Outdated kcadm.sh help examples can be misleading to our users (#23403)

Closes #23402

integration/client-cli/admin-cli/src/main/java/org/keycloak/client/admin/cli/commands/AbstractAuthOptionsCmd.java

@@ -42,7 +42,7 @@ import static org.keycloak.client.admin.cli.util.ConfigUtil.loadConfig;
  */
 public abstract class AbstractAuthOptionsCmd extends AbstractGlobalOptionsCmd {
 
-    @Option(shortName = 'a', name = "admin-root", description = "URL of Admin REST endpoint root if not default - e.g. http://localhost:8080/auth/admin")
+    @Option(shortName = 'a', name = "admin-root", description = "URL of Admin REST endpoint root if not default - e.g. http://localhost:8080/admin")
     String adminRestRoot;
 
     @Option(name = "config", description = "Path to the config file (~/.keycloak/kcadm.config by default)")
@@ -51,7 +51,7 @@ public abstract class AbstractAuthOptionsCmd extends AbstractGlobalOptionsCmd {
     @Option(name = "no-config", description = "Don't use config file - no authentication info is loaded or saved", hasValue = false)
     boolean noconfig;
 
-    @Option(name = "server", description = "Server endpoint url (e.g. 'http://localhost:8080/auth')")
+    @Option(name = "server", description = "Server endpoint url (e.g. 'http://localhost:8080')")
     String server;
 
     @Option(shortName = 'r', name = "target-realm", description = "Realm to target - when it's different than the realm we authenticate against")

integration/client-cli/admin-cli/src/main/java/org/keycloak/client/admin/cli/commands/AddRolesCmd.java

@@ -360,7 +360,7 @@ public class AddRolesCmd extends AbstractAuthOptionsCmd {
         out.println("    --cid                 Client's 'id' attribute");
         out.println("    --rolename            Role's 'name' attribute");
         out.println("    --roleid              Role's 'id' attribute");
-        out.println("    -a, --admin-root URL      URL of Admin REST endpoint root if not default - e.g. http://localhost:8080/auth/admin");
+        out.println("    -a, --admin-root URL      URL of Admin REST endpoint root if not default - e.g. http://localhost:8080/admin");
         out.println("    -r, --target-realm REALM  Target realm to issue requests against if not the one authenticated against");
         out.println();
         out.println("Examples:");

integration/client-cli/admin-cli/src/main/java/org/keycloak/client/admin/cli/commands/ConfigCredentialsCmd.java

@@ -232,7 +232,7 @@ public class ConfigCredentialsCmd extends AbstractAuthOptionsCmd {
         out.println("    --trustpass PASSWORD    Truststore password (prompted for if not specified and --truststore is used)");
         out.println();
         out.println("  Command specific options:");
-        out.println("    --server SERVER_URL     Server endpoint url (e.g. 'http://localhost:8080/auth')");
+        out.println("    --server SERVER_URL     Server endpoint url (e.g. 'http://localhost:8080')");
         out.println("    --realm REALM           Realm name to use");
         out.println("    --user USER             Username to login with");
         out.println("    --password PASSWORD     Password to login with (prompted for if not specified and --user is used)");
@@ -249,30 +249,30 @@ public class ConfigCredentialsCmd extends AbstractAuthOptionsCmd {
         out.println();
         out.println("Login as 'admin' user of 'master' realm to a local Keycloak server running on default port.");
         out.println("You will be prompted for a password:");
-        out.println("  " + PROMPT + " " + CMD + " config credentials --server http://localhost:8080/auth --realm master --user admin");
+        out.println("  " + PROMPT + " " + CMD + " config credentials --server http://localhost:8080 --realm master --user admin");
         out.println();
         out.println("Login to Keycloak server at non-default endpoint passing the password via standard input:");
         if (OS_ARCH.isWindows()) {
-            out.println("  " + PROMPT + " echo mypassword | " + CMD + " config credentials --server http://localhost:9080/auth --realm master --user admin");
+            out.println("  " + PROMPT + " echo mypassword | " + CMD + " config credentials --server http://localhost:9080 --realm master --user admin");
         } else {
-            out.println("  " + PROMPT + " " + CMD + " config credentials --server http://localhost:9080/auth --realm master --user admin << EOF");
+            out.println("  " + PROMPT + " " + CMD + " config credentials --server http://localhost:9080 --realm master --user admin << EOF");
             out.println("  mypassword");
             out.println("  EOF");
         }
         out.println();
         out.println("Login specifying a password through command line:");
-        out.println("  " + PROMPT + " " + CMD + " config credentials --server http://localhost:9080/auth --realm master --user admin --password " + OS_ARCH.envVar("PASSWORD"));
+        out.println("  " + PROMPT + " " + CMD + " config credentials --server http://localhost:9080 --realm master --user admin --password " + OS_ARCH.envVar("PASSWORD"));
         out.println();
         out.println("Login using a client service account of a custom client. You will be prompted for a client secret:");
-        out.println("  " + PROMPT + " " + CMD + " config credentials --server http://localhost:9080/auth --realm master --client reg-cli");
+        out.println("  " + PROMPT + " " + CMD + " config credentials --server http://localhost:9080 --realm master --client reg-cli");
         out.println();
         out.println("Login using a client service account of a custom client, authenticating with signed JWT.");
         out.println("You will be prompted for a keystore password, and a key password:");
-        out.println("  " + PROMPT + " " + CMD + " config credentials --server http://localhost:9080/auth --realm master --client reg-cli --keystore " + OS_ARCH.path("~/.keycloak/keystore.jks"));
+        out.println("  " + PROMPT + " " + CMD + " config credentials --server http://localhost:9080 --realm master --client reg-cli --keystore " + OS_ARCH.path("~/.keycloak/keystore.jks"));
         out.println();
         out.println("Login as 'user' while also authenticating a custom client with signed JWT.");
         out.println("You will be prompted for a user password, a keystore password, and a key password:");
-        out.println("  " + PROMPT + " " + CMD + " config credentials --server http://localhost:9080/auth --realm master --user user --client reg-cli --keystore " + OS_ARCH.path("~/.keycloak/keystore.jks"));
+        out.println("  " + PROMPT + " " + CMD + " config credentials --server http://localhost:9080 --realm master --user user --client reg-cli --keystore " + OS_ARCH.path("~/.keycloak/keystore.jks"));
         out.println();
         out.println();
         out.println("Use '" + CMD + " help' for general information and a list of commands");

