Uses of Interface
org.keycloak.provider.Provider
Package
Description
Fine-grained Authorization SPI.
Provides classes and a SPI to plug different policy providers.
Provides classes and a SPI to plug different metadata storage implementations.
-
Uses of Provider in org.keycloak.authentication
Modifier and TypeInterfaceDescriptioninterface
Callback to be triggered during various lifecycle events of authentication flow.interface
This interface is for users that want to add custom authenticators to an authentication flow.interface
This interface is for users that want to add custom client authenticators to an authentication flow.interface
Fine grain processing of a form.interface
This class is responsible for rendering a form.interface
RequiredAction provider.Modifier and TypeClassDescriptionclass
Abstract helper class that Authenticator implementations can leverageModifier and TypeMethodDescriptionAuthenticatorSpi.getProviderClass()
ClientAuthenticatorSpi.getProviderClass()
FormActionSpi.getProviderClass()
FormAuthenticatorSpi.getProviderClass()
RequiredActionSpi.getProviderClass()
-
Uses of Provider in org.keycloak.authentication.actiontoken
Modifier and TypeInterfaceDescriptioninterface
ActionTokenHandler<T extends JsonWebToken>
Handler of the action token. -
Uses of Provider in org.keycloak.authentication.actiontoken.execactions
-
Uses of Provider in org.keycloak.authentication.actiontoken.idpverifyemail
Modifier and TypeClassDescriptionclass
Action token handler for verification of e-mail address. -
Uses of Provider in org.keycloak.authentication.actiontoken.inviteorg
Modifier and TypeClassDescriptionclass
Action token handler for handling invitation of an existing user to an organization. -
Uses of Provider in org.keycloak.authentication.actiontoken.resetcred
-
Uses of Provider in org.keycloak.authentication.actiontoken.updateemail
-
Uses of Provider in org.keycloak.authentication.actiontoken.verifyemail
Modifier and TypeClassDescriptionclass
Action token handler for verification of e-mail address. -
Uses of Provider in org.keycloak.authentication.authenticators
Modifier and TypeClassDescriptionclass
Pass-thru atheneticator that just sets the context to attempted. -
Uses of Provider in org.keycloak.authentication.authenticators.access
Modifier and TypeClassDescriptionclass
Authenticator will always successfully authenticate.class
Explicitly deny access to the resources. -
Uses of Provider in org.keycloak.authentication.authenticators.broker
Modifier and TypeClassDescriptionclass
class
class
class
class
class
class
class
class
Same like classic username+password form, but for use in IdP linking. -
Uses of Provider in org.keycloak.authentication.authenticators.browser
Modifier and TypeClassDescriptionclass
class
AnOTPFormAuthenticator
that can conditionally require OTP authentication.class
class
class
class
class
class
class
AnAuthenticator
that can execute a configured script during authentication flow.class
final class
class
class
Authenticator for WebAuthn authentication, which will be typically used when WebAuthn is used as second factor.class
Authenticator for WebAuthn authentication with passwordless credential. -
Uses of Provider in org.keycloak.authentication.authenticators.client
Modifier and TypeClassDescriptionclass
class
Validates client based on "client_id" and "client_secret" sent either in request parameters or in "Authorization: Basic" header .class
Client authentication based on JWT signed by client private key .class
Client authentication based on JWT signed by client secret instead of private key .class
-
Uses of Provider in org.keycloak.authentication.authenticators.conditional
Modifier and TypeClassDescriptionclass
class
class
class
-
Uses of Provider in org.keycloak.authentication.authenticators.directgrant
Modifier and TypeClassDescriptionclass
class
class
class
-
Uses of Provider in org.keycloak.authentication.authenticators.resetcred
Modifier and TypeClassDescriptionclass
class
class
class
class
-
Uses of Provider in org.keycloak.authentication.authenticators.sessionlimits
-
Uses of Provider in org.keycloak.authentication.authenticators.x509
Modifier and TypeClassDescriptionclass
class
class
class
-
Uses of Provider in org.keycloak.authentication.forms
Modifier and TypeClassDescriptionclass
class
class
class
class
class
class
-
Uses of Provider in org.keycloak.authentication.otp
Modifier and TypeClassDescriptionclass
class
class
-
Uses of Provider in org.keycloak.authentication.requiredactions
Modifier and TypeClassDescriptionclass
class
class
class
class
class
class
class
class
class
class
class
Required action for register WebAuthn passwordless credential for the user.class
Required action for register WebAuthn 2-factor credential for the user -
Uses of Provider in org.keycloak.authorization
Modifier and TypeClassDescriptionfinal class
The main contract here is the creation ofPermissionEvaluator
instances. -
Uses of Provider in org.keycloak.authorization.config
-
Uses of Provider in org.keycloak.authorization.jpa.store
-
Uses of Provider in org.keycloak.authorization.policy.provider
-
Uses of Provider in org.keycloak.authorization.policy.provider.aggregated
-
Uses of Provider in org.keycloak.authorization.policy.provider.client
-
Uses of Provider in org.keycloak.authorization.policy.provider.clientscope
-
Uses of Provider in org.keycloak.authorization.policy.provider.group
-
Uses of Provider in org.keycloak.authorization.policy.provider.permission
Modifier and TypeClassDescriptionclass
class
class
