KeycloakProvider
Reference doc for the `KeycloakProvider`.
Use this provider to authenticate with a Keycloak server.
import { KeycloakProvider } from "@openauthjs/openauth/provider/keycloak"
export default issuer({ providers: { keycloak: KeycloakProvider({ baseUrl: "https://your-keycloak-domain", realm: "your-realm", clientID: "1234567890", clientSecret: "0987654321" }) }})Methods
KeycloakProvider
KeycloakProvider(config)Parameters
The config for the provider.configKeycloakConfig
Returns Provider
Create a Keycloak OAuth2 provider.
KeycloakProvider({ baseUrl: "https://your-keycloak-domain", realm: "your-realm", clientID: "1234567890", clientSecret: "0987654321"})KeycloakConfig
KeycloakConfig.baseUrl
Type string
The base URL of the Keycloak server.
{ baseUrl: "https://your-keycloak-domain"}KeycloakConfig.clientID
Type string
The client ID.
This is just a string to identify your app.
{ clientID: "my-client"}KeycloakConfig.clientSecret
Type string
The client secret.
This is a private key that’s used to authenticate your app. It should be kept secret.
{ clientSecret: "0987654321"}KeycloakConfig.pkce?
Type boolean
Default false
Whether to use PKCE (Proof Key for Code Exchange) for the authorization code flow. Some providers like x.com require this.
KeycloakConfig.query?
Type Record<string, string>
Any additional parameters that you want to pass to the authorization endpoint.
{ query: { access_type: "offline", prompt: "consent" }}KeycloakConfig.realm
Type string
The realm in the Keycloak server to authenticate against.
A realm in Keycloak is like a tenant or namespace that manages a set of users, credentials, roles, and groups.
{ realm: "your-realm"}KeycloakConfig.scopes
Type string[]
A list of OAuth scopes that you want to request.
{ scopes: ["email", "profile"]}