Professional Documents
Culture Documents
All Configuration - Keycloak
All Configuration - Keycloak
All configuration
Complete list of all build options and configuration for Keycloak
Cache
Value
cache-config-file
Defines the file from which cache configuration should be loaded from.
Storage (Experimental)
Value
https://www.keycloak.org/server/all-config 1/11
30/03/2023, 11:02 All configuration - Keycloak
Value
storage-deployment-state-version-seed
Experimental: Secret that serves as a seed to mask the version number
of Keycloak in URLs.
storage-file-dir
Experimental: Root directory for file map store.
storage-hotrod-host
Experimental: Sets the host of the Infinispan server.
https://www.keycloak.org/server/all-config 2/11
30/03/2023, 11:02 All configuration - Keycloak
Value
storage-hotrod-password
Experimental: Sets the password of the Infinispan user.
storage-hotrod-port
Experimental: Sets the port of the Infinispan server.
storage-hotrod-username
Experimental: Sets the username of the Infinispan user.
Database
Value
db dev-file (default),
The database vendor. dev-mem , mariadb ,
mssql , mysql ,
oracle , postgres
db-password
The password of the database user.
db-pool-initial-size
The initial size of the connection pool.
db-pool-min-size
The minimal size of the connection pool.
db-schema
The database schema to be used.
db-url
The full database JDBC URL.
db-url-database
Sets the database name of the default JDBC URL of the chosen vendor.
db-url-host
Sets the hostname of the default JDBC URL of the chosen vendor.
https://www.keycloak.org/server/all-config 3/11
30/03/2023, 11:02 All configuration - Keycloak
Value
db-url-port
Sets the port of the default JDBC URL of the chosen vendor.
db-url-properties
Sets the properties of the default JDBC URL of the chosen vendor.
db-username
The username of the database user.
Transaction
Value
Feature
Value
features account-api ,
Enables a set of one or more features. account2 , admin-
api , admin-fine-
grained-authz ,
admin2 ,
authorization ,
ciba , client-
policies , client-
secret-rotation ,
declarative-user-
profile , docker ,
dynamic-scopes ,
fips ,
impersonation , js-
adapter , kerberos ,
map-storage ,
openshift-
https://www.keycloak.org/server/all-config 4/11
30/03/2023, 11:02 All configuration - Keycloak
Value
integration , par ,
preview , recovery-
codes , scripts ,
step-up-
authentication ,
token-exchange ,
update-email , web-
authn
features-disabled account-api ,
Disables a set of one or more features. account2 , admin-
api , admin-fine-
grained-authz ,
admin2 ,
authorization ,
ciba , client-
policies , client-
secret-rotation ,
declarative-user-
profile , docker ,
dynamic-scopes ,
fips ,
impersonation , js-
adapter , kerberos ,
map-storage ,
openshift-
integration , par ,
preview , recovery-
codes , scripts ,
step-up-
authentication ,
token-exchange ,
update-email , web-
authn
Hostname
https://www.keycloak.org/server/all-config 5/11
30/03/2023, 11:02 All configuration - Keycloak
Value
hostname
Hostname for the Keycloak server.
hostname-admin
The hostname for accessing the administration console.
hostname-admin-url
Set the base URL for accessing the administration console, including
scheme, host, port and path
hostname-path
This should be set if proxy uses a different context-path for Keycloak.
hostname-port -1 (default)
The port used by the proxy when exposing the hostname.
hostname-url
Set the base URL for frontend URLs, including scheme, host, port and
path.
HTTP/TLS
Value
http-relative-path / (default)
https://www.keycloak.org/server/all-config 6/11
30/03/2023, 11:02 All configuration - Keycloak
Value
https-certificate-file
The file path to a server certificate or certificate chain in PEM format.
https-certificate-key-file
The file path to a private key in PEM format.
https-cipher-suites
The cipher suites to use.
https-key-store-file
The key store which holds the certificate information instead of
specifying separate files.
https-key-store-type
The type of the key store file.
https-trust-store-file
The trust store which holds the certificate information of the
certificates to trust.
https-trust-store-password
The password of the trust store file.
https-trust-store-type
The type of the trust store file.
Health
https://www.keycloak.org/server/all-config 7/11
30/03/2023, 11:02 All configuration - Keycloak
Value
Metrics
Value
Proxy
Value
Vault
Value
vault file
Enables a vault provider.
vault-dir
If set, secrets can be obtained by reading the content of files within the
given directory.
Logging
https://www.keycloak.org/server/all-config 8/11
30/03/2023, 11:02 All configuration - Keycloak
Value
log-console-format %d{yyyy-MM-dd
log-file data/log/keycloak.log
log-file-format %d{yyyy-MM-dd
https://www.keycloak.org/server/all-config 9/11
30/03/2023, 11:02 All configuration - Keycloak
Value
Security (Preview)
Value
On this page
Cache
Storage (Experimental)
Database
Transaction
Feature
Hostname
HTTP/TLS
Health
Metrics
Proxy
Vault
Logging
Security (Preview)
https://www.keycloak.org/server/all-config 10/11
30/03/2023, 11:02 All configuration - Keycloak
Sponsored by
https://www.keycloak.org/server/all-config 11/11