Deprecated API
Contents
-
ElementDescriptionDeprecated as offline session preloading was removed in KC25. This method will be removed in KC27.To be removed without replacement. Check the methods documentation for alternatives.To be removed in Keycloak 27+. Use
AuthenticationSessionManager.getUserSessionFromAuthenticationCookie(RealmModel)
To be removed in Keycloak 27+. UseUserSessionProvider.getUserSessionIfClientExists(RealmModel, String, boolean, String)
To be removed in Keycloak 27+. UseUserSessionProvider.getUserSessionIfClientExists(RealmModel, String, boolean, String)
To be removed in Keycloak 27+. UseUserSessionUtil.getUserSessionWithImpersonatorClient(KeycloakSession, RealmModel, String, boolean, String)
-
InterfaceDescriptionThis interface is no longer necessary; collection-based methods were removed from the parent interface and therefore the parent interface can be used directlyThis interface is no longer necessary; collection-based methods were removed from the parent interface and therefore the parent interface can be used directlyThis interface is no longer necessary, collection-based methods were removed from the parent interface and therefore the parent interface can be used directlyThis interface is no longer necessary; collection-based methods were removed from the parent interface and therefore the parent interface can be used directlyThis interface is no longer necessary; collection-based methods were removed from the parent interface and therefore the parent interface can be used directlyThis interface is no longer necessary; collection-based methods were removed from the parent interface and therefore the parent interface can be used directlyThis interface is no longer necessary; collection-based methods were removed from the parent interface and therefore the parent interface can be used directlyThis interface is no longer necessary; collection-based methods were removed from the parent interface and therefore the parent interface can be used directly
-
ClassDescriptionClass is deprecated and may be removed in the future. Use org.keycloak.saml.BaseSAML2BindingBuilder#buildHtml insteadfor removal in Keycloak 27for removal in Keycloak 27use org.keycloak.util.KeycloakSessionUtil insteadThe PBKDF2 provider with SHA1 and the recommended number of 1.300.000 iterations is known to be very slow. We recommend to use the PBKDF2 variants with SHA256 or SHA512 instead.Recommended to use
UserCredentialModel
as it contains all the functionality required by this classTo be removed without replacement. Check the methods documentation for alternatives.This interface is no longer necessary; collection-based methods were removed from the parent interface and therefore the parent interface can be used directly- DELETE once only used from within legacy datastore module
-
FieldDescriptionUse
LDAPConstants.USE_TRUSTSTORE_ALWAYS
instead.UseGitHubIdentityProvider.DEFAULT_AUTH_URL
instead.UseGitHubIdentityProvider.DEFAULT_EMAIL_URL
instead.UseGitHubIdentityProvider.DEFAULT_PROFILE_URL
instead.UseGitHubIdentityProvider.DEFAULT_TOKEN_URL
instead.
-
MethodDescriptionuse
RealmLocalizationResource.getRealmLocalizationTexts(String)
, in order to retrieve localization texts without fallbacks. If you need fallbacks, call the endpoint multiple time with all the relevant locales (e.g. "de" in case of "de-CH") - the realm default locale is NOT the only fallback to be considered.please useRoleResource.getUserMembers()
UsegetAttributeStream
instead.For compatibility sake as long as we use @linkEventType.UPDATE_PASSWORD
,EventType.UPDATE_TOTP
a.s.o.for removal in Keycloak 27for removal in Keycloak 27For String content, useHttpClientProvider.getString(String)
, for binary data useHttpClientProvider.getInputStream(String)
. To be removed in Keycloak 27.Recommended to use PasswordCredentialModel.getPasswordCredentialData().getAlgorithm() or OTPCredentialModel.getOTPCredentialData().getAlgorithm()Recommended to useCredentialModel.getCredentialData()
instead and use the subtype of CredentialData specific to your credentialRecommended to use OTPCredentialModel.getOTPCredentialData().getCounter()Recommended to use OTPCredentialModel.getOTPCredentialData().getDevice()Recommended to use OTPCredentialModel.getOTPCredentialData().getDigits()Recommended to use PasswordCredentialModel.getPasswordCredentialData().getHashIterations()Recommended to use OTPCredentialModel.getOTPCredentialData().getPeriod()Recommended to use PasswordCredentialModel.getPasswordSecretData().getSalt()Recommended to use PasswordCredentialModel.getPasswordSecretData().getValue() or OTPCredentialModel.getOTPSecretData().getValue()Recommended to useCredentialModel.setCredentialData(String)
instead and use the subtype of CredentialData specific to your credentialExists due the backwards compatibility. It is recommended to usePasswordHashProvider.encodedCredential(String, int)
