All Classes Interface Summary Class Summary Enum Summary Exception Summary
| Class |
Description |
| AAGUIDConverter |
|
| AbstractActionTokenHandler<T extends org.keycloak.representations.JsonWebToken> |
|
| AbstractAttributeToRoleMapper |
Abstract class that handles the logic for importing and updating brokered users for all mappers that map a SAML
attribute into a Keycloak role.
|
| AbstractCibaEndpoint |
|
| AbstractClaimMapper |
|
| AbstractClaimToGroupMapper |
|
| AbstractClaimToRoleMapper |
Abstract class that handles the logic for importing and updating brokered users for all mappers that map an OIDC
claim into a Keycloak role.
|
| AbstractClientAuthenticator |
|
| AbstractClientCertificateFromHttpHeadersLookup |
|
| AbstractClientCertificateFromHttpHeadersLookupFactory |
|
| AbstractClientRegistrationContext |
|
| AbstractClientRegistrationPolicyFactory |
|
| AbstractClientRegistrationProvider |
|
| AbstractDirectGrantAuthenticator |
|
| AbstractEcdsaKeyProvider |
|
| AbstractEcdsaKeyProviderFactory |
|
| AbstractFormAuthenticator |
Abstract helper class that Authenticator implementations can leverage
|
| AbstractGeneratedRsaKeyProviderFactory |
|
| AbstractGeneratedSecretKeyProvider |
|
| AbstractGeneratedSecretKeyProviderFactory<T extends org.keycloak.keys.KeyProvider> |
|
| AbstractIdpAuthenticator |
|
| AbstractJsonUserAttributeMapper |
Abstract class for Social Provider mappers which allow mapping of JSON user profile field into Keycloak user
attribute.
|
| AbstractOAuth2IdentityProvider<C extends OAuth2IdentityProviderConfig> |
|
| AbstractOIDCProtocolMapper |
|
| AbstractPairwiseSubMapper |
Set the 'sub' claim to pairwise .
|
| AbstractParEndpoint |
|
| AbstractPartialImport<T> |
Base PartialImport for most resource types.
|
| AbstractPermissionService |
|
| AbstractRequestFilter |
|
| AbstractResourceService |
|
| AbstractResourceService.Client |
|
| AbstractResourceService.Permission |
|
| AbstractResourceService.Resource |
|
| AbstractResourceService.ResourcePermission |
|
| AbstractResourceService.Scope |
|
| AbstractRsaKeyProvider |
|
| AbstractRsaKeyProviderFactory |
|
| AbstractSAMLProtocolMapper |
|
| AbstractSecuredLocalService |
Helper class for securing local services.
|
| AbstractSetRequiredActionAuthenticator |
|
| AbstractStorageManager<ProviderType extends org.keycloak.provider.Provider,StorageProviderModelType extends org.keycloak.storage.CacheableStorageProviderModel> |
|
| AbstractUsernameFormAuthenticator |
|
| AbstractUserProfileBean |
Abstract base for Freemarker context bean providing informations about user profile to render dynamic or crafted forms.
|
| AbstractUserProfileProvider<U extends org.keycloak.userprofile.UserProfileProvider> |
A base class for UserProfileProvider implementations providing the main hooks for customizations.
|
| AbstractVaultProvider |
Abstract class that is meant to be extended by implementations of VaultProvider that want to have support for
key resolvers.
|
| AbstractVaultProviderFactory |
Abstract class that is meant to be extended by implementations of VaultProviderFactory that want to offer support
for the configuration of key resolvers.
|
| AbstractVaultProviderFactory.AvailableResolvers |
Enum containing the available VaultKeyResolvers.
|
| AbstractX509ClientCertificateAuthenticator |
|
| AbstractX509ClientCertificateAuthenticator.CertificateValidatorConfigBuilder |
|
| AbstractX509ClientCertificateAuthenticator.UserIdentityExtractorBuilder |
|
| AbstractX509ClientCertificateAuthenticator.UserIdentityToModelMapperBuilder |
|
| AbstractX509ClientCertificateAuthenticatorFactory |
|
| AbstractX509ClientCertificateDirectGrantAuthenticator |
|
| AccessTokenIntrospectionProvider |
|
| AccessTokenIntrospectionProviderFactory |
|
| AccountBean |
|
| AccountConsole |
Created by st on 29/03/17.
|
| AccountCredentialResource |
|
| AccountCredentialResource.CredentialContainer |
|
| AccountFederatedIdentityBean |
|
| AccountFederatedIdentityBean.FederatedIdentityEntry |
|
| AccountFormService |
|
| AccountLoader |
|
| AccountRestService |
|
| AcrUtils |
|
| Action |
Enum for actions taken by PartialImport.
|
| ActionTokenContext<T extends org.keycloak.representations.JsonWebToken> |
|
| ActionTokenContext.ProcessAuthenticateFlow |
|
| ActionTokenContext.ProcessBrokerFlow |
|
| ActionTokenHandler<T extends org.keycloak.representations.JsonWebToken> |
Handler of the action token.
|
| ActionTokenHandlerFactory<T extends org.keycloak.representations.JsonWebToken> |
|
| ActionTokenHandlerSpi |
|
| AdapterInstallationClientRegistrationProvider |
|
| AdapterInstallationClientRegistrationProviderFactory |
|
| AddressMapper |
|
| AdminAuth |
|
| AdminAuth.Resource |
|
| AdminClientRegisterContext |
|
| AdminClientRegisteredContext |
|
| AdminClientUnregisterContext |
|
| AdminClientUpdateContext |
|
| AdminClientUpdatedContext |
|
| AdminClientViewContext |
|
| AdminConsole |
|
| AdminConsole.WhoAmI |
|
| AdminCorsPreflightService |
Created by st on 21/03/17.
|
| AdminEventBean |
|
| AdminEventBuilder |
|
| AdminMessageFormatter |
Message formatter for Admin GUI/API messages.
|
| AdminPermissionEvaluator |
|
| AdminPermissionEvaluator.PermissionCheck |
Useful as a function pointer, i.e.
|
| AdminPermissionEvaluator.RequirePermissionCheck |
Useful as a function pointer, i.e.
|
| AdminPermissionManagement |
|
| AdminPermissions |
|
| AdminRoot |
Root resource for admin console and admin REST API
|
| AdvancedAttributeToRoleMapper |
|
| AdvancedClaimToGroupMapper |
|
| AdvancedClaimToRoleMapper |
|
| AdvancedMessageFormatterMethod |
|
| Aes128CbcHmacSha256ContentEncryptionProviderFactory |
|
| Aes128GcmContentEncryptionProviderFactory |
|
| Aes192CbcHmacSha384ContentEncryptionProviderFactory |
|
| Aes192GcmContentEncryptionProviderFactory |
|
| Aes256CbcHmacSha512ContentEncryptionProviderFactory |
|
| Aes256GcmContentEncryptionProviderFactory |
|
| AesCbcHmacShaContentEncryptionProvider |
|
| AesGcmContentEncryptionProvider |
|
| AllowAccessAuthenticator |
Authenticator will always successfully authenticate.
|
| AllowAccessAuthenticatorFactory |
|
| AllowAllDockerProtocolMapper |
Populates token with requested scope.
|
| AllowedWebOriginsProtocolMapper |
Protocol mapper to add allowed web origins to the access token to the 'allowed-origins' claim
|
| AnyClientCondition |
|
| AnyClientConditionFactory |
|
| ApacheProxySslClientCertificateLookup |
The provider allows to extract X.509 client certificate forwarded
to keycloak configured behind the Apache reverse proxy.
|
| ApacheProxySslClientCertificateLookupFactory |
|
| AppAuthManager |
|
| AppAuthManager.BearerTokenAuthenticator |
|
| ApplianceBootstrap |
|
| ApplicationsBean |
|
| ApplicationsBean.ApplicationEntry |
|
| ApplicationsBean.ClientRoleEntry |
|
| AsymmetricClientSignatureVerifierProvider |
|
| AsymmetricSignatureProvider |
|
| AsyncResponseTransaction |
When using AsyncResponse.resume(Object) directly in the code, the response is returned before all changes
done withing this execution are committed.
