Start the server in development mode.

Usage:

kc.sh start-dev [OPTIONS]

Use this command if you want to run the server locally for development or
testing purposes.

Options:

-h, --help           This help message.
--help-all           This same help message but with additional options.

Cluster:

--cache <type>       Defines the cache mechanism for high-availability. By default, a 'ispn' cache
                       is used to create a cluster between multiple server nodes. A 'local' cache
                       disables clustering and is intended for development and testing purposes.
                       Default: ispn.
--cache-config-file <file>
                     Defines the file from which cache configuration should be loaded from.
--cache-stack <stack>
                     Define the default stack to use for cluster communication and node discovery.
                       This option only takes effect if 'cache' is set to 'ispn'. Default: udp.

Database:

--db <vendor>        The database vendor. Possible values are: h2-file, h2-mem, mariadb, mssql,
                       mssql-2012, mysql, oracle, postgres, postgres-95
--db-password <password>
                     The password of the database user.
--db-pool-initial-size <size>
                     The initial size of the connection pool.
--db-pool-max-size <size>
                     The maximum size of the connection pool. Default: 100.
--db-pool-min-size <size>
                     The minimal size of the connection pool.
--db-schema <schema> The database schema to be used.
--db-url <jdbc-url>  The full database JDBC URL. If not provided, a default URL is set based on the
                       selected database vendor. For instance, if using 'postgres', the default
                       JDBC URL would be 'jdbc:postgresql://localhost/keycloak'.
--db-url-database <dbname>
                     Sets the database name of the default JDBC URL of the chosen vendor. If the
                       `db-url` option is set, this option is ignored.
--db-url-host <hostname>
                     Sets the hostname of the default JDBC URL of the chosen vendor. If the
                       `db-url` option is set, this option is ignored.
--db-url-properties <properties>
                     Sets the properties of the default JDBC URL of the chosen vendor. If the
                       `db-url` option is set, this option is ignored.
--db-username <username>
                     The username of the database user.

Feature:

--features-account2 <enabled|disabled>
                     Enables the ACCOUNT2 feature.
--features-account_api <enabled|disabled>
                     Enables the ACCOUNT_API feature.
--features-admin2 <enabled|disabled>
                     Enables the ADMIN2 feature.
--features-admin_fine_grained_authz <enabled|disabled>
                     Enables the ADMIN_FINE_GRAINED_AUTHZ feature.
--features-authorization <enabled|disabled>
                     Enables the AUTHORIZATION feature.
--features-ciba <enabled|disabled>
                     Enables the CIBA feature.
--features-client_policies <enabled|disabled>
                     Enables the CLIENT_POLICIES feature.
--features-declarative_user_profile <enabled|disabled>
                     Enables the DECLARATIVE_USER_PROFILE feature.
--features-docker <enabled|disabled>
                     Enables the DOCKER feature.
--features-impersonation <enabled|disabled>
                     Enables the IMPERSONATION feature.
--features-map_storage <enabled|disabled>
                     Enables the MAP_STORAGE feature.
--features-openshift_integration <enabled|disabled>
                     Enables the OPENSHIFT_INTEGRATION feature.
--features-par <enabled|disabled>
                     Enables the PAR feature.
--features-scripts <enabled|disabled>
                     Enables the SCRIPTS feature.
--features-token_exchange <enabled|disabled>
                     Enables the TOKEN_EXCHANGE feature.
--features-upload_scripts <enabled|disabled>
                     Enables the UPLOAD_SCRIPTS feature.
--features-web_authn <enabled|disabled>
                     Enables the WEB_AUTHN feature.
-ft, --features <preview>
                     Enables all tech preview features.

Hostname:

--hostname <hostname>
                     Hostname for the Keycloak server.
--hostname-admin <url>
                     Overrides the hostname for the admin console and APIs.
--hostname-path <path>
                     This should be set if proxy uses a different context-path for Keycloak.
--hostname-strict <true|false>
                     Disables dynamically resolving the hostname from request headers. Should
                       always be set to true in production, unless proxy verifies the Host header.
                       Default: true.
--hostname-strict-backchannel <true|false>
                     By default backchannel URLs are dynamically resolved from request headers to
                       allow internal an external applications. If all applications use the public
                       URL this option should be enabled. Default: false.

HTTP/TLS:

--http-enabled <true|false>
                     Enables the HTTP listener. Default: false.
--http-host <host>   The used HTTP Host. Default: 0.0.0.0.
--http-port <port>   The used HTTP port. Default: 8080.
--http-relative-path <path>
                     Set the path relative to '/' for serving resources. Default: /.
--https-certificate-file <file>
                     The file path to a server certificate or certificate chain in PEM format.
--https-certificate-key-file <file>
                     The file path to a private key in PEM format.
--https-cipher-suites <ciphers>
                     The cipher suites to use. If none is given, a reasonable default is selected.
--https-client-auth <auth>
                     Configures the server to require/request client authentication. Possible
                       Values: none, request, required. Default: none.
--https-key-store-file <file>
                     The key store which holds the certificate information instead of specifying
                       separate files.
--https-key-store-password <password>
                     The password of the key store file. Default: password.
--https-key-store-type <type>
                     The type of the key store file. If not given, the type is automatically
                       detected based on the file name.
--https-port <port>  The used HTTPS port. Default: 8443.
--https-protocols <protocols>
                     The list of protocols to explicitly enable.
--https-trust-store-file <file>
                     The trust store which holds the certificate information of the certificates to
                       trust.
--https-trust-store-password <password>
                     The password of the trust store file.
--https-trust-store-type <type>
                     The type of the trust store file. If not given, the type is automatically
                       detected based on the file name.

Metrics:

--metrics-enabled <true|false>
                     If the server should expose metrics and healthcheck. If enabled, metrics are
                       available at the '/metrics' endpoint and healthcheck at the '/health'
                       endpoint. Default: false.

Proxy:

--proxy <mode>       The proxy address forwarding mode if the server is behind a reverse proxy.
                       Possible values are: none,edge,reencrypt,passthrough Default: none.

Vault:

--vault-file-path <dir>
                     If set, secrets can be obtained by reading the content of files within the
                       given path.
--vault-hashicorp-paths <paths>
                     A set of one or more paths that should be used when looking up secrets.

Do NOT start the server using this command when deploying to production.

Use 'kc.sh start-dev --help-all' to list all available options, including build
options.