Implements the CAS SSO protocol according to official specification by adding a new client type to the Keycloak admin console. Supports CAS V1/V2/V3 with JSON or XML responses and attribute mapping. Full server implementation, no external components required.
The purpose of this module is to add authorization capabilities to keycloak for a given client, whether the client itself has the capability to handle authorization or not. When installed, it allows the use of a client's Authorization tab and a specific resource name (Keycloak Client Resource) to define the policies and permissions to grant access to the client. The effect is binary: either the client is allowed access to the client and will recieve a token, or is not and will recieve a 'forbidden' message. Either way, the user is authenticated in keycloak and will have SSO access to the other clients for which they are authorized.
|Maintainers||cloudtrust, AlistairDoswald, yelhouti|
Provides an endpoint allowing the full export of a realm, without having to restart keycloak. Secrets are exported in clear.
Complete Japanse translation of the original Keycloak documentation
Keycloak PassportJS connector that enables the use of multiple realms in the same application (multi-tenancy), integrating with oAuth2/Open ID Connect 'clients' in keycloak, and getting users' data+roles from keycloak automatically via the JSON API. It is aims to be a feature-complete drop-in solution for NodeJS projects using PassportJS for authenitcation and authorization.
Implementation of the WS-Federation passive requestor model according to the official specification (v1.2, see http://docs.oasis-open.org/wsfed/federation/v1.2/os/ws-federation-1.2-spec-os.html). This extension adds a new keycloak admin theme, a new client type and a new identity provider type to the admin console. Supports SAML 1.1 and SAML 2.0 tokens.
|Maintainers||cloudtrust, AlistairDoswald, brat000012001, dbarentine|