update_realm_settings
Modify realm configuration in Keycloak to adjust authentication, security, and user experience settings for identity management.
Instructions
Update realm settings.
Args:
display_name: Display name for the realm
display_name_html: HTML display name
login_theme: Login theme name
account_theme: Account management theme
admin_theme: Admin console theme
email_theme: Email theme
enabled: Whether realm is enabled
registration_allowed: Allow user registration
registration_email_as_username: Use email as username
reset_password_allowed: Allow password reset
remember_me: Enable remember me
verify_email: Require email verification
login_with_email_allowed: Allow login with email
duplicate_emails_allowed: Allow duplicate emails
ssl_required: SSL requirement (none, external, all)
brute_force_protected: Enable brute force protection
permanent_lockout: Permanent lockout on max failures
max_failure_wait_seconds: Max wait after failures
minimum_quick_login_wait_seconds: Min wait between quick logins
wait_increment_seconds: Wait increment
quick_login_check_milli_seconds: Quick login check interval
max_delta_time_seconds: Max time between failures
failure_factor: Failure factor
default_locale: Default locale
realm: Target realm (uses default if not specified)
Returns:
Status message
Input Schema
TableJSON Schema
| Name | Required | Description | Default |
|---|---|---|---|
| display_name | No | ||
| display_name_html | No | ||
| login_theme | No | ||
| account_theme | No | ||
| admin_theme | No | ||
| email_theme | No | ||
| enabled | No | ||
| registration_allowed | No | ||
| registration_email_as_username | No | ||
| reset_password_allowed | No | ||
| remember_me | No | ||
| verify_email | No | ||
| login_with_email_allowed | No | ||
| duplicate_emails_allowed | No | ||
| ssl_required | No | ||
| brute_force_protected | No | ||
| permanent_lockout | No | ||
| max_failure_wait_seconds | No | ||
| minimum_quick_login_wait_seconds | No | ||
| wait_increment_seconds | No | ||
| quick_login_check_milli_seconds | No | ||
| max_delta_time_seconds | No | ||
| failure_factor | No | ||
| default_locale | No | ||
| realm | No |
Implementation Reference
- src/tools/realm_tools.py:35-153 (handler)The handler function for 'update_realm_settings' tool. Decorated with @mcp.tool() for automatic registration. Fetches current realm settings, updates specified fields, and applies changes via Keycloak PUT request.@mcp.tool() async def update_realm_settings( display_name: Optional[str] = None, display_name_html: Optional[str] = None, login_theme: Optional[str] = None, account_theme: Optional[str] = None, admin_theme: Optional[str] = None, email_theme: Optional[str] = None, enabled: Optional[bool] = None, registration_allowed: Optional[bool] = None, registration_email_as_username: Optional[bool] = None, reset_password_allowed: Optional[bool] = None, remember_me: Optional[bool] = None, verify_email: Optional[bool] = None, login_with_email_allowed: Optional[bool] = None, duplicate_emails_allowed: Optional[bool] = None, ssl_required: Optional[str] = None, brute_force_protected: Optional[bool] = None, permanent_lockout: Optional[bool] = None, max_failure_wait_seconds: Optional[int] = None, minimum_quick_login_wait_seconds: Optional[int] = None, wait_increment_seconds: Optional[int] = None, quick_login_check_milli_seconds: Optional[int] = None, max_delta_time_seconds: Optional[int] = None, failure_factor: Optional[int] = None, default_locale: Optional[str] = None, realm: Optional[str] = None, ) -> Dict[str, str]: """ Update realm settings. Args: display_name: Display name for the realm display_name_html: HTML display name login_theme: Login theme name account_theme: Account management theme admin_theme: Admin console theme email_theme: Email theme enabled: Whether realm is enabled registration_allowed: Allow user registration registration_email_as_username: Use email as username reset_password_allowed: Allow password reset remember_me: Enable remember me verify_email: Require email verification login_with_email_allowed: Allow login with email duplicate_emails_allowed: Allow duplicate emails ssl_required: SSL requirement (none, external, all) brute_force_protected: Enable brute force protection permanent_lockout: Permanent lockout on max failures max_failure_wait_seconds: Max wait after failures minimum_quick_login_wait_seconds: Min wait between quick logins wait_increment_seconds: Wait increment quick_login_check_milli_seconds: Quick login check interval max_delta_time_seconds: Max time between failures failure_factor: Failure factor default_locale: Default locale realm: Target realm (uses default if not specified) Returns: Status message """ # Get current realm data current_realm = await client._make_request("GET", "", realm=realm) # Update only provided fields if display_name is not None: current_realm["displayName"] = display_name if display_name_html is not None: current_realm["displayNameHtml"] = display_name_html if login_theme is not None: current_realm["loginTheme"] = login_theme if account_theme is not None: current_realm["accountTheme"] = account_theme if admin_theme is not None: current_realm["adminTheme"] = admin_theme if email_theme is not None: current_realm["emailTheme"] = email_theme if enabled is not None: current_realm["enabled"] = enabled if registration_allowed is not None: current_realm["registrationAllowed"] = registration_allowed if registration_email_as_username is not None: current_realm["registrationEmailAsUsername"] = registration_email_as_username if reset_password_allowed is not None: current_realm["resetPasswordAllowed"] = reset_password_allowed if remember_me is not None: current_realm["rememberMe"] = remember_me if verify_email is not None: current_realm["verifyEmail"] = verify_email if login_with_email_allowed is not None: current_realm["loginWithEmailAllowed"] = login_with_email_allowed if duplicate_emails_allowed is not None: current_realm["duplicateEmailsAllowed"] = duplicate_emails_allowed if ssl_required is not None: current_realm["sslRequired"] = ssl_required if brute_force_protected is not None: current_realm["bruteForceProtected"] = brute_force_protected if permanent_lockout is not None: current_realm["permanentLockout"] = permanent_lockout if max_failure_wait_seconds is not None: current_realm["maxFailureWaitSeconds"] = max_failure_wait_seconds if minimum_quick_login_wait_seconds is not None: current_realm["minimumQuickLoginWaitSeconds"] = minimum_quick_login_wait_seconds if wait_increment_seconds is not None: current_realm["waitIncrementSeconds"] = wait_increment_seconds if quick_login_check_milli_seconds is not None: current_realm["quickLoginCheckMilliSeconds"] = quick_login_check_milli_seconds if max_delta_time_seconds is not None: current_realm["maxDeltaTimeSeconds"] = max_delta_time_seconds if failure_factor is not None: current_realm["failureFactor"] = failure_factor if default_locale is not None: current_realm["defaultLocale"] = default_locale await client._make_request("PUT", "", data=current_realm, realm=realm) return { "status": "updated", "message": f"Realm {realm if realm else client.realm_name} settings updated successfully", }