|
| AttackDetectionResource |
Base resource class for the admin REST api of one realm
|
| AttemptedAuthenticator |
Pass-thru atheneticator that just sets the context to attempted.
|
| AttestationStatementConverter |
|
| AttestationStatementSerializationContainer |
|
| AttributeRequiredByMetadataValidator |
Validator to check that User Profile attribute value is not blank (nor null) if the attribute is required based on
AttributeMetadata predicate.
|
| Attributes |
|
| AttributeStatementHelper |
|
| AttributeToRoleMapper |
|
| AudienceProtocolMapper |
|
| AudienceResolveProtocolMapper |
Protocol mapper, which adds all client_ids of "allowed" clients to the audience field of the token.
|
| Auth |
|
| AuthenticationChannelProvider |
Provides the interface for requesting the authentication(AuthN) and authorization(AuthZ) by an authentication device (AD) to the external entity via Authentication Channel.
|
| AuthenticationChannelProviderFactory |
|
| AuthenticationChannelRequest |
|
| AuthenticationChannelResponse |
|
| AuthenticationChannelResponse.Status |
|
| AuthenticationChannelSpi |
|
| AuthenticationContextBean |
|
| AuthenticationFlowURLHelper |
|
| AuthenticationManagementResource |
|
| AuthenticationManager |
Stateless object that manages authentication
|
| AuthenticationManager.AuthenticationStatus |
|
| AuthenticationManager.AuthResult |
|
| AuthenticationProcessor |
|
| AuthenticationSessionManager |
|
| AuthenticatorConfiguredMethod |
|
| AuthenticatorUtil |
|
| AuthenticatorUtils |
|
| AuthorizationBean |
|
| AuthorizationBean.PermissionScopeBean |
|
| AuthorizationBean.RequesterBean |
|
| AuthorizationContextUtil |
|
| AuthorizationEndpoint |
|
| AuthorizationEndpointBase |
Common base class for Authorization REST endpoints implementation, which have to be implemented by each protocol.
|
| AuthorizationEndpointChecker |
Implements some checks typical for OIDC Authorization Endpoint.
|
| AuthorizationEndpointRequest |
|
| AuthorizationEndpointRequestParserProcessor |
|
| AuthorizationRequestContext |
|
| AuthorizationRequestParserProvider |
|
| AuthorizationRequestParserProviderFactory |
|
| AuthorizationRequestParserSpi |
|
| AuthorizationService |
|
| AuthorizationService |
|
| AuthorizationTokenService |
|
| AuthorizationTokenService.KeycloakAuthorizationRequest |
|
| AuthorizeClientUtil |
|
| AuthorizeClientUtil.ClientAuthResult |
|
| AuthzEndpointParParser |
Parse the parameters from PAR
|
| AuthzEndpointRequestObjectParser |
Parse the parameters from OIDC "request" object
|
| AuthzEndpointRequestParser |
|
| BackchannelAuthenticationCallbackEndpoint |
|
| BackchannelAuthenticationEndpoint |
|
| BackchannelAuthenticationEndpointRequest |
|
| BackchannelAuthenticationEndpointRequestParser |
|
| BackchannelAuthenticationEndpointRequestParserProcessor |
|
| BackchannelAuthenticationRequestContext |
|
| BackchannelLogoutResponse |
|
| BackchannelLogoutResponse.DownStreamBackchannelLogoutResponse |
|
| BackchannelTokenRequestContext |
|
| BasicAuthAuthenticator |
|
| BasicAuthAuthenticatorFactory |
|
| BasicAuthOTPAuthenticator |
|
| BasicAuthOTPAuthenticatorFactory |
|
| BasicTimerProvider |
|
| BasicTimerProviderFactory |
|
| BitbucketIdentityProvider |
|
| BitbucketIdentityProviderFactory |
|
| BlankAttributeValidator |
Validator to check that User Profile attribute value is not blank (null value is OK!).
|
| BrokeringFederatedUsernameHasValueValidator |
Validator to check that User Profile username is provided during Brokerin/Federation.
|
| BrowserHistoryHelper |
The point of this is to improve experience of browser history (back/forward/refresh buttons), but ensure there is no more redirects then necessary.
|
| CacheControlUtil |
|
| CertificateInfoHelper |
|
| CertificateValidator |
|
| CertificateValidator.BouncyCastleOCSPChecker |
|
| CertificateValidator.CertificateValidatorBuilder |
Configure Certificate validation
|
| CertificateValidator.CRLFileLoader |
|
| CertificateValidator.CRLListLoader |
|
| CertificateValidator.CRLLoaderImpl |
|
| CertificateValidator.CRLLoaderProxy |
|
| CertificateValidator.LdapContext |
|
| CertificateValidator.OCSPChecker |
|
| CIBAAuthenticationRequest |
Represents an authentication request sent by a consumption device (CD).
|
| CibaClientValidation |
|
| CibaGrantType |
|
| CIBALoginUserResolver |
Provides the resolver that converts several types of receives login hint to its corresponding UserModel.
|
| CIBALoginUserResolverFactory |
|
| CIBALoginUserResolverSpi |
|
| CibaRootEndpoint |
|
| ClaimsParameterTokenMapper |
|
| ClaimToRoleMapper |
|
| ClassLoaderTheme |
|
| ClasspathThemeProvider |
|
| ClasspathThemeProviderFactory |
|
| ClasspathThemeProviderFactory.ThemeRepresentation |
|
| ClasspathThemeProviderFactory.ThemesRepresentation |
|
| ClasspathThemeResourceProviderFactory |
|
| ClearExpiredClientInitialAccessTokens |
|
| ClearExpiredEvents |
|
| ClearExpiredUserSessions |
|
| ClientAccessTypeCondition |
|
| ClientAccessTypeCondition.Configuration |
|
| ClientAccessTypeConditionFactory |
|
| ClientAsymmetricSignatureVerifierContext |
|
| ClientAttributeCertificateResource |
|
| ClientAuthenticationFlow |
|
| ClientAuthUtil |
|
| ClientBean |
|
| ClientCliInstallationUtil |
|
| ClientCRUDContext |
Represents the context in the request to register/read/update/unregister client by Dynamic Client Registration or Admin REST API.
|
| ClientDescriptionConverter |
Provider plugin interface for importing clients from an arbitrary configuration format
|
| ClientDescriptionConverterFactory |
Provider plugin interface for importing clients from an arbitrary configuration format
|
| ClientDescriptionConverterSpi |
|
| ClientDisabledClientRegistrationPolicy |
|
| ClientDisabledClientRegistrationPolicyFactory |
|
| ClientECDSASignatureVerifierContext |
|
| ClientIdAndSecretAuthenticator |
Validates client based on "client_id" and "client_secret" sent either in request parameters or in "Authorization: Basic" header .
|
| ClientInitialAccessResource |
|
| ClientMacSignatureVerifierContext |
|
| ClientManager |
|
| ClientManager.InstallationAdapterConfig |
|
| ClientModelIdentity |
|
| ClientNotificationEndpointRequest |
|
| ClientPermissionEvaluator |
|
| ClientPermissionManagement |
|
| ClientPoliciesResource |
|
| ClientPoliciesUtil |
Utilities for treating client policies/profiles
|
| ClientProfilesResource |
|
| ClientPublicKeyLoader |
|
| ClientRegistrationAuth |
|
| ClientRegistrationContext |
|
| ClientRegistrationException |
|
| ClientRegistrationPolicy |
|
| ClientRegistrationPolicyException |
|
| ClientRegistrationPolicyFactory |
|
| ClientRegistrationPolicyManager |
|
| ClientRegistrationPolicyResource |
|
| ClientRegistrationPolicySpi |
|
| ClientRegistrationProvider |
|
| ClientRegistrationProviderFactory |
|
| ClientRegistrationService |
|
| ClientRegistrationSpi |
|
| ClientRegistrationTokenUtils |
|
| ClientRegistrationTokenUtils.TokenVerification |
|
| ClientResource |
Base resource class for managing one particular client of a realm.
