Big thanks for your contribution. With your tutorial, I was able to create my own user storage provider. It made a huge difference.

Is there any platform to discuss issues with the examples? Currently trying to implement a endpoint as described here, but getting a 404.

Is it possible to pass master realm admin token to validate in acme realm user? because I tried this but didnt worked.

In the documentation it is not mentioned that the provider ID is part of the context path so I was stuck, thanks a lot for sharing!

Hi Can you please explain how to link , I didn't understand the keycloak documentation

How to configure this custom provider in keycloak?

Can you please add another video to explain how to configure,and deploying this extension

Hi, Im trying login with otp. That is working on UI. So, When I insert gsm no, I can get otp code and after that when I insert the code I can login. All of thing ok but. How to work this one on api server? I wanna login in any api endpoint without UI web page

Thanks for this tutorial ! Please, do you know how to modify the authorization OpenID endpoints /auth to /authorize exposed in .well-known/openid-configuration url ?

I want my resources to use a different model to Authorization (not authentication), based on application specific roles and permission. Do you think above will fit as a solution?

Hello Niko, I'm getting below error when I try to build KeycloakBuilder object in keycloak, ERROR: org.eclipse.microprofile.config.spi.ConfigSource: org.jboss.resteasy.microprofile.config.ServletConfigSource not a subtype I appreciate your attention and input. Thanks in advance.

I want do it but I dont know how open a java project like you showed at 2.37 minutes

Hi, can two clients in the same realm communicate with each other on keycloak ? if yes, how ? if no, why ?

Thank you for sharing this useful video. I have two questions. First, I don't know how can I deploy this custom endpoint into the keycloak server. I think you didn't point it out in this video. Second, Is there anyway to debug and have break point inside the created module? In fact I want deploy this module in intellij in debug mode and when I call this api from postman, I want to have break point and check input data. Is this possible?

Is it possible to override-enrich default /roles endpoint of keycloak-server? Thank you

Thank you for the video. I have added custom rest resource same way to achieve my usecase.(Develop api over keycloak client which gives me list of apps where the client's roles are added in scope mappings.. e.g. /auth/realms/kc12/clients/47a9cd6e-6272-4efd-ac91-f5af97992b9d/linked-scope-mappings) I want this api to use the authentication of master realm for authentication and having admin-cli as azp. 1. Can you suggest how can I achieve this? 2. Also is there any way to add the custom reosources over /admin endpoints? ( I will be using this endpoint from my service along with other management apis)

Hi Niko, I followed your video te create a custom REST resource. Creating and deploying it to keycloak formed no issues. I am running into the issue that whenever I call the checkAuth() method, it throws an exception. I make the requests with a valid token, but the AuthResult auth keeps being null. I am using keycloak 19.0.2. Do you have any idea why this AuthResult keeps being null?

Great tutorial!It works like a charm. Is it possible to use tokens issued for other clients than the admin-cli one? When I authenticate against my other clients (same realm!) and try to use that token in the custom endpoint, auth is always null. As soon as I use the admin-cli token, it works. I'd like the user's of the specific client to use my new endpoint with their client token as well. Thanks a lot! Tried to add the audience to "admin-cli" with a Client Scope Mapper - strangely this worked 1 or 2 times, now I get 401 again

Hi Niko, it's a great video that I'm looking for implement custom rest endpoints. I have a Keycloak container (docker) then I create the custom rest endpoints and I want to build and publish it to my current Keycloak container to testing it like the video you show with Inertia REST client. Is it correct that I just build it to JAR file with Maven then send it to Keycloak container in directory opt/keycloak/providers then re-build the Keycloak container with command kc.[sh|bat] build? Thanks.

Hey Niko, Thanks for this video. Using this can I extend admin client'api as there is no API for search permission or list permission

Thank you first of all for those in-depth looks in keycloak on different factories. I'm facing an issue which is the following : i'm trying to integrate keycloak as the identity provider of my android application, the token endpoint works well but in this app we need OTP i've implemented it and added it in the flow, it work fine when it's brower based but what i want is to hit the specific endpoint /login-action , the "action" part in which the code is verified. For some reason it doesn't work i tried to mimic the behavior of the browser by sending a similar response after the username and password validation, and use those parameters for the second call but i always get a bad request status. Is there way to achieve that? Thank you PS: i don't want to use a webview or the AppAuth android library is possible

Niko Thanks for the video! Is there any way I can authenticate using a token issued by the master realm? I would like to limit access to these realm endpoints to our keycloak admin, rather than creating users for each realm to access these endpoints. Is there a different authenticator other than AppAuthManager that I can use to do that? If that doesn't work is there a way to extend the admin api with custom realm endpoints like this SPI? Thanks again for the video.

When I add 'private fınalkeycloak sessıon' lın to my SprıngBoot applıcatıon ut takes an error as Parameter 0 of constructor ıin com.... reqıred bean type 'org.keycloak.models.KeycloakSessıon' that could not be found. Could you have an idea for the solution? Thanks

Hello, Thanks for the video! I have custom resources like in this video, but i want realize automatic exception handling. I have implemented ExceptionMapper interface and added @Provider annotation but it doesn't work. All exceptions are handled by the standard KeycloakErrorHandler. Could you tell me how to register my mapper?

which type of controllers are those?

Danke für die informativen Videos. Könntest du evtl. mal ein Video über die Keycloak Offline Token und deren Verwendung machen. Ich suche aktuell eine Möglichkeit so eine Art One-Time-Token zu realisieren und bin dabei auf Offline Tokens gestoßen. Leider findet man im Netz nicht allzu viel darüber. Würde mich freuen wenn du uns das mal vernünftig erklärst.

Can I implment a custome rest resource to finish authenticate like OIDC endpoint?

can users self register?

It just does not work.