Ansible collection for Keycloak
Collection to install and configure Keycloak
Apple Identity Provider
Sign in with Apple using either a browser or natively by
CAS Login Procotol
Implements the CAS SSO protocol according to official specification by adding a new client type to the Keycloak admin console.
Adds authorization capabilities to keycloak for a given client, whether the client itself has the capability to handle authorization or not.
Configuration as Code for Keycloak realms
Utility to ensure the desired configuration state for a realm based on a JSON or YAML file.
Discord Identity Provider
Keycloak extension to add discord as an identity provider.
Event Listener Utilities
Useful event listener implementations and utilities. Webhooks, scripts, HTTP, etc.
Add Keyloak Authentication and Authorization to your GraphQL server.
France Connect Identity Provider
Extension to add support for the french administration Identity Provider France Connect.
Full export endpoint
Provides an endpoint allowing the full export of a realm, without having to restart keycloak.
GitHub SSH key mapper
An attribute mapper for the Github Identity Provider. The mapper can fetch the user's SSH keys from github's REST API.
HiOrg-Server Identity Provider
Keycloak extension to add HiOrg-Server as an identity provider.
Home IdP Discovery
The authenticator redirects users to their home identity provider based on their email address and domain.
IBM Security Verify Authenticator
Adds various authentication methods such as One-time-passcode, QR code, Push notifications, and FIDO2.
Impersonation Policy Enforcer
Enforces an impersonation policy restricting impersonators from accessing clients unless holding an associated client role.
JSON Remote Claim Mapper
Protocol mapper to retrieve JSON data from a remote HTTP endpoint.
Japanese documentation translation
Japanese translation of the Keycloak documentation.
A tool for creating Keycloak theme with React
MQTT event listener
An event listener using the MQTT protocol.
Magic Link Login
Allow users to authenticate through a link sent to their email address instead of using a password.
Adds a Metrics Endpoint to Keycloak in Prometheus format.
ORCID Social Identity Provider
Enables ORCID as an Identity Provider.
Comprehensive extensions set for single realm multi-tenancy.
Passport.js strategy that enables the use of multiple realms in the same application.
Client library for python applications.
RabbitMQ event listener
Event listener using the RabbitMQ message broker.
Regex role importer
This extension provides a broker mapper that maps a multivalued OIDC claim or SAML attribute to roles based on regular expressions.
Restrict Client Auth
The authenticator supports role-based or policy-based access decisions and can be enabled on a per-client basis.
A Testcontainers implementation for Keycloak.
Implementation of the WS-Federation passive requestor model according to the official specification.
privacyIDEA two factor authentication
Adds 2nd factors to keycloak, that are authenticated against your central privacyIDEA system.