Nerzal · Nerzal · Feb 1, 2024 · Jan 27, 2024 · Feb 1, 2024 · Feb 1, 2024
diff --git a/client.go b/client.go
@@ -508,7 +508,6 @@
 	if err := checkForError(resp, err, errMessage); err != nil {
 		return nil, err
 	}
-
 	return &res, nil
 }
 
@@ -4304,3 +4303,38 @@
 
 	return checkForError(resp, err, errMessage)
 }
+
+// UpdateUsersManagementPermissions updates the management permissions for users
+func (g *GoCloak) UpdateUsersManagementPermissions(ctx context.Context, accessToken, realm string, managementPermissions ManagementPermissionRepresentation) (*ManagementPermissionRepresentation, error) {
+	const errMessage = "could not update users management permissions"
+
+	var result ManagementPermissionRepresentation
+
+	resp, err := g.GetRequestWithBearerAuth(ctx, accessToken).
+		SetResult(&result).
+		SetBody(managementPermissions).
+		Put(g.getAdminRealmURL(realm, "users-management-permissions"))
+
+	if err := checkForError(resp, err, errMessage); err != nil {
+		return nil, err
+	}
+
+	return &result, nil
+}
+
+// GetUsersManagementPermissions returns the management permissions for users
+func (g *GoCloak) GetUsersManagementPermissions(ctx context.Context, accessToken, realm string) (*ManagementPermissionRepresentation, error) {
+	const errMessage = "could not get users management permissions"
+
+	var result ManagementPermissionRepresentation
+
+	resp, err := g.GetRequestWithBearerAuth(ctx, accessToken).
+		SetResult(&result).
+		Get(g.getAdminRealmURL(realm, "users-management-permissions"))
+
+	if err := checkForError(resp, err, errMessage); err != nil {
+		return nil, err
+	}
+
+	return &result, nil
+}
diff --git a/models.go b/models.go
@@ -965,18 +965,20 @@ func (t *TokenOptions) FormData() map[string]string {
 
 // RequestingPartyTokenOptions represents the options to obtain a requesting party token
 type RequestingPartyTokenOptions struct {
-	GrantType                   *string   `json:"grant_type,omitempty"`
-	Ticket                      *string   `json:"ticket,omitempty"`
-	ClaimToken                  *string   `json:"claim_token,omitempty"`
-	ClaimTokenFormat            *string   `json:"claim_token_format,omitempty"`
-	RPT                         *string   `json:"rpt,omitempty"`
-	Permissions                 *[]string `json:"-"`
-	Audience                    *string   `json:"audience,omitempty"`
-	ResponseIncludeResourceName *bool     `json:"response_include_resource_name,string,omitempty"`
-	ResponsePermissionsLimit    *uint32   `json:"response_permissions_limit,omitempty"`
-	SubmitRequest               *bool     `json:"submit_request,string,omitempty"`
-	ResponseMode                *string   `json:"response_mode,omitempty"`
-	SubjectToken                *string   `json:"subject_token,omitempty"`
+	GrantType                     *string   `json:"grant_type,omitempty"`
+	Ticket                        *string   `json:"ticket,omitempty"`
+	ClaimToken                    *string   `json:"claim_token,omitempty"`
+	ClaimTokenFormat              *string   `json:"claim_token_format,omitempty"`
+	RPT                           *string   `json:"rpt,omitempty"`
+	Permissions                   *[]string `json:"-"`
+	PermissionResourceFormat      *string   `json:"permission_resource_format,omitempty"`
+	PermissionResourceMatchingURI *bool     `json:"permission_resource_matching_uri,string,omitempty"`
+	Audience                      *string   `json:"audience,omitempty"`
+	ResponseIncludeResourceName   *bool     `json:"response_include_resource_name,string,omitempty"`
+	ResponsePermissionsLimit      *uint32   `json:"response_permissions_limit,omitempty"`
+	SubmitRequest                 *bool     `json:"submit_request,string,omitempty"`
+	ResponseMode                  *string   `json:"response_mode,omitempty"`
+	SubjectToken                  *string   `json:"subject_token,omitempty"`
 }
 
 // FormData returns a map of options to be used in SetFormData function