All Classes

Class	Description
AbstractConfig
AbstractKeycloakTransaction	Handles some common transaction logic related to start, rollback-only etc.
AbstractKeycloakTransaction.TransactionState
AbstractUserAdapter	This abstract class provides implementations for everything but getUsername().
AbstractUserAdapter.Streams	The AbstractUserAdapter.Streams class extends the AbstractUserAdapter abstract class and implements the UserModel.Streams interface, allowing subclasses to focus on the implementation of the Stream-based query methods and providing default implementations for the collections-based variants that delegate to their Stream counterparts.
AbstractUserAdapterFederatedStorage	Assumes everything is managed by federated storage except for username.
AbstractUserAdapterFederatedStorage.Streams	The AbstractUserAdapterFederatedStorage.Streams class extends the AbstractUserAdapterFederatedStorage abstract class and implements the UserModel.Streams interface, allowing subclasses to focus on the implementation of the Stream-based query methods and providing default implementations for the collections-based variants that delegate to their Stream counterparts.
ActionTokenKeyModel
ActionTokenValueModel	This model represents contents of an action token shareable among Keycloak instances in the cluster.
AuthenticatedClientSessionModel
AuthenticatedClientSessionModel.SearchableFields
AuthenticationExecutionModel
AuthenticationExecutionModel.ExecutionComparator
AuthenticationExecutionModel.Requirement
AuthenticationFlowBindings	Defines constants for authentication flow bindings.
AuthenticationFlowModel
AuthenticationFlowModel.AuthenticationFlowComparator
AuthenticationSessionCompoundId	Allow to encode compound string to fully lookup authenticationSessionModel
AuthenticationSessionModel	Represents the state of the authentication.
AuthenticationSessionProvider
AuthenticatorConfigModel
AuthenticatorConfigModel.AuthenticationConfigComparator
AuthorizationDetails	The internal Keycloak representation of a Rich Authorization Request authorization_details object, together with some extra metadata to make it easier to work with this data in other parts of the codebase.
AuthorizationRequestContext	This context object will contain all parsed Rich Authorization Request objects, together with the internal representation that Keycloak is going to use for Scopes.
AuthorizationRequestSource
Base32	Base32 - encodes and decodes RFC3548 Base32 (see http://www.faqs.org/rfcs/rfc3548.html )
CacheableStorageProviderModel
CacheableStorageProviderModel.CachePolicy
CachedObject
CachedUserModel	Cached users will implement this interface
CachedUserModel.Streams	The CachedUserModel.Streams interface differs from CachedUserModel in that it extends the UserModel.Streams interface, allowing implementations of CachedUserModel to focus on the Stream-based methods in the UserModel interface.
CibaConfig
ClaimTypeModel
ClaimTypeModel.ValueType
ClientInitialAccessModel
ClientLookupProvider	Abstraction interface for lookoup of clients by id and clientId.
ClientModel
ClientModel.ClientCreationEvent
ClientModel.ClientProtocolUpdatedEvent
ClientModel.ClientRemovedEvent
ClientModel.ClientUpdatedEvent
ClientModel.SearchableFields
ClientPolicyContext	Provides Client Policy Context.
ClientPolicyEvent	Events on which client policies mechanism detects and do its operation
ClientPolicyException
ClientPolicyManager	Provides a method for handling an event defined in ClientPolicyEvent.
ClientProvider	Provider of the client records.
ClientScopeLookupProvider
ClientScopeModel
ClientScopeModel.ClientScopeRemovedEvent
ClientScopeModel.SearchableFields
ClientScopeProvider	Provider of the client scopes records.
ClientSessionContext	Request-scoped context object
ClientStorageProvider	Base interface for components that want to provide an alternative storage mechanism for clients This is currently a private incomplete SPI.
ClientStorageProviderModel	Stored configuration of a Client Storage provider instance.
CommonClientSessionModel	Predecesor of AuthenticationSessionModel, ClientLoginSessionModel and ClientSessionModel (then action tickets).
CommonClientSessionModel.Action
CommonClientSessionModel.ExecutionStatus
ComponentFactory<CreatedType,ProviderType extends Provider>
ComponentModel	Stored configuration of a User Storage provider instance.