|
| ClientRoleMappingsResource |
|
| ClientRolesCondition |
|
| ClientRolesCondition.Configuration |
|
| ClientRolesConditionFactory |
|
| ClientRolesPartialImport |
Partial Import handler for Client Roles.
|
| ClientScopeAuthorizationRequestParser |
|
| ClientScopeAuthorizationRequestParserProviderFactory |
|
| ClientScopeEvaluateResource |
|
| ClientScopeEvaluateResource.ProtocolMapperEvaluationRepresentation |
|
| ClientScopeEvaluateScopeMappingsResource |
|
| ClientScopeResource |
Base resource class for managing one particular client of a realm.
|
| ClientScopesClientRegistrationPolicy |
|
| ClientScopesClientRegistrationPolicyFactory |
|
| ClientScopesCondition |
|
| ClientScopesCondition.Configuration |
|
| ClientScopesConditionFactory |
|
| ClientScopesResource |
Base resource class for managing a realm's client scopes.
|
| ClientScopeStorageManager |
|
| ClientSessionCode<CLIENT_SESSION extends org.keycloak.sessions.CommonClientSessionModel> |
|
| ClientSessionCode.ActionType |
|
| ClientSessionCode.ParseResult<CLIENT_SESSION extends org.keycloak.sessions.CommonClientSessionModel> |
|
| ClientsManagementService |
|
| ClientsPartialImport |
PartialImport handler for Clients.
|
| ClientsResource |
Base resource class for managing a realm's clients.
|
| ClientStorageManager |
|
| ClientStorageProviderResource |
|
| ClientUpdaterContextCondition |
|
| ClientUpdaterContextCondition.Configuration |
|
| ClientUpdaterContextConditionFactory |
|
| ClientUpdaterSourceGroupsCondition |
|
| ClientUpdaterSourceGroupsCondition.Configuration |
|
| ClientUpdaterSourceGroupsConditionFactory |
|
| ClientUpdaterSourceHostsCondition |
|
| ClientUpdaterSourceHostsCondition.Configuration |
|
| ClientUpdaterSourceHostsConditionFactory |
|
| ClientUpdaterSourceRolesCondition |
|
| ClientUpdaterSourceRolesCondition.Configuration |
|
| ClientUpdaterSourceRolesConditionFactory |
|
| CliUsernamePasswordAuthenticator |
|
| CliUsernamePasswordAuthenticatorFactory |
|
| ClusterAwareScheduledTaskRunner |
Ensures that there are not concurrent executions of same task (either on this host or any other cluster host)
|
| CodeBean |
|
| ComponentResource |
|
| ConditionalAuthenticator |
|
| ConditionalAuthenticatorFactory |
|
| ConditionalLoaAuthenticator |
|
| ConditionalLoaAuthenticatorFactory |
|
| ConditionalOtpFormAuthenticator |
|
| ConditionalOtpFormAuthenticatorFactory |
|
| ConditionalRoleAuthenticator |
|
| ConditionalRoleAuthenticatorFactory |
|
| ConditionalUserConfiguredAuthenticator |
|
| ConditionalUserConfiguredAuthenticatorFactory |
|
| ConfidentialClientAcceptExecutor |
|
| ConfidentialClientAcceptExecutorFactory |
|
| ConfigProviderFactory |
|
| ConsentRequiredClientRegistrationPolicy |
|
| ConsentRequiredClientRegistrationPolicyFactory |
|
| ConsentRequiredExecutor |
|
| ConsentRequiredExecutor.Configuration |
|
| ConsentRequiredExecutorFactory |
|
| ConsoleOTPFormAuthenticator |
|
| ConsolePasswordAuthenticator |
|
| ConsoleTermsAndConditions |
|
| ConsoleUpdatePassword |
|
| ConsoleUpdateProfile |
|
| ConsoleUpdateTotp |
|
| ConsoleUsernameAuthenticator |
|
| ConsoleUsernamePasswordAuthenticator |
|
| ConsoleUsernamePasswordAuthenticatorFactory |
|
| ConsoleVerifyEmail |
|
| Constants |
|
| CookieAuthenticator |
|
| CookieAuthenticatorFactory |
|
| CookieHelper |
|
| Cors |
|
| CorsErrorResponseException |
|
| CorsPreflightService |
Created by st on 21/03/17.
|
| CredentialPublicKeyConverter |
|
| CRLUtils |
|
| DateTimeFormatterUtil |
Util class for localized date and time representation
|
| DeclarativeUserProfileModel |
|
| DeclarativeUserProfileProvider |
UserProfileProvider loading configuration from the changeable JSON file stored in component config.
|
| DefaultActionToken |
Part of action token that is intended to be used e.g.
|
| DefaultActionTokenKey |
|
| DefaultAuthenticationFlow |
|
| DefaultAuthorizationProviderFactory |
|
| DefaultBruteForceProtector |
A single thread will log failures.
|
| DefaultBruteForceProtectorFactory |
|
| DefaultCIBALoginUserResolver |
|
| DefaultCIBALoginUserResolverFactory |
|
| DefaultClientCertificateLookup |
The provider retrieves a client certificate and the certificate chain
(if any) from the incoming TLS connection.
|
| DefaultClientCertificateLookupFactory |
The factory and the corresponding providers extract a client certificate
and the certificate chain (if any) from the incoming TLS connection.
|
| DefaultClientPolicyManager |
|
| DefaultClientPolicyManagerFactory |
|
| DefaultClientRegistrationContext |
|
| DefaultClientRegistrationPolicies |
|
| DefaultClientRegistrationProvider |
|
| DefaultClientRegistrationProviderFactory |
|
| DefaultClientSessionContext |
Not thread safe.
|
| DefaultClientValidationProvider |
|
| DefaultClientValidationProviderFactory |
|
| DefaultComponentFactoryProviderFactory |
|
| DefaultEmailSenderProvider |
|
| DefaultEmailSenderProviderFactory |
|
| DefaultEvaluationContext |
|
| DefaultExecutorsProviderFactory |
|
| DefaultHostnameProvider |
|
| DefaultHostnameProviderFactory |
|
| DefaultHttpClientFactory |
The default HttpClientFactory for HttpClientProvider's used by Keycloak for outbound HTTP calls.
|
| DefaultKeycloakContext |
|
| DefaultKeycloakSession |
|
| DefaultKeycloakSessionFactory |
|
| DefaultKeycloakTransactionManager |
|
| DefaultKeyManager |
|
| DefaultLocaleSelectorProvider |
|
| DefaultLocaleSelectorProviderFactory |
|
| DefaultLocaleUpdaterProvider |
|
| DefaultLocaleUpdaterProviderFactory |
|
| DefaultMigrationProvider |
Various common utils needed for migration from older version to newer
|
| DefaultMigrationProviderFactory |
|
| DefaultProviderLoader |
|
| DefaultProviderLoaderFactory |
|
| DefaultSamlArtifactResolver |
ArtifactResolver for artifact-04 format.
|
| DefaultSamlArtifactResolverFactory |
|
| DefaultScriptingProvider |
|
| DefaultScriptingProviderFactory |
|
| DefaultSecurityHeadersOptions |
|
| DefaultSecurityHeadersProvider |
|
| DefaultSecurityHeadersProviderFactory |
|
| DefaultThemeManager |
|
| DefaultThemeManagerFactory |
|
| DefaultThemeManagerFactory.ThemeKey |
|
| DefaultThemeSelectorProvider |
|
| DefaultThemeSelectorProviderFactory |
|
| DefaultTokenExchangeProvider |
Default token exchange implementation
|
| DefaultTokenExchangeProviderFactory |
Default token exchange provider factory
|
| DefaultTokenManager |
|
| DefaultVaultCharSecret |
Default VaultCharSecret implementation based on CharBuffer. |
| DefaultVaultRawSecret |
Default raw secret implementation for byte[].
|
| DefaultVaultStringSecret |
Default VaultCharSecret implementation based on String. |
| DefaultVaultTranscriber |
Default VaultTranscriber implementation that uses the configured VaultProvider to obtain raw secrets
and convert them into other types.
|
| DeleteAccount |
|
| DenyAccessAuthenticator |
Explicitly deny access to the resources.
