Keycloak.NETCore.Clientv2
1.4.0
dotnet add package Keycloak.NETCore.Clientv2 --version 1.4.0
NuGet\Install-Package Keycloak.NETCore.Clientv2 -Version 1.4.0
This command is intended to be used within the Package Manager Console in Visual Studio, as it uses the NuGet module's version of Install-Package.
<PackageReference Include="Keycloak.NETCore.Clientv2" Version="1.4.0" />
For projects that support PackageReference, copy this XML node into the project file to reference the package.
<PackageVersion Include="Keycloak.NETCore.Clientv2" Version="1.4.0" />
<PackageReference Include="Keycloak.NETCore.Clientv2" />
For projects that support Central Package Management (CPM), copy this XML node into the solution Directory.Packages.props file to version the package.
paket add Keycloak.NETCore.Clientv2 --version 1.4.0
The NuGet Team does not provide support for this client. Please contact its maintainers for support.
#r "nuget: Keycloak.NETCore.Clientv2, 1.4.0"
#r directive can be used in F# Interactive and Polyglot Notebooks. Copy this into the interactive tool or source code of the script to reference the package.
#:package Keycloak.NETCore.Clientv2@1.4.0
#:package directive can be used in C# file-based apps starting in .NET 10 preview 4. Copy this into a .cs file before any lines of code to reference the package.
#addin nuget:?package=Keycloak.NETCore.Clientv2&version=1.4.0
#tool nuget:?package=Keycloak.NETCore.Clientv2&version=1.4.0
The NuGet Team does not provide support for this client. Please contact its maintainers for support.
๐ Keycloak Client for .NET Core
<div align="center"> <img src="assets/kc_logo.svg" alt="Keycloak .NET Core Client Logo" width="200"> </div>
๐ A powerful and feature-rich .NET Core client library for Keycloak that simplifies integration with Keycloak's authentication and authorization services. This enterprise-ready library provides a comprehensive implementation of Keycloak's REST API, with full support for OpenID Connect, OAuth 2.0, and User-Managed Access (UMA 2.0) protocols.
<div align="center">
</div>
โ๏ธ Requirements
| Category | Supported Versions |
|---|---|
| .NET | 8.0, 9.0, 10.0 |
| Dependencies | ASP.NET Core, Microsoft.Extensions.DependencyInjection, Newtonsoft.Json |
โ Version Compatibility
| Keycloak Version | Support |
|---|---|
| 26.x | โ |
| 25.x | โ |
| 24.x | โ |
| 23.x | โ |
| 22.x | โ |
| 21.x | โ |
| 20.x | โ |
๐ Key Features
- ๐ Complete Keycloak REST API integration
- ๐ก๏ธ Robust security with OpenID Connect and OAuth 2.0
- ๐ Built-in monitoring and performance metrics
- ๐ Comprehensive error handling and debugging
- ๐ฆ Automated token management and renewal
- ๐ฅ Advanced user and group management
- ๐ Multiple authentication flows support
- ๐ Enterprise-grade scalability
- ๐ Organizations support
๐ Table of Contents
- ๐ Keycloak Client for .NET Core
๐ป Installation
To integrate the Keycloak client library into your .NET Core application, simply add the NuGet package:
Install-Package Keycloak.NETCore.Client
๐ Getting Started
๐ Prerequisites
- โณ๏ธ .NET Core SDK (version 6.0 or later)
- ๐ฅ๏ธ A running Keycloak instance
- ๐ Client credentials and realm configuration
๐ง Basic Setup
- Add the Keycloak client to your services in
Program.csorStartup.cs:
services.AddKeycloakAuthentication(options =>
{
options.KeycloakBaseUrl = "http://localhost:8080";
options.RealmAdminCredentials = new KcClientCredentials
{
ClientId = "your-client-id",
Secret = "your-client-secret"
};
});
๐ Basic Usage
Here's a quick example of how to use the library:
// Create Keycloak client
var keycloakClient = new KeycloakClient("http://localhost:8080");
// Authenticate
var token = await keycloakClient.Auth.GetClientCredentialsTokenAsync(
"your-realm",
new KcClientCredentials
{
ClientId = "your-client-id",
Secret = "your-client-secret"
});
// Check for authentication errors
if (token.IsError)
{
Console.WriteLine($"Authentication error: {token.ErrorMessage}");
