Deprecated List (Keycloak Docs Distribution 23.0.7 API)

Deprecated Interfaces

Interface

Description

org.keycloak.cluster.ClusterProvider

This is only available when the legacy store is enabled. Support for this will be eventually removed.

org.keycloak.storage.federated.UserAttributeFederatedStorage.Streams

This interface is no longer necessary; collection-based methods were removed from the parent interface and therefore the parent interface can be used directly

org.keycloak.storage.federated.UserBrokerLinkFederatedStorage.Streams

This interface is no longer necessary; collection-based methods were removed from the parent interface and therefore the parent interface can be used directly

org.keycloak.storage.federated.UserConsentFederatedStorage.Streams

This interface is no longer necessary, collection-based methods were removed from the parent interface and therefore the parent interface can be used directly

org.keycloak.storage.federated.UserFederatedStorageProvider.Streams

This interface is no longer necessary; collection-based methods were removed from the parent interface and therefore the parent interface can be used directly

org.keycloak.storage.federated.UserFederatedUserCredentialStore.Streams

This interface is no longer necessary; collection-based methods were removed from the parent interface and therefore the parent interface can be used directly

org.keycloak.storage.federated.UserGroupMembershipFederatedStorage.Streams

This interface is no longer necessary; collection-based methods were removed from the parent interface and therefore the parent interface can be used directly

org.keycloak.storage.federated.UserRequiredActionsFederatedStorage.Streams

This interface is no longer necessary; collection-based methods were removed from the parent interface and therefore the parent interface can be used directly

org.keycloak.storage.federated.UserRoleMappingsFederatedStorage.Streams

This interface is no longer necessary; collection-based methods were removed from the parent interface and therefore the parent interface can be used directly

Deprecated Classes

Class

Description

org.keycloak.common.util.HttpPostRedirect

Class is deprecated and may be removed in the future. Use org.keycloak.saml.BaseSAML2BindingBuilder#buildHtml instead

org.keycloak.models.credential.PasswordUserCredentialModel

Recommended to use UserCredentialModel as it contains all the functionality required by this class

org.keycloak.representations.idm.ApplicationRepresentation

org.keycloak.representations.idm.ClientTemplateRepresentation

org.keycloak.representations.idm.OAuthClientRepresentation

org.keycloak.RSATokenVerifier

org.keycloak.services.managers.RealmManagerProviderFactory

org.keycloak.services.managers.RealmManagerSpi

org.keycloak.social.linkedin.LinkedInIdentityProvider

org.keycloak.social.linkedin.LinkedInIdentityProviderFactory

org.keycloak.storage.adapter.AbstractUserAdapterFederatedStorage.Streams

This interface is no longer necessary; collection-based methods were removed from the parent interface and therefore the parent interface can be used directly

org.keycloak.storage.ImportRealmFromRepresentationEvent

org.keycloak.storage.PartialImportRealmFromRepresentationEvent

org.keycloak.url.FixedHostnameProvider

org.keycloak.url.FixedHostnameProviderFactory

org.keycloak.url.RequestHostnameProvider

org.keycloak.url.RequestHostnameProviderFactory

org.keycloak.utils.ServicesUtils

- DELETE once only used from within legacy datastore module

Deprecated Enum Classes

Enum Class

Description

org.keycloak.jose.jws.Algorithm

Deprecated Fields

Field

Description

org.keycloak.authentication.authenticators.conditional.ConditionalLoaAuthenticator.STORE_IN_USER_SESSION

org.keycloak.broker.saml.SAMLEndpoint.SAML_FEDERATED_SUBJECT

org.keycloak.broker.saml.SAMLEndpoint.SAML_FEDERATED_SUBJECT_NAMEFORMAT

org.keycloak.credential.CredentialModel.HOTP

org.keycloak.credential.CredentialModel.OTP

org.keycloak.credential.CredentialModel.PASSWORD

org.keycloak.credential.CredentialModel.PASSWORD_HISTORY

org.keycloak.credential.CredentialModel.PASSWORD_TOKEN

org.keycloak.credential.CredentialModel.TOTP

org.keycloak.models.BrowserSecurityHeaders.realmDefaultHeaders

org.keycloak.models.jpa.entities.CredentialEntity.salt

org.keycloak.models.LDAPConstants.USE_TRUSTSTORE_LDAPS_ONLY

Use LDAPConstants.USE_TRUSTSTORE_ALWAYS instead.