ComponentValidationException
ConfiguredComponent
ConfiguredProvider
CredentialAuthentication	Single purpose method that knows how to authenticate a user based on a credential type.
CredentialInput
CredentialInputUpdater
CredentialInputUpdater.Streams	The CredentialInputUpdater.Streams interface makes all collection-based methods in CredentialInputUpdater default by providing implementations that delegate to the Stream-based variants instead of the other way around.
CredentialInputValidator	Implentations of this interface can validate CredentialInput, i.e.
CredentialMetadata
CredentialMetadata.LocalizedMessage
CredentialModel	Used just in cases when we want to "directly" update or retrieve the hash or salt of user credential (For example during export/import)
CredentialProvider<T extends CredentialModel>
CredentialTypeMetadata
CredentialTypeMetadata.Category
CredentialTypeMetadata.CredentialTypeMetadataBuilder
CredentialTypeMetadataContext
CredentialTypeMetadataContext.CredentialTypeMetadataContextBuilder
CredentialValidationOutput	Output of credential validation
CredentialValidationOutput.Status
FederatedIdentityModel
GroupLookupProvider
GroupModel
GroupModel.GroupRemovedEvent
GroupModel.SearchableFields
GroupModel.Streams	The GroupModel.Streams interface makes all collection-based methods in GroupModel default by providing implementations that delegate to the Stream-based variants instead of the other way around.
GroupProvider	Provider of group records
GroupStorageProvider
GroupStorageProviderModel	Stored configuration of a Group Storage provider instance.
HmacOTP
HostnameProvider	The Hostname provider is used by Keycloak to decide URLs for frontend and backend requests.
HostnameProviderFactory
HostnameSpi
IdentityProviderMapperModel	Specifies a mapping from broker login to user data.
IdentityProviderMapperSyncMode
IdentityProviderModel	A model type representing the configuration for identity providers.
IdentityProviderSyncMode
ImportedUserValidation	This is an optional capability interface that is intended to be implemented by any UserStorageProvider that supports validating users.
ImportSynchronization	This is an optional capability interface that is intended to be implemented by any UserStorageProvider that supports syncing users to keycloak local storage.
InvalidationHandler	Handles invalidation requests.
InvalidationHandler.InvalidableObjectType	Tagging interface for the kinds of invalidatable object
InvalidationHandler.ObjectType
JsonConfigComponentModel	Component model backed by JSON configuration.
KeycloakContext
KeycloakSession
KeycloakSessionFactory
KeycloakSessionTask	Task to be executed inside transaction
KeycloakTransaction
KeycloakTransactionManager
KeycloakTransactionManager.JTAPolicy
KeycloakUriInfo
KeyManager
KeyManager.ActiveAesKey
KeyManager.ActiveHmacKey
KeyManager.ActiveRsaKey
KeyMetadata
LocaleSelectorProvider
LocaleSelectorProviderFactory
LocaleSelectorSPI
LocaleUpdaterProvider
LocaleUpdaterProviderFactory
LocaleUpdaterSPI
MigrationModel
ModelDuplicateException
ModelException
ModelIllegalStateException	Thrown when data can't be retrieved for the model.
OAuth2DeviceConfig
OnUserCache
OrderedModel
OrderedModel.OrderedModelComparator<OM extends OrderedModel>
OTPCredentialData
OTPCredentialModel
OTPPolicy
OTPPolicy.FreeOTP
OTPPolicy.GoogleAuthenticator
OTPPolicy.OtpApp
OTPSecretData
ParConfig
PasswordCredentialData
PasswordCredentialModel
PasswordHashProvider
PasswordPolicy
PasswordPolicy.Builder
PasswordPolicyConfigException	Created by st on 23/05/17.
PasswordPolicyNotMetException
PasswordPolicyProvider
PasswordSecretData
PasswordUserCredentialModel	Deprecated. Recommended to use UserCredentialModel as it contains all the functionality required by this class
PolicyError
PrioritizedComponentModel
ProtocolMapperContainerModel
ProtocolMapperModel	Specifies a mapping from user data to a protocol claim assertion.
Provider
ProviderConfigProperty	Configuration property metadata.
ProviderConfigurationBuilder	Builds a list of ProviderConfigProperty instances.
ProviderEvent
ProviderEventListener
ProviderEventManager
ProviderFactory<T extends Provider>	At boot time, keycloak discovers all factories.