return;
}
// Get the actual token from the Response property
var accessToken = token.Response.AccessToken;
Console.WriteLine($"Successfully authenticated. Access token obtained.");
// Use the token for other operations
var users = await keycloakClient.Users.GetAsync(
"your-realm",
token.AccessToken,
new KcUserFilter { Max = 10 });
๐ Organizations
var client = new KeycloakClient("http://localhost:8080");
var token = await client.Auth.GetClientCredentialsTokenAsync(realm, credentials);
// Get count of all organizations
var count = await client.Organizations.CountAsync(realm, token.Response.AccessToken);
// List organizations with filter
var filter = new KcOrganizationFilter
{
Search = "test",
Exact = false,
Max = 50
};
var orgs = await client.Organizations.ListAsync(realm, token.Response.AccessToken, filter);
// Get specific organization
var org = await client.Organizations.GetAsync(realm, token.Response.AccessToken, orgId);
๐ Organization Members
var client = new KeycloakClient("http://localhost:8080");
var token = await client.Auth.GetClientCredentialsTokenAsync(realm, credentials);
// Get all members of an organization
var members = await client.Organizations.GetMembersAsync(
realm,
token.Response.AccessToken,
organizationId);
// Get count of members
var count = await client.Organizations.GetMembersCountAsync(
realm,
token.Response.AccessToken,
organizationId);
// Filter members by membership type
var filter = new KcOrganizationMemberFilter
{
MembershipType = KcMembershipType.Managed,
Search = "john",
Exact = false,
Max = 50
};
var managedMembers = await client.Organizations.GetMembersAsync(
realm,
token.Response.AccessToken,
organizationId,
filter);
// Add an existing user as a member of the organization
var addResult = await client.Organizations.AddMemberAsync(
realm,
token.Response.AccessToken,
organizationId,
userId);
// Invite a user by email (sends invitation or registration link)
var emailInvite = new KcInviteUserByEmailRequest
{
Email = "user@example.com",
FirstName = "John",
LastName = "Doe"
};
var inviteByEmailResult = await client.Organizations.InviteUserByEmailAsync(
realm,
token.Response.AccessToken,
organizationId,
emailInvite);
// Invite an existing user to the organization (by user ID)
var inviteResult = await client.Organizations.InviteExistingUserAsync(
realm,
token.Response.AccessToken,
organizationId,
userId);
// Remove a member from the organization
var removeResult = await client.Organizations.RemoveMemberAsync(
realm,
token.Response.AccessToken,
organizationId,
memberId);
// Get all organizations associated with a member
var memberOrgs = await client.Organizations.GetMemberOrganizationsAsync(
realm,
token.Response.AccessToken,
organizationId,
memberId);
// Get full representation of member's organizations (not just brief)
var memberOrgsFilter = new KcOrganizationFilter
{
BriefRepresentation = false
};
var memberOrgsFull = await client.Organizations.GetMemberOrganizationsAsync(
realm,
token.Response.AccessToken,
organizationId,
memberId,
memberOrgsFilter);
๐ Documentation
Explore our comprehensive documentation for each module:
๐ API Authentication
- JWT Bearer Authentication
- Role Claims Transformation
- Security Best Practices
๐ก๏ธ Authorization
- UMA 2.0 Authorization
- Policy Enforcement
- Protected Resources
๐ Response Types
- Type-safe responses
- Error handling
- Response Models
-
- Performance tracking
- Health checks
- System diagnostics
๐ Authentication Management
- Token lifecycle
- Multiple auth flows
- Security features
๐ฅ User Management
- User operations
- Role management
- Group handling
โ๏ธ Client Management
- Configuration
- Service accounts
- Client scopes
๐งช Testing
Our library includes an extensive test suite ensuring reliability across multiple Keycloak versions (20.x through 26.x). The testing infrastructure leverages Docker and Ansible for automated setup and execution.