org.keycloak.models.UserCredentialModel.HOTP

org.keycloak.models.UserCredentialModel.PASSWORD

org.keycloak.models.UserCredentialModel.PASSWORD_HISTORY

org.keycloak.models.UserCredentialModel.PASSWORD_TOKEN

org.keycloak.models.UserCredentialModel.TOTP

org.keycloak.protocol.RestartLoginCookie.cs

org.keycloak.representations.idm.ApplicationRepresentation.claims

org.keycloak.representations.idm.ClientRepresentation.clientTemplate

org.keycloak.representations.idm.ClientRepresentation.defaultRoles

org.keycloak.representations.idm.ClientRepresentation.directGrantsOnly

org.keycloak.representations.idm.CredentialRepresentation.counter

org.keycloak.representations.idm.CredentialRepresentation.device

org.keycloak.representations.idm.CredentialRepresentation.hashedSaltedValue

org.keycloak.representations.idm.CredentialRepresentation.hashIterations

org.keycloak.representations.idm.CredentialRepresentation.salt

org.keycloak.representations.idm.IdentityProviderRepresentation.updateProfileFirstLoginMode

org.keycloak.representations.idm.ProtocolMapperRepresentation.consentRequired

org.keycloak.representations.idm.ProtocolMapperRepresentation.consentText

org.keycloak.representations.idm.RealmRepresentation.applications

org.keycloak.representations.idm.RealmRepresentation.applicationScopeMappings

org.keycloak.representations.idm.RealmRepresentation.certificate

org.keycloak.representations.idm.RealmRepresentation.clientTemplates

org.keycloak.representations.idm.RealmRepresentation.codeSecret

org.keycloak.representations.idm.RealmRepresentation.defaultRoles

org.keycloak.representations.idm.RealmRepresentation.oauthClients

org.keycloak.representations.idm.RealmRepresentation.passwordCredentialGrantAllowed

org.keycloak.representations.idm.RealmRepresentation.privateKey

org.keycloak.representations.idm.RealmRepresentation.publicKey

org.keycloak.representations.idm.RealmRepresentation.realmCacheEnabled

org.keycloak.representations.idm.RealmRepresentation.requiredCredentials

org.keycloak.representations.idm.RealmRepresentation.social

org.keycloak.representations.idm.RealmRepresentation.socialProviders

org.keycloak.representations.idm.RealmRepresentation.updateProfileOnInitialSocialLogin

org.keycloak.representations.idm.RealmRepresentation.userCacheEnabled

org.keycloak.representations.idm.RoleRepresentation.Composites.application

org.keycloak.representations.idm.RoleRepresentation.scopeParamRequired

org.keycloak.representations.idm.RolesRepresentation.application

org.keycloak.representations.idm.ScopeMappingRepresentation.clientTemplate

org.keycloak.representations.idm.UserConsentRepresentation.grantedRealmRoles

org.keycloak.representations.idm.UserRepresentation.applicationRoles

org.keycloak.representations.idm.UserRepresentation.socialLinks

org.keycloak.social.github.GitHubIdentityProvider.AUTH_URL

Use GitHubIdentityProvider.DEFAULT_AUTH_URL instead.

org.keycloak.social.github.GitHubIdentityProvider.EMAIL_URL

Use GitHubIdentityProvider.DEFAULT_EMAIL_URL instead.

org.keycloak.social.github.GitHubIdentityProvider.PROFILE_URL

Use GitHubIdentityProvider.DEFAULT_PROFILE_URL instead.

org.keycloak.social.github.GitHubIdentityProvider.TOKEN_URL

Use GitHubIdentityProvider.DEFAULT_TOKEN_URL instead.

org.keycloak.storage.jpa.entity.FederatedUserCredentialEntity.salt

Deprecated Methods

Method

Description

org.keycloak.admin.client.resource.RealmLocalizationResource.getRealmLocalizationTexts(String, Boolean)

use RealmLocalizationResource.getRealmLocalizationTexts(String), in order to retrieve localization texts without fallbacks. If you need fallbacks, call the endpoint multiple time with all the relevant locales (e.g. "de" in case of "de-CH") - the realm default locale is NOT the only fallback to be considered.

