Demos, examples and playground for Keycloak extensions, providers, SPI implementations, etc.
Flintstones - Demo user storage provider, providing some members of the Flintstones family in a read-only mode, from an in-memory repository.
Peanuts - Demo user storage provider, providing some members of the Peanuts family in a read-only mode, via an external API.
MagicLink Authenticator - demo authenticator which sends a magic link to the user with which the user can login without needing to provide a password.
Captcha Authenticator - demo authenticator in which the user needs to solve a math task and submit the result, before successful authentication.
MFA Authenticator - very simple(!!!) demo authenticator which prints a generated OTP to stdout.
Conditional HttpHeaders Authenticator - condition for authenticators which will decide upon a header and given value (or negated value) if true
/false
.
Highlander - demo event listener for Keycloak, allowing only the last session to survive (Highlander mode - there must only be one!), if a user logs in on multiple browsers/devices. (This was for long time not possible in Keycloak ootb, thus this event listener; since KC v19(?) this is natively supported.)
AWS SNS Publisher - demo event listener for Keycloak, simply forwarding/publishing all events to an AWS SNS topic.
LastLoginTime - demo event listener for Keycloak, storing the most recent login time in an user attribute.
LuckyNumberMapper - example custom token mapper for Keycloak using the OIDC protocol.
Custom Rest Resource - demo implementation for custom REST resources within Keycloak, public (unauthenticated) and secured (authenticated) endpoints.
MobileNumberRequiredAction - example which enforces the user to update its mobile phone number, if not already set.
Email Provider for custom templates in JSON format (no actual emal, but for processing through external/3rd party services) and sending emails via a vendor specific (here: AWS SES) protocol, instead of SMTP.
ActionToken t.b.d.