class
-
Uses of Provider in org.keycloak.authorization.policy.provider.regex
-
Uses of Provider in org.keycloak.authorization.policy.provider.role
-
Uses of Provider in org.keycloak.authorization.policy.provider.time
-
Uses of Provider in org.keycloak.authorization.policy.provider.user
-
Uses of Provider in org.keycloak.authorization.protection.introspect
Modifier and TypeClassDescriptionclass
Introspects token accordingly with UMA Bearer Token Profile. -
Uses of Provider in org.keycloak.authorization.store
Modifier and TypeInterfaceDescriptioninterface
A factory for the different types of storages that manage the persistence of the domain model types. -
Uses of Provider in org.keycloak.broker.oidc
Modifier and TypeClassDescriptionclass
class
class
-
Uses of Provider in org.keycloak.broker.oidc.mappers
Modifier and TypeClassDescriptionclass
class
class
Abstract class that handles the logic for importing and updating brokered users for all mappers that map an OIDC claim into aKeycloak
role.class
Abstract class for Social Provider mappers which allow mapping of JSON user profile field into Keycloak user attribute.class
class
class
class
class
class
class
-
Uses of Provider in org.keycloak.broker.provider
Modifier and TypeInterfaceDescriptioninterface
IdentityProvider<C extends IdentityProviderModel>
interface
Modifier and TypeClassDescriptionclass
AbstractIdentityProvider<C extends IdentityProviderModel>
class
class
class
class
class
Modifier and TypeMethodDescriptionIdentityProviderMapperSpi.getProviderClass()
IdentityProviderSpi.getProviderClass()
-
Uses of Provider in org.keycloak.broker.saml
-
Uses of Provider in org.keycloak.broker.saml.mappers
Modifier and TypeClassDescriptionclass
Abstract class that handles the logic for importing and updating brokered users for all mappers that map a SAML attribute into aKeycloak
group.class
Abstract class that handles the logic for importing and updating brokered users for all mappers that map a SAML attribute into aKeycloak
role.class
class
class
class
class
class
-
Uses of Provider in org.keycloak.broker.social
Modifier and TypeInterfaceDescriptioninterface
SocialIdentityProvider<C extends IdentityProviderModel>
-
Uses of Provider in org.keycloak.client.clienttype
Modifier and TypeInterfaceDescriptioninterface
TODO:client-types javadocinterface
Modifier and TypeMethodDescriptionClientTypeManagerSpi.getProviderClass()
ClientTypeSpi.getProviderClass()
-
Uses of Provider in org.keycloak.cluster
Modifier and TypeInterfaceDescriptioninterface
Various utils related to clustering and concurrent tasks on cluster nodes -
Uses of Provider in org.keycloak.cluster.infinispan
-
Uses of Provider in org.keycloak.component
Modifier and TypeInterfaceDescriptioninterface
AmphibianProviderFactory<ProviderType extends Provider>
Ancestor for a provider factory for both a standaloneProviderFactory
and aComponentFactory
.interface
ComponentFactory<CreatedType,
ProviderType extends Provider> interface
SubComponentFactory<CreatedType,
ProviderType extends Provider> Useful when you want to describe config properties that are effected by the parent ComponentModelModifier and TypeMethodDescription<T extends Provider>
ProviderFactory<T>ComponentFactoryProviderFactory.getProviderFactory
(Class<T> clazz, String realmId, String componentId, Function<KeycloakSessionFactory, ComponentModel> model) ModifierConstructorDescriptionJsonConfigComponentModel
(Class<? extends Provider> providerType, String realmId, String providerId, com.fasterxml.jackson.databind.JsonNode configNode) -
Uses of Provider in org.keycloak.connections.httpclient
-
Uses of Provider in org.keycloak.connections.infinispan
Modifier and TypeClassDescriptionclass
class
-
Uses of Provider in org.keycloak.connections.jpa
-
Uses of Provider in org.keycloak.connections.jpa.entityprovider
-
Uses of Provider in org.keycloak.connections.jpa.updater
-
Uses of Provider in org.keycloak.connections.jpa.updater.liquibase
-
Uses of Provider in org.keycloak.connections.jpa.updater.liquibase.conn
-
Uses of Provider in org.keycloak.connections.jpa.updater.liquibase.lock
-
Uses of Provider in org.keycloak.cookie
-
Uses of Provider in org.keycloak.credential
Modifier and TypeInterfaceDescriptioninterface
CredentialProvider<T extends CredentialModel>
interface
Modifier and TypeClassDescriptionclass
class
class
class
Credential provider for WebAuthn 2-factor credential of the userclass
Credential provider for WebAuthn passwordless credential of the user -
Uses of Provider in org.keycloak.credential.hash
Modifier and TypeClassDescriptionclass
Implementation PBKDF2 password hash algorithm. -
Uses of Provider in org.keycloak.crypto
Modifier and TypeInterfaceDescriptioninterface
interface
interface
interface
interface
Modifier and TypeClassDescriptionclass
class
class
class
class
class
class
class
class
class
class
class
Modifier and TypeMethodDescriptionCekManagementSpi.getProviderClass()
ClientSignatureVerifierSpi.getProviderClass()
ContentEncryptionSpi.getProviderClass()
HashSpi.getProviderClass()
SignatureSpi.getProviderClass()
-
Uses of Provider in org.keycloak.deployment
Modifier and TypeInterfaceDescriptioninterface
Allows to register "deployed configurations", which are retrieved in runtime from deployed providers and hence are not saved in the DB -
Uses of Provider in org.keycloak.device
-
Uses of Provider in org.keycloak.email
Modifier and TypeInterfaceDescriptioninterface
interface
Modifier and TypeMethodDescriptionEmailSenderSpi.getProviderClass()