integration/client-cli/admin-cli/src/main/java/org/keycloak/client/admin/cli/commands/CreateCmd.java

@@ -125,7 +125,7 @@ public class CreateCmd extends AbstractRequestCmd {
         out.println("    -F, --fields FILTER       A filter pattern to specify which fields of a JSON response to output");
         out.println("                              Use '" + CMD + " get --help' for more info on FILTER syntax.");
         out.println("    -c, --compressed          Don't pretty print the output");
-        out.println("    -a, --admin-root URL      URL of Admin REST endpoint root if not default - e.g. http://localhost:8080/auth/admin");
+        out.println("    -a, --admin-root URL      URL of Admin REST endpoint root if not default - e.g. http://localhost:8080/admin");
         out.println();
         out.println();
         out.println("Nested attributes are supported by using '.' to separate components of a KEY. Optionaly, the KEY components ");

integration/client-cli/admin-cli/src/main/java/org/keycloak/client/admin/cli/commands/DeleteCmd.java

@@ -91,7 +91,7 @@ public class DeleteCmd extends CreateCmd {
         out.println("    -F, --fields FILTER       A filter pattern to specify which fields of a JSON response to output");
         out.println("                              Use '" + CMD + " get --help' for more info on FILTER syntax.");
         out.println("    -c, --compressed          Don't pretty print the output");
-        out.println("    -a, --admin-root URL      URL of Admin REST endpoint root if not default - e.g. http://localhost:8080/auth/admin");
+        out.println("    -a, --admin-root URL      URL of Admin REST endpoint root if not default - e.g. http://localhost:8080/admin");
         out.println();
         out.println("Examples:");
         out.println();

integration/client-cli/admin-cli/src/main/java/org/keycloak/client/admin/cli/commands/GetCmd.java

@@ -122,7 +122,7 @@ public class GetCmd extends  AbstractRequestCmd {
         out.println("    -c, --compressed          Don't pretty print the output");
         out.println("    --format FORMAT           Set output format to comma-separated-values by using 'csv'. Default format is 'json'");
         out.println("    --noquotes                Don't quote strings when output format is 'csv'");
-        out.println("    -a, --admin-root URL      URL of Admin REST endpoint root if not default - e.g. http://localhost:8080/auth/admin");
+        out.println("    -a, --admin-root URL      URL of Admin REST endpoint root if not default - e.g. http://localhost:8080/admin");
         out.println();
         out.println("Output results can be filtered by using '--fields' and a filter pattern. Filtering is performed by processing each item in a result set");
         out.println("and applying filter on it. A pattern is defined as a comma separated list of attribute specifiers. Use '*' in a specifier to include all ");

integration/client-cli/admin-cli/src/main/java/org/keycloak/client/admin/cli/commands/GetRolesCmd.java

