All Classes (Keycloak Server SPI 15.1.0 API)

All Classes Interface Summary Class Summary Enum Summary Exception Summary
Class	Description
AbstractConfig
AbstractKeycloakTransaction	Handles some common transaction logic related to start, rollback-only etc.
AbstractKeycloakTransaction.TransactionState
AbstractUserAdapter	This abstract class provides implementations for everything but getUsername().
AbstractUserAdapter.Streams	The `AbstractUserAdapter.Streams` class extends the `AbstractUserAdapter` abstract class and implements the `UserModel.Streams` interface, allowing subclasses to focus on the implementation of the `Stream`-based query methods and providing default implementations for the collections-based variants that delegate to their `Stream` counterparts.
AbstractUserAdapterFederatedStorage	Assumes everything is managed by federated storage except for username.
AbstractUserAdapterFederatedStorage.Streams	The `AbstractUserAdapterFederatedStorage.Streams` class extends the `AbstractUserAdapterFederatedStorage` abstract class and implements the `UserModel.Streams` interface, allowing subclasses to focus on the implementation of the `Stream`-based query methods and providing default implementations for the collections-based variants that delegate to their `Stream` counterparts.
ActionTokenKeyModel
ActionTokenValueModel	This model represents contents of an action token shareable among Keycloak instances in the cluster.
AuthenticatedClientSessionModel
AuthenticatedClientSessionModel.SearchableFields
AuthenticationExecutionModel
AuthenticationExecutionModel.ExecutionComparator
AuthenticationExecutionModel.Requirement
AuthenticationFlowBindings	Defines constants for authentication flow bindings.
AuthenticationFlowModel
AuthenticationFlowModel.AuthenticationFlowComparator
AuthenticationSessionCompoundId	Allow to encode compound string to fully lookup authenticationSessionModel
AuthenticationSessionModel	Represents the state of the authentication.
AuthenticationSessionProvider
AuthenticatorConfigModel
AuthenticatorConfigModel.AuthenticationConfigComparator
Base32	Base32 - encodes and decodes RFC3548 Base32 (see http://www.faqs.org/rfcs/rfc3548.html )
CacheableStorageProviderModel
CacheableStorageProviderModel.CachePolicy
CachedObject
CachedUserModel	Cached users will implement this interface
CachedUserModel.Streams	The `CachedUserModel.Streams` interface differs from `CachedUserModel` in that it extends the `UserModel.Streams` interface, allowing implementations of `CachedUserModel` to focus on the `Stream`-based methods in the `UserModel` interface.
CibaConfig
ClaimTypeModel
ClaimTypeModel.ValueType
ClientInitialAccessModel
ClientLookupProvider	Abstraction interface for lookoup of clients by id and clientId.
ClientModel
ClientModel.ClientCreationEvent
ClientModel.ClientProtocolUpdatedEvent
ClientModel.ClientRemovedEvent
ClientModel.ClientUpdatedEvent
ClientModel.SearchableFields
ClientPolicyContext	Provides Client Policy Context.
ClientPolicyEvent	Events on which client policies mechanism detects and do its operation
ClientPolicyException
ClientPolicyManager	Provides a method for handling an event defined in `ClientPolicyEvent`.
ClientProvider	Provider of the client records.
ClientScopeLookupProvider
ClientScopeModel
ClientScopeModel.ClientScopeRemovedEvent
ClientScopeModel.SearchableFields
ClientScopeProvider	Provider of the client scopes records.
ClientSessionContext	Request-scoped context object
ClientStorageProvider	Base interface for components that want to provide an alternative storage mechanism for clients This is currently a private incomplete SPI.
ClientStorageProviderModel	Stored configuration of a Client Storage provider instance.
CommonClientSessionModel	Predecesor of AuthenticationSessionModel, ClientLoginSessionModel and ClientSessionModel (then action tickets).
CommonClientSessionModel.Action
CommonClientSessionModel.ExecutionStatus
ComponentFactory<CreatedType,ProviderType extends Provider>
ComponentModel	Stored configuration of a User Storage provider instance.
ComponentValidationException
ConfiguredComponent
ConfiguredProvider
CredentialAuthentication	Single purpose method that knows how to authenticate a user based on a credential type.