EmailTemplateSpi.getProviderClass()
-
Uses of Provider in org.keycloak.email.freemarker
-
Uses of Provider in org.keycloak.encoding
-
Uses of Provider in org.keycloak.events
Modifier and TypeInterfaceDescriptioninterface
interface
Modifier and TypeMethodDescriptionEventListenerSpi.getProviderClass()
EventStoreSpi.getProviderClass()
-
Uses of Provider in org.keycloak.events.email
-
Uses of Provider in org.keycloak.events.jpa
-
Uses of Provider in org.keycloak.events.log
-
Uses of Provider in org.keycloak.executors
-
Uses of Provider in org.keycloak.exportimport
Modifier and TypeInterfaceDescriptioninterface
Provider plugin interface for importing clients from an arbitrary configuration formatinterface
interface
Modifier and TypeClassDescriptionclass
class
Modifier and TypeMethodDescriptionClientDescriptionConverterSpi.getProviderClass()
ExportSpi.getProviderClass()
ImportSpi.getProviderClass()
-
Uses of Provider in org.keycloak.exportimport.dir
-
Uses of Provider in org.keycloak.exportimport.singlefile
-
Uses of Provider in org.keycloak.exportimport.util
Modifier and TypeClassDescriptionclass
MultipleStepsExportProvider<T extends MultipleStepsExportProvider<?>>
-
Uses of Provider in org.keycloak.federation.kerberos
-
Uses of Provider in org.keycloak.federation.sssd
Modifier and TypeClassDescriptionclass
SPI provider implementation to retrieve data from SSSD and authenticate against PAM -
Uses of Provider in org.keycloak.forms.login
-
Uses of Provider in org.keycloak.forms.login.freemarker
-
Uses of Provider in org.keycloak.headers
-
Uses of Provider in org.keycloak.health
Modifier and TypeInterfaceDescriptioninterface
This interface is used for controlling load balancer. -
Uses of Provider in org.keycloak.keys
Modifier and TypeClassDescriptionclass
class
class
class
class
class
class
class
class
class
Modifier and TypeMethodDescriptionKeySpi.getProviderClass()
PublicKeyStorageSpi.getProviderClass()
-
Uses of Provider in org.keycloak.keys.infinispan
Modifier and TypeClassDescriptionclass
class
-
Uses of Provider in org.keycloak.locale
Modifier and TypeInterfaceDescriptioninterface
interface
Modifier and TypeClassDescriptionclass
class
Modifier and TypeMethodDescriptionLocaleSelectorSPI.getProviderClass()
LocaleUpdaterSPI.getProviderClass()
-
Uses of Provider in org.keycloak.migration
Modifier and TypeInterfaceDescriptioninterface
Various common utils needed for migration from older version to newer -
Uses of Provider in org.keycloak.models
Modifier and TypeInterfaceDescriptioninterface
Provider of the client records.interface
Provider of the client scopes records.interface
interface
Provider of group recordsinterface
interface
interface
Provider of the role records.interface
Provides a cache to store data for single-use use case or the details about used action tokens.interface
interface
interface
Modifier and TypeClassDescriptionclass
The default implementation for generating/formatting user code of OAuth 2.0 Device Authorization Grant.Modifier and TypeMethodDescriptionKeycloakSession.getAllProviders
(Class<T> clazz) <T extends Provider>
TKeycloakSession.getComponentProvider
(Class<T> clazz, String componentId) Returns a component provider for a component from the realm that is relevant to this session.<T extends Provider>
TKeycloakSession.getComponentProvider
(Class<T> clazz, String componentId, Function<KeycloakSessionFactory, ComponentModel> modelGetter) Returns a component provider for a component from the realm that is relevant to this session.<T extends Provider>
TKeycloakSession.getProvider
(Class<T> clazz) Get dedicated provider instance of provider type clazz that was created for this session.<T extends Provider>
TKeycloakSession.getProvider
(Class<T> clazz, String id) Get dedicated provider instance for a specific provider factory of id of provider type clazz that was created for this session.<T extends Provider>
TKeycloakSession.getProvider
(Class<T> clazz, ComponentModel componentModel) Deprecated.Deprecated in favor of {@link #getComponentProvider)<T extends Provider>
ProviderFactory<T>KeycloakSessionFactory.getProviderFactory
(Class<T> clazz) <T extends Provider>
ProviderFactory<T>KeycloakSessionFactory.getProviderFactory
(Class<T> clazz, String id) <T extends Provider>
ProviderFactory<T>KeycloakSessionFactory.getProviderFactory
(Class<T> clazz, String realmId, String componentId, Function<KeycloakSessionFactory, ComponentModel> modelGetter) KeycloakSession.listProviderIds
(Class<T> clazz) Get all provider factories that manage provider instances of class.Modifier and TypeMethodDescriptionClientScopeSpi.getProviderClass()
ClientSpi.getProviderClass()
DeploymentStateSpi.getProviderClass()
GroupSpi.getProviderClass()
KeycloakSession.getProviderClass
(String providerClassName) OAuth2DeviceUserCodeSpi.getProviderClass()
RealmSpi.getProviderClass()
RoleSpi.getProviderClass()
SingleUseObjectSpi.getProviderClass()
UserLoginFailureSpi.getProviderClass()
UserSessionSpi.getProviderClass()
UserSpi.getProviderClass()
Modifier and TypeMethodDescriptionKeycloakSessionFactory.getProviderFactoriesStream
(Class<? extends Provider> clazz) Returns stream of provider factories for the given provider.default Stream<ComponentModel>
RealmModel.getStorageProviders
(Class<? extends Provider> storageProviderClass) Returns stream of ComponentModels that represent StorageProviders for class storageProviderClass in this realm. -
Uses of Provider in org.keycloak.models.cache
Modifier and TypeInterfaceDescriptioninterface
interface
interface
