{"id":13401514,"url":"https://github.com/keycloak/keycloak","last_synced_at":"2026-01-06T09:16:31.903Z","repository":{"id":37252325,"uuid":"11125589","full_name":"keycloak/keycloak","owner":"keycloak","description":"Open Source Identity and Access Management For Modern Applications and Services","archived":false,"fork":false,"pushed_at":"2025-09-05T15:21:33.000Z","size":553206,"stargazers_count":29400,"open_issues_count":2226,"forks_count":7575,"subscribers_count":390,"default_branch":"main","last_synced_at":"2025-09-05T15:32:19.854Z","etag":null,"topics":["keycloak","oidc","saml"],"latest_commit_sha":null,"homepage":"https://www.keycloak.org","language":"Java","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/keycloak.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE.txt","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":".github/CODEOWNERS","security":"SECURITY-INSIGHTS.yml","support":null,"governance":"GOVERNANCE.md","roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":"MAINTAINERS.md","copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2013-07-02T13:38:51.000Z","updated_at":"2025-09-05T15:21:38.000Z","dependencies_parsed_at":"2023-10-19T18:53:39.045Z","dependency_job_id":"08ff41e5-b3d2-401a-8fa5-958040eb9a80","html_url":"https://github.com/keycloak/keycloak","commit_stats":{"total_commits":18303,"total_committers":1296,"mean_commits":"14.122685185185185","dds":0.8712779325793586,"last_synced_commit":"ae48d0c447ed37a72a284d46f8a2798247b38fa7"},"previous_names":[],"tags_count":271,"template":false,"template_full_name":null,"purl":"pkg:github/keycloak/keycloak","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/keycloak%2Fkeycloak","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/keycloak%2Fkeycloak/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/keycloak%2Fkeycloak/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/keycloak%2Fkeycloak/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/keycloak","download_url":"https://codeload.github.com/keycloak/keycloak/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/keycloak%2Fkeycloak/sbom","scorecard":{"id":65056,"data":{"date":"2025-08-04","repo":{"name":"github.com/keycloak/keycloak","commit":"134b00abb136b01be200d6bd97110972f44d94f0"},"scorecard":{"version":"v5.2.1-28-gc1d103a9","commit":"c1d103a9bb9f635ec7260bf9aa0699466fa4be0e"},"score":9.5,"checks":[{"name":"Maintained","score":10,"reason":"30 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#maintained"}},{"name":"Code-Review","score":10,"reason":"all changesets reviewed","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#code-review"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#packaging"}},{"name":"CII-Best-Practices","score":5,"reason":"badge detected: Passing","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#cii-best-practices"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE.txt:0","Info: FSF or OSI recognized license: Apache License 2.0: LICENSE.txt:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#license"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#dangerous-workflow"}},{"name":"Token-Permissions","score":10,"reason":"GitHub workflow tokens follow principle of least privilege","details":["Info: jobLevel 'pull-requests' permission set to 'read': .github/workflows/ci.yml:43","Info: jobLevel 'contents' permission set to 'read': .github/workflows/ci.yml:42","Info: jobLevel 'contents' permission set to 'read': .github/workflows/ci.yml:523","Warn: jobLevel 'actions' permission set to 'write': .github/workflows/ci.yml:524","Info: jobLevel 'contents' permission set to 'read': .github/workflows/codeql-analysis.yml:37","Info: jobLevel 'pull-requests' permission set to 'read': .github/workflows/codeql-analysis.yml:38","Info: jobLevel 'contents' permission set to 'read': .github/workflows/documentation.yml:35","Info: jobLevel 'pull-requests' permission set to 'read': .github/workflows/documentation.yml:36","Info: jobLevel 'contents' permission set to 