org.keycloak.admin.client.resource.RealmResource.testLDAPConnection(String, String, String, String, String, String)

org.keycloak.admin.client.resource.RealmResource.testSMTPConnection(String)

org.keycloak.admin.client.resource.RoleResource.getRoleUserMembers()

please use RoleResource.getUserMembers()

org.keycloak.admin.client.resource.RoleResource.getRoleUserMembers(Integer, Integer)

please use RoleResource.getUserMembers(Integer, Integer)

org.keycloak.admin.client.resource.UserResource.resetPasswordEmail()

org.keycloak.admin.client.resource.UserResource.resetPasswordEmail(String)

org.keycloak.authentication.requiredactions.util.UpdateProfileContext.getAttribute(String)

Use getAttributeStream instead.

org.keycloak.authorization.client.resource.PermissionResource.forResource(PermissionRequest)

use PermissionResource.create(PermissionRequest)

org.keycloak.broker.provider.BrokeredIdentityContext.setName(String)

use BrokeredIdentityContext.setFirstName(String) and BrokeredIdentityContext.setLastName(String) instead

org.keycloak.broker.saml.SAMLIdentityProviderConfig.getSigningCertificate()

Prefer SAMLIdentityProviderConfig.getSigningCertificates()}

org.keycloak.broker.saml.SAMLIdentityProviderConfig.setSigningCertificate(String)

Prefer SAMLIdentityProviderConfig.addSigningCertificate(String)}

org.keycloak.common.util.ServerCookie.checkName(String)

- Not used

org.keycloak.common.util.ServerCookie.maybeQuote(int, StringBuffer, String)

- Not used

org.keycloak.common.util.StreamUtil.readString(InputStream)

Use StreamUtil.readString(java.io.InputStream, java.nio.charset.Charset) variant.

org.keycloak.component.AmphibianProviderFactory.create(KeycloakSession, ComponentModel)

org.keycloak.credential.CredentialModel.getAlgorithm()

Recommended to use PasswordCredentialModel.getPasswordCredentialData().getAlgorithm() or OTPCredentialModel.getOTPCredentialData().getAlgorithm()

org.keycloak.credential.CredentialModel.getConfig()

Recommended to use CredentialModel.getCredentialData() instead and use the subtype of CredentialData specific to your credential

org.keycloak.credential.CredentialModel.getCounter()

Recommended to use OTPCredentialModel.getOTPCredentialData().getCounter()

org.keycloak.credential.CredentialModel.getDevice()

Recommended to use OTPCredentialModel.getOTPCredentialData().getDevice()

org.keycloak.credential.CredentialModel.getDigits()

Recommended to use OTPCredentialModel.getOTPCredentialData().getDigits()

org.keycloak.credential.CredentialModel.getHashIterations()

Recommended to use PasswordCredentialModel.getPasswordCredentialData().getHashIterations()

org.keycloak.credential.CredentialModel.getPeriod()

Recommended to use OTPCredentialModel.getOTPCredentialData().getPeriod()

org.keycloak.credential.CredentialModel.getSalt()

Recommended to use PasswordCredentialModel.getPasswordSecretData().getSalt()

org.keycloak.credential.CredentialModel.getValue()

Recommended to use PasswordCredentialModel.getPasswordSecretData().getValue() or OTPCredentialModel.getOTPSecretData().getValue()

org.keycloak.credential.CredentialModel.setAlgorithm(String)

See CredentialModel.getAlgorithm()

org.keycloak.credential.CredentialModel.setConfig(MultivaluedHashMap<String, String>)

Recommended to use CredentialModel.setCredentialData(String) instead and use the subtype of CredentialData specific to your credential

org.keycloak.credential.CredentialModel.setCounter(int)

See CredentialModel.getCounter()

org.keycloak.credential.CredentialModel.setDevice(String)

See CredentialModel.getDevice()

org.keycloak.credential.CredentialModel.setDigits(int)