All these methods effect an entire cluster of Keycloak instances.Modifier and TypeMethodDescriptionCachePublicKeyProviderSpi.getProviderClass()
CacheRealmProviderSpi.getProviderClass()
CacheUserProviderSpi.getProviderClass()
-
Uses of Provider in org.keycloak.models.cache.authorization
-
Uses of Provider in org.keycloak.models.cache.infinispan
Modifier and TypeClassDescriptionclass
- the high level architecture of this cache is an invalidation cache.class
-
Uses of Provider in org.keycloak.models.cache.infinispan.authorization
-
Uses of Provider in org.keycloak.models.dblock
Modifier and TypeInterfaceDescriptioninterface
Global database lock to ensure that some actions in DB can be done just be one cluster node at a time. -
Uses of Provider in org.keycloak.models.jpa
Modifier and TypeClassDescriptionclass
class
class
-
Uses of Provider in org.keycloak.models.jpa.session
-
Uses of Provider in org.keycloak.models.session
Modifier and TypeClassDescriptionclass
Persistence of userSessions is disabled . -
Uses of Provider in org.keycloak.models.sessions.infinispan
Modifier and TypeClassDescriptionclass
class
TODO: Check if Boolean can be used as single-use cache argument instead of SingleUseObjectValueEntity.class
class
class
class
-
Uses of Provider in org.keycloak.models.sessions.infinispan.events
Modifier and TypeClassDescriptionclass
AbstractUserSessionClusterListener<SE extends SessionClusterEvent,
T extends Provider> -
Uses of Provider in org.keycloak.models.utils
Modifier and TypeMethodDescriptionstatic <T extends Provider>
ProviderFactory<T>KeycloakModelUtils.getComponentFactory
(KeycloakSessionFactory factory, Class<T> providerClass, Config.Scope config, String spiName) Modifier and TypeMethodDescriptionRealmModelDelegate.getStorageProviders
(Class<? extends Provider> storageProviderClass) -
Uses of Provider in org.keycloak.organization
Modifier and TypeInterfaceDescriptioninterface
AProvider
that manages organization and its data within the scope of a realm. -
Uses of Provider in org.keycloak.organization.admin.resource
-
Uses of Provider in org.keycloak.organization.authentication.authenticators.broker
-
Uses of Provider in org.keycloak.organization.authentication.authenticators.browser
-
Uses of Provider in org.keycloak.organization.jpa
-
Uses of Provider in org.keycloak.organization.protocol.mappers.oidc
-
Uses of Provider in org.keycloak.organization.protocol.mappers.saml
-
Uses of Provider in org.keycloak.organization.validator
-
Uses of Provider in org.keycloak.policy
Modifier and TypeInterfaceDescriptioninterface
interface
Modifier and TypeClassDescriptionclass
Checks a password against a configured password blacklist.class
class
class
class
class
class
class
class
class
Specifies the maximum age of an authentication with which a password may be changed without re-authentication.class
class
class
APasswordPolicyProvider
which does not allow to use the current email as password.class
class
class
class
class
Modifier and TypeMethodDescriptionPasswordPolicyManagerSpi.getProviderClass()
PasswordPolicySpi.getProviderClass()
-
Uses of Provider in org.keycloak.protocol
Modifier and TypeInterfaceDescriptioninterface
Provides a template/sample client config adapter file.interface
interface
Modifier and TypeMethodDescriptionClientInstallationSpi.getProviderClass()
LoginProtocolSpi.getProviderClass()
ProtocolMapperSpi.getProviderClass()
-
Uses of Provider in org.keycloak.protocol.docker
-
Uses of Provider in org.keycloak.protocol.docker.installation
Modifier and TypeClassDescriptionclass
class
class
-
Uses of Provider in org.keycloak.protocol.docker.mapper
Modifier and TypeClassDescriptionclass
Populates token with requested scope.class
-
Uses of Provider in org.keycloak.protocol.oid4vc
Modifier and TypeClassDescriptionclass
Provides the client-registration functionality for OID4VC-clients. -
Uses of Provider in org.keycloak.protocol.oid4vc.issuance
Modifier and TypeClassDescriptionclass
WellKnownProvider
implementation for JWT VC Issuer metadata at endpoint /.well-known/jwt-vc-issuerclass
WellKnownProvider
implementation to provide the .well-known/openid-credential-issuer endpoint, offering the Credential Issuer Metadata as defined by the OID4VCI protocol -
Uses of Provider in org.keycloak.protocol.oid4vc.issuance.mappers
Modifier and TypeClassDescriptionclass
Allows to add the context to the credential subjectclass
Base class for OID4VC Mappers, to provide common configuration and functionality for all of themclass
Allows to add statically configured claims to the credential subjectclass
Sets an ID for the credential, either randomly generated or statically configuredclass
Adds the users roles to the credential subjectclass
Allows to add types to the credential subjectclass
Allows to add user attributes to the credential subject -
Uses of Provider in org.keycloak.protocol.oid4vc.issuance.signing
Modifier and TypeInterfaceDescriptioninterface
Interface to be used for signing verifiable credentials.Modifier and TypeClassDescriptionclass
VerifiableCredentialsSigningService
implementing the JWT_VC format.class
VerifiableCredentialsSigningService
implementing the LDP_VC format.class
VerifiableCredentialsSigningService
implementing the SD_JWT_VC format.class
Abstract base class to provide the Signing Services common functionality -
Uses of Provider in org.keycloak.protocol.oidc
Modifier and TypeInterfaceDescriptioninterface
Provides token exchange mechanism for supported tokensinterface
Provides introspection for a determined OAuth2 token type.Modifier and TypeClassDescriptionclass