|
| DenyAccessAuthenticatorFactory |
|
| DeployedScriptAuthenticatorFactory |
|
| DeployedScriptOIDCProtocolMapper |
|
| DescriptionConverter |
|
| DeviceAuthorizationRequestContext |
|
| DeviceEndpoint |
|
| DeviceEndpointFactory |
|
| DeviceGrantType |
|
| DeviceTokenRequestContext |
|
| DirExportProvider |
|
| DirExportProviderFactory |
|
| DirImportProvider |
|
| DirImportProviderFactory |
|
| DockerAuthenticator |
|
| DockerAuthenticatorFactory |
|
| DockerAuthV2AttributeMapper |
|
| DockerAuthV2Protocol |
|
| DockerAuthV2ProtocolFactory |
|
| DockerAuthV2ProtocolMapper |
|
| DockerCertFileUtils |
|
| DockerComposeCertsDirectory |
|
| DockerComposeYamlFile |
Representation of the docker-compose.yaml file
|
| DockerComposeYamlInstallationProvider |
|
| DockerComposeZipContent |
|
| DockerEndpoint |
Implements a docker-client understandable format.
|
| DockerKeyIdentifier |
The “kid” field has to be in a libtrust fingerprint compatible format.
|
| DockerKeyIdentifier.DelimitingCollector |
|
| DockerRegistryConfigFileInstallationProvider |
|
| DockerV2LoginProtocolService |
|
| DockerVariableOverrideInstallationProvider |
|
| DuplicateEmailValidator |
Validator to check User Profile email duplication conditions based on realm settings like isDuplicateEmailsAllowed.
|
| DuplicateUsernameValidator |
Validator to check that User Profile username already exists in database for another user in case of it's change, and
fail in this case.
|
| DynamicClientRegisterContext |
|
| DynamicClientRegisteredContext |
|
| DynamicClientUnregisterContext |
|
| DynamicClientUpdateContext |
|
| DynamicClientUpdatedContext |
|
| DynamicClientViewContext |
|
| ECDSAClientSignatureVerifierProvider |
|
| ECDSASignatureProvider |
|
| ECDSASignatureProvider.ECDSA |
|
| EmailEventListenerProvider |
|
| EmailEventListenerProviderFactory |
|
| EmailExistsAsUsernameValidator |
Validator to check User Profile email duplication conditions if isDuplicateEmailsAllowed is false but
isRegistrationEmailAsUsername is true.
|
| EntityDescriptorClientRegistrationContext |
|
| EntityDescriptorClientRegistrationProvider |
|
| EntityDescriptorClientRegistrationProviderFactory |
|
| EntityDescriptorDescriptionConverter |
|
| ErrorCode |
|
| ErrorCodes |
|
| ErrorPage |
|
| ErrorPageException |
|
| ErrorResponse |
|
| ErrorResponseException |
An exception that can hold a Response object.
|
| ErrorResponseException |
|
| ES256ClientSignatureVerifierProviderFactory |
|
| ES256SignatureProviderFactory |
|
| ES384ClientSignatureVerifierProviderFactory |
|
| ES384SignatureProviderFactory |
|
| ES512ClientSignatureVerifierProviderFactory |
|
| ES512SignatureProviderFactory |
|
| EventAuditingAttributeChangeListener |
AttributeChangeListener to audit user profile attribute changes into Event.
|
| EventBean |
|
| EventBean.DetailBean |
|
| ExecuteActionsActionToken |
|
| ExecuteActionsActionTokenHandler |
|
| ExistingUserInfo |
|
| ExplainedTokenVerificationException |
Token verification exception that bears an error to be logged via event system
and a message to show to the user e.g.
|
| ExplainedVerificationException |
|
| ExportImportConfig |
|
| ExportImportManager |
|
| ExportImportSessionTask |
|
| ExportOptions |
|
| ExportUtils |
|
| ExternalKeycloakRoleToRoleMapper |
|
| FacebookIdentityProvider |
|
| FacebookIdentityProviderConfig |
|
| FacebookIdentityProviderFactory |
|
| FacebookUserAttributeMapper |
User attribute mapper.
|
| FapiConstant |
|
| FeaturesBean |
|
| FilesPlainTextVaultProvider |
A text-based vault provider, which stores each secret in a separate file.
|
| FilesPlainTextVaultProviderFactory |
|
| FileSystemProviderLoaderFactory |
|
| FileTruststoreProvider |
|
| FileTruststoreProviderFactory |
|
| FixedHostnameProvider |
Deprecated. |
| FixedHostnameProviderFactory |
Deprecated. |
| FolderTheme |
|
| FolderThemeProvider |
|
| FolderThemeProviderFactory |
|
| ForbiddenException |
To provide a typed exception for Forbidden (This doesn't exist in Resteasy 2.3.7)
|
| FormAuthenticationFlow |
|
| FreeMarkerAccountProvider |
|
| FreeMarkerAccountProviderFactory |
|
| FreeMarkerEmailTemplateProvider |
|
| FreeMarkerEmailTemplateProvider.EmailTemplate |
|
| FreeMarkerEmailTemplateProviderFactory |
|
| FreeMarkerException |
|
| FreeMarkerLoginFormsProvider |
|
| FreeMarkerLoginFormsProviderFactory |
|
| FreeMarkerUtil |
|
| FrontChannelLogoutBean |
|
| FrontChannelLogoutHandler |
|
| FullNameMapper |
Set the 'name' claim to be first + last name.
|
| FullScopeDisabledExecutor |
Check that switch "fullScopeAllowed" is not enabled for the clients
|
| FullScopeDisabledExecutor.Configuration |
|
| FullScopeDisabledExecutorFactory |
Check that switch "fullScopeAllowed" is not enabled for the clients
|
| GeneratedAesKeyProvider |
|
| GeneratedAesKeyProviderFactory |
|
| GeneratedEcdsaKeyProvider |
|
| GeneratedEcdsaKeyProviderFactory |
|
| GeneratedHmacKeyProvider |
|
| GeneratedHmacKeyProviderFactory |
|
| GeneratedRsaEncKeyProviderFactory |
|
| GeneratedRsaKeyProviderFactory |
|
| GitHubIdentityProvider |
|
| GitHubIdentityProviderFactory |
|
| GitHubUserAttributeMapper |
User attribute mapper.
|
| GitLabIdentityProvider |
|
| GitLabIdentityProviderFactory |
|
| GoogleIdentityProvider |
|
| GoogleIdentityProviderConfig |
|
| GoogleIdentityProviderFactory |
|
| GoogleUserAttributeMapper |
User attribute mapper.
|
| GroupMembershipMapper |
Maps user group membership
|
| GroupMembershipMapper |
|
| GroupPermissionEvaluator |
|
| GroupPermissionManagement |
|
| GroupResource |
|
| GroupsPartialImport |
Partial import handler for Groups.
|
| GroupsResource |
|
| GroupStorageManager |
|
| GzipResourceEncodingProvider |
|
| GzipResourceEncodingProviderFactory |
|
| HaProxySslClientCertificateLookup |
The provider allows to extract X.509 client certificate forwarded
to the keycloak middleware configured behind the haproxy reverse proxy.
|
| HaProxySslClientCertificateLookupFactory |
|
| HardcodedAttributeMapper |
|
| HardcodedAttributeMapper |
Mappings UserModel property (the property name of a getter method) to an AttributeStatement.
|
| HardcodedClaim |
|
| HardcodedPublicKeyLoader |
|
| HardcodedRole |
Add a role to a token
|
| HardcodedRole |
Mappings UserModel property (the property name of a getter method) to an AttributeStatement.
|
| HardcodedRoleMapper |
|
| HardcodedUserSessionAttributeMapper |
|
| HolderOfKeyEnforcerExecutor |
|
| HolderOfKeyEnforcerExecutor.Configuration |
|
| HolderOfKeyEnforcerExecutorFactory |
|
| HS256ClientSignatureVerifierProviderFactory |
|
| HS256SignatureProviderFactory |
|
| HS384ClientSignatureVerifierProviderFactory |
|
| HS384SignatureProviderFactory |
|
| HS512ClientSignatureVerifierProviderFactory |
|
| HS512SignatureProviderFactory |
|
| HttpAuthenticationChannelProvider |
|
| HttpAuthenticationChannelProviderFactory |
|
| HttpBasicAuthenticator |
|
| HttpBasicAuthenticatorFactory |
|
| HttpClientBuilder |
Abstraction for creating HttpClients.