See CredentialModel.setDigits(int)

org.keycloak.credential.CredentialModel.setHashIterations(int)

See CredentialModel.getHashIterations()

org.keycloak.credential.CredentialModel.setPeriod(int)

See CredentialModel.setPeriod(int)

org.keycloak.credential.CredentialModel.setSalt(byte[])

See CredentialModel.getSalt()

org.keycloak.credential.CredentialModel.setValue(String)

See CredentialModel.getValue()

org.keycloak.credential.hash.PasswordHashProvider.encode(String, int, CredentialModel)

Exists due the backwards compatibility. It is recommended to use PasswordHashProvider.encodedCredential(String, int)}

org.keycloak.credential.hash.PasswordHashProvider.policyCheck(PasswordPolicy, CredentialModel)

Exists due the backwards compatibility. It is recommended to use PasswordHashProvider.policyCheck(PasswordPolicy, PasswordCredentialModel)

org.keycloak.credential.hash.PasswordHashProvider.verify(String, CredentialModel)

Exists due the backwards compatibility. It is recommended to use PasswordHashProvider.verify(String, PasswordCredentialModel)

org.keycloak.dom.saml.v2.metadata.ExtensionsType.getElement()

org.keycloak.dom.saml.v2.metadata.ExtensionsType.setElement(Element)

org.keycloak.events.EventStoreProvider.clear()

Unused method. Currently, used only in the testsuite

org.keycloak.events.EventStoreProvider.clearAdmin()

Unused method. Currently, used only in the testsuite

org.keycloak.events.EventStoreProvider.clearExpiredEvents()

This method is problem from the performance perspective. Some storages can provide better way for doing this (e.g. entry lifespan in the Infinispan server, etc.). We need to leave solving event expiration to each storage provider separately using expiration field on entity level.

org.keycloak.jose.jws.JWSBuilder.EncodingBuilder.hmac256(byte[])

org.keycloak.jose.jws.JWSBuilder.EncodingBuilder.hmac256(SecretKey)

org.keycloak.jose.jws.JWSBuilder.EncodingBuilder.hmac384(byte[])

org.keycloak.jose.jws.JWSBuilder.EncodingBuilder.hmac384(SecretKey)

org.keycloak.jose.jws.JWSBuilder.EncodingBuilder.hmac512(byte[])

org.keycloak.jose.jws.JWSBuilder.EncodingBuilder.hmac512(SecretKey)

org.keycloak.jose.jws.JWSBuilder.EncodingBuilder.rsa256(PrivateKey)

org.keycloak.jose.jws.JWSBuilder.EncodingBuilder.rsa384(PrivateKey)

org.keycloak.jose.jws.JWSBuilder.EncodingBuilder.rsa512(PrivateKey)

org.keycloak.jose.jws.JWSBuilder.EncodingBuilder.sign(Algorithm, PrivateKey)

org.keycloak.keys.DefaultKeyManager.getActiveAesKey(RealmModel)

org.keycloak.keys.DefaultKeyManager.getActiveHmacKey(RealmModel)

org.keycloak.keys.DefaultKeyManager.getActiveRsaKey(RealmModel)

org.keycloak.keys.DefaultKeyManager.getAesSecretKey(RealmModel, String)

org.keycloak.keys.DefaultKeyManager.getHmacSecretKey(RealmModel, String)

org.keycloak.keys.DefaultKeyManager.getRsaCertificate(RealmModel, String)

org.keycloak.keys.DefaultKeyManager.getRsaKeys(RealmModel)

org.keycloak.keys.DefaultKeyManager.getRsaPublicKey(RealmModel, String)

org.keycloak.migration.MigrationModel.getResourcesTag()

org.keycloak.models.ClientModel.updateClient()

Do not use, to be removed

org.keycloak.models.ClientProvider.getAllRedirectUrisOfEnabledClients(RealmModel)

Do not use, this is only to support a deprecated logout endpoint and will vanish with it's removal

org.keycloak.models.IdentityProviderModel.isAuthenticateByDefault()

org.keycloak.models.IdentityProviderModel.setAuthenticateByDefault(boolean)

org.keycloak.models.jpa.entities.CredentialEntity.getSalt()

org.keycloak.models.jpa.entities.CredentialEntity.setSalt(byte[])

org.keycloak.models.jpa.MigrationModelAdapter.getResourcesTag()

org.keycloak.models.KeycloakSession.getProvider(Class<T>, ComponentModel)

