Red Hat Summit이 콘텐츠는 선택한 언어로 제공되지 않습니다.
Chapter 14. Enabling and disabling features
Configure Red Hat build of Keycloak to use optional features.
Red Hat build of Keycloak has packed some functionality in features, including some disabled features, such as Technology Preview and deprecated features. Other features are enabled by default, but you can disable them if they do not apply to your use of Red Hat build of Keycloak.
14.1. Enabling features
Some supported features, and all preview features, are disabled by default. To enable a feature, enter this command:
bin/kc.[sh|bat] build --features="<name>[,<name>]"
bin/kc.[sh|bat] build --features="<name>[,<name>]"
For example, to enable docker and token-exchange, enter this command:
bin/kc.[sh|bat] build --features="docker,token-exchange"
bin/kc.[sh|bat] build --features="docker,token-exchange"To enable all preview features, enter this command:
bin/kc.[sh|bat] build --features="preview"
bin/kc.[sh|bat] build --features="preview"Enabled feature may be versioned, or unversioned. If you use a versioned feature name, e.g. feature:v1, that exact feature version will be enabled as long as it still exists in the runtime. If you instead use an unversioned name, e.g. just feature, the selection of the particular supported feature version may change from release to release according to the following precedence:
- The highest default supported version
- The highest non-default supported version
- The highest deprecated version
- The highest preview version
- The highest experimental version
14.2. Disabling features
To disable a feature that is enabled by default, enter this command:
bin/kc.[sh|bat] build --features-disabled="<name>[,<name>]"
bin/kc.[sh|bat] build --features-disabled="<name>[,<name>]"
For example to disable impersonation, enter this command:
bin/kc.[sh|bat] build --features-disabled="impersonation"
bin/kc.[sh|bat] build --features-disabled="impersonation"
It is not allowed to have a feature in both the features-disabled list and the features list.
When a feature is disabled all versions of that feature are disabled.
14.3. Supported features
The following list contains supported features that are enabled by default, and can be disabled if not needed.
| Feature | Description |
|---|---|
| account-api:v1 | Account Management REST API |
| account:v3 | Account Console version 3 |
| admin-api:v1 | Admin API |
| admin-fine-grained-authz:v2 | Fine-Grained Admin Permissions version 2 |
| admin:v2 | New Admin Console |
| authorization:v1 | Authorization Service |
| ciba:v1 | OpenID Connect Client Initiated Backchannel Authentication (CIBA) |
| client-policies:v1 | Client configuration policies |
| device-flow:v1 | OAuth 2.0 Device Authorization Grant |
| dpop:v1 | OAuth 2.0 Demonstrating Proof-of-Possession at the Application Layer |
| hostname:v2 | Hostname Options V2 |
| impersonation:v1 | Ability for admins to impersonate users |
| kerberos:v1 | Kerberos |
| login:v2 | New Login Theme |
| opentelemetry:v1 | OpenTelemetry Tracing |
| organization:v1 | Organization support within realms |
| par:v1 | OAuth 2.0 Pushed Authorization Requests (PAR) |
| passkeys:v1 | Passkeys |
| persistent-user-sessions:v1 | Persistent online user sessions across restarts and upgrades |
| recovery-codes:v1 | Recovery codes |
| rolling-updates:v1 | Rolling Updates |
| step-up-authentication:v1 | Step-up Authentication |
| token-exchange-standard:v2 | Standard Token Exchange version 2 |
| update-email:v1 | Update Email Action |
| user-event-metrics:v1 | Collect metrics based on user events |
| web-authn:v1 | W3C Web Authentication (WebAuthn) |
14.3.1. Disabled by default
The following list contains supported features that are disabled by default, and can be enabled if needed.
| Feature | Description |
|---|---|
| docker:v1 | Docker Registry protocol |
| fips:v1 | FIPS 140-2 mode |
| multi-site:v1 | Multi-site support |
14.4. Preview features
Preview features are disabled by default and are not recommended for use in production. These features may change or be removed at a future release.
| Feature | Description |
|---|---|
| admin-fine-grained-authz:v1 | Fine-Grained Admin Permissions |
| client-auth-federated:v1 | Authenticates client based on assertions issued by identity provider |
| client-secret-rotation:v1 | Client Secret Rotation |
| log-mdc:v1 | Mapped Diagnostic Context (MDC) information in logs |
| rolling-updates:v2 | Rolling Updates for patch releases |
| scripts:v1 | Write custom authenticators using JavaScript |
| spiffe:v1 | SPIFFE trust relationship provider |
| token-exchange:v1 | Token Exchange Service |
14.5. Deprecated features
The following list contains deprecated features that will be removed in a future release. These features are disabled by default.
| Feature | Description |
|---|---|
| instagram-broker:v1 | Instagram Identity Broker |
| login:v1 | Legacy Login Theme |
| logout-all-sessions:v1 | Logout all sessions logs out only regular sessions |
| passkeys-conditional-ui-authenticator:v1 | Passkeys conditional UI authenticator |
14.6. Relevant options
| Value | |
|---|---|
| 🛠
|
|
| 🛠
|
|
'%20d='M201.5%20305.5c-13.8%200-24.9-11.1-24.9-24.6%200-13.8%2011.1-24.9%2024.9-24.9%2013.6%200%2024.6%2011.1%2024.6%2024.9%200%2013.6-11.1%2024.6-24.6%2024.6zM504%20256c0%20137-111%20248-248%20248S8%20393%208%20256%20119%208%20256%208s248%20111%20248%20248zm-132.3-41.2c-9.4%200-17.7%203.9-23.8%2010-22.4-15.5-52.6-25.5-86.1-26.6l17.4-78.3%2055.4%2012.5c0%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.3%2024.9-24.9s-11.1-24.9-24.9-24.9c-9.7%200-18%205.8-22.1%2013.8l-61.2-13.6c-3-.8-6.1%201.4-6.9%204.4l-19.1%2086.4c-33.2%201.4-63.1%2011.3-85.5%2026.8-6.1-6.4-14.7-10.2-24.1-10.2-34.9%200-46.3%2046.9-14.4%2062.8-1.1%205-1.7%2010.2-1.7%2015.5%200%2052.6%2059.2%2095.2%20132%2095.2%2073.1%200%20132.3-42.6%20132.3-95.2%200-5.3-.6-10.8-1.9-15.8%2031.3-16%2019.8-62.5-14.9-62.5zM302.8%20331c-18.2%2018.2-76.1%2017.9-93.6%200-2.2-2.2-6.1-2.2-8.3%200-2.5%202.5-2.5%206.4%200%208.6%2022.8%2022.8%2087.3%2022.8%20110.2%200%202.5-2.2%202.5-6.1%200-8.6-2.2-2.2-6.1-2.2-8.3%200zm7.7-75c-13.6%200-24.6%2011.1-24.6%2024.9%200%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.1%2024.9-24.6%200-13.8-11-24.9-24.9-24.9z'/%3e%3c/svg%3e){kind=small}