KeycloakProvider

Reference doc for the `KeycloakProvider`.

Use this provider to authenticate with a Keycloak server.

import { KeycloakProvider } from "@openauthjs/openauth/provider/keycloak"

export default issuer({
  providers: {
    keycloak: KeycloakProvider({
      baseUrl: "https://your-keycloak-domain",
      realm: "your-realm",
      clientId: "1234567890",
      clientSecret: "0987654321"
    })
  }
})

Methods

KeycloakProvider

KeycloakProvider(config)

Parameters

config KeycloakConfig
The config for the provider.

Returns Provider

Create a Keycloak OAuth2 provider.

KeycloakProvider({
  baseUrl: "https://your-keycloak-domain",
  realm: "your-realm",
  clientId: "1234567890",
  clientSecret: "0987654321"
})

KeycloakConfig

baseUrl string
clientID string
clientSecret string
query? Record<string, string>
realm string
scopes string[]

KeycloakConfig.baseUrl

Type string

The base URL of the Keycloak server.

{
  baseUrl: "https://your-keycloak-domain"
}

KeycloakConfig.clientID

Type string

The client ID.

This is just a string to identify your app.

{
  clientID: "my-client"
}

KeycloakConfig.clientSecret

Type string

The client secret.

This is a private key that’s used to authenticate your app. It should be kept secret.

{
  clientSecret: "0987654321"
}

KeycloakConfig.query?

Type Record<string, string>

Any additional parameters that you want to pass to the authorization endpoint.

{
  query: {
    access_type: "offline",
    prompt: "consent"
  }
}

KeycloakConfig.realm

Type string

The realm in the Keycloak server to authenticate against.

A realm in Keycloak is like a tenant or namespace that manages a set of users, credentials, roles, and groups.

{
  realm: "your-realm"
}

KeycloakConfig.scopes

Type string[]

A list of OAuth scopes that you want to request.

{
  scopes: ["email", "profile"]
}