Skip to main content
Version: v1

Phase Two Admin REST API

This is a REST API reference for the Phase Two Keycloak custom resources. These are extensions to the standard Keycloak Admin REST API.

Base URI format

Paths specified in the documentation are relative to the the base URI.

  • Format: https://<host>:<port>/auth/realms
  • Example: https://app.phasetwo.io/auth/realms

Authentication

Authentication is achieved by using the Authentication: Bearer <token> header in all requests. This is either the access token received from a normal authentication, or by a request directly to the OpenID Connect token endpoint.

It is recommended that you use a Keycloak Admin Client, such as this one for Javascript, as they take care of authentication, getting an access token, and refreshing it when it expires.

Client credentials grant example

POST /auth/realms/test-realm/protocol/openid-connect/token
Host: app.phasetwo.io
Accept: application/json
Content-type: application/x-www-form-urlencoded

grant_type=client_credentials&client_id=admin-cli&client_secret=fd649804-3a74-4d69-acaa-8f065c6b7da1

Password grant example

POST /auth/realms/test-realm/protocol/openid-connect/token
Host: app.phasetwo.io
Accept: application/json
Content-type: application/x-www-form-urlencoded

grant_type=password&username=uname@foo.com&password=pwd123AZY&client_id=admin-cli

SDKs

Modern API libraries are available for several common languages. These are available as open source at the links below, or you can choose to generate your own using our OpenAPI spec file.

LanguageLibrary
Java (and other JVM langs)https://github.com/p2-inc/phasetwo-java
JavaScript/TypeScripthttps://github.com/p2-inc/phasetwo-js
Pythonhttps://github.com/p2-inc/phasetwo-python

Authentication

Security Scheme Type:

http

HTTP Authorization Scheme:

bearer