Deprecated List (Keycloak REST Services 26.4.2 API)

Terminally Deprecated Elements

Element

Description

org.keycloak.authentication.authenticators.browser.PasskeysConditionalUIAuthenticator

org.keycloak.authentication.authenticators.browser.PasskeysConditionalUIAuthenticatorFactory

Factory is deprecated as passkeys are now integrated with the default username authenticators. It will be removed in future versions when the passkeys feature become supported.

org.keycloak.protocol.oidc.OIDCLoginProtocol.CLIENT_SECRET_BASIC_UNENCODED

org.keycloak.services.managers.UserSessionCrossDCManager

To be removed without replacement. Check the methods documentation for alternatives.

org.keycloak.services.managers.UserSessionCrossDCManager.getUserSessionIfExistsRemotely(AuthenticationSessionManager, RealmModel)

To be removed in Keycloak 27+. Use AuthenticationSessionManager.getUserSessionFromAuthenticationCookie(RealmModel)

org.keycloak.services.managers.UserSessionCrossDCManager.getUserSessionWithClient(RealmModel, String, boolean, String)

To be removed in Keycloak 27+. Use UserSessionProvider.getUserSessionIfClientExists(RealmModel, String, boolean, String)

org.keycloak.services.managers.UserSessionCrossDCManager.getUserSessionWithClient(RealmModel, String, String)

To be removed in Keycloak 27+. Use UserSessionProvider.getUserSessionIfClientExists(RealmModel, String, boolean, String)

org.keycloak.services.managers.UserSessionCrossDCManager.getUserSessionWithImpersonatorClient(RealmModel, String, boolean, String)

To be removed in Keycloak 27+. Use UserSessionUtil.getUserSessionWithImpersonatorClient(KeycloakSession, RealmModel, String, boolean, String)

Deprecated Classes

Class

Description

org.keycloak.authentication.authenticators.browser.PasskeysConditionalUIAuthenticator

org.keycloak.authentication.authenticators.browser.PasskeysConditionalUIAuthenticatorFactory

Factory is deprecated as passkeys are now integrated with the default username authenticators. It will be removed in future versions when the passkeys feature become supported.

org.keycloak.services.managers.RealmManagerProviderFactory

org.keycloak.services.managers.RealmManagerSpi

org.keycloak.services.managers.UserSessionCrossDCManager

To be removed without replacement. Check the methods documentation for alternatives.

org.keycloak.utils.ServicesUtils

- DELETE once only used from within legacy datastore module

Deprecated Fields

Field

Description

org.keycloak.authentication.authenticators.conditional.ConditionalLoaAuthenticator.STORE_IN_USER_SESSION

org.keycloak.broker.saml.SAMLEndpoint.SAML_FEDERATED_SUBJECT

org.keycloak.broker.saml.SAMLEndpoint.SAML_FEDERATED_SUBJECT_NAMEFORMAT

org.keycloak.protocol.oidc.OIDCLoginProtocol.CLIENT_SECRET_BASIC_UNENCODED

org.keycloak.protocol.oidc.OIDCLoginProtocolFactory.CONFIG_OIDC_ALLOW_MULTIPLE_AUDIENCES_FOR_JWT_CLIENT_AUTHENTICATION

To be removed in Keycloak 27

org.keycloak.protocol.oidc.OIDCProviderConfig.DEFAULT_ALLOW_MULTIPLE_AUDIENCES_FOR_JWT_CLIENT_AUTHENTICATION

to be removed in Keycloak 27

org.keycloak.protocol.RestartLoginCookie.cs

org.keycloak.social.github.GitHubIdentityProvider.AUTH_URL

Use GitHubIdentityProvider.DEFAULT_AUTH_URL instead.

org.keycloak.social.github.GitHubIdentityProvider.EMAIL_URL

Use GitHubIdentityProvider.DEFAULT_EMAIL_URL instead.

org.keycloak.social.github.GitHubIdentityProvider.PROFILE_URL

Use GitHubIdentityProvider.DEFAULT_PROFILE_URL instead.

org.keycloak.social.github.GitHubIdentityProvider.TOKEN_URL

Use GitHubIdentityProvider.DEFAULT_TOKEN_URL instead.

Deprecated Methods

Method

Description

org.keycloak.authentication.requiredactions.util.UpdateProfileContext.getAttribute(String)

Use getAttributeStream instead.

org.keycloak.authentication.requiredactions.WebAuthnRegister.getOriginalEventTypeForBackwardsCompatibility(RequiredActionContext)

For compatibility sake as long as we use @link EventType.UPDATE_PASSWORD , EventType.UPDATE_TOTP a.s.o.

org.keycloak.broker.saml.SAMLIdentityProviderConfig.getSigningCertificate()

Prefer SAMLIdentityProviderConfig.getSigningCertificates()}

org.keycloak.broker.saml.SAMLIdentityProviderConfig.setSigningCertificate(String)