|
| HttpClientBuilder.HostnameVerificationPolicy |
|
| IdentityBrokerService |
| IdentityCookieToken |
|
| IdentityProviderAuthenticator |
|
| IdentityProviderAuthenticatorFactory |
|
| IdentityProviderBean |
|
| IdentityProviderBean.IdentityProvider |
|
| IdentityProviderPermissionManagement |
|
| IdentityProviderResource |
|
| IdentityProvidersPartialImport |
PartialImport handler for Identitiy Providers.
|
| IdentityProvidersResource |
|
| IdpAutoLinkAuthenticator |
|
| IdpAutoLinkAuthenticatorFactory |
|
| IdpConfirmLinkAuthenticator |
|
| IdpConfirmLinkAuthenticatorFactory |
|
| IdpCreateUserIfUniqueAuthenticator |
|
| IdpCreateUserIfUniqueAuthenticatorFactory |
|
| IdpDetectExistingBrokerUserAuthenticator |
|
| IdpDetectExistingBrokerUserAuthenticatorFactory |
|
| IdpEmailVerificationAuthenticator |
|
| IdpEmailVerificationAuthenticatorFactory |
|
| IDPMetadataDescriptor |
|
| IdpReviewProfileAuthenticator |
|
| IdpReviewProfileAuthenticatorFactory |
|
| IdpReviewProfileBean |
|
| IdpUsernamePasswordForm |
Same like classic username+password form, but for use in IdP linking.
|
| IdpUsernamePasswordFormFactory |
|
| IdpVerifyAccountLinkActionToken |
Representation of a token that represents a time-limited verify e-mail action.
|
| IdpVerifyAccountLinkActionTokenHandler |
Action token handler for verification of e-mail address.
|
| IframeUtil |
|
| ImmutableAttributeValidator |
A validator that fails when the attribute is marked as read only and its value has changed.
|
| ImportedRsaKeyProvider |
|
| ImportedRsaKeyProviderFactory |
|
| ImportUtils |
|
| InitialAccessToken |
|
| InstagramIdentityProvider |
|
| InstagramIdentityProviderFactory |
|
| InstagramUserAttributeMapper |
User attribute mapper.
|
| IntermediaryScopeRepresentation |
|
| JarThemeProviderFactory |
|
| JavaAlgorithmHashProvider |
|
| JavaKeystoreKeyProvider |
|
| JavaKeystoreKeyProviderFactory |
|
| JaxrsSAML2BindingBuilder |
|
| JaxrsSAML2BindingBuilder.RedirectBindingBuilder |
|
| JBossJtaTransactionManagerLookup |
|
| JBossLoggingEventListenerProvider |
|
| JBossLoggingEventListenerProviderFactory |
|
| JsonConfigProvider |
|
| JsonConfigProviderFactory |
|
| JspRequestParameters |
|
| JsResource |
Get keycloak.js file for javascript clients
|
| JSSETruststoreConfigurator |
|
| JtaTransactionWrapper |
|
| JWKSHttpUtils |
|
| JWTClientAuthenticator |
Client authentication based on JWT signed by client private key .
|
| JWTClientSecretAuthenticator |
Client authentication based on JWT signed by client secret instead of private key .
|
| KeycloakApplication |
|
| KeycloakClientDescriptionConverter |
|
| KeycloakErrorHandler |
|
| KeycloakIdentity |
|
| KeycloakOIDCClientInstallation |
|
| KeycloakOIDCIdentityProvider |
|
| KeycloakOIDCIdentityProviderFactory |
|
| KeycloakOIDCJbossSubsystemClientCliInstallation |
|
| KeycloakOIDCJbossSubsystemClientInstallation |
|
| KeycloakSamlClientInstallation |
|
| KeycloakSamlSubsystemCliInstallation |
|
| KeycloakSamlSubsystemInstallation |
|
| KeycloakSanitizerMethod |
Allows sanitizing of html that uses Freemarker ?no_esc.
|
| KeycloakSanitizerPolicy |
Based on the EbayPolicyExample in owasp java-html-sanitizer.
|
| KeycloakSecurityHeadersFilter |
|
| KeyResource |
|
| LDAPServerCapabilitiesManager |
|
| LegacyAttributes |
Enables legacy support when managing attributes without the declarative provider.
|
| LinkedAccountsResource |
API for linking/unlinking social login accounts
|
| LinkedInIdentityProvider |
LinkedIn social provider.
|
| LinkedInIdentityProviderFactory |
|
| LinkedInUserAttributeMapper |
User attribute mapper.
|
| LinkExpirationFormatterMethod |
Method used to format link expiration time period in emails.
|
| LocaleBean |
|
| LocaleBean.Locale |
|
| LogBean |
|
| LogBean.DetailBean |
|
| LogBean.EventBean |
|
| LoginActionsService |
|
| LoginActionsServiceChecks |
|
| LoginActionsServiceChecks.AuthenticationSessionUserIdMatchesOneFromToken |
This check verifies that user ID (subject) from the token matches
the one from the authentication session.
|
| LoginActionsServiceChecks.IsActionRequired |
Verifies that if authentication session exists and any action is required according to it, then it is
the expected one.
|
| LoginActionsServiceChecks.IsRedirectValid |
Verifies whether the given redirect URL, when set, is valid for the given client.
|
| LoginActionsServiceException |
|
| LoginBean |
|
| LoginFormsUtil |
Various util methods, so the logic is not hardcoded in freemarker beans
|
| LoginStatusIframeEndpoint |
|
| LogoutEndpoint |
|
| LogoutRequestContext |
|
| LogoutTokenValidationCode |
|
| MacSecretClientSignatureVerifierProvider |
|
| MacSecretSignatureProvider |
|
| MaxClientsClientRegistrationPolicy |
|
| MaxClientsClientRegistrationPolicyFactory |
|
| MediaType |
|
| MediaTypeMatcher |
|
| MessageBean |
|
| MessageFormatterMethod |
|
| Messages |
|
| MessagesPerFieldBean |
Bean used to hold form messages per field.
|
| MessageType |
Enum with types of messages.
|
| MicrosoftIdentityProvider |
Identity provider for Microsoft account.
|
| MicrosoftIdentityProviderFactory |
|
| MicrosoftUserAttributeMapper |
User attribute mapper.
|
| ModAuthMellonClientInstallation |
|
| MtlsHoKTokenUtil |
|
| MultipleStepsExportProvider |
|
| MultipleStepsExportProvider.FederatedUsersHolder |
|
| MultipleStepsExportProvider.RealmsHolder |
|
| MultipleStepsExportProvider.UsersHolder |
|
| NameIdMapperHelper |
|
| NginxProxySslClientCertificateLookup |
The NGINX Provider extract end user X.509 certificate send during TLS mutual authentication,
and forwarded in an http header.
|
| NginxProxySslClientCertificateLookupFactory |
The factory and the corresponding providers extract a client certificate
from a NGINX reverse proxy (TLS termination).
|
| NoCookieFlowRedirectAuthenticator |
|
| NoCookieFlowRedirectAuthenticatorFactory |
|
| OAuth2Code |
Data associated with the oauth2 code.
