I am using the latest keycloak image in docker and can access the standard admin console at http://localhost:9080. However, I cant seem to access any of the paths specified in the documentation for Admin REST api. For instance, the base path /auth and Resource Get clients belonging to the realm Returns a list of clients belonging to the realm: /{realm}/clients I am getting a 404. So is for any other method in the documentation. The only path returning a valid 200 json response is http://localhost:9080/auth/realms/{realm-name}/ which according to the documentation be reachable at basepath + "/{realm-name}". Am I missing something or trying to access with a wrong base path. The keycloak version in docker is 3.4.3.Final which is the latest version of keycloak according to the documentation.

I'm almost sure you are trying to call the endpoint like this:

http://localhost:9080/auth/admin/realms/demo/clients

However, you've missed this part/auth/admin/realms

Please, don't forget to authorize your call first as stated here

UPDATE

Here are my steps to see the results:

$ docker run -d -e KEYCLOAK_USER=admin -e KEYCLOAK_PASSWORD=admin jboss/keycloak

Getting access_token:

$ curl -X POST \
    -H 'Content-Type: application/x-www-form-urlencoded' \
    -d 'username=admin&password=admin&client_id=admin-cli&grant_type=password' \
    http://localhost:9080/auth/realms/master/protocol/openid-connect/token  

EDIT: With keycloak 17.0+ the /auth path segment should be omitted, so the correct URL is http://localhost:9080/realms/master/protocol/openid-connect/token Reference: https://mcmap.net/q/356962/-keycloak-could-not-find-resource-for-full-path

Copy and paste obtained access_token to Authorization header:

$ curl -X GET \
    -H 'Authorization: Bearer <access_token_goes_here>' \
    http://localhost:9080/auth/admin/realms/master/clients
    

At the version 17.0.1 to use rest API I eventually came up with:

http://localhost:8080/admin/realms/{realm name}/clients

In my case it was because the documentation is misleading:

https://www.keycloak.org/docs-api/17.0/rest-api/index.html#:~:text=Version%3A%201-,URI%20scheme,-Host%3A%20localhost%3A8080

the full path to use should contain the admin keywork like:

https://myhost.com/auth/admin/realms/myrealm/users/

instead of:

https://myhost.com/auth/realms/myrealm/users/

This is an issue that was never fixed: https://issues.redhat.com/browse/KEYCLOAK-7966

Also the endpoint might require an access token like:

curl -H "Authorization: bearer YOUR_ACCESS_TOKEN" https://myhost.com/auth/admin/realms/myrealm/users/"

They have now updated it to be:

http://localhost:9080/realms/demo/clients

I struggled the whole day only to figure out it's different from how the documentation says it should be.

Config endpoints can be found on the Keycloak console under realm settings. On the endpoints part, it will show you all the endpoints you need.