Any user agent that can call a REST API can perform admin tasks. See this documentation: https://www.keycloak.org/docs-api/4.6/rest-api/index.html Since the admin password would be plainly visible in the HTML code executed by the web browser, and not knowing more about your architecture, this sounds like an extremely bad idea. Instead, I believe your web browser should communicate with your own backend, and your backend should perform the admin tasks. This way the admin password will not be visible in the HTML code. Regards, Geoffrey Cleaves On Tue, 4 Dec 2018 at 10:41, Vikram Eswar <vikram.eswar(a)gmail.com&gt; wrote: > Hi all, > > is it possible to implement a keycloak admin client to add / delete/ > update > users from a web browser or is it just available for node js ? If it is > possible with a browser, could someone please give me some support on how > to do that ? > > Regards, > Vikram > _______________________________________________ > keycloak-user mailing list > keycloak-user(a)lists.jboss.org > https://lists.jboss.org/mailman/listinfo/keycloak-user >

I believe the flow should be that the end user logs into your web app via Keycloak. The web app communicates with your back end using the Keycloak token. Your backend checks for a particular Keycloak role in the token, and if it exists, then the backend communicates with the Admin API using a seperate admin token. Regards, Geoffrey Cleaves On Tue, 4 Dec 2018 at 11:34, Vikram Eswar <vikram.eswar(a)gmail.com&gt; wrote: > Thanks a lot Geoffrey ! > I had the same in mind, but was not sure. > > Regards, > Vikram > > On Tue, Dec 4, 2018 at 10:52 AM Geoffrey Cleaves <geoff(a)opticks.io&gt; > wrote: > >> Any user agent that can call a REST API can perform admin tasks. See >> this documentation: >> https://www.keycloak.org/docs-api/4.6/rest-api/index.html >> >> Since the admin password would be plainly visible in the HTML code >> executed by the web browser, and not knowing more about your architecture, >> this sounds like an extremely bad idea. >> >> Instead, I believe your web browser should communicate with your own >> backend, and your backend should perform the admin tasks. This way the >> admin password will not be visible in the HTML code. >> >> Regards, >> Geoffrey Cleaves >> >> On Tue, 4 Dec 2018 at 10:41, Vikram Eswar <vikram.eswar(a)gmail.com&gt; >> wrote: >> >>> Hi all, >>> >>> is it possible to implement a keycloak admin client to add / delete/ >>> update >>> users from a web browser or is it just available for node js ? If it is >>> possible with a browser, could someone please give me some support on >>> how >>> to do that ? >>> >>> Regards, >>> Vikram >>> _______________________________________________ >>> keycloak-user mailing list >>> keycloak-user(a)lists.jboss.org >>> https://lists.jboss.org/mailman/listinfo/keycloak-user >>> >>