Service Account API
The ServiceAccountHandle class extends the ClientHandle class and provides a specialized API for managing service account clients in Keycloak. These clients are configured to enable service accounts for programmatic access.
Class: ServiceAccountHandle
Constructor
constructor(core: KeycloakAdminClient, realmHandle: RealmHandle, clientId: string)
- Parameters:
core: An instance ofKeycloakAdminClient.realmHandle: A handle to the realm where the client resides.clientId: The ID of the service account client to manage.
Instance Methods
create(data: ServiceAccountInputData)
Creates a new service account client.
public async create(data: ServiceAccountInputData)
- Parameters:
data: The data for the new service account client.
- Throws: An error if the client already exists.
update(data: ServiceAccountInputData)
Updates the service account client's details.
public async update(data: ServiceAccountInputData)
- Parameters:
data: The updated data for the service account client.
- Throws: An error if the client does not exist.
ensure(data: ServiceAccountInputData)
Ensures the service account client exists. If it does, updates it; otherwise, creates it.
public async ensure(data: ServiceAccountInputData)
- Parameters:
data: The data for the service account client.
getUser()
Fetches the service account user associated with the client.
public async getUser()
- Returns: The service account user representation or
nullif the client does not exist or has no associated service account user.
Types
ServiceAccountInputData
The input data type for creating or updating a service account client.
export type ServiceAccountInputData = Omit<
ClientInputData,
| 'protocol'
| 'publicClient'
| 'standardFlowEnabled'
| 'directAccessGrantsEnabled'
| 'implicitFlowEnabled'
| 'serviceAccountsEnabled'
| 'redirectUris'
>;
This API provides a specialized interface for managing service account clients in Keycloak, ensuring they are configured with the appropriate defaults for programmatic access.