diff --git a/src/keycloak/openid_connect.py b/src/keycloak/openid_connect.py
index c663ecd..6619263 100644
--- a/src/keycloak/openid_connect.py
+++ b/src/keycloak/openid_connect.py
@@ -144,6 +144,21 @@ def userinfo(self, token):
             url, headers={"Authorization": "Bearer {}".format(token)}
         )
 
+    def permissions(self, token, **kwargs):
+        """
+        :param str audience: (optional) Client ID to get te permissions for.
+        :rtype: dict
+        """
+
+        payload = {"grant_type": "urn:ietf:params:oauth:grant-type:uma-ticket"}
+        payload.update(**kwargs)
+
+        return self._realm.client.post(
+            self.get_url("token_endpoint"),
+            payload,
+            headers={"Authorization": "Bearer {}".format(token)}
+        )
+
     def authorization_url(self, **kwargs):
         """
         Get authorization URL to redirect the resource owner to.
diff --git a/src/keycloak/realm.py b/src/keycloak/realm.py
index 2bed687..a1328b2 100644
--- a/src/keycloak/realm.py
+++ b/src/keycloak/realm.py
@@ -1,3 +1,4 @@
+import warnings
 from keycloak.admin import KeycloakAdmin
 from keycloak.authz import KeycloakAuthz
 from keycloak.client import KeycloakClient
@@ -68,6 +69,8 @@ def authz(self, client_id):
         :param str client_id:
         :rtype: keycloak.authz.KeycloakAuthz
         """
+        warnings.warn("The Authz API will be removed in Keycloak 4.0.0",
+                      DeprecationWarning)
         return KeycloakAuthz(realm=self, client_id=client_id)
 
     def uma(self):