Options
All
  • Public
  • Public/Protected
  • All
Menu

A client for the Keycloak authentication server.

see

Keycloak JS adapter documentation

Hierarchy

  • KeycloakInstance

Index

Properties

authenticated?: boolean

Is true if the user is authenticated, false otherwise.

Flow passed in init.

idToken?: string

The base64 encoded ID token.

idTokenParsed?: KeycloakTokenParsed

The parsed id token as a JavaScript object.

realmAccess?: KeycloakRoles

The realm roles associated with the token.

refreshToken?: string

The base64 encoded refresh token that can be used to retrieve a new token.

refreshTokenParsed?: KeycloakTokenParsed

The parsed refresh token as a JavaScript object.

resourceAccess?: KeycloakResourceAccess

The resource roles associated with the token.

responseMode?: KeycloakResponseMode

Response mode passed in init (default value is 'fragment').

responseType?: KeycloakResponseType

Response type sent to Keycloak with login requests. This is determined based on the flow value used during initialization, but can be overridden by setting this value.

subject?: string

The user id.

timeSkew?: number

The estimated time difference between the browser time and the Keycloak server in seconds. This value is just an estimation, but is accurate enough when determining if a token is expired or not.

token?: string

The base64 encoded token that can be sent in the Authorization header in requests to services.

tokenParsed?: KeycloakTokenParsed

The parsed token as a JavaScript object.

Methods

  • Redirects to the Account Management Console.

    Returns KeycloakPromise<void, void>

  • clearToken(): void
  • Clears authentication state, including tokens. This can be useful if the application has detected the session was expired, for example if updating token fails. Invoking this results in Keycloak#onAuthLogout callback listener being invoked.

    Returns void

  • Returns the URL to the Account Management Console.

    Parameters

    Returns string

  • Returns the URL to login form.

    Parameters

    Returns string

  • Returns the URL to logout the user.

    Parameters

    Returns string

  • Returns the URL to registration page.

    Parameters

    Returns string

  • hasRealmRole(role: string): boolean
  • Returns true if the token has the given realm role.

    Parameters

    • role: string

      A realm role name.

    Returns boolean

  • hasResourceRole(role: string, resource?: string): boolean
  • Returns true if the token has the given role for the resource.

    Parameters

    • role: string

      A role name.

    • Optional resource: string

      If not specified, clientId is used.

    Returns boolean

  • Called to initialize the adapter.

    Parameters

    Returns KeycloakPromise<boolean, KeycloakError>

    A promise to set functions to be invoked on success or error.

  • isTokenExpired(minValidity?: number): boolean
  • Returns true if the token has less than minValidity seconds left before it expires.

    Parameters

    • Optional minValidity: number

      If not specified, 0 is used.

    Returns boolean

  • Loads the user's profile.

    Returns KeycloakPromise<KeycloakProfile, void>

    A promise to set functions to be invoked on success or error.

  • Redirects to login form.

    Parameters

    Returns KeycloakPromise<void, void>

  • Redirects to logout.

    Parameters

    Returns KeycloakPromise<void, void>

  • onActionUpdate(status: "error" | "success" | "cancelled"): void
  • Called when a AIA has been requested by the application.

    Parameters

    • status: "error" | "success" | "cancelled"

    Returns void

  • Called if there was an error during authentication.

    Parameters

    Returns void

  • onAuthLogout(): void
  • Called if the user is logged out (will only be called if the session status iframe is enabled, or in Cordova mode).

    Returns void

  • onAuthRefreshError(): void
  • Called if there was an error while trying to refresh the token.

    Returns void

  • onAuthRefreshSuccess(): void
  • Called when the token is refreshed.

    Returns void

  • onAuthSuccess(): void
  • Called when a user is successfully authenticated.

    Returns void

  • onReady(authenticated?: boolean): void
  • Called when the adapter is initialized.

    Parameters

    • Optional authenticated: boolean

    Returns void

  • onTokenExpired(): void
  • Called when the access token is expired. If a refresh token is available the token can be refreshed with Keycloak#updateToken, or in cases where it's not (ie. with implicit flow) you can redirect to login screen to obtain a new access token.

    Returns void

  • Redirects to registration form.

    Parameters

    Returns KeycloakPromise<void, void>

  • If the token expires within minValidity seconds, the token is refreshed. If the session status iframe is enabled, the session status is also checked.

    example
    keycloak.updateToken(5).then(function(refreshed) {
    if (refreshed) {
    alert('Token was successfully refreshed');
    } else {
    alert('Token is still valid');
    }
    }).catch(function() {
    alert('Failed to refresh the token, or the session has expired');
    });

    Parameters

    • minValidity: number

    Returns KeycloakPromise<boolean, boolean>

    A promise to set functions that can be invoked if the token is still valid, or if the token is no longer valid.

Generated using TypeDoc