|
| OAuth2CodeParser |
|
| OAuth2CodeParser.ParseResult |
|
| OAuth2IdentityProviderConfig |
|
| OAuthGrantBean |
|
| OAuthGrantBean.ClientScopeEntry |
|
| ObjectMapperResolver |
Any class with package org.jboss.resteasy.skeleton.key will use NON_DEFAULT inclusion
|
| OCSPUtils |
|
| OCSPUtils.OCSPRevocationStatus |
|
| OCSPUtils.RevocationStatus |
|
| OIDCAccessTokenMapper |
|
| OIDCAccessTokenResponseMapper |
|
| OIDCAdvancedConfigWrapper |
|
| OIDCAttributeMapperHelper |
|
| OIDCClientDescriptionConverter |
|
| OIDCClientDescriptionConverterFactory |
|
| OIDCClientRegistrationContext |
|
| OIDCClientRegistrationProvider |
|
| OIDCClientRegistrationProviderFactory |
|
| OIDCConfigAttributes |
|
| OIDCExtProvider |
|
| OIDCExtProviderFactory |
|
| OIDCExtSPI |
|
| OIDCIdentityProvider |
|
| OIDCIdentityProviderConfig |
|
| OIDCIdentityProviderFactory |
|
| OIDCIdentityProviderPublicKeyLoader |
|
| OIDCIDTokenMapper |
|
| OIDCLoginProtocol |
|
| OIDCLoginProtocolFactory |
|
| OIDCLoginProtocolService |
Resource class for the oauth/openid connect token service
|
| OIDCRedirectUriBuilder |
|
| OIDCResponseMode |
|
| OIDCResponseType |
|
| OIDCWellKnownProvider |
|
| OIDCWellKnownProviderFactory |
|
| OpenshiftClientStorageProvider |
|
| OpenshiftClientStorageProviderFactory |
|
| OpenshiftSAClientAdapter |
|
| OpenShiftTokenReviewEndpoint |
|
| OpenShiftTokenReviewEndpointFactory |
|
| OpenShiftTokenReviewRequestRepresentation |
|
| OpenShiftTokenReviewRequestRepresentation.Spec |
|
| OpenShiftTokenReviewResponseRepresentation |
|
| OpenShiftTokenReviewResponseRepresentation.Extra |
|
| OpenShiftTokenReviewResponseRepresentation.Status |
|
| OpenShiftTokenReviewResponseRepresentation.User |
|
| OpenshiftV3IdentityProvider |
Identity provider for Openshift V3.
|
| OpenshiftV3IdentityProviderConfig |
|
| OpenshiftV3IdentityProviderFactory |
|
| OpenshiftV4AttributeMapper |
|
| OpenshiftV4IdentityProvider |
Identity provider for Openshift V4.
|
| OpenshiftV4IdentityProviderConfig |
OpenShift 4 Identity Provider configuration class.
|
| OpenshiftV4IdentityProviderFactory |
OpenShift 4 Identity Provider factory class.
|
| OTPCredentialProvider |
|
| OTPCredentialProviderFactory |
|
| OTPFormAuthenticator |
|
| OTPFormAuthenticatorFactory |
|
| P3PHelper |
IE requires P3P header to allow loading cookies from iframes when domain differs from main page (see KEYCLOAK-2828 for more details)
|
| PairwiseSubMapperHelper |
|
| PairwiseSubMapperUtils |
|
| PairwiseSubMapperValidator |
|
| PairwiseSubMapperValidator.TypedList |
|
| ParEndpoint |
Pushed Authorization Request endpoint
|
| ParResponse |
|
| ParRootEndpoint |
|
| PartialImport<T> |
Main interface for PartialImport handlers.
|
| PartialImportManager |
This class manages the PartialImport handlers.
|
| PartialImportResult |
This class represents a single result for a resource imported.
|
| PartialImportResults |
Aggregates all the PartialImportResult objects.
|
| PasswordBean |
|
| PasswordCredentialProvider |
|
| PasswordCredentialProviderFactory |
|
| PasswordForm |
|
| PasswordFormFactory |
|
| PasswordUtil |
|
| PayPalIdentityProvider |
|
| PayPalIdentityProviderConfig |
|
| PayPalIdentityProviderFactory |
|
| PayPalUserAttributeMapper |
User attribute mapper.
|
| PermissionService |
|
| PermissionService |
|
| PermissionTicketService |
|
| PersonNameProhibitedCharactersValidator |
This validator disallowing bunch of characters we really not to expect in names of persons (fist, middle, last names).
|
| PKCEEnforcerExecutor |
|
| PKCEEnforcerExecutor.Configuration |
|
| PKCEEnforcerExecutorFactory |
|
| PkceUtils |
|
| Platform |
|
| PlatformProvider |
|
| PolicyEvaluationResponseBuilder |
|
| PolicyEvaluationService |
|
| PolicyEvaluationService.EvaluationDecisionCollector |
|
| PolicyResourceService |
|
| PolicyService |
|
| PolicyTypeResourceService |
|
| PolicyTypeService |
|
| PostBrokerLoginConstants |
|
| ProfileBean |
|
| ProfileBean |
|
| ProfileHelper |
|
| PropertiesUtil |
|
| ProtectionService |
|
| ProtocolMappersClientRegistrationPolicy |
|
| ProtocolMappersClientRegistrationPolicyFactory |
|
| ProtocolMappersResource |
Base resource for managing users
|
| ProtocolMapperUtils |
|
| ProviderManager |
|
| ProviderManagerDeployer |
|
| ProviderManagerRegistry |
|
| ProxyMappings |
ProxyMappings describes an ordered mapping for hostname regex patterns to a HttpHost proxy. |
| ProxyMappings.ProxyMapping |
|
| ProxyMappingsAwareRoutePlanner |
A DefaultRoutePlanner that determines the proxy to use for a given target hostname by consulting
the given ProxyMappings. |
| PS256ClientSignatureVerifierProviderFactory |
|
| PS256SignatureProviderFactory |
|
| PS384ClientSignatureVerifierProviderFactory |
|
| PS384SignatureProviderFactory |
|
| PS512ClientSignatureVerifierProviderFactory |
|
| PS512SignatureProviderFactory |
|
| PublicKeyStorageManager |
|
| PublicRealmResource |
Resource class for public realm information
|
| PushedAuthorizationRequestContext |
|
| ReadOnlyAttributeUnchangedValidator |
Validator to check that User Profile attribute value is not changed if attribute is read-only.
|
| RealmAdminResource |
Base resource class for the admin REST api of one realm
|
| RealmBean |
|
| RealmBean |
|
| RealmLocalizationResource |
|
| RealmManager |
Per request object
|
| RealmPermissionEvaluator |
|
| RealmRolesPartialImport |
PartialImport handler for Realm Roles.
|
| RealmRolesPartialImport.RoleHelper |
|
| RealmsAdminResource |
Top level resource for Admin REST API
|
| RealmsPermissionEvaluator |
|
| RealmsResource |
|
| RedirectUtils |
|
| ReferrerBean |
|
| RefreshTokenIntrospectionProvider |
|
| RefreshTokenIntrospectionProviderFactory |
|
| RegexUtils |
|
| RegisterBean |
|
| RegistrationAccessToken |
|
| RegistrationAuth |
|
| RegistrationEmailAsUsernameEmailValueValidator |
Validator to check User Profile email attribute value during Registration when "RegistrationEmailAsUsername()" is
enabled.
|
| RegistrationEmailAsUsernameUsernameValueValidator |
Validator to check User Profile username attribute value during Registration when "RegistrationEmailAsUsername()" is
enabled.
|
| RegistrationPage |
|
| RegistrationPassword |
|
| RegistrationProfile |
|
| RegistrationRecaptcha |
|
| RegistrationUserCreation |
|
| RegistrationUsernameExistsValidator |
Validator to check User Profile username attribute uniqueness during registration (when
"RegistrationEmailAsUsername()" is NOT enabled).
|
| RejectResourceOwnerPasswordCredentialsGrantExecutor |
|
| RejectResourceOwnerPasswordCredentialsGrantExecutor.Configuration |
|
| RejectResourceOwnerPasswordCredentialsGrantExecutorFactory |
|
| RequestHostnameProvider |
Deprecated. |
| RequestHostnameProviderFactory |
Deprecated. |
| RequestUriType |
|
| RequiredActionContextResult |
|
| RequiredActionUrlFormatterMethod |
|
| ReservedCharValidator |
|
| ReservedCharValidator.ReservedCharException |
|
| ResetCredentialChooseUser |
|
| ResetCredentialEmail |
|
| ResetCredentialsActionToken |
Representation of a token that represents a time-limited reset credentials action.