@@ -374,7 +374,7 @@ public class GetRolesCmd extends GetCmd {
         out.println("    -c, --compressed          Don't pretty print the output");
         out.println("    --format FORMAT           Set output format to comma-separated-values by using 'csv'. Default format is 'json'");
         out.println("    --noquotes                Don't quote strings when output format is 'csv'");
-        out.println("    -a, --admin-root URL      URL of Admin REST endpoint root if not default - e.g. http://localhost:8080/auth/admin");
+        out.println("    -a, --admin-root URL      URL of Admin REST endpoint root if not default - e.g. http://localhost:8080/admin");
         out.println("    -r, --target-realm REALM  Target realm to issue requests against if not the one authenticated against");
         out.println();
         out.println("Examples:");

integration/client-cli/admin-cli/src/main/java/org/keycloak/client/admin/cli/commands/KcAdmCmd.java

@@ -69,9 +69,9 @@ public class KcAdmCmd extends AbstractGlobalOptionsCmd {
         out.println();
         out.println("For example:");
         out.println();
-        out.println("  " + PROMPT + " " + CMD + " config credentials --server http://localhost:8080/auth --realm master --user admin");
+        out.println("  " + PROMPT + " " + CMD + " config credentials --server http://localhost:8080 --realm master --user admin");
         out.println("  Enter password: ");
-        out.println("  Logging into http://localhost:8080/auth as user admin of realm master");
+        out.println("  Logging into http://localhost:8080 as user admin of realm master");
         out.println();
         out.println("Any configured username can be used for login, but to perform admin operations the user");
         out.println("needs proper roles, otherwise operations will fail.");

integration/client-cli/admin-cli/src/main/java/org/keycloak/client/admin/cli/commands/RemoveRolesCmd.java

@@ -360,7 +360,7 @@ public class RemoveRolesCmd extends AbstractAuthOptionsCmd {
         out.println("    --cid                 Client's 'id' attribute");
         out.println("    --rolename            Role's 'name' attribute");
         out.println("    --roleid              Role's 'id' attribute");
-        out.println("    -a, --admin-root URL      URL of Admin REST endpoint root if not default - e.g. http://localhost:8080/auth/admin");
+        out.println("    -a, --admin-root URL      URL of Admin REST endpoint root if not default - e.g. http://localhost:8080/admin");
         out.println("    -r, --target-realm REALM  Target realm to issue requests against if not the one authenticated against");
         out.println();
         out.println("Examples:");

integration/client-cli/admin-cli/src/main/java/org/keycloak/client/admin/cli/commands/SetPasswordCmd.java

@@ -163,7 +163,7 @@ public class SetPasswordCmd extends AbstractAuthOptionsCmd {
         out.println("    --userid ID               Identify target user by 'id'");
         out.println("    -p, --new-password        New password to set. If not specified you will be prompted for it.");
         out.println("    -t, --temporary           Make the new password temporary - user has to change it on next logon");
-        out.println("    -a, --admin-root URL      URL of Admin REST endpoint root if not default - e.g. http://localhost:8080/auth/admin");
+        out.println("    -a, --admin-root URL      URL of Admin REST endpoint root if not default - e.g. http://localhost:8080/admin");
         out.println("    -r, --target-realm REALM  Target realm to issue requests against if not the one authenticated against");
         out.println();
         out.println("Examples:");

integration/client-cli/admin-cli/src/main/java/org/keycloak/client/admin/cli/commands/UpdateCmd.java

@@ -136,7 +136,7 @@ public class UpdateCmd extends AbstractRequestCmd {
         out.println("    -F, --fields FILTER       A filter pattern to specify which fields of a JSON response to output");
         out.println("                              Use '" + CMD + " get --help' for more info on FILTER syntax.");
         out.println("    -c, --compressed          Don't pretty print the output");
-        out.println("    -a, --admin-root URL      URL of Admin REST endpoint root if not default - e.g. http://localhost:8080/auth/admin");
+        out.println("    -a, --admin-root URL      URL of Admin REST endpoint root if not default - e.g. http://localhost:8080/admin");
         out.println();
         out.println();
         out.println("Nested attributes are supported by using '.' to separate components of a KEY. Optionaly, the KEY components ");

integration/client-cli/client-registration-cli/src/main/java/org/keycloak/client/registration/cli/commands/AbstractAuthOptionsCmd.java

@@ -32,7 +32,7 @@ public abstract class AbstractAuthOptionsCmd extends AbstractGlobalOptionsCmd {
     @Option(name = "no-config", description = "No configuration file should be used, no authentication info is loaded or saved", hasValue = false)
     protected boolean noconfig;
 