}Exists due the backwards compatibility. It is recommended to usePasswordHashProvider.policyCheck(PasswordPolicy, PasswordCredentialModel)
Exists due the backwards compatibility. It is recommended to usePasswordHashProvider.verify(String, PasswordCredentialModel)
Unused method. Currently, used only in the testsuiteUnused method. Currently, used only in the testsuiteThis method is problem from the performance perspective. Some storages can provide better way for doing this (e.g. entry lifespan in the Infinispan server, etc.). We need to leave solving event expiration to each storage provider separately using expiration field on entity level.Do not use, to be removedDo not use, this is only to support a deprecated logout endpoint and will vanish with it's removalDeprecated in favor of {@link #getComponentProvider)UseIDPProvider#createMapper(IdentityProviderMapperModel)
instead.UseIdentityProviderStorageProvider.getByAlias(String)
instead.UseIDPProvider#getMapperById(String)
instead.UseIDPProvider#getMapperByName(String, String)
instead.UseIDPProvider#getMappersByAliasStream(String)
instead.UseIDPProvider#getMappersStream()
instead.UseIdentityProviderStorageProvider.getAllStream()
instead.UseIdentityProviderStorageProvider.remove(String)
instead.UseIDPProvider#removeMapper(IdentityProviderMapperModel)
instead.UseIDPProvider#updateMapper(IdentityProviderMapperModel)
instead.int will overflow with values after 2038. UseSingleUseObjectKeyModel.getExp()
instead.UsegetClientStorageProvidersStream
instead.UsegetRoleStorageProvidersStream
instead.UsegetUserStorageProvidersStream
instead.Deprecated as offline session preloading was removed in KC25. This method will be removed in KC27.UseSoap.SoapMessageBuilder.call(String,KeycloakSession)
to use SimpleHttp configurationdeprecated and replaced by configuration on IdpReviewProfileAuthenticatorReplaced by configuration option in identity provider authenticatordeprecated and replaced by configuration on IdpReviewProfileAuthenticatorUseUserRepresentation.getFederationLink()
insteadUseUserRepresentation.setFederationLink(String)
insteadUseIDToken.getSessionId()
instead.org.keycloak.saml.common.util.StaxParserUtil.getBooleanAttributeValue(StartElement, String, boolean) UseDefaultKeycloakContext.getHttpRequest()
to obtain the request headers.To be removed in Keycloak 27+. UseAuthenticationSessionManager.getUserSessionFromAuthenticationCookie(RealmModel)
To be removed in Keycloak 27+. UseUserSessionProvider.getUserSessionIfClientExists(RealmModel, String, boolean, String)
To be removed in Keycloak 27+. UseUserSessionProvider.getUserSessionIfClientExists(RealmModel, String, boolean, String)
To be removed in Keycloak 27+. UseUserSessionUtil.getUserSessionWithImpersonatorClient(KeycloakSession, RealmModel, String, boolean, String)
It is recommended to delete credentials with the use of "delete_credential" kc_action. Action can be used for instance by adding parameter like "kc_action=delete_credential:123" to the login URL where 123 is ID of the credential to delete.org.keycloak.services.resources.account.LinkedAccountsResource.buildLinkedAccountURI(String, String) Instead, usePasswordUtil.isConfigured()
the method is not used neither from admin console or from admin client. It may be removed in future releases.manual removal of expired entities should not be used anymore. It is responsibility of the store implementation to handle expirable entitiesmanual removal of expired entities should not be used anymore. It is responsibility of the store implementation to handle expirable entitiesUseAbstractUserAdapter.getAttributeStream(String)
insteadUseAbstractUserAdapter.getGroupsStream()
insteadUseAbstractUserAdapter.getRealmRoleMappingsStream()
insteadUseAbstractUserAdapter.getRoleMappingsStream()
insteadUseStorageId.isLocalStorage(String)
instead.UseStorageId.isLocalStorage(String)
instead.UseStorageId.providerId(String)
instead.UseStorageId.providerId(String)
instead.UseUserCountMethodsProvider.getUsersCount(RealmModel, Map)
with anparams
map containingUserModel.SEARCH
instead.UseUserCountMethodsProvider.getUsersCount(RealmModel, Map, Set)
with anparams
map containingUserModel.SEARCH
instead.UseUserQueryMethodsProvider.searchForUserStream(RealmModel, Map)
with anparams
map containingUserModel.SEARCH
instead.UseUserQueryMethodsProvider.searchForUserStream(RealmModel, Map, Integer, Integer)
with anparams
map containingUserModel.SEARCH
instead.This method is here only for backward compatibility with previous version ofTokenVerifier
.This method is here only for backward compatibility with previous version ofTokenVerifier
.This method is here only for backward compatibility with previous version ofTokenVerifier
.This method is here only for backward compatibility with previous version ofTokenVerifier
.
-
Enum ConstantDescriptionsee KEYCLOAK-2266Use namespace-aware variant insteadUse namespace-aware variant instead