class
Default token exchange implementationclass
class
class
class
Modifier and TypeMethodDescriptionTokenExchangeSpi.getProviderClass()
TokenIntrospectionSpi.getProviderClass()
-
Uses of Provider in org.keycloak.protocol.oidc.endpoints
-
Uses of Provider in org.keycloak.protocol.oidc.ext
-
Uses of Provider in org.keycloak.protocol.oidc.grants
Modifier and TypeInterfaceDescriptioninterface
Provider interface for OAuth 2.0 grant typesModifier and TypeClassDescriptionclass
OAuth 2.0 Authorization Code Grant https://datatracker.ietf.org/doc/html/rfc6749#section-4.1class
OAuth 2.0 Client Credentials Grant https://datatracker.ietf.org/doc/html/rfc6749#section-4.4class
Base class for OAuth 2.0 grant typesclass
User-Managed Access (UMA) 2.0 Grant for OAuth 2.0 Authorization https://docs.kantarainitiative.org/uma/wg/rec-oauth-uma-grant-2.0.html#uma-grant-typeclass
class
OAuth 2.0 Refresh Token Grant https://datatracker.ietf.org/doc/html/rfc6749#section-6class
OAuth 2.0 Resource Owner Password Credentials Grant https://datatracker.ietf.org/doc/html/rfc6749#section-4.3class
OAuth 2.0 Authorization Code Grant https://datatracker.ietf.org/doc/html/rfc8693#section-2.1 -
Uses of Provider in org.keycloak.protocol.oidc.grants.ciba
Modifier and TypeClassDescriptionclass
OpenID Connect Client-Initiated Backchannel Authentication Flow https://openid.net/specs/openid-client-initiated-backchannel-authentication-core-1_0.html#rfc.section.10.1 -
Uses of Provider in org.keycloak.protocol.oidc.grants.ciba.channel
Modifier and TypeInterfaceDescriptioninterface
Provides the interface for requesting the authentication(AuthN) and authorization(AuthZ) by an authentication device (AD) to the external entity via Authentication Channel. -
Uses of Provider in org.keycloak.protocol.oidc.grants.ciba.clientpolicy.executor
Modifier and TypeClassDescriptionclass
class
class
-
Uses of Provider in org.keycloak.protocol.oidc.grants.ciba.endpoints
-
Uses of Provider in org.keycloak.protocol.oidc.grants.ciba.resolvers
Modifier and TypeInterfaceDescriptioninterface
Provides the resolver that converts several types of receives login hint to its corresponding UserModel. -
Uses of Provider in org.keycloak.protocol.oidc.grants.device
Modifier and TypeClassDescriptionclass
OAuth 2.0 Device Authorization Grant https://datatracker.ietf.org/doc/html/rfc8628#section-3.4 -
Uses of Provider in org.keycloak.protocol.oidc.grants.device.endpoints
-
Uses of Provider in org.keycloak.protocol.oidc.installation
Modifier and TypeClassDescriptionclass
class
class
-
Uses of Provider in org.keycloak.protocol.oidc.mappers
Modifier and TypeClassDescriptionclass
class
Set the 'sub' claim to pairwise .class
class
class
Protocol mapper to add allowed web origins to the access token to the 'allowed-origins' claimclass
class
class
Protocol mapper, which adds all client_ids of "allowed" clients to the audience field of the token.class
class
class
class
Set the 'name' claim to be first + last name.class
Maps user group membershipclass
class
Add a role to a tokenclass
Simple mapper that adds the nonce claim into the access token as before.class
Map an assigned role to a different position and name in the tokenclass
OIDCProtocolMapper
that uses a provided JavaScript fragment to compute the token claim value.class
class
class
class
Mappings UserModel.attribute to an ID Token claim.class
Allows mapping of user client role mappings to an ID and Access Token claim.class
Mappings UserModel property (the property name of a getter method) to an ID Token claim.class
Allows mapping of user realm role mappings to an ID and Access Token claim.class
Mappings UserSessionModel.note to an ID Token claim. -
Uses of Provider in org.keycloak.protocol.oidc.par.endpoints
-
Uses of Provider in org.keycloak.protocol.oidc.rar
-
Uses of Provider in org.keycloak.protocol.oidc.rar.parsers
-
Uses of Provider in org.keycloak.protocol.saml
Modifier and TypeInterfaceDescriptioninterface
Provides a way to create and resolve artifacts for SAML Artifact bindingModifier and TypeClassDescriptionclass
ArtifactResolver for artifact-04 format.class
class
-
Uses of Provider in org.keycloak.protocol.saml.clientregistration
-
Uses of Provider in org.keycloak.protocol.saml.installation
Modifier and TypeClassDescriptionclass
class
class
class
class
-
Uses of Provider in org.keycloak.protocol.saml.mappers
Modifier and TypeClassDescriptionclass
class
class
class
Mappings UserModel property (the property name of a getter method) to an AttributeStatement.class
Mappings UserModel property (the property name of a getter method) to an AttributeStatement.class
class
Map an assigned role to a different position and name in the tokenclass
SAML mapper to add a audience restriction into the assertion, to another client (clientId) or to a custom URI.class
SAML audience resolve mapper.class
This class provides a mapper that uses javascript to attach a value to an attribute for SAML tokens.class
class
Mappings UserModel attribute (not property name of a getter method) to an AttributeStatement.class
Mappings UserModel property (the property name of a getter method) to an AttributeStatement.class
Maps a user session note to a SAML attribute -
Uses of Provider in org.keycloak.protocol.saml.preprocessor
Modifier and TypeInterfaceDescriptioninterface
Provider interface for SAML authentication preprocessing. -
Uses of Provider in org.keycloak.protocol.saml.profile.ecp.authenticator
-
Uses of Provider in org.keycloak.provider