'read': .github/workflows/guides.yml:36","Info: jobLevel 'pull-requests' permission set to 'read': .github/workflows/guides.yml:37","Info: jobLevel 'contents' permission set to 'read': .github/workflows/js-ci.yml:35","Info: jobLevel 'pull-requests' permission set to 'read': .github/workflows/js-ci.yml:36","Info: jobLevel 'contents' permission set to 'read': .github/workflows/operator-ci.yml:37","Info: jobLevel 'pull-requests' permission set to 'read': .github/workflows/operator-ci.yml:38","Warn: jobLevel 'contents' permission set to 'write': .github/workflows/quarkus-next.yml:26","Warn: jobLevel 'actions' permission set to 'write': .github/workflows/quarkus-next.yml:50","Warn: jobLevel 'actions' permission set to 'write': .github/workflows/schedule-nightly.yml:16","Warn: jobLevel 'actions' permission set to 'write': .github/workflows/schedule-nightly.yml:32","Warn: jobLevel 'actions' permission set to 'write': .github/workflows/schedule-nightly.yml:56","Info: topLevel 'contents' permission set to 'read': .github/workflows/aurora-delete.yml:16","Info: topLevel 'contents' permission set to 'read': .github/workflows/ci.yml:26","Info: topLevel 'contents' permission set to 'read': .github/workflows/codeql-analysis.yml:26","Info: topLevel 'contents' permission set to 'read': .github/workflows/documentation.yml:25","Info: topLevel 'contents' permission set to 'read': .github/workflows/guides.yml:25","Info: topLevel 'contents' permission set to 'read': .github/workflows/js-ci.yml:26","Info: topLevel 'contents' permission set to 'read': .github/workflows/label.yml:7","Info: topLevel 'contents' permission set to 'read': .github/workflows/operator-ci.yml:27","Info: topLevel 'contents' permission set to 'read': .github/workflows/quarkus-next.yml:18","Info: topLevel 'contents' permission set to 'read': .github/workflows/schedule-nightly.yml:9","Info: topLevel 'contents' permission set to 'read': .github/workflows/snyk-analysis.yml:14","Info: topLevel 'contents' permission set to 'read': .github/workflows/trivy-analysis.yml:11","Info: topLevel 'contents' permission set to 'read': .github/workflows/weblate.yml:26"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#token-permissions"}},{"name":"Branch-Protection","score":-1,"reason":"internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration","details":null,"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#branch-protection"}},{"name":"Security-Policy","score":10,"reason":"security policy file detected","details":["Info: security policy file detected: github.com/keycloak/.github/SECURITY.md:1","Info: Found linked content: github.com/keycloak/.github/SECURITY.md:1","Info: Found disclosure, vulnerability, and/or timelines in security policy: github.com/keycloak/.github/SECURITY.md:1","Info: Found text in security policy: github.com/keycloak/.github/SECURITY.md:1"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#security-policy"}},{"name":"Signed-Releases","score":8,"reason":"5 out of the last 5 releases have a total of 5 signed artifacts.","details":["Info: signed release artifact: keycloak-999.0.0-SNAPSHOT.tar.gz.asc: https://github.com/keycloak/keycloak/releases/tag/nightly","Info: signed release artifact: keycloak-26.3.2.tar.gz.asc: https://github.com/keycloak/keycloak/releases/tag/26.3.2","Info: signed release artifact: keycloak-26.3.1.tar.gz.asc: https://github.com/keycloak/keycloak/releases/tag/26.3.1","Info: signed release artifact: keycloak-26.3.0.tar.gz.asc: https://github.com/keycloak/keycloak/releases/tag/26.3.0","Info: signed release artifact: keycloak-26.2.5.tar.gz.asc: https://github.com/keycloak/keycloak/releases/tag/26.2.5","Warn: release artifact nightly does not have provenance: https://api.github.com/repos/keycloak/keycloak/releases/78213075","Warn: release artifact 26.3.2 does not have provenance: https://api.github.com/repos/keycloak/keycloak/releases/234821661","Warn: release artifact 26.3.1 does not have provenance: https://api.github.com/repos/keycloak/keycloak/releases/231196137","Warn: release artifact 26.3.0 does not have provenance: https://api.github.com/repos/keycloak/keycloak/releases/228764894","Warn: release artifact 26.2.5 does not have provenance: https://api.github.com/repos/keycloak/keycloak/releases/221452623"],"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#signed-releases"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#binary-artifacts"}},{"name":"SAST","score":10,"reason":"SAST tool detected","details":["Info: SAST configuration detected: CodeQL","Info: SAST configuration detected: CodeQL","Info: SAST configuration detected: CodeQL","Info: SAST configuration detected: Snyk","Warn: 18 commits out of 30 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#sast"}},{"name":"Fuzzing","score":10,"reason":"project is fuzzed","details":["Info: OSSFuzz integration found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#fuzzing"}},{"name":"Pinned-Dependencies","score":7,"reason":"dependency not pinned by hash detected -- score normalized to 7","details":["Info: Possibly incomplete results: error parsing shell code: invalid parameter name: integration/client-cli/admin-cli/src/main/bin/kcadm.sh:0","Info: Possibly incomplete results: error parsing shell code: invalid parameter name: integration/client-cli/admin-cli/src/main/bin/kcreg.sh:0","Warn: containerImage not pinned by hash: operator/Dockerfile:1","Warn: containerImage not pinned by hash: operator/Dockerfile:6: pin your Docker image by updating registry.access.redhat.com/ubi9-micro to registry.access.redhat.com/ubi9-micro@sha256:f5c5213d2969b7b11a6666fc4b849d56b48d9d7979b60a37bb853dff0255c14b","Warn: containerImage not pinned by hash: operator/scripts/Dockerfile-custom-image:3","Warn: containerImage not pinned by hash: quarkus/container/Dockerfile:1","Warn: containerImage not pinned by hash: quarkus/container/Dockerfile:22: pin your Docker image by updating registry.access.redhat.com/ubi9-micro to registry.access.redhat.com/ubi9-micro@sha256:f5c5213d2969b7b11a6666fc4b849d56b48d9d7979b60a37bb853dff0255c14b","Warn: pipCommand not pinned by hash: .github/scripts/ansible/aws_ec2.sh:16","Info:  81 out of  81 GitHub-owned GitHubAction dependencies pinned","Info:   5 out of   5 third-party GitHubAction dependencies pinned","Info:   0 out of   5 containerImage dependencies pinned","Info:   0 out of   1 pipCommand dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#pinned-dependencies"}},{"name":"Vulnerabilities","score":10,"reason":"0 existing vulnerabilities detected","details":null,"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2025-08-15T02:25:25.690Z","repository_id":37252325,"created_at":"2025-08-15T02:25:25.690Z","updated_at":"2025-08-15T02:25:25.690Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":274081247,"owners_count":25219026,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-09-07T02:00:09.463Z","response_time":67,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["keycloak","oidc","saml"],"created_at":"2024-07-30T19:01:03.637Z","updated_at":"2026-01-06T09:16:31.875Z","avatar_url":"https://github.com/keycloak.png","language":"Java","readme":"![Keycloak](https://github.com/keycloak/keycloak-misc/blob/main/logo/logo.svg)\n\n![GitHub Release](https://img.shields.io/github/v/release/keycloak/keycloak?label=latest%20release)\n[![OpenSSF Best Practices](https://bestpractices.coreinfrastructure.org/projects/6818/badge)](https://bestpractices.coreinfrastructure.org/projects/6818)\n[![CLOMonitor](https://img.shields.io/endpoint?url=https://clomonitor.io/api/projects/cncf/keycloak/badge)](https://clomonitor.io/projects/cncf/keycloak)\n[![OpenSSF Scorecard](https://api.securityscorecards.dev/projects/github.com/keycloak/keycloak/badge)](https://securityscorecards.dev/viewer/?uri=github.com/keycloak/keycloak)\n[![Artifact Hub](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/keycloak-operator)](https://artifacthub.io/packages/olm/community-operators/keycloak-operator)\n![GitHub Repo stars](https://img.shields.io/github/stars/keycloak/keycloak?style=flat)\n![GitHub commit activity](https://img.shields.io/github/commit-activity/m/keycloak/keycloak)\n[![Translation status](https://hosted.weblate.org/widget/keycloak/svg-badge.svg)](docs/translation.md)\n\n# Open Source Identity and Access Management\n\nAdd authentication to applications and secure services with minimum effort. No need to deal with storing users or authenticating users.