CredentialInput
CredentialInputUpdater
CredentialInputUpdater.Streams	The `CredentialInputUpdater.Streams` interface makes all collection-based methods in `CredentialInputUpdater` default by providing implementations that delegate to the `Stream`-based variants instead of the other way around.
CredentialInputValidator	Implentations of this interface can validate CredentialInput, i.e.
CredentialModel	Used just in cases when we want to "directly" update or retrieve the hash or salt of user credential (For example during export/import)
CredentialProvider<T extends CredentialModel>
CredentialTypeMetadata
CredentialTypeMetadata.Category
CredentialTypeMetadata.CredentialTypeMetadataBuilder
CredentialTypeMetadataContext
CredentialTypeMetadataContext.CredentialTypeMetadataContextBuilder
CredentialValidationOutput	Output of credential validation
CredentialValidationOutput.Status
FederatedIdentityModel
GroupLookupProvider
GroupModel
GroupModel.GroupRemovedEvent
GroupModel.SearchableFields
GroupModel.Streams	The `GroupModel.Streams` interface makes all collection-based methods in `GroupModel` default by providing implementations that delegate to the `Stream`-based variants instead of the other way around.
GroupProvider	Provider of group records
GroupStorageProvider
GroupStorageProviderModel	Stored configuration of a Group Storage provider instance.
HmacOTP
HostnameProvider	The Hostname provider is used by Keycloak to decide URLs for frontend and backend requests.
HostnameProviderFactory
HostnameSpi
IdentityProviderMapperModel	Specifies a mapping from broker login to user data.
IdentityProviderMapperSyncMode
IdentityProviderModel	A model type representing the configuration for identity providers.
IdentityProviderSyncMode
ImportedUserValidation	This is an optional capability interface that is intended to be implemented by any `UserStorageProvider` that supports validating users.
ImportSynchronization	This is an optional capability interface that is intended to be implemented by any `UserStorageProvider` that supports syncing users to keycloak local storage.
InvalidationHandler	Handles invalidation requests.
InvalidationHandler.InvalidableObjectType	Tagging interface for the kinds of invalidatable object
InvalidationHandler.ObjectType
JsonConfigComponentModel	Component model backed by JSON configuration.
KeycloakContext
KeycloakSession
KeycloakSessionFactory
KeycloakSessionTask	Task to be executed inside transaction
KeycloakTransaction
KeycloakTransactionManager
KeycloakTransactionManager.JTAPolicy
KeycloakUriInfo
KeyManager
KeyManager.ActiveAesKey
KeyManager.ActiveHmacKey
KeyManager.ActiveRsaKey
KeyMetadata
LocaleSelectorProvider
LocaleSelectorProviderFactory
LocaleSelectorSPI
LocaleUpdaterProvider
LocaleUpdaterProviderFactory
LocaleUpdaterSPI
MigrationModel
ModelDuplicateException
ModelException
OAuth2DeviceConfig
OnUserCache
OrderedModel
OrderedModel.OrderedModelComparator<OM extends OrderedModel>
OTPCredentialData
OTPCredentialModel
OTPPolicy
OTPPolicy.FreeOTP
OTPPolicy.GoogleAuthenticator
OTPPolicy.OtpApp
OTPSecretData
ParConfig
PasswordCredentialData
PasswordCredentialModel
PasswordHashProvider
PasswordPolicy
PasswordPolicy.Builder
PasswordPolicyConfigException	Created by st on 23/05/17.
PasswordPolicyNotMetException
PasswordPolicyProvider
PasswordSecretData
PasswordUserCredentialModel	Deprecated. Recommended to use `UserCredentialModel` as it contains all the functionality required by this class
PolicyError
PrioritizedComponentModel
ProtocolMapperContainerModel
ProtocolMapperModel	Specifies a mapping from user data to a protocol claim assertion.
Provider
ProviderConfigProperty	Configuration property metadata.
ProviderConfigurationBuilder	Builds a list of ProviderConfigProperty instances.
ProviderEvent
ProviderEventListener
ProviderEventManager
ProviderFactory<T extends Provider>	At boot time, keycloak discovers all factories.