Modifier and TypeInterfaceDescriptioninterface
ProviderFactory<T extends Provider>
At boot time, keycloak discovers all factories.Modifier and TypeInterfaceDescriptioninterface
Use to unwrap exceptions specifically if there is an exception at JTA commitModifier and TypeMethodDescriptionMultivaluedHashMap<Class<? extends Provider>,
ProviderFactory> ProviderManager.getLoadedFactories()
returns a copy of internal factories.ExceptionConverterSpi.getProviderClass()
Spi.getProviderClass()
-
Uses of Provider in org.keycloak.scripting
Modifier and TypeClassDescriptionclass
-
Uses of Provider in org.keycloak.securityprofile
Modifier and TypeInterfaceDescriptioninterface
The security profile provider is a default security configuration that enforces a minimum level of security in the keycloak environment. -
Uses of Provider in org.keycloak.services
Modifier and TypeFieldDescriptionDefaultKeycloakSessionFactory.factoriesMap
DefaultKeycloakSessionFactory.provider
Modifier and TypeMethodDescriptionDefaultKeycloakSession.getAllProviders
(Class<T> clazz) <T extends Provider>
TDefaultKeycloakSession.getComponentProvider
(Class<T> clazz, String componentId) <T extends Provider>
TDefaultKeycloakSession.getComponentProvider
(Class<T> clazz, String componentId, Function<KeycloakSessionFactory, ComponentModel> modelGetter) <T extends Provider>
TDefaultKeycloakSession.getProvider
(Class<T> clazz) <T extends Provider>
TDefaultKeycloakSession.getProvider
(Class<T> clazz, String id) <T extends Provider>
TDefaultKeycloakSession.getProvider
(Class<T> clazz, ComponentModel componentModel) <T extends Provider>
ProviderFactory<T>DefaultComponentFactoryProviderFactory.getProviderFactory
(Class<T> clazz, String realmId, String componentId, Function<KeycloakSessionFactory, ComponentModel> modelGetter) <T extends Provider>
ProviderFactory<T>DefaultKeycloakSessionFactory.getProviderFactory
(Class<T> clazz) <T extends Provider>
ProviderFactory<T>DefaultKeycloakSessionFactory.getProviderFactory
(Class<T> clazz, String id) <T extends Provider>
ProviderFactory<T>DefaultKeycloakSessionFactory.getProviderFactory
(Class<T> clazz, String realmId, String componentId, Function<KeycloakSessionFactory, ComponentModel> modelGetter) protected <T extends Provider>
ProviderFactory<T>DefaultComponentFactoryProviderFactory.initializeFactory
(Class<T> clazz, String realmId, String componentId, ProviderFactory newFactory, ComponentModelScope configScope) DefaultKeycloakSession.listProviderIds
(Class<T> clazz) Modifier and TypeMethodDescriptionDefaultKeycloakSessionFactory.getFactoriesCopy()
DefaultKeycloakSession.getProviderClass
(String providerClassName) DefaultKeycloakSessionFactory.loadFactories
(ProviderManager pm) Modifier and TypeMethodDescriptionDefaultKeycloakSessionFactory.getProviderFactoriesStream
(Class<? extends Provider> clazz) -
Uses of Provider in org.keycloak.services.clientpolicy
Modifier and TypeInterfaceDescriptioninterface
Provides a method for handling an event defined inClientPolicyEvent
. -
Uses of Provider in org.keycloak.services.clientpolicy.condition
Modifier and TypeInterfaceDescriptioninterface
This condition determines to which client a client policy is adopted.Modifier and TypeClassDescriptionclass
AbstractClientPolicyConditionProvider<CONFIG extends ClientPolicyConditionConfigurationRepresentation>
class
class
class
class
class
class
class
class
class
-
Uses of Provider in org.keycloak.services.clientpolicy.executor
Modifier and TypeInterfaceDescriptioninterface
This executor specifies what action is executed on the client to which a client policy is adopted.Modifier and TypeClassDescriptionclass
class
class
class
class
Check that switch "fullScopeAllowed" is not enabled for the clientsclass
class
class
class
class
class
class
class
class
class
class
class
class
class
class
class
class
class
class
class
class
class
-
Uses of Provider in org.keycloak.services.clientregistration
Modifier and TypeClassDescriptionclass
class
class
-
Uses of Provider in org.keycloak.services.clientregistration.oidc
-
Uses of Provider in org.keycloak.services.clientregistration.policy
-
Uses of Provider in org.keycloak.services.clientregistration.policy.impl
Modifier and TypeClassDescriptionclass
class
class
class
class
class
class
-
Uses of Provider in org.keycloak.services.clienttype
-
Uses of Provider in org.keycloak.services.clienttype.impl
-
Uses of Provider in org.keycloak.services.cors
-
Uses of Provider in org.keycloak.services.managers
Modifier and TypeClassDescriptionclass
class
A single thread will log failures.class
Deprecated.Modifier and TypeMethodDescriptionBruteForceProtectorSpi.getProviderClass()
RealmManagerSpi.getProviderClass()
Deprecated. -
Uses of Provider in org.keycloak.services.migration
Modifier and TypeClassDescriptionclass
Various common utils needed for migration from older version to newer -
Uses of Provider in org.keycloak.services.resource
Modifier and TypeInterfaceDescriptioninterface
AAccountResourceProvider
creates JAX-RS resource instances for the Account endpoints, allowing an implementor to override the behavior of the entire Account console.interface
ARealmResourceProvider
creates JAX-RSsub-resource instances for paths relative to Realm's RESTful API that could not be resolved by the server.Modifier and TypeMethodDescriptionAccountResourceSpi.getProviderClass()
RealmResourceSPI.getProviderClass()
-
Uses of Provider in org.keycloak.services.resources.account
-
Uses of Provider in org.keycloak.services.resources.admin
