All Classes and Interfaces
Class
Description
OAuth 2.0 Access Token Response json
Configuration for Java based adapters
Configuration options relevant for configuring http client that can be used by adapter.
Deprecated.
Deprecated.
Encodes and decodes to and from Base64 notation.
A
Base64.InputStream will read data from another
java.io.InputStream, given in the constructor,
and encode/decode to/from Base64 notation on the fly.A
Base64.OutputStream will write data to another
java.io.OutputStream, given in the constructor,
and encode/decode to/from Base64 notation on the fly.Common Adapter configuration
Common Realm Configuration
The default implementation is compliant with RFC 2617
compliant with RFC 6749
PEM values of key and certificate
The Class CertificateUtils provides utility functions for generation of V1 and V3
X509CertificateThe Class CertificateUtils provides utility functions for generation of V1 and V3
X509CertificateInformation about the client connection
The simple SPI for authenticating clients/applications .
Traditional OAuth2 authentication of clients based on client_id and client_secret
Client Policies' (the set of all Client Policy) external representation class
Just adds some type-safety to the ClientPolicyConditionConfiguration
Just adds some type-safety to the ClientPolicyExecutorConfiguration
Client Policy's external representation class
Client Profile's external representation class
Client Profiles' (the set of all Client Profile) external representation class
Deprecated.
Abstraction to handle differences between the APIs for non-fips and fips mode
The decision strategy dictates how the policies associated with a given policy are evaluated and how a final decision
is obtained.
Extract PrivateKey, PublicKey, and X509Certificate from a DER encoded byte array or file.
Classes implementing this interface guarantee that for each instance of this class,
there exists an mutually unique integer which is stable in time, and identifies
always the same instance of this class.
Replaces any ${} strings with their corresponding system property.
Result of the "global" request (like push notBefore or logoutAll), which is send to all cluster nodes
Deprecated.
Class is deprecated and may be removed in the future.
An interface to represent signed (JWS) and encrypted (JWE) JWTs.
This interface represents a JOSE header.
Utility class to handle simple JSON serializable for Keycloak.
Client authentication based on JWT signed by client private key .
Client authentication based on JWT signed by client secret instead of private key .
Provides abstraction to handle differences between various JDK vendors (Sun, IBM)
Provides serialization/deserialization of kerberos
GSSCredential, so it can be transmitted from auth-server to the application
and used for further calls to kerberos-secured servicesConfiguration of KeyStore.
Value object to represent an OID (object identifier) as used to describe LDAP schema, extension and features.
The decision strategy dictates how the policies associated with a given policy are evaluated and how a final decision
is obtained.
Utility methods related to networking.
Deprecated.
Representation implementation of an organization internet domain.
Used for partial import of users, groups, clients, roles, and identity providers.
A utility class for handling URI template parameters.
Utility classes to extract PublicKey, PrivateKey, and X509Certificate from openssl generated PEM files
Utility classes to extract PublicKey, PrivateKey, and X509Certificate from openssl generated PEM files
The policy enforcement mode dictates how authorization requests are handled by the server.
Utility class for working with JDK Reflection and also CDI's {link Annotated} metadata.
Represents the configurable properties of a RequiredAction.
Represents the configuration of a RequiredAction.
Some endpoints (like register new required action) doesn't support all the fields (like setEnabled etc).
One or more resources that the resource server manages as a set of protected resources.
Deprecated.
use org.keycloak.util.KeycloakSessionUtil instead
Runnable, which provides some additional info (iteration for now)
Needed here because:
- java.util.function.Supplier defined from Java 8
- Adds some additional info (current iteration)
Needed here because:
- java.util.function.BiConsumer defined from Java 8
- Adds some additional info (current iteration and called throwable
A bounded extent of access that is possible to perform on a resource set.
Default configuration for security profile.
Deprecated.
for removal in Keycloak 27
A utility class for replacing properties in strings.
Utilities to serialize objects to string.
An utility class to resolve the value of a key based on the environment variables
and system properties available at runtime.
Exception thrown for cases when token is invalid due to time constraints (expired, or not yet valid).
Thrown when token signature is invalid.
Exception thrown on failed verification of a token.
Functional interface of checks that verify some part of a JWT.
Utility class for Types
Deprecated.
for removal in Keycloak 27
Configuration of the Attribute.
Configuration of permissions for the attribute
Config of the rules when attribute is required.
Config of the rules when attribute is selected.
Configuration of the User Profile for one realm.
Configuration of the attribute group.