Deprecated in favor of {@link #getComponentProvider)

org.keycloak.models.KeyManager.getActiveAesKey(RealmModel)

org.keycloak.models.KeyManager.getActiveHmacKey(RealmModel)

org.keycloak.models.KeyManager.getActiveRsaKey(RealmModel)

org.keycloak.models.KeyManager.getAesKeys(RealmModel)

org.keycloak.models.KeyManager.getAesSecretKey(RealmModel, String)

org.keycloak.models.KeyManager.getHmacKeys(RealmModel)

org.keycloak.models.KeyManager.getHmacSecretKey(RealmModel, String)

org.keycloak.models.KeyManager.getRsaCertificate(RealmModel, String)

org.keycloak.models.KeyManager.getRsaKeys(RealmModel)

org.keycloak.models.KeyManager.getRsaPublicKey(RealmModel, String)

org.keycloak.models.LegacyRealmModel.getClientStorageProviders()

Use getClientStorageProvidersStream instead.

org.keycloak.models.LegacyRealmModel.getRoleStorageProviders()

Use getRoleStorageProvidersStream instead.

org.keycloak.models.LegacyRealmModel.getUserStorageProviders()

Use getUserStorageProvidersStream instead.

org.keycloak.models.RealmModel.getTopLevelGroupsStream()

org.keycloak.models.RealmModel.getTopLevelGroupsStream(Integer, Integer)

org.keycloak.models.session.PersistentUserSessionAdapter.PersistentUserSessionData.getStarted()

org.keycloak.models.session.PersistentUserSessionAdapter.PersistentUserSessionData.setStarted(int)

org.keycloak.models.SubjectCredentialManager.createCredentialThroughProvider(CredentialModel)

org.keycloak.models.SubjectCredentialManager.getConfiguredUserStorageCredentialTypesStream()

org.keycloak.models.SubjectCredentialManager.isConfiguredLocally(String)

org.keycloak.models.UserCredentialModel.isOtp(String)

org.keycloak.models.UserCredentialModel.passwordToken(String)

org.keycloak.models.UserSessionProvider.createUserSession(RealmModel, UserModel, String, String, String, boolean, String, String)

Use UserSessionProvider.createUserSession(String, RealmModel, UserModel, String, String, String, boolean, String, String, UserSessionModel.SessionPersistenceState) instead.

org.keycloak.models.UserSessionProvider.getClientSession(UserSessionModel, ClientModel, UUID, boolean)

Use UserSessionProvider.getClientSession(UserSessionModel, ClientModel, String, boolean) instead.

org.keycloak.models.utils.ModelToRepresentation.toGroupHierarchy(GroupModel, boolean)

org.keycloak.models.utils.ModelToRepresentation.toGroupHierarchy(GroupModel, boolean, String)

org.keycloak.models.utils.ModelToRepresentation.toGroupHierarchy(GroupModel, boolean, String, Boolean)

org.keycloak.models.utils.ModelToRepresentation.toGroupHierarchy(KeycloakSession, RealmModel, boolean)

org.keycloak.protocol.oidc.mappers.AbstractOIDCProtocolMapper.setClaim(IDToken, ProtocolMapperModel, UserSessionModel)

override AbstractOIDCProtocolMapper.setClaim(IDToken, ProtocolMapperModel, UserSessionModel, KeycloakSession, ClientSessionContext) instead.

org.keycloak.protocol.oidc.utils.RedirectUtils.verifyRealmRedirectUri(KeycloakSession, String)

org.keycloak.protocol.saml.profile.util.Soap.SoapMessageBuilder.call(String)

Use Soap.SoapMessageBuilder.call(String,KeycloakSession) to use SimpleHttp configuration

org.keycloak.provider.EnvironmentDependentProviderFactory.isSupported()

Prefer overriding/using the EnvironmentDependentProviderFactory.isSupported(Config.Scope) method.