Modifier and TypeClassDescriptionclass
class
class
class
class
class
-
Uses of Provider in org.keycloak.services.resources.admin.ext
Modifier and TypeInterfaceDescriptioninterface
AAdminRealmResourceProvider
creates JAX-RSsub-resource instances for paths relative to Realm's RESTful Admin API that could not be resolved by the server. -
Uses of Provider in org.keycloak.services.securityprofile
-
Uses of Provider in org.keycloak.services.ui.extend
-
Uses of Provider in org.keycloak.services.x509
Modifier and TypeClassDescriptionclass
class
The provider allows to extract X.509 client certificate forwarded to keycloak configured behind the Apache reverse proxy.class
The provider retrieves a client certificate and the certificate chain (if any) from the incoming TLS connection.class
The provider allows to extract X.509 client certificate forwarded to the keycloak middleware configured behind the haproxy reverse proxy.class
The NGINX Provider extract end user X.509 certificate send during TLS mutual authentication, and forwarded in an http header.class
The NGINX Trusted Provider verify extract end user X.509 certificate sent during TLS mutual authentication, verifies it against provided CA the and forwarded in an HTTP header along with a new header ssl-client-verify: SUCCESS. -
Uses of Provider in org.keycloak.sessions
Modifier and TypeInterfaceDescriptioninterface
interface
Modifier and TypeMethodDescriptionAuthenticationSessionSpi.getProviderClass()
StickySessionEncoderSpi.getProviderClass()
-
Uses of Provider in org.keycloak.social.bitbucket
-
Uses of Provider in org.keycloak.social.facebook
Modifier and TypeClassDescriptionclass
class
User attribute mapper. -
Uses of Provider in org.keycloak.social.github
Modifier and TypeClassDescriptionclass
class
User attribute mapper. -
Uses of Provider in org.keycloak.social.gitlab
-
Uses of Provider in org.keycloak.social.google
Modifier and TypeClassDescriptionclass
class
User attribute mapper. -
Uses of Provider in org.keycloak.social.instagram
Modifier and TypeClassDescriptionclass
class
User attribute mapper. -
Uses of Provider in org.keycloak.social.linkedin
Modifier and TypeClassDescriptionclass
Specific OIDC LinkedIn provider for Sign In with LinkedIn using OpenID Connect product app.class
User attribute mapper. -
Uses of Provider in org.keycloak.social.microsoft
Modifier and TypeClassDescriptionclass
Identity provider for Microsoft account.class
User attribute mapper. -
Uses of Provider in org.keycloak.social.openshift
Modifier and TypeClassDescriptionclass
Identity provider for Openshift V3.class
class
Identity provider for Openshift V4. -
Uses of Provider in org.keycloak.social.paypal
Modifier and TypeClassDescriptionclass
class
User attribute mapper. -
Uses of Provider in org.keycloak.social.stackoverflow
Modifier and TypeClassDescriptionclass
Stackoverflow social provider.class
User attribute mapper. -
Uses of Provider in org.keycloak.social.twitter
-
Uses of Provider in org.keycloak.storage
Modifier and TypeClassDescriptionclass
AbstractStorageManager<ProviderType extends Provider,
StorageProviderModelType extends CacheableStorageProviderModel> Modifier and TypeInterfaceDescriptioninterface
interface
A class implementing this interface represents a user storage provider to Keycloak.Modifier and TypeClassDescriptionclass
class
class
class
class
Modifier and TypeMethodDescriptionstatic Stream<ComponentModel>
AbstractStorageManager.getStorageProviderModels
(RealmModel realm, Class<? extends Provider> storageType) Stream of ComponentModels of storageType. -
Uses of Provider in org.keycloak.storage.client
Modifier and TypeInterfaceDescriptioninterface
Base interface for components that want to provide an alternative storage mechanism for clients This is currently a private incomplete SPI. -
Uses of Provider in org.keycloak.storage.clientscope
-
Uses of Provider in org.keycloak.storage.datastore
-
Uses of Provider in org.keycloak.storage.federated
Modifier and TypeInterfaceDescriptioninterface
static interface
Deprecated.This interface is no longer necessary; collection-based methods were removed from the parent interface and therefore the parent interface can be used directlyinterface
static interface
Deprecated.This interface is no longer necessary; collection-based methods were removed from the parent interface and therefore the parent interface can be used directly -
Uses of Provider in org.keycloak.storage.group
-
Uses of Provider in org.keycloak.storage.jpa
-
Uses of Provider in org.keycloak.storage.ldap
-
Uses of Provider in org.keycloak.storage.ldap.mappers
Modifier and TypeClassDescriptionclass
Stateful per-request objectclass
class
Mapper useful for the LDAP deployments when some attribute (usually CN) is mapped to full name of userclass
class
class
class
class
-
Uses of Provider in org.keycloak.storage.ldap.mappers.membership
Modifier and TypeInterfaceDescriptioninterface
Mapper related to mapping of LDAP groups to keycloak model objects (either keycloak roles or keycloak groups) -
Uses of Provider in org.keycloak.storage.ldap.mappers.membership.group
-
Uses of Provider in org.keycloak.storage.ldap.mappers.membership.role
Modifier and TypeClassDescriptionclass
Map realm roles or roles of particular client to LDAP groups -
Uses of Provider in org.keycloak.storage.ldap.mappers.msad
Modifier and TypeClassDescriptionclass
Mapper specific to MSAD. -
Uses of Provider in org.keycloak.storage.ldap.mappers.msadlds
Modifier and TypeClassDescriptionclass
Mapper specific to MSAD LDS. -
