Options
All
  • Public
  • Public/Protected
  • All
Menu

Interface KeycloakInstance

A client for the Keycloak authentication server.

see

Keycloak JS adapter documentation

Hierarchy

  • KeycloakInstance

Index

Properties

Methods

Properties

Optional authenticated

authenticated?: boolean

Is true if the user is authenticated, false otherwise.

Optional flow

flow?: KeycloakFlow

Flow passed in init.

Optional idToken

idToken?: string

The base64 encoded ID token.

Optional idTokenParsed

idTokenParsed?: KeycloakTokenParsed

The parsed id token as a JavaScript object.

Optional realmAccess

realmAccess?: KeycloakRoles

The realm roles associated with the token.

Optional refreshToken

refreshToken?: string

The base64 encoded refresh token that can be used to retrieve a new token.

Optional refreshTokenParsed

refreshTokenParsed?: KeycloakTokenParsed

The parsed refresh token as a JavaScript object.

Optional resourceAccess

resourceAccess?: KeycloakResourceAccess

The resource roles associated with the token.

Optional responseMode

responseMode?: KeycloakResponseMode

Response mode passed in init (default value is 'fragment').

Optional responseType

responseType?: KeycloakResponseType

Response type sent to Keycloak with login requests. This is determined based on the flow value used during initialization, but can be overridden by setting this value.

Optional subject

subject?: string

The user id.

Optional timeSkew

timeSkew?: number

The estimated time difference between the browser time and the Keycloak server in seconds. This value is just an estimation, but is accurate enough when determining if a token is expired or not.

Optional token

token?: string

The base64 encoded token that can be sent in the Authorization header in requests to services.

Optional tokenParsed

tokenParsed?: KeycloakTokenParsed

The parsed token as a JavaScript object.

Methods

accountManagement

  • Redirects to the Account Management Console.

    Returns KeycloakPromise<void, void>

clearToken

  • clearToken(): void

  • Clears authentication state, including tokens. This can be useful if the application has detected the session was expired, for example if updating token fails. Invoking this results in Keycloak#onAuthLogout callback listener being invoked.

    Returns void

createAccountUrl

  • Returns the URL to the Account Management Console.

    Parameters

    Returns string

createLoginUrl

  • Returns the URL to login form.

    Parameters

    Returns string

createLogoutUrl

  • Returns the URL to logout the user.

    Parameters

    Returns string

createRegisterUrl

  • Returns the URL to registration page.

    Parameters

    Returns string

hasRealmRole

  • hasRealmRole(role: string): boolean

  • Returns true if the token has the given realm role.

    Parameters

    • role: string

      A realm role name.

    Returns boolean

hasResourceRole

  • hasResourceRole(role: string, resource?: string): boolean

  • Returns true if the token has the given role for the resource.

    Parameters

    • role: string

      A role name.

    • Optional resource: string

      If not specified, clientId is used.

    Returns boolean

init

  • Called to initialize the adapter.

    Parameters

    Returns KeycloakPromise<boolean, KeycloakError>

    A promise to set functions to be invoked on success or error.

isTokenExpired

  • isTokenExpired(minValidity?: number): boolean

  • Returns true if the token has less than minValidity seconds left before it expires.

    Parameters

    • Optional minValidity: number

      If not specified, 0 is used.

    Returns boolean

loadUserProfile

  • Loads the user's profile.

    Returns KeycloakPromise<KeycloakProfile, void>

    A promise to set functions to be invoked on success or error.

login

  • Redirects to login form.

    Parameters

    Returns KeycloakPromise<void, void>

logout

  • Redirects to logout.

    Parameters

    Returns KeycloakPromise<void, void>

Optional onActionUpdate

  • onActionUpdate(status: "error" | "success" | "cancelled"): void

  • Called when a AIA has been requested by the application.

    Parameters

    • status: "error" | "success" | "cancelled"

    Returns void

Optional onAuthError

  • Called if there was an error during authentication.

    Parameters

    Returns void

Optional onAuthLogout

  • onAuthLogout(): void

  • Called if the user is logged out (will only be called if the session status iframe is enabled, or in Cordova mode).

    Returns void

Optional onAuthRefreshError

  • onAuthRefreshError(): void

  • Called if there was an error while trying to refresh the token.

    Returns void

Optional onAuthRefreshSuccess

  • onAuthRefreshSuccess(): void

  • Called when the token is refreshed.

    Returns void

Optional onAuthSuccess

  • onAuthSuccess(): void

  • Called when a user is successfully authenticated.

    Returns void

Optional onReady

  • onReady(authenticated?: boolean): void

  • Called when the adapter is initialized.

    Parameters

    • Optional authenticated: boolean

    Returns void

Optional onTokenExpired

  • onTokenExpired(): void

  • Called when the access token is expired. If a refresh token is available the token can be refreshed with Keycloak#updateToken, or in cases where it's not (ie. with implicit flow) you can redirect to login screen to obtain a new access token.

    Returns void

register

  • Redirects to registration form.

    Parameters

    Returns KeycloakPromise<void, void>

updateToken

  • If the token expires within minValidity seconds, the token is refreshed. If the session status iframe is enabled, the session status is also checked.

    example
    keycloak.updateToken(5).then(function(refreshed) {
      if (refreshed) {
        alert('Token was successfully refreshed');
      } else {
        alert('Token is still valid');
      }
    }).catch(function() {
      alert('Failed to refresh the token, or the session has expired');
    });

    Parameters

    • minValidity: number

    Returns KeycloakPromise<boolean, boolean>

    A promise to set functions that can be invoked if the token is still valid, or if the token is no longer valid.

Generated using TypeDoc