Implements the CAS SSO protocol according to official specification by adding a new client type to the Keycloak admin console. Supports CAS V1/V2/V3 with JSON or XML responses and attribute mapping. Full server implementation, no external components required.
The purpose of this module is to add authorization capabilities to keycloak for a given client, whether the client itself has the capability to handle authorization or not. When installed, it allows the use of a client's Authorization tab and a specific resource name (Keycloak Client Resource) to define the policies and permissions to grant access to the client. The effect is binary: either the client is allowed access to the client and will recieve a token, or is not and will recieve a 'forbidden' message. Either way, the user is authenticated in keycloak and will have SSO access to the other clients for which they are authorized.
|Maintainers||cloudtrust, AlistairDoswald, yelhouti|
Provides an endpoint allowing the full export of a realm, without having to restart keycloak. Secrets are exported in clear.
Complete Japanese translation of the original Keycloak documentation.
|Maintainers||openstandia, wadahiro, k-tamura|
Keycloak PassportJS connector that enables the use of multiple realms in the same application (multi-tenancy), integrating with oAuth2/Open ID Connect 'clients' in keycloak, and getting users' data+roles from keycloak automatically via the JSON API. It is aims to be a feature-complete drop-in solution for NodeJS projects using PassportJS for authenitcation and authorization.
Implementation of the WS-Federation passive requestor model according to the official specification (v1.2, see http://docs.oasis-open.org/wsfed/federation/v1.2/os/ws-federation-1.2-spec-os.html). This extension adds a new keycloak admin theme, a new client type and a new identity provider type to the admin console. Supports SAML 1.1 and SAML 2.0 tokens.
|Maintainers||cloudtrust, AlistairDoswald, brat000012001, dbarentine|