This Maven project implements a custom extension for Keycloak, enabling client authentication using a client ID and secret.
- Java Development Kit (JDK) 11 or higher
- Apache Maven
- optionally, an IDE like Eclipse, NetBeans etc.
- Clone this repository to your local machine.
- Navigate to the project directory.
- Build the project using Maven:
mvn clean package - Deploy the built JAR artifact to your Keycloak server by copying it to the
/opt/keycloak/providersdirectory. - Run Keycloak with
kc.sh buildto integrate your extension first. - Then run it with
kc.sh start-dev
- Click on "Authentication" tab.
- Select
clientsflow. - In the "Action" menu, select "Duplicate" to create a new flow called "Custom Clients".
- Click the button "Add Step" and choose "Simple Client Authenticator" execution from the modal window.
- Move "Simple Client Authenticator" to the top of the flow list.
- Set the "Simple Client Authenticator" execution to "Alternative".
- In the
Actionmenu, select "Bind flow". - Select "Client Authentication" from the dropdown menu and click "Save".
With the custom extension deployed and configured, client authentication using a client ID and secret will be enabled for the selected authentication flow in Keycloak.
When using the custom client authentication, make sure to follow these steps:
- Ensure the client that requires authentication is configured in Keycloak with the correct client ID and secret.
- In the "Credentials" tab of the client configuration, set the appropriate password.
- From your backend application, provide the client ID and secret during the authentication process.
For more details on Keycloak custom extensions and configuration, refer to the Keycloak documentation.
Please note that this custom extension is provided as a sample implementation and may require further customization to suit your specific requirements.
This project is licensed under the MIT License.