Uses of Provider in org.keycloak.storage.role
Modifier and TypeInterfaceDescriptioninterface
Base interface for components that want to provide an alternative storage mechanism for roles -
Uses of Provider in org.keycloak.theme
Modifier and TypeInterfaceDescriptioninterface
interface
A theme resource provider can be used to load additional templates and resources.interface
Modifier and TypeClassDescriptionclass
class
class
class
Modifier and TypeMethodDescriptionThemeResourceSpi.getProviderClass()
ThemeSelectorSpi.getProviderClass()
ThemeSpi.getProviderClass()
-
Uses of Provider in org.keycloak.theme.freemarker
-
Uses of Provider in org.keycloak.timer
-
Uses of Provider in org.keycloak.timer.basic
-
Uses of Provider in org.keycloak.transaction
Modifier and TypeInterfaceDescriptioninterface
JTA TransactionManager lookup -
Uses of Provider in org.keycloak.truststore
-
Uses of Provider in org.keycloak.url
-
Uses of Provider in org.keycloak.urls
Modifier and TypeInterfaceDescriptioninterface
The Hostname provider is used by Keycloak to decide URLs for frontend and backend requests. -
Uses of Provider in org.keycloak.userprofile
Modifier and TypeInterfaceDescriptioninterface
The provider responsible for creatingUserProfile
instances.Modifier and TypeClassDescriptionclass
UserProfileProvider
loading configuration from the changeable JSON file stored in component config. -
Uses of Provider in org.keycloak.userprofile.validator
Modifier and TypeClassDescriptionclass
Validator to check that User Profile attribute value is not blank (nor null) if the attribute is required based on AttributeMetadata predicate.class
Validator to check that User Profile attribute value is not blank (null value is OK!).class
Validator to check that User Profile username is provided during Brokerin/Federation.class
Validator to check User Profile email duplication conditions based on realm settings like isDuplicateEmailsAllowed.class
Validator to check that User Profile username already exists in database for another user in case of it's change, and fail in this case.class
Validator to check User Profile email duplication conditions if isDuplicateEmailsAllowed is false but isRegistrationEmailAsUsername is true.class
A validator that fails when the attribute is marked as read only and its value has changed.class
class
This validator disallowing bunch of characters we really not to expect in names of persons (fist, middle, last names).class
Validator to check that User Profile attribute value is not changed if attribute is read-only.class
Validator to check User Profile email attribute value during Registration when "RegistrationEmailAsUsername()" is enabled.class
Validator to check User Profile username attribute value during Registration when "RegistrationEmailAsUsername()" is enabled.class
Validator to check User Profile username attribute uniqueness during registration (when "RegistrationEmailAsUsername()" is NOT enabled).class
Validator to check that User Profile username is provided.class
Validator to check that User Profile username is provided.class
Validator to check User Profile username change and prevent it if not allowed in realm.class
This validator disallowing bunch of characters we really not to expect in username. -
Uses of Provider in org.keycloak.validate
Modifier and TypeInterfaceDescriptioninterface
Convenience interface to ease implementation of smallValidator
implementations.interface
Validates given input in aValidationContext
.Modifier and TypeClassDescriptionclass
Base class for arbitrary value type validators.class
Base class for String value format validators. -
Uses of Provider in org.keycloak.validate.validators
Modifier and TypeClassDescriptionclass
Abstract class for number validator.class
Validate input being any kind ofNumber
.class
Email format validation - accepts plain string and collection of strings, for basic behavior like null/blank values handling and collections support seeAbstractStringValidator
.class
class
A date validator that only takes into account the format associated with the current locale.class
String value length validation - accepts plain string and collection of strings, for basic behavior like null/blank values handling and collections support seeAbstractStringValidator
.class
A date validator that only takes into account the format associated with the current locale.class
Validate that value exists and is not empty nor blank.class
Check that input value is not empty.class
Validation against list of allowed values - accepts plain string and collection of strings (every value is validated against allowed values), for basic behavior like null/blank values handling and collections support seeAbstractStringValidator
.class
Validate String against configured RegEx pattern - accepts plain string and collection of strings, for basic behavior like null/blank values handling and collections support seeAbstractStringValidator
.class
class
Validate that input value isValidatorConfig
and it is correct for validator (inputHint
must be ID of the validator config is for) byValidators.validateConfig(org.keycloak.models.KeycloakSession, String, ValidatorConfig)
. -
Uses of Provider in org.keycloak.validation
-
Uses of Provider in org.keycloak.vault
Modifier and TypeClassDescriptionclass
Abstract class that is meant to be extended by implementations ofVaultProvider
that want to have support for key resolvers.class
class
A text-based vault provider, which stores each secret in a separate file. -
Uses of Provider in org.keycloak.wellknown