Skip to main content
Glama
idoyudha

mcp-keycloak

by idoyudha
OverviewSchemaRelated ServersScoreDiscussions
Python
Remote

get_user

Get a Keycloak user by ID, with optional realm specification. Returns the user object.

Instructions

Get a specific user by ID.

Args:
    user_id: The user's ID
    realm: Target realm (uses default if not specified)

Returns:
    User object

Input Schema

TableJSON Schema
NameRequiredDescriptionDefault
user_idYes
realmNo

Output Schema

TableJSON Schema
NameRequiredDescriptionDefault
resultYes

Implementation Reference

  • src/tools/user_tools.py:51-63 (handler)
    The handler function for the 'get_user' tool. It is decorated with @mcp.tool() and makes a GET request to the Keycloak Admin API endpoint /users/{user_id} to fetch a specific user by ID.
    @mcp.tool()
async def get_user(user_id: str, realm: Optional[str] = None) -> Dict[str, Any]:
    """
    Get a specific user by ID.

    Args:
        user_id: The user's ID
        realm: Target realm (uses default if not specified)

    Returns:
        User object
    """
    return await client._make_request("GET", f"/users/{user_id}", realm=realm)
  • src/tools/user_tools.py:51-52 (registration)
    The tool is registered via the @mcp.tool() decorator from FastMCP. The MCP server instance is defined in src/common/server.py.
    @mcp.tool()
async def get_user(user_id: str, realm: Optional[str] = None) -> Dict[str, Any]:
  • src/tools/user_tools.py:51-62 (schema)
    The input schema is defined through the function signature: user_id (required str) and realm (optional str). The output schema is Dict[str, Any]. The docstring describes the parameters and return type.
    @mcp.tool()
async def get_user(user_id: str, realm: Optional[str] = None) -> Dict[str, Any]:
    """
    Get a specific user by ID.

    Args:
        user_id: The user's ID
        realm: Target realm (uses default if not specified)

    Returns:
        User object
    """
  • src/tools/keycloak_client.py:59-107 (helper)
    The helper utility that executes the actual HTTP request. The get_user handler calls client._make_request("GET", f"/users/{user_id}", realm=realm), which constructs the URL and performs the authenticated request to the Keycloak Admin API.
    async def _make_request(
    self,
    method: str,
    endpoint: str,
    data: Optional[Dict] = None,
    params: Optional[Dict] = None,
    skip_realm: bool = False,
    realm: Optional[str] = None,
) -> Any:
    """Make authenticated request to Keycloak API"""
    if skip_realm:
        url = f"{self.server_url}/auth/admin{endpoint}"
    else:
        # Use provided realm or fall back to configured realm
        target_realm = realm if realm is not None else self.realm_name
        url = f"{self.server_url}/auth/admin/realms/{target_realm}{endpoint}"

    try:
        client = await self._ensure_client()
        headers = await self._get_headers()

        response = await client.request(
            method=method,
            url=url,
            headers=headers,
            json=data,
            params=params,
        )

        # If token expired, refresh and retry
        if response.status_code == 401:
            await self._get_token()
            headers = await self._get_headers()
            response = await client.request(
                method=method,
                url=url,
                headers=headers,
                json=data,
                params=params,
            )

        response.raise_for_status()

        if response.content:
            return response.json()
        return None

    except httpx.RequestError as e:
        raise Exception(f"Keycloak API request failed: {str(e)}")

Tool Definition Quality

B3.4/5.0
Behavior2/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

No annotations provided, so description carries full burden. Only states basic functionality; lacks disclosure of permissions, side effects, or error conditions.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness4/5

Is the description appropriately sized, front-loaded, and free of redundancy?

Concise with front-loaded purpose. Every sentence is necessary, though could be more structured with bullet points.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness3/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

Simple tool with output schema, so return description is adequate. However, lacks error context or access control info, which would improve completeness.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters4/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

Schema has 0% description coverage; description adds meaning by explaining user_id as 'The user's ID' and realm as 'Target realm (uses default if not specified)', which goes beyond schema types.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose5/5

Does the description clearly state what the tool does and how it differs from similar tools?

The description clearly states 'Get a specific user by ID', specifying the verb, resource, and method. It distinguishes from sibling tools like list_users and get_group.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines2/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

No guidance on when to use this tool versus alternatives. Does not mention when not to use or contrast with sibling tools like search for users.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

Install Server

Other Tools

Latest Blog Posts

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/idoyudha/mcp-keycloak'

If you have feedback or need assistance with the MCP directory API, please join our Discord server