|
| ResetCredentialsActionTokenHandler |
|
| ResetCredentialsActionTokenHandler.ResetCredsAuthenticationProcessor |
|
| ResetOTP |
|
| ResetPassword |
|
| ResolveRelative |
|
| ResourceAdminManager |
|
| ResourceEncodingHelper |
|
| ResourceEncodingProvider |
|
| ResourceEncodingProvider.StreamSupplier |
|
| ResourceEncodingProviderFactory |
|
| ResourceEncodingSpi |
|
| ResourceOwnerPasswordCredentialsContext |
|
| ResourceServerService |
|
| ResourceService |
|
| ResourceService |
|
| ResourceSetService |
|
| ResourcesService |
|
| ResourceType |
Enum for each resource type that can be partially imported.
|
| RestartLoginCookie |
This is an an encoded token that is stored as a cookie so that if there is a client timeout, then the authentication session
can be restarted.
|
| Resteasy |
Provides a layer of indirection to abstract invocations to Resteasy internal APIs.
|
| ResteasyProvider |
|
| RobotsResource |
|
| RoleByIdResource |
Sometimes its easier to just interact with roles by their ID instead of container/role-name
|
| RoleContainerResource |
|
| RoleListMapper |
|
| RoleMapperResource |
Base resource for managing users
|
| RoleNameMapper |
Map an assigned role to a different position and name in the token
|
| RoleNameMapper |
Map an assigned role to a different position and name in the token
|
| RolePermissionEvaluator |
|
| RolePermissionManagement |
|
| RoleResolveUtil |
Helper class to ensure that all the user's permitted roles (including composite roles) are loaded just once per request.
|
| RoleResource |
|
| RolesPartialImport |
This class handles both realm roles and client roles.
|
| RoleStorageManager |
|
| RPTIntrospectionProvider |
Introspects token accordingly with UMA Bearer Token Profile.
|
| RPTIntrospectionProvider.UmaPermissionRepresentation |
|
| RPTIntrospectionProviderFactory |
|
| RS256ClientSignatureVerifierProviderFactory |
|
| RS256SignatureProviderFactory |
|
| RS384ClientSignatureVerifierProviderFactory |
|
| RS384SignatureProviderFactory |
|
| RS512ClientSignatureVerifierProviderFactory |
|
| RS512SignatureProviderFactory |
|
| RsaCekManagementProvider |
|
| RsaesOaep256CekManagementProviderFactory |
|
| RsaesOaepCekManagementProviderFactory |
|
| RsaesPkcs1CekManagementProviderFactory |
|
| SAMLAttributeStatementMapper |
|
| SAMLAudienceProtocolMapper |
SAML mapper to add a audience restriction into the assertion, to another
client (clientId) or to a custom URI.
|
| SAMLAudienceResolveProtocolMapper |
SAML audience resolve mapper.
|
| SamlAuthenticationPreprocessor |
Provider interface for SAML authentication preprocessing.
|
| SamlAuthenticationPreprocessorSpi |
|
| SamlClient |
Configuration of a SAML-enabled client.
|
| SamlConfigAttributes |
|
| SAMLDataMarshaller |
|
| SamlEcpProfileService |
|
| SAMLEndpoint |
|
| SAMLGroupNameMapper |
|
| SAMLIdentityProvider |
|
| SAMLIdentityProviderConfig |
|
| SAMLIdentityProviderFactory |
|
| SAMLLoginResponseMapper |
|
| SamlMetadataDescriptorUpdater |
|
| SAMLNameIdMapper |
|
| SAMLPostFormBean |
|
| SamlPrincipalType |
|
| SamlProtocol |
|
| SamlProtocol.ProtocolMapperProcessor<T> |
|
| SamlProtocolFactory |
|
| SamlProtocolUtils |
|
| SamlRepresentationAttributes |
|
| SAMLRoleListMapper |
|
| SAMLRoleNameMapper |
|
| SamlService |
Resource class for the saml connect token service
|
| SamlSessionUtils |
|
| SamlSPDescriptorClientInstallation |
|
| ScheduledTaskRunner |
|
| ScopeClientRegistrationPolicy |
|
| ScopeClientRegistrationPolicyFactory |
|
| ScopeMappedClientResource |
|
| ScopeMappedResource |
Base class for managing the scope mappings of a specific client.
|
| ScopeMappedUtil |
|
| ScopeService |
|
| ScriptBasedAuthenticator |
An Authenticator that can execute a configured script during authentication flow.
|
| ScriptBasedAuthenticatorFactory |
|
| ScriptBasedMapper |
This class provides a mapper that uses javascript to attach a value to an attribute for SAML tokens.
|
| ScriptBasedOIDCProtocolMapper |
OIDC ProtocolMapper that uses a provided JavaScript fragment to compute the token claim value.
|
| SearchQueryUtils |
|
| SecretKeyProviderUtils |
|
| SecureCibaAuthenticationRequestSigningAlgorithmExecutor |
|
| SecureCibaAuthenticationRequestSigningAlgorithmExecutor.Configuration |
|
| SecureCibaAuthenticationRequestSigningAlgorithmExecutorFactory |
|
| SecureCibaSessionEnforceExecutor |
|
| SecureCibaSessionEnforceExecutorFactory |
|
| SecureCibaSignedAuthenticationRequestExecutor |
|
| SecureCibaSignedAuthenticationRequestExecutor.Configuration |
|
| SecureCibaSignedAuthenticationRequestExecutorFactory |
|
| SecureClientAuthenticatorExecutor |
|
| SecureClientAuthenticatorExecutor.Configuration |
|
| SecureClientAuthenticatorExecutorFactory |
|
| SecureClientUrisExecutor |
|
| SecureClientUrisExecutorFactory |
|
| SecureLogoutExecutor |
|
| SecureLogoutExecutor.Configuration |
|
| SecureLogoutExecutorFactory |
|
| SecureRequestObjectExecutor |
|
| SecureRequestObjectExecutor.Configuration |
|
| SecureRequestObjectExecutorFactory |
|
| SecureResponseTypeExecutor |
|
| SecureResponseTypeExecutor.Configuration |
|
| SecureResponseTypeExecutorFactory |
|
| SecureSessionEnforceExecutor |
|
| SecureSessionEnforceExecutorFactory |
|
| SecureSigningAlgorithmExecutor |
|
| SecureSigningAlgorithmExecutor.Configuration |
|
| SecureSigningAlgorithmExecutorFactory |
|
| SecureSigningAlgorithmForSignedJwtExecutor |
|
| SecureSigningAlgorithmForSignedJwtExecutor.Configuration |
|
| SecureSigningAlgorithmForSignedJwtExecutorFactory |
|
| SerializedBrokeredIdentityContext |
|
| SerializedBrokeredIdentityContext.ContextDataEntry |
|
| ServerAsymmetricSignatureSignerContext |
|
| ServerAsymmetricSignatureVerifierContext |
|
| ServerECDSASignatureSignerContext |
|
| ServerECDSASignatureVerifierContext |
|
| ServerInfoAdminResource |
|
| ServerMacSignatureSignerContext |
|
| ServerMacSignatureVerifierContext |
|
| ServiceAccountTokenRequestContext |
|
| ServicesLogger |
Main logger for the Keycloak Services module.
|
| ServicesLogger_$logger |
Warning this class consists of generated code.
|
| ServicesUtils |
Utility class for general helper methods used across the keycloak-services.
|
| SessionCodeChecks |
|
| SessionResource |
|
| SessionsBean |
|
| SessionsBean.UserSessionBean |
|
| SHA256HashProviderFactory |
|
| SHA256PairwiseSubMapper |
|
| SHA384HashProviderFactory |
|
| SHA512HashProviderFactory |
|
| SingleFileExportProvider |
|
| SingleFileExportProviderFactory |
|
| SingleFileImportProvider |
|
| SingleFileImportProviderFactory |
|
| Soap |
|
| Soap.SoapFaultBuilder |
|
| Soap.SoapMessageBuilder |
|
| SpnegoAuthenticator |
|
| SpnegoAuthenticatorFactory |
|
| SSLSocketFactory |
Using this class is ugly, but it is the only way to push our truststore to the default LDAP client implementation.
|
| StackoverflowIdentityProvider |
Stackoverflow social provider.
