Search code examples
keycloakkeycloak-rest-api

Keycloak - Get client scope by name

I'm using the Keycloak Admin Rest API and would like to create a new client scope and get its id.

To create the client scope I use this endpoint:

http://localhost:8080/admin/realms/master/client-scopes

Body

{
  "attributes": {
    "display.on.consent.screen": "true",
    "include.in.token.scope": "true"
  },
  "name": "example",
  "protocol": "openid-connect"
}

This endpoint doesn't return a result but I need the ID.

To get the ID I could get all client scopes and find the scope with the matching name however I would have thought there would be a simpler way.

E.g. GET http://localhost:8080/admin/realms/master/client-scopes then filter through the results to find a matching name.

Is it possible to get a client scope by name?

Solution

  • Is it possible to get a client scope by name?

    Unfortunately, not, which is a pity because the 'name' is unique. If you look at the keycloak Rest Admin API you can see the followings GET for the client-scopes:

    GET /{realm}/client-scopes

    and

    GET /{realm}/client-scopes/{id}

    And none of those endpoints accepts as parameters 'name'.

    Notwithstanding, as @csbrogi and @Jan Garaj have pointed out in the comment section, since you:

    (..) create a new client scope and get its id.

    You can retrieve the ID of the client-scope that was just created from the header location:

    enter image description here