JBoss.orgCommunity Documentation

Chapter 18. Authentication SPI

18.1. Available Authentication Providers
18.2. Features and configuration
18.3. Creating your own Authentication Provider

Keycloak provides Authentication SPI, which allows to choose the AuthenticationProvider for authenticating users. AuthenticationProvider is the interface, which states how will be your usernames/passwords validated. You can choose from the set of available AuthenticationProviders or you can even implement and plug your own AuthenticationProvider, which will allow to provide your own way how will Keycloak validates users and their passwords.

You need to implement interface AuthenticationProvider and add the name of your AuthenticationProviderFactory class into META-INF/services/org.keycloak.authentication.AuthenticationProviderFactory file inside your JAR with AuthenticationProvider. You also need to copy this JAR into standalone/deployments/auth-server.war/WEB-INF/lib . The best is to look at example and try it out.