-    @Option(name = "server", description = "Server endpoint url (e.g. 'http://localhost:8080/auth')", hasValue = true)
+    @Option(name = "server", description = "Server endpoint url (e.g. 'http://localhost:8080')", hasValue = true)
     protected String server;
 
     @Option(name = "realm", description = "Realm name to authenticate against", hasValue = true)

integration/client-cli/client-registration-cli/src/main/java/org/keycloak/client/registration/cli/commands/ConfigCredentialsCmd.java

@@ -218,7 +218,7 @@ public class ConfigCredentialsCmd extends AbstractAuthOptionsCmd implements Comm
         out.println("    --trustpass PASSWORD    Truststore password (prompted for if not specified and --truststore is used)");
         out.println();
         out.println("  Command specific options:");
-        out.println("    --server SERVER_URL     Server endpoint url (e.g. 'http://localhost:8080/auth')");
+        out.println("    --server SERVER_URL     Server endpoint url (e.g. 'http://localhost:8080')");
         out.println("    --realm REALM           Realm name to use");
         out.println("    --user USER             Username to login with");
         out.println("    --password PASSWORD     Password to login with (prompted for if not specified and --user is used)");
@@ -235,30 +235,30 @@ public class ConfigCredentialsCmd extends AbstractAuthOptionsCmd implements Comm
         out.println();
         out.println("Login as 'admin' user of 'master' realm to a local Keycloak server running on default port.");
         out.println("You will be prompted for a password:");
-        out.println("  " + PROMPT + " " + CMD + " config credentials --server http://localhost:8080/auth --realm master --user admin");
+        out.println("  " + PROMPT + " " + CMD + " config credentials --server http://localhost:8080 --realm master --user admin");
         out.println();
         out.println("Login to Keycloak server at non-default endpoint passing the password via standard input:");
         if (OS_ARCH.isWindows()) {
-            out.println("  " + PROMPT + " echo mypassword | " + CMD + " config credentials --server http://localhost:9080/auth --realm master --user admin");
+            out.println("  " + PROMPT + " echo mypassword | " + CMD + " config credentials --server http://localhost:9080 --realm master --user admin");
         } else {
-            out.println("  " + PROMPT + " " + CMD + " config credentials --server http://localhost:9080/auth --realm master --user admin << EOF");
+            out.println("  " + PROMPT + " " + CMD + " config credentials --server http://localhost:9080 --realm master --user admin << EOF");
             out.println("  mypassword");
             out.println("  EOF");
         }
         out.println();
         out.println("Login specifying a password through command line:");
-        out.println("  " + PROMPT + " " + CMD + " config credentials --server http://localhost:9080/auth --realm master --user admin --password " + OS_ARCH.envVar("PASSWORD"));
+        out.println("  " + PROMPT + " " + CMD + " config credentials --server http://localhost:9080 --realm master --user admin --password " + OS_ARCH.envVar("PASSWORD"));
         out.println();
         out.println("Login using a client service account of a custom client. You will be prompted for a client secret:");
-        out.println("  " + PROMPT + " " + CMD + " config credentials --server http://localhost:9080/auth --realm master --client reg-cli");
+        out.println("  " + PROMPT + " " + CMD + " config credentials --server http://localhost:9080 --realm master --client reg-cli");
         out.println();
         out.println("Login using a client service account of a custom client, authenticating with signed JWT.");
         out.println("You will be prompted for a keystore password, and a key password:");
-        out.println("  " + PROMPT + " " + CMD + " config credentials --server http://localhost:9080/auth --realm master --client reg-cli --keystore " + OS_ARCH.path("~/.keycloak/keystore.jks"));
+        out.println("  " + PROMPT + " " + CMD + " config credentials --server http://localhost:9080 --realm master --client reg-cli --keystore " + OS_ARCH.path("~/.keycloak/keystore.jks"));
         out.println();
         out.println("Login as 'user' while also authenticating a custom client with signed JWT.");
         out.println("You will be prompted for a user password, a keystore password, and a key password:");
-        out.println("  " + PROMPT + " " + CMD + " config credentials --server http://localhost:9080/auth --realm master --user user --client reg-cli --keystore " + OS_ARCH.path("~/.keycloak/keystore.jks"));
+        out.println("  " + PROMPT + " " + CMD + " config credentials --server http://localhost:9080 --realm master --user user --client reg-cli --keystore " + OS_ARCH.path("~/.keycloak/keystore.jks"));
         out.println();
         out.println();
         out.println("Use '" + CMD + " help' for general information and a list of commands");

integration/client-cli/client-registration-cli/src/main/java/org/keycloak/client/registration/cli/commands/ConfigInitialTokenCmd.java