org.keycloak.representations.idm.AbstractAuthenticationExecutionRepresentation.isAutheticatorFlow()

org.keycloak.representations.idm.AbstractAuthenticationExecutionRepresentation.setAutheticatorFlow(boolean)

org.keycloak.representations.idm.authorization.ResourceRepresentation.getUri()

org.keycloak.representations.idm.authorization.ResourceRepresentation.setUri(String)

org.keycloak.representations.idm.ClientRepresentation.getClientTemplate()

org.keycloak.representations.idm.ClientRepresentation.getDefaultRoles()

org.keycloak.representations.idm.ClientRepresentation.isDirectGrantsOnly()

org.keycloak.representations.idm.ClientRepresentation.isUseTemplateConfig()

org.keycloak.representations.idm.ClientRepresentation.isUseTemplateMappers()

org.keycloak.representations.idm.ClientRepresentation.isUseTemplateScope()

org.keycloak.representations.idm.ClientRepresentation.setDefaultRoles(String[])

org.keycloak.representations.idm.CredentialRepresentation.getAlgorithm()

org.keycloak.representations.idm.CredentialRepresentation.getConfig()

org.keycloak.representations.idm.CredentialRepresentation.getCounter()

org.keycloak.representations.idm.CredentialRepresentation.getDevice()

org.keycloak.representations.idm.CredentialRepresentation.getDigits()

org.keycloak.representations.idm.CredentialRepresentation.getHashedSaltedValue()

org.keycloak.representations.idm.CredentialRepresentation.getHashIterations()

org.keycloak.representations.idm.CredentialRepresentation.getPeriod()

org.keycloak.representations.idm.CredentialRepresentation.getSalt()

org.keycloak.representations.idm.IdentityProviderRepresentation.getUpdateProfileFirstLoginMode()

deprecated and replaced by configuration on IdpReviewProfileAuthenticator

org.keycloak.representations.idm.IdentityProviderRepresentation.isAuthenticateByDefault()

Replaced by configuration option in identity provider authenticator

org.keycloak.representations.idm.IdentityProviderRepresentation.setAuthenticateByDefault(boolean)

org.keycloak.representations.idm.IdentityProviderRepresentation.setUpdateProfileFirstLogin(boolean)

IdentityProviderRepresentation.setUpdateProfileFirstLoginMode(String)

org.keycloak.representations.idm.IdentityProviderRepresentation.setUpdateProfileFirstLoginMode(String)

deprecated and replaced by configuration on IdpReviewProfileAuthenticator

org.keycloak.representations.idm.ProtocolMapperRepresentation.getConsentText()

org.keycloak.representations.idm.ProtocolMapperRepresentation.isConsentRequired()

org.keycloak.representations.idm.RealmRepresentation.getApplicationScopeMappings()

org.keycloak.representations.idm.RealmRepresentation.getClientTemplates()

org.keycloak.representations.idm.RealmRepresentation.getDefaultRoles()

org.keycloak.representations.idm.RealmRepresentation.getOauthClients()

org.keycloak.representations.idm.RealmRepresentation.getRequiredCredentials()

org.keycloak.representations.idm.RealmRepresentation.getSocialProviders()

org.keycloak.representations.idm.RealmRepresentation.isSocial()

org.keycloak.representations.idm.RealmRepresentation.isUpdateProfileOnInitialSocialLogin()

org.keycloak.representations.idm.RealmRepresentation.setDefaultRoles(List<String>)

org.keycloak.representations.idm.RealmRepresentation.setRequiredCredentials(Set<String>)

org.keycloak.representations.idm.RoleRepresentation.Composites.getApplication()

org.keycloak.representations.idm.RoleRepresentation.isScopeParamRequired()

org.keycloak.representations.idm.RolesRepresentation.getApplication()

org.keycloak.representations.idm.ScopeMappingRepresentation.getClientTemplate()

org.keycloak.representations.idm.UserConsentRepresentation.getGrantedRealmRoles()

org.keycloak.representations.idm.UserRepresentation.getApplicationRoles()

org.keycloak.representations.idm.UserRepresentation.isTotp()

org.keycloak.representations.idm.UserRepresentation.setTotp(Boolean)

org.keycloak.representations.IDToken.getAuthTime()

int will overflow with values after 2038. Use IDToken.getAuth_time() instead.

