Interface: KeycloakConnectorConfigBase
Properties
DANGEROUS_disableJwtClientAuthentication
• Optional DANGEROUS_disableJwtClientAuthentication: boolean
Option to disable signed JWT authentication *
Defined in
packages/backend/server/src/types.ts:79
alwaysVerifyAccessTokenWithServer
• Optional alwaysVerifyAccessTokenWithServer: boolean
Forces the server to validate all access tokens provided by during a user request, regardless of route
Defined in
packages/backend/server/src/types.ts:139
authCookieTimeout
• authCookieTimeout: number
How long until the initial login sequence cookie expires. Shorter times may impact users who may take a while to finish logging in.
Defined in
packages/backend/server/src/types.ts:106
authServerUrl
• authServerUrl: string
The OP server url
Defined in
packages/backend/server/src/types.ts:64
caseSensitiveRoleCheck
• Optional caseSensitiveRoleCheck: boolean
When true, a case-sensitive search is used to match requirements to user's roles
Defined in
packages/backend/server/src/types.ts:121
clientId
• Optional clientId: string
The keycloak client id *
Defined in
packages/backend/server/src/types.ts:73
clientSecret
• Optional clientSecret: string
The keycloak client secret *
Defined in
packages/backend/server/src/types.ts:76
clusterProvider
• Optional clusterProvider: AbstractClusterProvider<void>
Specify a cluster provider in order to synchronize instances of the same app
Defined in
packages/backend/server/src/types.ts:133
defaultResourceAccessKey
• Optional defaultResourceAccessKey: string
When a role rule doesn't specify a specific client, the default is to use the current client_id when
searching through the resource_access key of the JWT for required roles. Overridable here.
Defined in
packages/backend/server/src/types.ts:118
fetchUserInfo
• Optional fetchUserInfo: boolean | (userInfo: UserinfoResponse) => UserinfoResponse
Requires server to fetch user info for each validated access token
Defined in
packages/backend/server/src/types.ts:142
globalRouteConfig
• Optional globalRouteConfig: KeycloakRouteConfig<string>
Overrides the default configuration for all routes
Defined in
packages/backend/server/src/types.ts:112
keyProvider
• Optional keyProvider: KeyProvider
Allows you to specify a built-in or pass a custom key provider
Defined in
packages/backend/server/src/types.ts:136
keycloakVersionBelow18
• Optional keycloakVersionBelow18: boolean
TLDR; KC versions < 18 have the /auth _prefix in the url
Defined in
packages/backend/server/src/types.ts:88
oidcClientMetadata
• oidcClientMetadata: ClientMetadata
The RP client data
Defined in
packages/backend/server/src/types.ts:85
oidcDiscoveryUrlOverride
• Optional oidcDiscoveryUrlOverride: string
Custom oidc discovery url
Defined in
packages/backend/server/src/types.ts:97
pinoLogger
• Optional pinoLogger: Logger
Pino logger reference
Defined in
packages/backend/server/src/types.ts:94
realm
• realm: string
The OP realm to use
Defined in
packages/backend/server/src/types.ts:82
redirectUri
• Optional redirectUri: string
Override default redirect uri *
Defined in
packages/backend/server/src/types.ts:70
refreshConfigMins
• Optional refreshConfigMins: number
How often should we ping the OP for an updated oidc configuration
Defined in
packages/backend/server/src/types.ts:91
routePaths
• Optional routePaths: CustomRouteUrl
Overrides the default routes created to handle keycloak interactions
Defined in
packages/backend/server/src/types.ts:109
serverOrigin
• serverOrigin: string
The RP server origin
Defined in
packages/backend/server/src/types.ts:61
stateType
• Optional stateType: StateOptions
Determines where the client will store a user's oauth token information
Defined in
packages/backend/server/src/types.ts:100
validOrigins
• Optional validOrigins: string[]
Authorized origins