ReadOnlyException	Thrown when UserStorageProvider UserModel adapter is read-only
RealmModel
RealmModel.IdentityProviderRemovedEvent
RealmModel.IdentityProviderUpdatedEvent
RealmModel.RealmCreationEvent
RealmModel.RealmPostCreateEvent
RealmModel.RealmRemovedEvent
RealmModel.SearchableFields
RealmProvider
RequiredActionProviderModel
RequiredActionProviderModel.RequiredActionComparator
RequiredCredentialModel
RoleContainerModel
RoleContainerModel.RoleRemovedEvent
RoleLookupProvider	Abstraction interface for lookup of both realm roles and client roles by id, name and description.
RoleMapperModel
RoleMapperModel.Streams	The `RoleMapperModel.Streams` interface makes all collection-based methods in `RoleMapperModel` default by providing implementations that delegate to the `Stream`-based variants instead of the other way around.
RoleModel
RoleModel.SearchableFields
RoleProvider	Provider of the role records.
RoleStorageProvider	Base interface for components that want to provide an alternative storage mechanism for roles
RoleStorageProviderModel	Stored configuration of a Role Storage provider instance.
RoleUtils
RootAuthenticationSessionModel	Represents usually one browser session with potentially many browser tabs.
RootAuthenticationSessionModel.SearchableFields
RsaKeyMetadata
SamlArtifactSessionMappingModel
ScopeContainerModel
ScriptModel	A representation of a Script with some additional meta-data.
SearchableModelField<M>
SecretKeyMetadata
Spi
StorageId
StringUtil
SubComponentFactory<CreatedType,ProviderType extends Provider>	Useful when you want to describe config properties that are effected by the parent ComponentModel
SynchronizationResult
Theme
Theme.Type
ThemeManager
ThemeResourceProvider	A theme resource provider can be used to load additional templates and resources.
ThemeResourceProviderFactory
ThemeResourceSpi
ThemeSelectorProvider
ThemeSelectorProviderFactory
ThemeSelectorSpi
TokenManager
UrlType
UserAttributeFederatedStorage
UserAttributeFederatedStorage.Streams	The `UserAttributeFederatedStorage.Streams` interface makes all collection-based methods in `UserAttributeFederatedStorage` default by providing implementations that delegate to the `Stream`-based variants instead of the other way around.
UserBrokerLinkFederatedStorage
UserBrokerLinkFederatedStorage.Streams	The `UserBrokerLinkFederatedStorage.Streams` interface makes all collection-based methods in `UserBrokerLinkFederatedStorage` default by providing implementations that delegate to the `Stream`-based variants instead of the other way around.
UserBulkUpdateProvider	This is an optional capability interface that is intended to be implemented by any `UserStorageProvider` that supports bulk operations.
UserCache	All these methods effect an entire cluster of Keycloak instances.
UserCache.Streams	The `UserCache.Streams` interface differs from `UserCache` in that it extends the `UserProvider.Streams` interface, allowing implementations of `UserCache` to focus on the `Stream`-based methods in the `UserProvider` interface.
UserConsentFederatedStorage
UserConsentFederatedStorage.Streams	The `UserConsentFederatedStorage.Streams` interface makes all collection-based methods in `UserConsentFederatedStorage` default by providing implementations that delegate to the `Stream`-based variants instead of the other way around.
UserConsentModel
UserCredentialManager
UserCredentialManager.Streams	The `UserCredentialManager.Streams` interface makes all collection-based methods in `UserCredentialManager` default by providing implementations that delegate to the `Stream`-based variants instead of the other way around.
UserCredentialModel
UserCredentialStore
UserCredentialStore.Streams	The `UserCredentialStore.Streams` interface makes all collection-based methods in `UserCredentialStore` default by providing implementations that delegate to the `Stream`-based variants instead of the other way around.
UserFederatedStorageProvider
UserFederatedStorageProvider.Streams	The `UserFederatedStorageProvider.Streams` interface makes all collection-based methods in `UserFederatedStorageProvider` default by providing implementations that delegate to the `Stream`-based variants instead of the other way around.
UserFederatedStorageProviderFactory
UserFederatedStorageProviderSpi
UserFederatedUserCredentialStore
UserFederatedUserCredentialStore.Streams	The `UserFederatedUserCredentialStore.Streams` interface makes all collection-based methods in `UserFederatedUserCredentialStore` default by providing implementations that delegate to the `Stream`-based variants instead of the other way around.