@@ -167,7 +167,7 @@ public class ConfigInitialTokenCmd extends AbstractAuthOptionsCmd implements Com
         out.println("    --config                Path to the config file (" + DEFAULT_CONFIG_FILE_STRING + " by default)");
         out.println();
         out.println("  Command specific options:");
-        out.println("    --server SERVER         Server endpoint url (e.g. 'http://localhost:8080/auth')");
+        out.println("    --server SERVER         Server endpoint url (e.g. 'http://localhost:8080')");
         out.println("    --realm REALM           Realm name to use");
         out.println("    -k, --keep-domain       Don't overwrite default server and realm");
         out.println("    -d, --delete            Indicates that initial access token should be removed");
@@ -177,10 +177,10 @@ public class ConfigInitialTokenCmd extends AbstractAuthOptionsCmd implements Com
         out.println("Examples:");
         out.println();
         out.println("Specify initial access token for server, and realm. Token is passed via env variable:");
-        out.println("  " + PROMPT + " " + CMD + " config initial-token --server http://localhost:9080/auth --realm master " + OS_ARCH.envVar("TOKEN"));
+        out.println("  " + PROMPT + " " + CMD + " config initial-token --server http://localhost:9080 --realm master " + OS_ARCH.envVar("TOKEN"));
         out.println();
         out.println("Remove initial access token:");
-        out.println("  " + PROMPT + " " + CMD + " config initial-token --server http://localhost:9080/auth --realm master --delete");
+        out.println("  " + PROMPT + " " + CMD + " config initial-token --server http://localhost:9080 --realm master --delete");
         out.println();
         out.println();
         out.println("Use '" + CMD + " help' for general information and a list of commands");

integration/client-cli/client-registration-cli/src/main/java/org/keycloak/client/registration/cli/commands/ConfigRegistrationTokenCmd.java

@@ -157,7 +157,7 @@ public class ConfigRegistrationTokenCmd extends AbstractAuthOptionsCmd implement
         out.println("    --config                Path to the config file (" + DEFAULT_CONFIG_FILE_STRING + " by default)");
         out.println();
         out.println("  Command specific options:");
-        out.println("    --server SERVER         Server endpoint url (e.g. 'http://localhost:8080/auth')");
+        out.println("    --server SERVER         Server endpoint url (e.g. 'http://localhost:8080')");
         out.println("    --realm REALM           Realm name to use");
         out.println("    --client CLIENT         ClientId of client whose token to set");
         out.println("    -d, --delete            Indicates that registration access token should be removed");
@@ -167,10 +167,10 @@ public class ConfigRegistrationTokenCmd extends AbstractAuthOptionsCmd implement
         out.println("Examples:");
         out.println();
         out.println("Specify registration access token for server, and realm. Token is passed via env variable:");
-        out.println("  " + PROMPT + " " + CMD + " config registration-token --server http://localhost:9080/auth --realm master --client my_client " + OS_ARCH.envVar("TOKEN"));
+        out.println("  " + PROMPT + " " + CMD + " config registration-token --server http://localhost:9080 --realm master --client my_client " + OS_ARCH.envVar("TOKEN"));
         out.println();
         out.println("Remove registration access token:");
-        out.println("  " + PROMPT + " " + CMD + " config registration-token --server http://localhost:9080/auth --realm master --client my_client --delete");
+        out.println("  " + PROMPT + " " + CMD + " config registration-token --server http://localhost:9080 --realm master --client my_client --delete");
         out.println();
         out.println();
         out.println("Use '" + CMD + " help' for general information and a list of commands");

integration/client-cli/client-registration-cli/src/main/java/org/keycloak/client/registration/cli/commands/KcRegCmd.java

@@ -66,9 +66,9 @@ public class KcRegCmd extends AbstractGlobalOptionsCmd {
         out.println();
         out.println("For example:");
         out.println();
-        out.println("  " + PROMPT + " " + CMD + " config credentials --server http://localhost:8080/auth --realm master --user admin");
+        out.println("  " + PROMPT + " " + CMD + " config credentials --server http://localhost:8080 --realm master --user admin");
         out.println("  Enter password: ");
-        out.println("  Logging into http://localhost:8080/auth as user admin of realm master");
+        out.println("  Logging into http://localhost:8080 as user admin of realm master");
         out.println();
         out.println("Any configured username can be used for login, but to perform client registration operations the user");
         out.println("needs proper roles, otherwise attempts to create, update, read, or delete clients will fail.");