Keycloak
Manage Keycloak instances via Admin API.
What’s inside
-
Keycloak component, URI syntax:
keycloak:label
Please refer to the above links for usage and configuration details.
Maven coordinates
<dependency>
<groupId>org.apache.camel.springboot</groupId>
<artifactId>camel-keycloak-starter</artifactId>
</dependency>Spring Boot Auto-Configuration
The starter supports 34 options, which are listed below.
| Name | Description | Default | Type |
|---|---|---|---|
camel.component.keycloak.access-token | Pre-obtained access token for authentication. When provided, this token will be used directly instead of obtaining one through username/password or client credentials flow. | String | |
camel.component.keycloak.auth-client | Filter admin events by authentication client ID | String | |
camel.component.keycloak.auth-ip-address | Filter admin events by authentication IP address | String | |
camel.component.keycloak.auth-realm | Keycloak realm to authenticate against. If not specified, the realm parameter is used for authentication. This is useful when you want to authenticate against one realm (e.g., master) but perform operations on another realm. | master | String |
camel.component.keycloak.auth-realm-filter | Filter admin events by authentication realm | String | |
camel.component.keycloak.auth-user | Filter admin events by authentication user ID | String | |
camel.component.keycloak.autowired-enabled | Whether autowiring is enabled. This is used for automatic autowiring options (the option must be marked as autowired) by looking up in the registry to find if there is a single instance of matching type, which then gets configured on the component. This can be used for automatic configuring JDBC data sources, JMS connection factories, AWS Clients, etc. | true | Boolean |
camel.component.keycloak.bridge-error-handler | Allows for bridging the consumer to the Camel routing Error Handler, which mean any exceptions (if possible) occurred while the Camel consumer is trying to pickup incoming messages, or the likes, will now be processed as a message and handled by the routing Error Handler. Important: This is only possible if the 3rd party component allows Camel to be alerted if an exception was thrown. Some components handle this internally only, and therefore bridgeErrorHandler is not possible. In other situations we may improve the Camel component to hook into the 3rd party component and make this possible for future releases. By default the consumer will use the org.apache.camel.spi.ExceptionHandler to deal with exceptions, that will be logged at WARN or ERROR level and ignored. | false | Boolean |
camel.component.keycloak.client | Filter events by client ID | String | |
camel.component.keycloak.client-id | Keycloak client ID | String | |
camel.component.keycloak.client-secret | Keycloak client secret | String | |
camel.component.keycloak.configuration | Component configuration. The option is a org.apache.camel.component.keycloak.KeycloakConfiguration type. | KeycloakConfiguration | |
camel.component.keycloak.date-from | Filter events by start date/time in milliseconds since epoch | String | |
camel.component.keycloak.date-to | Filter events by end date/time in milliseconds since epoch | String | |
camel.component.keycloak.enabled | Whether to enable auto configuration of the keycloak component. This is enabled by default. | Boolean | |
camel.component.keycloak.event-type | Type of events to consume: events or admin-events | events | String |
camel.component.keycloak.first | Offset for pagination (first result index) | 0 | Integer |
camel.component.keycloak.introspection-cache-enabled | Enable caching of token introspection results to reduce API calls to Keycloak | true | Boolean |
camel.component.keycloak.introspection-cache-ttl | Time-to-live for cached introspection results in seconds | 60 | Long |
camel.component.keycloak.ip-address | Filter events by IP address | String | |
camel.component.keycloak.keycloak-client | To use an existing configured Keycloak admin client. The option is a org.keycloak.admin.client.Keycloak type. | Keycloak | |
camel.component.keycloak.lazy-start-producer | Whether the producer should be started lazy (on the first message). By starting lazy you can use this to allow CamelContext and routes to startup in situations where a producer may otherwise fail during starting and cause the route to fail being started. By deferring this startup to be lazy then the startup failure can be handled during routing messages via Camel’s routing error handlers. Beware that when the first message is processed then creating and starting the producer may take a little time and prolong the total processing time of the processing. | false | Boolean |
camel.component.keycloak.max-results | Maximum number of events to retrieve per poll | 100 | Integer |
camel.component.keycloak.operation | The operation to perform | KeycloakOperations | |
camel.component.keycloak.operation-types | Filter admin events by operation types (comma-separated list, e.g., CREATE,UPDATE,DELETE) | String | |
camel.component.keycloak.password | Keycloak password | String | |
camel.component.keycloak.pojo-request | If we want to use a POJO request as body or not | false | Boolean |
camel.component.keycloak.realm | Keycloak realm, the default is master because usually all the operations are done starting from the master realm | master | String |
camel.component.keycloak.resource-path | Filter admin events by resource path | String | |
camel.component.keycloak.server-url | Keycloak server URL | String | |
camel.component.keycloak.types | Filter events by event types (comma-separated list, e.g., LOGIN,LOGOUT) | String | |
camel.component.keycloak.use-token-introspection | Enable OAuth 2.0 token introspection for real-time token validation. When enabled, tokens are validated by calling Keycloak’s introspection endpoint instead of local JWT parsing. This allows detecting revoked tokens before expiration. | false | Boolean |
camel.component.keycloak.user | Filter events by user ID | String | |
camel.component.keycloak.username | Keycloak username | String |