- retry upon 401
- get_client_all_sessions now supports pagination
- uma extra payload
- user profile metadata parameter for get_user method
- uma extra payload
- check uma permissions with resource ID as well
- get group by path should not raise on 404
- change to mounts (#622)
- Feature parity for
a_decode_token
anddecode_token
(#616)
- make sure to not call sync IO functions inside async functions (#615)
- add client scope client-specific role mappings (#605)
- Add optional Nonce parameter to the authorization URL requests (#606)
- add scopes to device auth (#599)
- changed sync get user id to async get user in create user async function (#600)
- Add the max_retries parameter (#598)
- Set client_credentials as grant_type also when x509 certificate is given (#597)
- add ability to remove composite client roles (#596)
- add matchingUri support for listing resources with wildcards (#592)
- allow the use of client certificates in all requests (#584)
- use a_public_key() in a_decode_token() instead of public_key() (#582)
- correctly pass query params in a_send_update_account and a_send_verify_email (#581)
- passing timeout values to ConnectionManager (#578)
- functions for updating resource permissions and getting associated policies for a permission (#574)
- Async feature (#566)
- Leeway config (#568)
- changes signatures significantly
- Many attributes removed from the admin class
- Merge pull request #556 from marcospereirampj/release/4.0.0
- re-enable full group hierarchy fetching
- removed dead code, stabilized tests
- removed deprecated functionality
- refactored decode_token
- allows retrieval of realm and client level roles for a user (#512)
- lowercase default role name (#547)
- add admin group count (#540)
- fix keycloak_admin.create_user documentation/ typehint (#545)
- improve KeycloakAdmin.get_client_id() performances (#511)
- Allow query parameters for group children (#534)
- incorporate custom headers into default header setup (#533)
- get_groups pagination call was not used #537 (#541)
- use jwcrypto and remove python-jose
- replace python-jose with jwcrypto
- new docs.
- new docs.
- new docs.
- new docs.
- new docs.
- new docs.
- new docs.
- updated readme.
- use grant type password with client secret
- name of client_id parameter
- update readme.
- linter check
- updated dependencies
- Adding additional methods to support roles-by-id api calls Most of the methods rely on the role name within python keycloak, which for the vast majority is fine, however there are some role names which cannot be used by the API endpoint as they contain characters that cannot be encoded properly. Therefore this change is to allow the use of the role's id to get, update and delete roles by their id instead.'
- Removing the admin realm variable which I created and is no longer needed
- action bump
- linter check.
- depracated endpoint and fix groups services.
- deprecate entitlement
- realm changing helpers
- no prints
- Ci/fix tests (#506)
- add KeycloakAdmin.get_idp() (#478)
- Update dynamic client using registration access token (#491)
- add an optional search criteria to the get_realm_roles function (#504)
- added KeycloakAdmin.update_client_authz_resource() (#462)
- Implement missing admin method create_client_authz_scope_based_permission() and create_client_authz_policy() (#460)
- remove duplicate slash in URL_ADMIN_IDP (#459)
- Add query to get users group method and permit pagination (#444)
- Changes the exchange token API
- Exchange token method
- relax the version constraints
- do not swap realm for user_realm when logging in with a client service account (#447)
- improve performance of get_user_id (#449)
- Fixes
Authorization.load_config
breaking if a scope based permission is linked with anything other than a role based policy. Fixes #445 (#446)
- issue with app engine reported in #440 (#442)
- Initializing KeycloakAdmin without server_url (#439)
- Add get and delete methods for client authz resources (#435)
- pyproject.toml: loose requests pgk and remove urllib3 as dependency (#434)
- Check if _s exists in ConnectionManager before deleting it (#429)
- deprecation warnings in keycloak_admin.py (#425)
- improved type-hints (#427)
- Add UMA policy management and permission tickets (#426)
- add initial access token support and policy delete method
- Refactor auto refresh (#415)
- Check if applyPolicies exists in the config (#367)
- implement cache clearing API (#414)
- get_group_by_path uses Keycloak API to load (#417)
- tests and upgraded deps (#419)
- add Keycloak UMA client (#403)
- do not include CODEOWNERS (#407)
- Add Client Scopes of Client
- update header if token is given
- init KeycloakAdmin with token
- added default realm roles handlers
- api: add tests for create_authz_scopes
- fix testing create_client_authz_scopes parameters
- fix linting
- add testcase for invalid client id
- create authz clients test case
- create authz clients test case
- code formatting after tox checks
- remove print statements
- option for enabling users
- helping functions for disabling users
- use version from the package
- default scope to openid
- attack detection API implementation
- added missing functionality to include attributes when returning realm roles according to specifications
- add client scope-mappings client roles operations
- Add token_type/scope to token exchange api
- add client scope-mappings realm roles operations
- removed whitespace from urls
- applied linting
- add unit tests
- add docstrings
- add functions covering some missing REST API calls
- linting
- now get_required_action_by_alias now returns None if action does not exist
- moved imports at the top of the file
- remove duplicate function
- applied tox -e docs
- applied flake linting checks
- applied tox linting check
- Renamed parameter client_name to client_id in get_client_id method
- check client existence based on clientId
- turn get_name into a method, use setters in connection manager
- no need to try if the type check is performed
- merge master branch into local
- added flake8-docstrings and upgraded dependencies
- Support the auth_url method called with scope & state params now
- raise correct exceptions
- slight restructure of the base fixtures
- Ability to set custom timeout for KCOpenId and KCAdmin
- Allow fetching existing policies before calling create_client_authz_client_policy()
- support token exchange config via admin API
- Add update_idp
- Add update_mapper_in_idp
- Support Token Exchange. Fixes #305
- Add get_idp_mappers, fix #329
- fixed bugs in events methods
- fixed components bugs
- use param for update client mapper
- added new methods for client scopes
- allow query parameters for users count
- Renames
KeycloakOpenID.well_know
toKeycloakOpenID.well_known
- correct spelling of public API method
- allow client_credentials token if username and password not specified
- added UMA-permission request functionality
- added fixes based on feedback
- import classes in the base module
- escape when get role fails
- Add missing keycloak.authorization package
- added authenticator providers getters
- fixed admin client to pass the tests
- initial setup of CICD and linting
- full tox fix ready
- raise correct errors
- isort conf.py
- Merge branch 'master' into feature/cicd
- release: version bumps for hotfix release
- handle refresh_token error "Session not active"
- add KeycloakAdmin.set_events
- add components