error)
// CreatePolicy creates a policy associated with the client
CreatePolicy(ctx context.Context, token, realm, idOfClient string, policy PolicyRepresentation) (*PolicyRepresentation, error)
// UpdatePolicy updates a policy associated with the client
UpdatePolicy(ctx context.Context, token, realm, idOfClient string, policy PolicyRepresentation) error
// DeletePolicy deletes a policy associated with the client
DeletePolicy(ctx context.Context, token, realm, idOfClient, policyID string) error
// GetAuthorizationPolicyAssociatedPolicies returns a client's associated policies of specific policy with the given policy id, using access token from admin
GetAuthorizationPolicyAssociatedPolicies(ctx context.Context, token, realm, idOfClient, policyID string) ([]*PolicyRepresentation, error)
// GetAuthorizationPolicyResources returns a client's resources of specific policy with the given policy id, using access token from admin
GetAuthorizationPolicyResources(ctx context.Context, token, realm, idOfClient, policyID string) ([]*PolicyResourceRepresentation, error)
// GetAuthorizationPolicyScopes returns a client's scopes of specific policy with the given policy id, using access token from admin
GetAuthorizationPolicyScopes(ctx context.Context, token, realm, idOfClient, policyID string) ([]*PolicyScopeRepresentation, error)
// GetResourcePolicy updates a permission for a specific resource, using token obtained by Resource Owner Password Credentials Grant or Token exchange
GetResourcePolicy(ctx context.Context, token, realm, permissionID string) (*ResourcePolicyRepresentation, error)
// GetResourcePolicies returns resources associated with the client, using token obtained by Resource Owner Password Credentials Grant or Token exchange
GetResourcePolicies(ctx context.Context, token, realm string, params GetResourcePoliciesParams) ([]*ResourcePolicyRepresentation, error)
// CreateResourcePolicy associates a permission with a specific resource, using token obtained by Resource Owner Password Credentials Grant or Token exchange
CreateResourcePolicy(ctx context.Context, token, realm, resourceID string, policy ResourcePolicyRepresentation) (*ResourcePolicyRepresentation, error)
// UpdateResourcePolicy updates a permission for a specific resource, using token obtained by Resource Owner Password Credentials Grant or Token exchange
UpdateResourcePolicy(ctx context.Context, token, realm, permissionID string, policy ResourcePolicyRepresentation) error
// DeleteResourcePolicy deletes a permission for a specific resource, using token obtained by Resource Owner Password Credentials Grant or Token exchange
DeleteResourcePolicy(ctx context.Context, token, realm, permissionID string) error
// GetPermission returns a client's permission with the given id
GetPermission(ctx context.Context, token, realm, idOfClient, permissionID string) (*PermissionRepresentation, error)
// GetDependentPermissions returns a client's permission with the given policy id
GetDependentPermissions(ctx context.Context, token, realm, idOfClient, policyID string) ([]*PermissionRepresentation, error)
// GetPermissionResources returns a client's resource attached for the given permission id
GetPermissionResources(ctx context.Context, token, realm, idOfClient, permissionID string) ([]*PermissionResource, error)
// GetScopePermissions returns permissions associated with the client scope
GetScopePermissions(ctx context.Context, token, realm, idOfClient, idOfScope string) ([]*PolicyRepresentation, error)
// GetPermissionScopes returns a client's scopes configured for the given permission id
GetPermissionScopes(ctx context.Context, token, realm, idOfClient, permissionID string) ([]*PermissionScope, error)
// GetPermissions returns permissions associated with the client
GetPermissions(ctx context.Context, token, realm, idOfClient string, params GetPermissionParams) ([]*PermissionRepresentation, error)
// CreatePermissionTicket creates a permission ticket, using access token from client
CreatePermissionTicket(ctx context.Context, token, realm string, permissions []CreatePermissionTicketParams) (*PermissionTicketResponseRepresentation, error)
// GrantUserPermission lets resource owner grant permission for specific resource ID to specific user ID
GrantUserPermission(ctx context.Context, token, realm string, permission PermissionGrantParams) (*PermissionGrantResponseRepresentation, error)
// UpdateUserPermission updates user permissions.
