Skip to main content
Glama
idoyudha

mcp-keycloak

by idoyudha
OverviewSchemaRelated ServersScoreDiscussions
Python
Remote

create_client

Create a new client in Keycloak identity management by configuring authentication protocols, access flows, and security settings for applications.

Instructions

Create a new client.

Args:
    client_id: Client ID (unique identifier)
    name: Display name
    description: Client description
    enabled: Whether the client is enabled
    always_display_in_console: Always display in account console
    root_url: Root URL for relative URLs
    redirect_uris: Valid redirect URIs
    web_origins: Allowed CORS origins
    protocol: Protocol (openid-connect or saml)
    public_client: Public client (no secret)
    bearer_only: Bearer-only client
    service_accounts_enabled: Enable service accounts
    authorization_services_enabled: Enable authorization services
    direct_access_grants_enabled: Enable direct access grants (password flow)
    implicit_flow_enabled: Enable implicit flow
    standard_flow_enabled: Enable standard flow (authorization code)
    realm: Target realm (uses default if not specified)

Returns:
    Status message

Input Schema

TableJSON Schema
NameRequiredDescriptionDefault
client_idYes
nameNo
descriptionNo
enabledNo
always_display_in_consoleNo
root_urlNo
redirect_urisNo
web_originsNo
protocolNoopenid-connect
public_clientNo
bearer_onlyNo
service_accounts_enabledNo
authorization_services_enabledNo
direct_access_grants_enabledNo
implicit_flow_enabledNo
standard_flow_enabledNo
realmNo

Implementation Reference

  • src/tools/client_tools.py:83-154 (handler)
    The 'create_client' tool handler: an async function decorated with @mcp.tool() that creates a new Keycloak client using the KeycloakClient helper. The function parameters and docstring define the input schema. It constructs client data from arguments and posts it to the Keycloak API.
    @mcp.tool()
async def create_client(
    client_id: str,
    name: Optional[str] = None,
    description: Optional[str] = None,
    enabled: bool = True,
    always_display_in_console: bool = False,
    root_url: Optional[str] = None,
    redirect_uris: Optional[List[str]] = None,
    web_origins: Optional[List[str]] = None,
    protocol: str = "openid-connect",
    public_client: bool = False,
    bearer_only: bool = False,
    service_accounts_enabled: bool = False,
    authorization_services_enabled: bool = False,
    direct_access_grants_enabled: bool = False,
    implicit_flow_enabled: bool = False,
    standard_flow_enabled: bool = True,
    realm: Optional[str] = None,
) -> Dict[str, str]:
    """
    Create a new client.

    Args:
        client_id: Client ID (unique identifier)
        name: Display name
        description: Client description
        enabled: Whether the client is enabled
        always_display_in_console: Always display in account console
        root_url: Root URL for relative URLs
        redirect_uris: Valid redirect URIs
        web_origins: Allowed CORS origins
        protocol: Protocol (openid-connect or saml)
        public_client: Public client (no secret)
        bearer_only: Bearer-only client
        service_accounts_enabled: Enable service accounts
        authorization_services_enabled: Enable authorization services
        direct_access_grants_enabled: Enable direct access grants (password flow)
        implicit_flow_enabled: Enable implicit flow
        standard_flow_enabled: Enable standard flow (authorization code)
        realm: Target realm (uses default if not specified)

    Returns:
        Status message
    """
    client_data = {
        "clientId": client_id,
        "enabled": enabled,
        "alwaysDisplayInConsole": always_display_in_console,
        "protocol": protocol,
        "publicClient": public_client,
        "bearerOnly": bearer_only,
        "serviceAccountsEnabled": service_accounts_enabled,
        "authorizationServicesEnabled": authorization_services_enabled,
        "directAccessGrantsEnabled": direct_access_grants_enabled,
        "implicitFlowEnabled": implicit_flow_enabled,
        "standardFlowEnabled": standard_flow_enabled,
    }

    if name:
        client_data["name"] = name
    if description:
        client_data["description"] = description
    if root_url:
        client_data["rootUrl"] = root_url
    if redirect_uris:
        client_data["redirectUris"] = redirect_uris
    if web_origins:
        client_data["webOrigins"] = web_origins

    await client._make_request("POST", "/clients", data=client_data, realm=realm)
    return {"status": "created", "message": f"Client {client_id} created successfully"}
Install Server

Other Tools

Latest Blog Posts

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/idoyudha/mcp-keycloak'

If you have feedback or need assistance with the MCP directory API, please join our Discord server