@mcp.tool()
async def create_client(
client_id: str,
name: Optional[str] = None,
description: Optional[str] = None,
enabled: bool = True,
always_display_in_console: bool = False,
root_url: Optional[str] = None,
redirect_uris: Optional[List[str]] = None,
web_origins: Optional[List[str]] = None,
protocol: str = "openid-connect",
public_client: bool = False,
bearer_only: bool = False,
service_accounts_enabled: bool = False,
authorization_services_enabled: bool = False,
direct_access_grants_enabled: bool = False,
implicit_flow_enabled: bool = False,
standard_flow_enabled: bool = True,
realm: Optional[str] = None,
) -> Dict[str, str]:
"""
Create a new client.
Args:
client_id: Client ID (unique identifier)
name: Display name
description: Client description
enabled: Whether the client is enabled
always_display_in_console: Always display in account console
root_url: Root URL for relative URLs
redirect_uris: Valid redirect URIs
web_origins: Allowed CORS origins
protocol: Protocol (openid-connect or saml)
public_client: Public client (no secret)
bearer_only: Bearer-only client
service_accounts_enabled: Enable service accounts
authorization_services_enabled: Enable authorization services
direct_access_grants_enabled: Enable direct access grants (password flow)
implicit_flow_enabled: Enable implicit flow
standard_flow_enabled: Enable standard flow (authorization code)
realm: Target realm (uses default if not specified)
Returns:
Status message
"""
client_data = {
"clientId": client_id,
"enabled": enabled,
"alwaysDisplayInConsole": always_display_in_console,
"protocol": protocol,
"publicClient": public_client,
"bearerOnly": bearer_only,
"serviceAccountsEnabled": service_accounts_enabled,
"authorizationServicesEnabled": authorization_services_enabled,
"directAccessGrantsEnabled": direct_access_grants_enabled,
"implicitFlowEnabled": implicit_flow_enabled,
"standardFlowEnabled": standard_flow_enabled,
}
if name:
client_data["name"] = name
if description:
client_data["description"] = description
if root_url:
client_data["rootUrl"] = root_url
if redirect_uris:
client_data["redirectUris"] = redirect_uris
if web_origins:
client_data["webOrigins"] = web_origins
await client._make_request("POST", "/clients", data=client_data, realm=realm)
return {"status": "created", "message": f"Client {client_id} created successfully"}