๐ Test Documentation
๐ Test Suite Guide
- Test patterns
- Setup instructions
- Mock data structure
๐ง Ansible Setup Guide
- Environment setup
- Configuration management
- Container orchestration
๐ฌ Key Testing Features
Version Coverage:
- Supports Keycloak 20.x through 26.x
- Automated environment setup per version
- Parallel version testing
Test Categories:
- Authentication flows
- Authorization mechanisms
- Client operations
- Group management
- User operations
Infrastructure:
- Docker-based environments
- Ansible automation
- Continuous Integration ready
- Comprehensive mock data
โก Running Tests
# Install test environment dependencies
cd NETCore.Keycloak.Client.Tests
make install_virtual_env
# Run tests for all supported versions
dotnet cake e2e_test.cake
๐ License
This project is licensed under the MIT License - see the LICENSE file for details.
๐ค Contributing
We welcome contributions from the community! Please check our Contributing Guidelines for details on:
- Branch naming conventions
- Code style and formatting rules
- Pull request process
- Security guidelines
โญ Star us on GitHub | ๐ซ Report Issues | ๐ Read the Docs
| Product | Versions Compatible and additional computed target framework versions. |
|---|---|
| .NET | net8.0 is compatible. net8.0-android was computed. net8.0-browser was computed. net8.0-ios was computed. net8.0-maccatalyst was computed. net8.0-macos was computed. net8.0-tvos was computed. net8.0-windows was computed. net9.0 is compatible. net9.0-android was computed. net9.0-browser was computed. net9.0-ios was computed. net9.0-maccatalyst was computed. net9.0-macos was computed. net9.0-tvos was computed. net9.0-windows was computed. net10.0 is compatible. net10.0-android was computed. net10.0-browser was computed. net10.0-ios was computed. net10.0-maccatalyst was computed. net10.0-macos was computed. net10.0-tvos was computed. net10.0-windows was computed. |
Compatible target framework(s)
Included target framework(s) (in package)
Learn more about Target Frameworks and .NET Standard.
-
net10.0
- Microsoft.AspNetCore.Authentication (>= 2.3.0)
- Microsoft.AspNetCore.Authentication.Abstractions (>= 2.3.0)
- Microsoft.AspNetCore.Authentication.JwtBearer (>= 6.0.33)
- Microsoft.AspNetCore.Authorization (>= 8.0.11)
- Microsoft.Extensions.DependencyInjection (>= 8.0.1)
- Microsoft.Extensions.DependencyInjection.Abstractions (>= 8.0.2)
- Newtonsoft.Json (>= 13.0.3)
- System.IdentityModel.Tokens.Jwt (>= 8.3.0)
-
net8.0
- Microsoft.AspNetCore.Authentication (>= 2.3.0)
- Microsoft.AspNetCore.Authentication.Abstractions (>= 2.3.0)
- Microsoft.AspNetCore.Authentication.JwtBearer (>= 6.0.33)
- Microsoft.AspNetCore.Authorization (>= 8.0.11)
- Microsoft.Extensions.DependencyInjection (>= 8.0.1)
- Microsoft.Extensions.DependencyInjection.Abstractions (>= 8.0.2)
- Newtonsoft.Json (>= 13.0.3)
- System.IdentityModel.Tokens.Jwt (>= 8.3.0)
-
net9.0
- Microsoft.AspNetCore.Authentication (>= 2.3.0)
- Microsoft.AspNetCore.Authentication.Abstractions (>= 2.3.0)
- Microsoft.AspNetCore.Authentication.JwtBearer (>= 6.0.33)
- Microsoft.AspNetCore.Authorization (>= 8.0.11)
- Microsoft.Extensions.DependencyInjection (>= 8.0.1)
- Microsoft.Extensions.DependencyInjection.Abstractions (>= 8.0.2)
- Newtonsoft.Json (>= 13.0.3)
- System.IdentityModel.Tokens.Jwt (>= 8.3.0)
NuGet packages
This package is not used by any NuGet packages.
GitHub repositories
This package is not used by any popular GitHub repositories.