OpenAPI definition for Keycloak Protection API

[stevecalvert]

Hi @ccouzens, thanks for providing the OpenAPI definitions for the Keycloak Admin interface. I've been trying to find a similar OpenAPI spec for the Keycloak Protection API since we need to use both but I've not found anything so far, or I'm looking in the wrong place. Could you let me know where you sourced the JSON OAPI definitions in https://github.com/ccouzens/keycloak-openapi/tree/master/keycloak - maybe that would give me some pointers for the Protection API.

[stevecalvert]

Sorry, the penny has just dropped! I just read your comment on https://issues.redhat.com/browse/KEYCLOAK-9655 Shame there has been no response on that since April. I guess my question changes to be whether you could work the same magic on the html specs for the protection API 😄

[ccouzens]

Hi @stevecalvert

I don't think I can pull off the same trick with the protection API.

The admin API HTML is comprehensive and predictably structured, which allowed me to parse it into OpenAPI.

The same can't be said for the Protection API documentation.

I made use of the protection API a year or so ago on one of my projects. I think it might have been in preview release at the time. I found the best way to work with it, was to observe what network requests my web-browser was making when using the admin GUI. I then manually added the one or 2 endpoints I needed to my local copy of the OpenAPI JSON.

Unfortunately I didn't upload the changes publicly because I only covered the very specific parts of the Protection API that were useful to me and because I wouldn't have an easy way of keeping it up to date with each new Keycloak release.

I hope you manage to find a way to work with the Protection API.

Kind regards, Chris

[stevecalvert]

Appreciate you looking into this, @ccouzens. I'm really suprised that Keycloak have not progressed the OpenAPI standard for their public interfaces. I think we will do something similar to generate our own Protection API JSON.