Interface KeycloakInitOptions

interface KeycloakInitOptions {
    acrValues?: string;
    adapter?: "default" | KeycloakAdapter | "cordova" | "cordova-native";
    checkLoginIframe?: boolean;
    checkLoginIframeInterval?: number;
    enableLogging?: boolean;
    flow?: KeycloakFlow;
    idToken?: string;
    locale?: string;
    logoutMethod?: "GET" | "POST";
    messageReceiveTimeout?: number;
    onLoad?: KeycloakOnLoad;
    pkceMethod?: KeycloakPkceMethod;
    redirectUri?: string;
    refreshToken?: string;
    responseMode?: KeycloakResponseMode;
    scope?: string;
    silentCheckSsoFallback?: boolean;
    silentCheckSsoRedirectUri?: string;
    timeSkew?: number;
    token?: string;
    useNonce?: boolean;
}

Properties

acrValues? adapter? checkLoginIframe? checkLoginIframeInterval? enableLogging? flow? idToken? locale? logoutMethod? messageReceiveTimeout? onLoad? pkceMethod? redirectUri? refreshToken? responseMode? scope? silentCheckSsoFallback? silentCheckSsoRedirectUri? timeSkew? token? useNonce?

Properties

OptionalacrValues

acrValues?: string

Configures the 'acr_values' query param in compliance with section 3.1.2.1 of the OIDC 1.0 specification. Used to tell Keycloak what level of authentication the user needs.

Optionaladapter

adapter?: "default" | KeycloakAdapter | "cordova" | "cordova-native"

Allow usage of different types of adapters or a custom adapter to make Keycloak work in different environments.

The following options are supported:

  • default - Use default APIs that are available in browsers.
  • cordova - Use a WebView in Cordova.
  • cordova-native - Use Cordova native APIs, this is recommended over cordova.

It's also possible to pass in a custom adapter for the environment you are running Keycloak in. In order to do so extend the KeycloakAdapter interface and implement the methods that are defined there.

For example:

import Keycloak, { KeycloakAdapter } from 'keycloak-js';

// Implement the 'KeycloakAdapter' interface so that all required methods are guaranteed to be present.
const MyCustomAdapter: KeycloakAdapter = {
	login(options) {
		// Write your own implementation here.
	}

	// The other methods go here...
};

const keycloak = new Keycloak();

keycloak.init({
	adapter: MyCustomAdapter,
});

OptionalcheckLoginIframe

checkLoginIframe?: boolean

Set to enable/disable monitoring login state.

Default

true

OptionalcheckLoginIframeInterval

checkLoginIframeInterval?: number

Set the interval to check login state (in seconds).

Default

5

OptionalenableLogging

enableLogging?: boolean

Enables logging messages from Keycloak to the console.

Default

false

Optionalflow

flow?: KeycloakFlow

Set the OpenID Connect flow.

Default

standard

OptionalidToken

idToken?: string

Set an initial value for the id token (only together with token or refreshToken).

Optionallocale

locale?: string

When onLoad is 'login-required', sets the 'ui_locales' query param in compliance with section 3.1.2.1 of the OIDC 1.0 specification.

OptionallogoutMethod

logoutMethod?: "GET" | "POST"

HTTP method for calling the end_session endpoint. Defaults to 'GET'.

OptionalmessageReceiveTimeout

messageReceiveTimeout?: number

Configures how long will Keycloak adapter wait for receiving messages from server in ms. This is used, for example, when waiting for response of 3rd party cookies check.

Default

10000

OptionalonLoad

onLoad?: KeycloakOnLoad

Specifies an action to do on load.

OptionalpkceMethod

pkceMethod?: KeycloakPkceMethod

Configures the Proof Key for Code Exchange (PKCE) method to use. This will default to 'S256'. Can be disabled by passing false.

OptionalredirectUri

redirectUri?: string

Specifies a default uri to redirect to after login or logout. This is currently supported for adapter 'cordova-native' and 'default'

OptionalrefreshToken

refreshToken?: string

Set an initial value for the refresh token.

OptionalresponseMode

responseMode?: KeycloakResponseMode

Set the OpenID Connect response mode to send to Keycloak upon login.

Default

fragment After successful authentication Keycloak will redirect
                  to JavaScript application with OpenID Connect parameters
                  added in URL fragment. This is generally safer and
                  recommended over query.

Optionalscope

scope?: string

Set the default scope parameter to the login endpoint. Use a space-delimited list of scopes. Note that the scope 'openid' will be always be added to the list of scopes by the adapter. Note that the default scope specified here is overwritten if the login() options specify scope explicitly.

OptionalsilentCheckSsoFallback

silentCheckSsoFallback?: boolean

Specifies whether the silent check-sso should fallback to "non-silent" check-sso when 3rd party cookies are blocked by the browser. Defaults to true.

OptionalsilentCheckSsoRedirectUri

silentCheckSsoRedirectUri?: string

Specifies an uri to redirect to after silent check-sso. Silent check-sso will only happen, when this redirect uri is given and the specified uri is available within the application.

OptionaltimeSkew

timeSkew?: number

Set an initial value for skew between local time and Keycloak server in seconds (only together with token or refreshToken).

Optionaltoken

token?: string

Set an initial value for the token.

OptionaluseNonce

useNonce?: boolean

Adds a cryptographic nonce to verify that the authentication response matches the request.

Default

true

Settings

Member Visibility

On This Page

Properties