ReadOnlyException	Thrown when UserStorageProvider UserModel adapter is read-only
RealmModel
RealmModel.IdentityProviderRemovedEvent
RealmModel.IdentityProviderUpdatedEvent
RealmModel.RealmCreationEvent
RealmModel.RealmPostCreateEvent
RealmModel.RealmRemovedEvent
RealmModel.SearchableFields
RealmProvider
RecoveryAuthnCodeRepresentation
RecoveryAuthnCodesCredentialData
RecoveryAuthnCodesCredentialModel
RecoveryAuthnCodesSecretData
RecoveryAuthnCodesUtils
RequiredActionProviderModel
RequiredActionProviderModel.RequiredActionComparator
RequiredCredentialModel
RoleContainerModel
RoleContainerModel.RoleRemovedEvent
RoleLookupProvider	Abstraction interface for lookup of both realm roles and client roles by id, name and description.
RoleMapperModel
RoleMapperModel.Streams	The RoleMapperModel.Streams interface makes all collection-based methods in RoleMapperModel default by providing implementations that delegate to the Stream-based variants instead of the other way around.
RoleModel
RoleModel.SearchableFields
RoleProvider	Provider of the role records.
RoleStorageProvider	Base interface for components that want to provide an alternative storage mechanism for roles
RoleStorageProviderModel	Stored configuration of a Role Storage provider instance.
RoleUtils
RootAuthenticationSessionModel	Represents usually one browser session with potentially many browser tabs.
RootAuthenticationSessionModel.SearchableFields
RsaKeyMetadata
SamlArtifactSessionMappingModel
ScopeContainerModel
ScriptModel	A representation of a Script with some additional meta-data.
SearchableModelField<M>
SecretKeyMetadata
Spi
StorageId
StringUtil
SubComponentFactory<CreatedType,ProviderType extends Provider>	Useful when you want to describe config properties that are effected by the parent ComponentModel
SynchronizationResult
Theme
Theme.Type
ThemeManager
ThemeResourceProvider	A theme resource provider can be used to load additional templates and resources.
ThemeResourceProviderFactory
ThemeResourceSpi
ThemeSelectorProvider
ThemeSelectorProviderFactory
ThemeSelectorSpi
TokenManager
UrlType
UserAttributeFederatedStorage
UserAttributeFederatedStorage.Streams	The UserAttributeFederatedStorage.Streams interface makes all collection-based methods in UserAttributeFederatedStorage default by providing implementations that delegate to the Stream-based variants instead of the other way around.
UserBrokerLinkFederatedStorage
UserBrokerLinkFederatedStorage.Streams	The UserBrokerLinkFederatedStorage.Streams interface makes all collection-based methods in UserBrokerLinkFederatedStorage default by providing implementations that delegate to the Stream-based variants instead of the other way around.
UserBulkUpdateProvider	This is an optional capability interface that is intended to be implemented by any UserStorageProvider that supports bulk operations.
UserCache	All these methods effect an entire cluster of Keycloak instances.
UserCache.Streams	The UserCache.Streams interface differs from UserCache in that it extends the UserProvider.Streams interface, allowing implementations of UserCache to focus on the Stream-based methods in the UserProvider interface.
UserConsentFederatedStorage
UserConsentFederatedStorage.Streams	The UserConsentFederatedStorage.Streams interface makes all collection-based methods in UserConsentFederatedStorage default by providing implementations that delegate to the Stream-based variants instead of the other way around.
UserConsentModel
UserCredentialManager
UserCredentialManager.Streams	The UserCredentialManager.Streams interface makes all collection-based methods in UserCredentialManager default by providing implementations that delegate to the Stream-based variants instead of the other way around.
UserCredentialModel
UserCredentialStore
UserCredentialStore.Streams	The UserCredentialStore.Streams interface makes all collection-based methods in UserCredentialStore default by providing implementations that delegate to the Stream-based variants instead of the other way around.
UserFederatedStorageProvider
UserFederatedStorageProvider.Streams	The UserFederatedStorageProvider.Streams interface makes all collection-based methods in UserFederatedStorageProvider default by providing implementations that delegate to the Stream-based variants instead of the other way around.