org.keycloak.representations.IDToken.setAuthTime(int)

int will overflow with values after 2038. Use IDToken.setAuth_time(Long) ()} instead.

org.keycloak.representations.JsonWebToken.expiration(int)

int will overflow with values after 2038. Use JsonWebToken.exp(Long) instead.

org.keycloak.representations.JsonWebToken.getExpiration()

int will overflow with values after 2038. Use JsonWebToken.getExp() instead.

org.keycloak.representations.JsonWebToken.getIssuedAt()

int will overflow with values after 2038. Use JsonWebToken.getIat() instead.

org.keycloak.representations.JsonWebToken.getNotBefore()

int will overflow with values after 2038. Use JsonWebToken.getNbf() instead.

org.keycloak.representations.JsonWebToken.issuedAt(int)

int will overflow with values after 2038. Use JsonWebToken.iat(Long) ()} instead.

org.keycloak.representations.JsonWebToken.notBefore(int)

int will overflow with values after 2038. Use JsonWebToken.nbf(Long) instead.

org.keycloak.saml.common.util.StaxParserUtil.getAttributeValue(StartElement, String)

org.keycloak.saml.common.util.StaxParserUtil.getBooleanAttributeValue(StartElement, String)

org.keycloak.saml.common.util.StaxParserUtil.getBooleanAttributeValue(StartElement, String, boolean)

org.keycloak.saml.common.util.StaxParserUtil.validate(StartElement, String)

org.keycloak.saml.SAML2LogoutRequestBuilder.userPrincipal(String, String)

Prefer SAML2LogoutRequestBuilder.nameId(org.keycloak.dom.saml.v2.assertion.NameIDType)

org.keycloak.services.DefaultKeycloakContext.getRequestHeaders()

Use DefaultKeycloakContext.getHttpRequest() to obtain the request headers.

org.keycloak.services.managers.UserSessionManager.findOfflineSessions(RealmModel, UserModel)

org.keycloak.services.resources.account.LinkedAccountsResource.buildLinkedAccountURI(String, String)

org.keycloak.services.resources.account.PasswordUtil.isConfigured(KeycloakSession, RealmModel, UserModel)

Instead, use PasswordUtil.isConfigured()

org.keycloak.services.resources.admin.AuthenticationManagementResource.createAuthenticatorConfig(AuthenticatorConfigRepresentation)

Use AuthenticationManagementResource.newExecutionConfig(String, AuthenticatorConfigRepresentation) instead

org.keycloak.services.resources.admin.AuthenticationManagementResource.getAuthenticatorConfig(String, String)

Use rather AuthenticationManagementResource.getAuthenticatorConfig(String)

org.keycloak.services.resources.admin.RealmAdminResource.getClientTemplates()

org.keycloak.services.resources.admin.RealmAdminResource.testSMTPConnection(String)

org.keycloak.services.resources.admin.ScopeMappedResource.getScopeMappings()

the method is not used neither from admin console or from admin client. It may be removed in future releases.

org.keycloak.services.resources.admin.TestLdapConnectionResource.testLDAPConnection(String, String, String, String, String, String, String, String)

org.keycloak.services.resources.admin.UserResource.resetPasswordEmail(String, String)

org.keycloak.sessions.AuthenticationSessionProvider.removeAllExpired()

manual removal of expired entities should not be used anymore. It is responsibility of the store implementation to handle expirable entities

org.keycloak.sessions.AuthenticationSessionProvider.removeExpired(RealmModel)

manual removal of expired entities should not be used anymore. It is responsibility of the store implementation to handle expirable entities

org.keycloak.storage.adapter.AbstractUserAdapter.getAttribute(String)

Use AbstractUserAdapter.getAttributeStream(String) instead

org.keycloak.storage.adapter.AbstractUserAdapter.getClientRoleMappings(ClientModel)

Use AbstractUserAdapter.getClientRoleMappingsStream(ClientModel) instead

org.keycloak.storage.adapter.AbstractUserAdapter.getGroups()

Use AbstractUserAdapter.getGroupsStream() instead

org.keycloak.storage.adapter.AbstractUserAdapter.getRealmRoleMappings()