\n\nKeycloak provides user federation, strong authentication, user management, fine-grained authorization, and more.\n\n\n## Help and Documentation\n\n* [Documentation](https://www.keycloak.org/documentation.html)\n* [User Mailing List](https://groups.google.com/d/forum/keycloak-user) - Mailing list for help and general questions about Keycloak\n* Join [#keycloak](https://cloud-native.slack.com/archives/C056HC17KK9) for general questions, or [#keycloak-dev](https://cloud-native.slack.com/archives/C056XU905S6) on Slack for design and development discussions, by creating an account at [https://slack.cncf.io/](https://slack.cncf.io/).\n\n\n## Reporting Security Vulnerabilities\n\nIf you have found a security vulnerability, please look at the [instructions on how to properly report it](https://github.com/keycloak/keycloak/security/policy).\n\n\n## Reporting an issue\n\nIf you believe you have discovered a defect in Keycloak, please open [an issue](https://github.com/keycloak/keycloak/issues).\nPlease remember to provide a good summary, description as well as steps to reproduce the issue.\n\n\n## Getting started\n\nTo run Keycloak, download the distribution from our [website](https://www.keycloak.org/downloads.html). Unzip and run:\n\n    bin/kc.[sh|bat] start-dev\n\nAlternatively, you can use the Docker image by running:\n\n    docker run quay.io/keycloak/keycloak start-dev\n    \nFor more details refer to the [Keycloak Documentation](https://www.keycloak.org/documentation.html).\n\n\n## Building from Source\n\nTo build from source, refer to the [building and working with the code base](docs/building.md) guide.\n\n\n### Testing\n\nTo run tests, refer to the [running tests](docs/tests.md) guide.\n\n\n### Writing Tests\n\nTo write tests, refer to the [writing tests](docs/tests-development.md) guide.\n\n\n## Contributing\n\nBefore contributing to Keycloak, please read our [contributing guidelines](CONTRIBUTING.md). Participation in the Keycloak project is governed by the [CNCF Code of Conduct](https://github.com/cncf/foundation/blob/main/code-of-conduct.md).\n\nJoining a [community meeting](https://www.keycloak.org/community) is a great way to get involved and help shape the future of Keycloak.\n\n## Other Keycloak Projects\n\n* [Keycloak](https://github.com/keycloak/keycloak) - Keycloak Server and Java adapters\n* [Keycloak QuickStarts](https://github.com/keycloak/keycloak-quickstarts) - QuickStarts for getting started with Keycloak\n* [Keycloak Node.js Connect](https://github.com/keycloak/keycloak-nodejs-connect) - Node.js adapter for Keycloak\n\n\n## License\n\n* [Apache License, Version 2.0](https://www.apache.org/licenses/LICENSE-2.0)\n","funding_links":[],"categories":["Java","Capabilities","Projects using `@faker-js/faker`","Authentication","Misc","Security \u0026 Compliance","Java (78)","微服务生态","By Language","Uncategorized","OAuth2 \u0026 OpenID","Java (504)","others","Platforms services and devops","Apps","安全","Security","Back-End Development","Recently Updated","OAuth2","Frameworks and Libs","Platform Engineering 平台工程","🛠 Part I: The Open SaaS Stack"],"sub_categories":["Security","Java","Uncategorized","Other tools","User authentication (Auth0 alternatives)","[Jul 26, 2025](/content/2025/07/26/README.md)","Drone Frames","Identity and Access Management(IAM)","Development \u0026 Infrastructure"],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fkeycloak%2Fkeycloak","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fkeycloak%2Fkeycloak","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fkeycloak%2Fkeycloak/lists"}