Package io.quarkus.devservices.keycloak

Interface KeycloakDevServicesConfig

@ConfigMapping(prefix="quarkus.keycloak.devservices") @ConfigRoot public interface KeycloakDevServicesConfig
Build time configuration for the Keycloak Dev Service.

  • Method Details

    • enabled

      @WithDefault("true") boolean enabled()
      Flag to enable (default) or disable Dev Services. When enabled, Dev Services for Keycloak automatically configures and starts Keycloak in Dev or Test mode, and when Docker is running.

    • imageName

      @ConfigDocDefault(value="`{keycloak-image}`", escape=false) Optional<String> imageName()
      The container image name for Dev Services providers. Defaults to a Quarkus-based Keycloak image. For a WildFly-based distribution, use an image like `quay.io/keycloak/keycloak:19.0.3-legacy`. Keycloak Quarkus and WildFly images are initialized differently. Dev Services for Keycloak will assume it is a Keycloak Quarkus image unless the image version ends with `-legacy`. Override with `quarkus.keycloak.devservices.keycloak-x-image`.

    • keycloakXImage

      Optional<Boolean> keycloakXImage()
      Indicates if a Keycloak-X image is used. By default, the image is identified by `keycloak-x` in the image name. For custom images, override with `quarkus.keycloak.devservices.keycloak-x-image`. You do not need to set this property if the default check works.

    • shared

      @WithDefault("true") boolean shared()
      Determines if the Keycloak container is shared. When shared, Quarkus uses label-based service discovery to find and reuse a running Keycloak container, so a second one is not started. Otherwise, if a matching container is not is found, a new container is started. The service discovery uses the quarkus-dev-service-label label, whose value is set by the service-name property. Container sharing is available only in dev mode.

    • serviceName

      @WithDefault("keycloak") String serviceName()
      The value of the `quarkus-dev-service-keycloak` label for identifying the Keycloak container. Used in shared mode to locate an existing container with this label. If not found, a new container is initialized with this label. Applicable only in dev mode.

    • realmPath

      Optional<List<String>> realmPath()
      A comma-separated list of class or file system paths to Keycloak realm files. This list is used to initialize Keycloak. The first value in this list is used to initialize default tenant connection properties.

      To learn more about Keycloak realm files, consult the Importing and Exporting Keycloak Realms documentation.

    • resourceAliases

      @ConfigDocMapKey("alias-name") Map<String,String> resourceAliases()
      Aliases to additional class or file system resources that are used to initialize Keycloak. Each map entry represents a mapping between an alias and a class or file system resource path.

    • resourceMappings

      @ConfigDocMapKey("resource-name") Map<String,String> resourceMappings()
      Additional class or file system resources that are used to initialize Keycloak. Each map entry represents a mapping between a class or file system resource path alias and the Keycloak container location.

    • javaOpts

      Optional<String> javaOpts()
      The `JAVA_OPTS` passed to the keycloak JVM

    • showLogs

      @WithDefault("false") boolean showLogs()
      Show Keycloak log messages with a "Keycloak:" prefix.

    • startCommand

      Optional<String> startCommand()
      Keycloak start command. Use this property to experiment with Keycloak start options, see
      invalid @link 
      {@link https://www.keycloak.org/server/all-config
      }. Note, it is ignored when loading legacy Keycloak WildFly images.

    • features

      Optional<Set<String>> features()
      Keycloak features. Use this property to enable one or more experimental Keycloak features. Note, if you also have to customize a Keycloak startCommand(), you can use a `--features` option as part of the start command sequence, instead of configuring this property.

    • realmName

      Optional<String> realmName()
      The name of the Keycloak realm. This property is used to create the realm if the realm file pointed to by the `realm-path` property does not exist. The default value is `quarkus` in this case. It is recommended to always set this property so that Dev Services for Keycloak can identify the realm name without parsing the realm file.

    • createRealm

      @WithDefault("true") boolean createRealm()
      Specifies whether to create the Keycloak realm when no realm file is found at the `realm-path`. Set to `false` if the realm is to be created using either the Keycloak Administration Console or the Keycloak Admin API provided by
      invalid reference 
      io.quarkus.test.common.QuarkusTestResourceLifecycleManager
      .

    • createClient

      @WithDefault("true") boolean createClient()
      Specifies whether to create the default client id `quarkus-app` with a secret `secret` and register them if the createRealm() property is set to true. For OIDC extension configuration properties `quarkus.oidc.client.id` and `quarkus.oidc.credentials.secret` will be configured. For OIDC Client extension configuration properties `quarkus.oidc-client.client.id` and `quarkus.oidc-client.credentials.secret` will be configured. Set to `false` if clients have to be created using either the Keycloak Administration Console or the Keycloak Admin API provided by
      invalid reference 
      io.quarkus.test.common.QuarkusTestResourceLifecycleManager
      or registered dynamically.

    • startWithDisabledTenant

      @WithDefault("false") boolean startWithDisabledTenant()
      Specifies whether to start the container even if the default OIDC tenant is disabled. Setting this property to true may be necessary in a multi-tenant OIDC setup, especially when OIDC tenants are created dynamically.

    • users

      Map<String,String> users()
      A map of Keycloak usernames to passwords. If empty, default users `alice` and `bob` are created with their names as passwords. This map is used for user creation when no realm file is found at the `realm-path`.

    • roles

      @ConfigDocMapKey("role-name") Map<String,List<String>> roles()
      A map of roles for Keycloak users. If empty, default roles are assigned: `alice` receives `admin` and `user` roles, while other users receive `user` role. This map is used for role creation when no realm file is found at the `realm-path`.

    • port

      OptionalInt port()
      The specific port for the dev service to listen on.

      If not specified, a random port is selected.

    • containerEnv

      @ConfigDocMapKey("environment-variable-name") Map<String,String> containerEnv()
      Environment variables to be passed to the container.

    • containerMemoryLimit

      @WithDefault("1250M") io.quarkus.runtime.configuration.MemorySize containerMemoryLimit()
      Memory limit for Keycloak container, up to Long.MAX_VALUE bytes.

      If not specified, 1250MiB is the default memory limit.

    • webClientTimeout

      @WithDefault("4S") Duration webClientTimeout()
      The WebClient timeout. Use this property to configure how long an HTTP client used by OIDC dev service admin client will wait for a response from OpenId Connect Provider when acquiring admin token and creating realm.