Use AbstractUserAdapter.getRealmRoleMappingsStream() instead

org.keycloak.storage.adapter.AbstractUserAdapter.getRequiredActions()

User AbstractUserAdapter.getRequiredActionsStream()

org.keycloak.storage.adapter.AbstractUserAdapter.getRoleMappings()

Use AbstractUserAdapter.getRoleMappingsStream() instead

org.keycloak.storage.adapter.AbstractUserAdapterFederatedStorage.getFederatedRoleMappings()

Use AbstractUserAdapterFederatedStorage.getFederatedRoleMappingsStream() instead

org.keycloak.storage.group.GroupLookupProvider.searchForGroupByNameStream(RealmModel, String, Integer, Integer)

Use GroupLookupProvider.searchForGroupByNameStream(RealmModel, String, Boolean, Integer, Integer) instead.

org.keycloak.storage.jpa.entity.FederatedUserCredentialEntity.getSalt()

org.keycloak.storage.jpa.entity.FederatedUserCredentialEntity.setSalt(byte[])

org.keycloak.storage.StorageId.isLocalStorage(ClientModel)

Use StorageId.isLocalStorage(String) instead.

org.keycloak.storage.StorageId.isLocalStorage(UserModel)

Use StorageId.isLocalStorage(String) instead.

org.keycloak.storage.StorageId.resolveProviderId(ClientModel)

Use StorageId.providerId(String) instead.

org.keycloak.storage.StorageId.resolveProviderId(UserModel)

Use StorageId.providerId(String) instead.

org.keycloak.storage.user.UserCountMethodsProvider.getUsersCount(RealmModel, String)

Use UserCountMethodsProvider.getUsersCount(RealmModel, Map) with an params map containing UserModel.SEARCH instead.

org.keycloak.storage.user.UserCountMethodsProvider.getUsersCount(RealmModel, String, Set<String>)

Use UserCountMethodsProvider.getUsersCount(RealmModel, Map, Set) with an params map containing UserModel.SEARCH instead.

org.keycloak.storage.user.UserQueryMethodsProvider.searchForUserStream(RealmModel, String)

Use UserQueryMethodsProvider.searchForUserStream(RealmModel, Map) with an params map containing UserModel.SEARCH instead.

org.keycloak.storage.user.UserQueryMethodsProvider.searchForUserStream(RealmModel, String, Integer, Integer)

Use UserQueryMethodsProvider.searchForUserStream(RealmModel, Map, Integer, Integer) with an params map containing UserModel.SEARCH instead.

org.keycloak.TokenVerifier.checkActive(boolean)

This method is here only for backward compatibility with previous version of TokenVerifier.

org.keycloak.TokenVerifier.checkRealmUrl(boolean)

This method is here only for backward compatibility with previous version of TokenVerifier.

org.keycloak.TokenVerifier.checkTokenType(boolean)

This method is here only for backward compatibility with previous version of TokenVerifier.

org.keycloak.TokenVerifier.realmUrl(String)

This method is here only for backward compatibility with previous version of TokenVerifier.

org.keycloak.userprofile.UserProfileProvider.isEnabled(RealmModel)

should be removed once DeclarativeUserProfileProvider becomes the default.

org.keycloak.util.JWKSUtils.getKeysForUse(JSONWebKeySet, JWK.Use)

Use JWKSUtils.getKeyWrappersForUse(JSONWebKeySet, JWK.Use)

Deprecated Constructors

Constructor

Description

org.keycloak.authentication.requiredactions.UpdatePassword()

use UpdatePassword(KeycloakSession) instead

org.keycloak.services.resources.account.PasswordUtil(KeycloakSession, UserModel)

Deprecated Enum Constants

Enum Constant

Description

org.keycloak.events.EventType.VALIDATE_ACCESS_TOKEN

see KEYCLOAK-2266

org.keycloak.events.EventType.VALIDATE_ACCESS_TOKEN_ERROR

org.keycloak.saml.common.constants.JBossSAMLConstants.EXTENSIONS

Use namespace-aware variant instead

org.keycloak.saml.common.constants.JBossSAMLConstants.RESPONSE

Use namespace-aware variant instead

Deprecated API

Contents