Prefer SAMLIdentityProviderConfig.addSigningCertificate(String)}

org.keycloak.keys.DefaultKeyManager.getActiveAesKey(RealmModel)

org.keycloak.keys.DefaultKeyManager.getActiveHmacKey(RealmModel)

org.keycloak.keys.DefaultKeyManager.getActiveRsaKey(RealmModel)

org.keycloak.keys.DefaultKeyManager.getAesSecretKey(RealmModel, String)

org.keycloak.keys.DefaultKeyManager.getHmacSecretKey(RealmModel, String)

org.keycloak.keys.DefaultKeyManager.getRsaCertificate(RealmModel, String)

org.keycloak.keys.DefaultKeyManager.getRsaKeys(RealmModel)

org.keycloak.keys.DefaultKeyManager.getRsaPublicKey(RealmModel, String)

org.keycloak.protocol.oidc.mappers.AbstractOIDCProtocolMapper.setClaim(IDToken, ProtocolMapperModel, UserSessionModel)

override AbstractOIDCProtocolMapper.setClaim(IDToken, ProtocolMapperModel, UserSessionModel, KeycloakSession, ClientSessionContext) instead.

org.keycloak.protocol.saml.profile.util.Soap.SoapMessageBuilder.call(String)

Use Soap.SoapMessageBuilder.call(String,KeycloakSession) to use SimpleHttp configuration

org.keycloak.services.DefaultKeycloakContext.getRequestHeaders()

Use DefaultKeycloakContext.getHttpRequest() to obtain the request headers.

org.keycloak.services.managers.RealmManager.importRealm(RealmRepresentation, boolean)

use RealmManager.importRealm(RealmRepresentation, Runnable)

org.keycloak.services.managers.UserSessionCrossDCManager.getUserSessionIfExistsRemotely(AuthenticationSessionManager, RealmModel)

To be removed in Keycloak 27+. Use AuthenticationSessionManager.getUserSessionFromAuthenticationCookie(RealmModel)

org.keycloak.services.managers.UserSessionCrossDCManager.getUserSessionWithClient(RealmModel, String, boolean, String)

To be removed in Keycloak 27+. Use UserSessionProvider.getUserSessionIfClientExists(RealmModel, String, boolean, String)

org.keycloak.services.managers.UserSessionCrossDCManager.getUserSessionWithClient(RealmModel, String, String)

To be removed in Keycloak 27+. Use UserSessionProvider.getUserSessionIfClientExists(RealmModel, String, boolean, String)

org.keycloak.services.managers.UserSessionCrossDCManager.getUserSessionWithImpersonatorClient(RealmModel, String, boolean, String)

To be removed in Keycloak 27+. Use UserSessionUtil.getUserSessionWithImpersonatorClient(KeycloakSession, RealmModel, String, boolean, String)

org.keycloak.services.managers.UserSessionManager.findOfflineSessions(RealmModel, UserModel)

org.keycloak.services.resources.account.AccountCredentialResource.removeCredential(String)

It is recommended to delete credentials with the use of "delete_credential" kc_action. Action can be used for instance by adding parameter like "kc_action=delete_credential:123" to the login URL where 123 is ID of the credential to delete.

org.keycloak.services.resources.account.LinkedAccountsResource.buildLinkedAccountURI(String, String)

It is recommended to trigger linking identity provider account with the use of "idp_link" kc_action.

org.keycloak.services.resources.account.LinkedAccountsResource.getLinkedAccounts(KeycloakSession, RealmModel, UserModel)

org.keycloak.services.resources.account.PasswordUtil.isConfigured(KeycloakSession, RealmModel, UserModel)

Instead, use PasswordUtil.isConfigured()

org.keycloak.services.resources.admin.AuthenticationManagementResource.createAuthenticatorConfig(AuthenticatorConfigRepresentation)

Use AuthenticationManagementResource.newExecutionConfig(String, AuthenticatorConfigRepresentation) instead

org.keycloak.services.resources.admin.AuthenticationManagementResource.getAuthenticatorConfig(String, String)

Use rather AuthenticationManagementResource.getAuthenticatorConfig(String)

org.keycloak.services.resources.admin.fgap.UserPermissionEvaluator.grantIfNoPermission(boolean)

org.keycloak.services.resources.admin.fgap.UserPermissionEvaluator.isImpersonatable(UserModel, ClientModel)

org.keycloak.services.resources.admin.RealmAdminResource.getClientTemplates()

org.keycloak.services.resources.admin.RealmAdminResource.testSMTPConnection(String)

org.keycloak.services.resources.admin.ScopeMappedResource.getScopeMappings()

the method is not used neither from admin console or from admin client. It may be removed in future releases.

org.keycloak.services.resources.admin.UserResource.resetPasswordEmail(String, String)

org.keycloak.services.resources.IdentityBrokerService.clientInitiatedAccountLinking(String, String, String, String, String)

Deprecated Constructors

Constructor

Description

org.keycloak.services.resources.account.PasswordUtil(KeycloakSession, UserModel)

Deprecated API

Contents