UserGroupMembershipFederatedStorage
UserGroupMembershipFederatedStorage.Streams	The `UserGroupMembershipFederatedStorage.Streams` interface makes all collection-based methods in `UserGroupMembershipFederatedStorage` default by providing implementations that delegate to the `Stream`-based variants instead of the other way around.
UserLoginFailureModel
UserLoginFailureModel.SearchableFields
UserLoginFailureProvider
UserLookupProvider	This is an optional capability interface that is intended to be implemented by any `UserStorageProvider` that supports basic user querying.
UserLookupProvider.Streams
UserManager
UserModel
UserModel.RequiredAction
UserModel.SearchableFields
UserModel.Streams	The `UserModel.Streams` interface makes all collection-based methods in `UserModel` default by providing implementations that delegate to the `Stream`-based variants instead of the other way around.
UserModel.UserRemovedEvent
UserModelDefaultMethods
UserModelDefaultMethods.Streams	The `UserModelDefaultMethods.Streams` class extends the `UserModelDefaultMethods` abstract class and implements the `UserModel.Streams` interface, allowing subclasses to focus on the implementation of the `Stream`-based query methods and providing default implementations for the collections-based variants that delegate to their `Stream` counterparts.
UserModelDelegate	Delegation pattern.
UserNotBeforeFederatedStorage
UserProvider
UserProvider.Streams	The `UserProvider.Streams` interface makes all collection-based methods in `UserProvider` default by providing implementations that delegate to the `Stream`-based variants instead of the other way around.
UserQueryProvider	This is an optional capability interface that is intended to be implemented by any `UserStorageProvider` that supports complex user querying.
UserQueryProvider.Streams	The `UserQueryProvider.Streams` interface makes all collection-based methods in `UserQueryProvider` default by providing implementations that delegate to the `Stream`-based variants instead of the other way around.
UserRegistrationProvider	This is an optional capability interface that is intended to be implemented by any `UserStorageProvider` that supports addition of new users.
UserRequiredActionsFederatedStorage
UserRequiredActionsFederatedStorage.Streams	The `UserRequiredActionsFederatedStorage.Streams` interface makes all collection-based methods in `UserRequiredActionsFederatedStorage` default by providing implementations that delegate to the `Stream`-based variants instead of the other way around.
UserRoleMappingsFederatedStorage
UserRoleMappingsFederatedStorage.Streams	The `UserRoleMappingsFederatedStorage.Streams` interface makes all collection-based methods in `UserRoleMappingsFederatedStorage` default by providing implementations that delegate to the `Stream`-based variants instead of the other way around.
UserSessionModel
UserSessionModel.SearchableFields
UserSessionModel.SessionPersistenceState	Flag used when creating user session
UserSessionModel.State
UserSessionProvider
UserStorageProvider	A class implementing this interface represents a user storage provider to Keycloak.
UserStorageProvider.EditMode	Optional type that can be used by implementations to describe edit mode of user storage
UserStorageProviderFactory<T extends UserStorageProvider>
UserStorageProviderModel	Stored configuration of a User Storage provider instance.
UserStorageProviderSpi
VaultCharSecret	A `CharBuffer` based representation of the secret obtained from the vault that supports automated cleanup of memory.
VaultKeyResolver	`VaultKeyResolver` is a `BiFunction` whose implementation of the `BiFunction.apply(Object, Object)` method takes two `String`s representing the realm name and the key name (as used in `${vault.key}` expressions) and returns another `String` representing the final constructed key that is to be used when obtaining secrets from the vault.
VaultProvider	Provider interface for a vault.
VaultProviderFactory
VaultRawSecret	Raw representation of the secret obtained from vault that supports automated cleanup of memory.
VaultSpi	SPI for a low-level vault access.
VaultStringSecret	A `String` based representation of the secret obtained from the vault that supports automated cleanup of memory.
VaultTranscriber	A facade to the configured vault provider that exposes utility methods for obtaining the vault secrets in different formats (such as `VaultRawSecret`, `VaultCharSecret` or `VaultStringSecret`).
WebAuthnCredentialData
WebAuthnCredentialModel
WebAuthnPolicy
WebAuthnSecretData