UserFederatedStorageProviderFactory
UserFederatedStorageProviderSpi
UserFederatedUserCredentialStore
UserFederatedUserCredentialStore.Streams	The UserFederatedUserCredentialStore.Streams interface makes all collection-based methods in UserFederatedUserCredentialStore default by providing implementations that delegate to the Stream-based variants instead of the other way around.
UserGroupMembershipFederatedStorage
UserGroupMembershipFederatedStorage.Streams	The UserGroupMembershipFederatedStorage.Streams interface makes all collection-based methods in UserGroupMembershipFederatedStorage default by providing implementations that delegate to the Stream-based variants instead of the other way around.
UserLoginFailureModel
UserLoginFailureModel.SearchableFields
UserLoginFailureProvider
UserLookupProvider	This is an optional capability interface that is intended to be implemented by any UserStorageProvider that supports basic user querying.
UserLookupProvider.Streams
UserManager
UserModel
UserModel.RequiredAction
UserModel.SearchableFields
UserModel.Streams	The UserModel.Streams interface makes all collection-based methods in UserModel default by providing implementations that delegate to the Stream-based variants instead of the other way around.
UserModel.UserRemovedEvent
UserModelDefaultMethods
UserModelDefaultMethods.Streams	The UserModelDefaultMethods.Streams class extends the UserModelDefaultMethods abstract class and implements the UserModel.Streams interface, allowing subclasses to focus on the implementation of the Stream-based query methods and providing default implementations for the collections-based variants that delegate to their Stream counterparts.
UserModelDelegate	Delegation pattern.
UserNotBeforeFederatedStorage
UserProvider
UserProvider.Streams	The UserProvider.Streams interface makes all collection-based methods in UserProvider default by providing implementations that delegate to the Stream-based variants instead of the other way around.
UserQueryProvider	This is an optional capability interface that is intended to be implemented by any UserStorageProvider that supports complex user querying.
UserQueryProvider.Streams	The UserQueryProvider.Streams interface makes all collection-based methods in UserQueryProvider default by providing implementations that delegate to the Stream-based variants instead of the other way around.
UserRegistrationProvider	This is an optional capability interface that is intended to be implemented by any UserStorageProvider that supports addition of new users.
UserRequiredActionsFederatedStorage
UserRequiredActionsFederatedStorage.Streams	The UserRequiredActionsFederatedStorage.Streams interface makes all collection-based methods in UserRequiredActionsFederatedStorage default by providing implementations that delegate to the Stream-based variants instead of the other way around.
UserRoleMappingsFederatedStorage
UserRoleMappingsFederatedStorage.Streams	The UserRoleMappingsFederatedStorage.Streams interface makes all collection-based methods in UserRoleMappingsFederatedStorage default by providing implementations that delegate to the Stream-based variants instead of the other way around.
UserSessionModel
UserSessionModel.SearchableFields
UserSessionModel.SessionPersistenceState	Flag used when creating user session
UserSessionModel.State
UserSessionProvider
UserStorageProvider	A class implementing this interface represents a user storage provider to Keycloak.
UserStorageProvider.EditMode	Optional type that can be used by implementations to describe edit mode of user storage
UserStorageProviderFactory<T extends UserStorageProvider>
UserStorageProviderModel	Stored configuration of a User Storage provider instance.
UserStorageProviderSpi
VaultCharSecret	A CharBuffer based representation of the secret obtained from the vault that supports automated cleanup of memory.
VaultKeyResolver	VaultKeyResolver is a BiFunction whose implementation of the BiFunction.apply(Object, Object) method takes two Strings representing the realm name and the key name (as used in ${vault.key} expressions) and returns another String representing the final constructed key that is to be used when obtaining secrets from the vault.
VaultProvider	Provider interface for a vault.
VaultProviderFactory
VaultRawSecret	Raw representation of the secret obtained from vault that supports automated cleanup of memory.
VaultSpi	SPI for a low-level vault access.
VaultStringSecret	A String based representation of the secret obtained from the vault that supports automated cleanup of memory.
VaultTranscriber	A facade to the configured vault provider that exposes utility methods for obtaining the vault secrets in different formats (such as VaultRawSecret, VaultCharSecret or VaultStringSecret).
WebAuthnCredentialData
WebAuthnCredentialModel
WebAuthnPolicy
WebAuthnSecretData