UpdateUserPermission(ctx context.Context, token, realm string, permission PermissionGrantParams) (*PermissionGrantResponseRepresentation, error)
// GetUserPermissions gets granted permissions according query parameters
GetUserPermissions(ctx context.Context, token, realm string, params GetUserPermissionParams) ([]*PermissionGrantResponseRepresentation, error)
// DeleteUserPermission revokes permissions according query parameters
DeleteUserPermission(ctx context.Context, token, realm, ticketID string) error
// CreatePermission creates a permission associated with the client
CreatePermission(ctx context.Context, token, realm, idOfClient string, permission PermissionRepresentation) (*PermissionRepresentation, error)
// UpdatePermission updates a permission associated with the client
UpdatePermission(ctx context.Context, token, realm, idOfClient string, permission PermissionRepresentation) error
// DeletePermission deletes a policy associated with the client
DeletePermission(ctx context.Context, token, realm, idOfClient, permissionID string) error
// GetCredentialRegistrators returns credentials registrators
GetCredentialRegistrators(ctx context.Context, token, realm string) ([]string, error)
// GetConfiguredUserStorageCredentialTypes returns credential types, which are provided by the user storage where user is stored
GetConfiguredUserStorageCredentialTypes(ctx context.Context, token, realm, userID string) ([]string, error)
// GetCredentials returns credentials available for a given user
GetCredentials(ctx context.Context, token, realm, userID string) ([]*CredentialRepresentation, error)
// DeleteCredentials deletes the given credential for a given user
DeleteCredentials(ctx context.Context, token, realm, userID, credentialID string) error
// UpdateCredentialUserLabel updates label for the given credential for the given user
UpdateCredentialUserLabel(ctx context.Context, token, realm, userID, credentialID, userLabel string) error
// DisableAllCredentialsByType disables all credentials for a user of a specific type
DisableAllCredentialsByType(ctx context.Context, token, realm, userID string, types []string) error
// MoveCredentialBehind move a credential to a position behind another credential
MoveCredentialBehind(ctx context.Context, token, realm, userID, credentialID, newPreviousCredentialID string) error
// MoveCredentialToFirst move a credential to a first position in the credentials list of the user
MoveCredentialToFirst(ctx context.Context, token, realm, userID, credentialID string) error
// GetEvents returns events
GetEvents(ctx context.Context, token string, realm string, params GetEventsParams) ([]*EventRepresentation, error)
// GetClientScopesScopeMappingsRealmRolesAvailable returns realm-level roles that are available to attach to this client scope
GetClientScopesScopeMappingsRealmRolesAvailable(ctx context.Context, token, realm, clientScopeID string) ([]*Role, error)
// GetClientScopesScopeMappingsRealmRoles returns roles associated with a client-scope
GetClientScopesScopeMappingsRealmRoles(ctx context.Context, token, realm, clientScopeID string) ([]*Role, error)
// DeleteClientScopesScopeMappingsRealmRoles deletes realm-level roles from the client-scope
DeleteClientScopesScopeMappingsRealmRoles(ctx context.Context, token, realm, clientScopeID string, roles []Role) error
// CreateClientScopesScopeMappingsRealmRoles creates realm-level roles to the client scope
CreateClientScopesScopeMappingsRealmRoles(ctx context.Context, token, realm, clientScopeID string, roles []Role) error
// RegisterRequiredAction creates a required action for a given realm
RegisterRequiredAction(ctx context.Context, token string, realm string, requiredAction RequiredActionProviderRepresentation) error
// GetUnregisteredRequiredActions gets a list of unregistered required actions for a given realm
GetUnregisteredRequiredActions(ctx context.Context, token string, realm string) ([]*UnregisteredRequiredActionProviderRepresentation, error)
// GetRequiredActions gets a list of required actions for a given realm
GetRequiredActions(ctx context.Context, token string, realm string) ([]*RequiredActionProviderRepresentation, error)
// GetRequiredAction gets a required action for a given realm
GetRequiredAction(ctx context.Context, token string, realm string, alias string) (*RequiredActionProviderRepresentation, error)
// UpdateRequiredAction updates a required action for a given realm
UpdateRequiredAction(ctx context.Context, token string, realm string, requiredAction RequiredActionProviderRepresentation) error
// DeleteRequiredAction updates a required action for a given realm
DeleteRequiredAction(ctx context.Context, token string, realm string, alias string) error
// CreateClientScopesScopeMappingsClientRoles attaches a client role to a client scope (not client's scope)
CreateClientScopesScopeMappingsClientRoles(ctx context.Context, token, realm, idOfClientScope, idOfClient string, roles []Role) error
// GetClientScopesScopeMappingsClientRolesAvailable returns available (i.e. not attached via
// CreateClientScopesScopeMappingsClientRoles) client roles for a specific client, for a client scope
// (not client's scope).
GetClientScopesScopeMappingsClientRolesAvailable(ctx context.Context, token, realm, idOfClientScope, idOfClient string) ([]*Role, error)
// GetClientScopesScopeMappingsClientRoles returns attached client roles for a specific client, for a client scope
// (not client's scope).
GetClientScopesScopeMappingsClientRoles(ctx context.Context, token, realm, idOfClientScope, idOfClient string) ([]*Role, error)
// DeleteClientScopesScopeMappingsClientRoles removes attachment of client roles from a client scope
// (not client's scope).
DeleteClientScopesScopeMappingsClientRoles(ctx context.Context, token, realm, idOfClientScope, idOfClient string, roles []Role) error
// RevokeToken revokes the passed token. The token can either be an access or refresh token.
RevokeToken(ctx context.Context, realm, clientID, clientSecret, refreshToken string) error
// UpdateUsersManagementPermissions updates the management permissions for users
UpdateUsersManagementPermissions(ctx context.Context, accessToken, realm string, managementPermissions ManagementPermissionRepresentation) (*ManagementPermissionRepresentation, error)
// GetUsersManagementPermissions returns the management permissions for users
GetUsersManagementPermissions(ctx context.Context, accessToken, realm string) (*ManagementPermissionRepresentation, error)
}