|
| StackOverflowIdentityProviderConfig |
|
| StackoverflowIdentityProviderFactory |
|
| StackoverflowUserAttributeMapper |
User attribute mapper.
|
| SubjectType |
|
| Templates |
|
| Templates |
|
| TemplatingUtil |
|
| TermsAndConditions |
|
| ThemeResource |
Theme resource
|
| ThirdPartyCookiesIframeEndpoint |
|
| TimerTaskContextImpl |
|
| TokenEndpoint |
|
| TokenEndpoint.TokenExchangeSamlProtocol |
|
| TokenIntrospectContext |
|
| TokenIntrospectionEndpoint |
A token introspection endpoint based on RFC-7662.
|
| TokenManager |
Stateless object that creates tokens and manages oauth access codes
|
| TokenManager.NotBeforeCheck |
|
| TokenManager.RefreshResult |
|
| TokenManager.TokenRevocationCheck |
Check if access token was revoked with OAuth revocation endpoint
|
| TokenManager.TokenValidation |
|
| TokenRefreshContext |
|
| TokenRequestContext |
|
| TokenRevocationEndpoint |
|
| TokenRevokeContext |
|
| Tokens |
|
| TokenUtils |
|
| TotpBean |
|
| TotpBean |
Used for UpdateTotp required action
|
| TotpLoginBean |
Used for TOTP login
|
| TotpLoginBean.OTPCredential |
|
| TotpUtils |
|
| TrustedHostClientRegistrationPolicy |
|
| TrustedHostClientRegistrationPolicyFactory |
|
| TwitterIdentityProvider |
|
| TwitterIdentityProviderFactory |
|
| UmaConfiguration |
|
| UmaResourceRepresentation |
|
| UmaWellKnownProvider |
|
| UmaWellKnownProviderFactory |
|
| UPAttribute |
Configuration of the Attribute.
|
| UPAttributePermissions |
Configuration of permissions for the attribute
|
| UPAttributeRequired |
Config of the rules when attribute is required.
|
| UPAttributeSelector |
Config of the rules when attribute is selected.
|
| UPConfig |
Configuration of the User Profile for one realm.
|
| UPConfigUtils |
Utility methods to work with User Profile Configurations
|
| UpdatePassword |
|
| UpdateProfile |
|
| UpdateProfileContext |
Abstraction, which allows to display updateProfile page in various contexts (Required action of already existing user, or first identity provider
login when user doesn't yet exists in Keycloak DB)
|
| UpdateTotp |
|
| UpdateUserLocaleAction |
|
| UPGroup |
Configuration of the attribute group.
|
| UrlBean |
|
| UrlBean |
|
| Urls |
|
| UserAttributeMapper |
|
| UserAttributeMapper |
|
| UserAttributeMapper |
Mappings UserModel.attribute to an ID Token claim.
|
| UserAttributeNameIdMapper |
|
| UserAttributeStatementMapper |
Mappings UserModel attribute (not property name of a getter method) to an AttributeStatement.
|
| UserClientRoleMappingMapper |
Allows mapping of user client role mappings to an ID and Access Token claim.
|
| UserConsentManager |
|
| UserCredentialStoreManager |
|
| UserIdentityExtractor |
|
| UserIdentityToModelMapper |
|
| UserInfoEndpoint |
|
| UserInfoRequestContext |
|
| UserInfoTokenMapper |
|
| UserManagedPermissionService |
|
| UserModelIdentity |
|
| UsernameForm |
|
| UsernameFormFactory |
|
| UsernameHasValueValidator |
Validator to check that User Profile username is provided.
|
| UsernameMutationValidator |
Validator to check User Profile username change and prevent it if not allowed in realm.
|
| UsernamePasswordForm |
|
| UsernamePasswordFormFactory |
|
| UsernameProhibitedCharactersValidator |
This validator disallowing bunch of characters we really not to expect in username.
|
| UsernameTemplateMapper |
|
| UsernameTemplateMapper |
|
| UsernameTemplateMapper.Target |
|
| UserPermissionEvaluator |
|
| UserPermissionManagement |
|
| UserProfileResource |
|
| UserPropertyAttributeStatementMapper |
Mappings UserModel property (the property name of a getter method) to an AttributeStatement.
|
| UserPropertyMapper |
Mappings UserModel property (the property name of a getter method) to an ID Token claim.
|
| UserRealmRoleMappingMapper |
Allows mapping of user realm role mappings to an ID and Access Token claim.
|
| UserResource |
Base resource for managing users
|
| UserSessionCrossDCManager |
|
| UserSessionLimitsAuthenticator |
|
| UserSessionLimitsAuthenticatorFactory |
|
| UserSessionManager |
|
| UserSessionNoteMapper |
Mappings UserSessionModel.note to an ID Token claim.
|
| UserSessionNoteStatementMapper |
Maps a user session note to a SAML attribute
|
| UsersPartialImport |
PartialImport handler for users.
|
| UsersResource |
Base resource for managing users
|
| UserStorageManager |
|
| UserStorageProviderResource |
|
| UserStorageSyncManager |
|
| UserStorageSyncManager.UserStorageProviderClusterEvent |
|
| UserTransactionWrapper |
|
| UserUpdateProfileContext |
|
| ValidateOTP |
|
| ValidatePassword |
|
| ValidateUsername |
|
| ValidateX509CertificateUsername |
|
| ValidateX509CertificateUsernameFactory |
|
| Validation |
|
| VaultConfigurationException |
This exception is thrown when the factory fails to init due to a configuration error.
|
| VaultNotFoundException |
Thrown when a vault directory doesn't exist.
|
| VerifyEmail |
|
| VerifyEmailActionToken |
Representation of a token that represents a time-limited verify e-mail action.
|
| VerifyEmailActionTokenHandler |
Action token handler for verification of e-mail address.
|
| VerifyProfileBean |
|
| VerifyUserProfile |
|
| WebAuthnAuthenticator |
Authenticator for WebAuthn authentication, which will be typically used when WebAuthn is used as second factor.
|
| WebAuthnAuthenticatorFactory |
|
| WebAuthnAuthenticatorsBean |
|
| WebAuthnAuthenticatorsBean.WebAuthnAuthenticatorBean |
|
| WebAuthnAuthenticatorsBean.WebAuthnAuthenticatorBean.TransportsBean |
|
| WebAuthnAuthenticatorsBean.WebAuthnAuthenticatorBean.TransportsBean.Transport |
|
| WebAuthnConstants |
|
| WebAuthnCredentialModelInput |
|
| WebAuthnCredentialProvider |
Credential provider for WebAuthn 2-factor credential of the user
|
| WebAuthnCredentialProviderFactory |
|
| WebAuthnPasswordlessAuthenticator |
Authenticator for WebAuthn authentication with passwordless credential.
|
| WebAuthnPasswordlessAuthenticatorFactory |
|
| WebAuthnPasswordlessCredentialProvider |
Credential provider for WebAuthn passwordless credential of the user
|
| WebAuthnPasswordlessCredentialProviderFactory |
|
| WebAuthnPasswordlessRegister |
Required action for register WebAuthn passwordless credential for the user.
|
| WebAuthnPasswordlessRegisterFactory |
|
| WebAuthnRegister |
Required action for register WebAuthn 2-factor credential for the user
|
| WebAuthnRegisterFactory |
|
| WebOriginsUtils |
Created by st on 22.09.15.
|
| WelcomeResource |
|
| WellKnownProvider |
|
| WellKnownProviderFactory |
|
| WellKnownSpi |
|
| X509AuthenticatorConfigModel |
|
| X509AuthenticatorConfigModel.CertificatePolicyModeType |
|
| X509AuthenticatorConfigModel.IdentityMapperType |
|
| X509AuthenticatorConfigModel.MappingSourceType |
|
| X509ClientAuthenticator |
|
| X509ClientCertificateAuthenticator |
|
| X509ClientCertificateAuthenticatorFactory |
|
| X509ClientCertificateLookup |
|
| X509ClientCertificateLookupFactory |
|
| X509ClientCertificateLookupSpi |
|
| X509ConfirmBean |
|