Keycloak 17.0 custom SPI - dependency libraries

Is there any good documentation on how to add additional libraries to classpath for a custom SPI?

I have custom user provider, i found, that in new (quarkus) container it can be put in /opt/keycloak/providers/, but I can’t find, how to add additional jar libraries for my SPI

I found that if you add them to the same directory, it just loads them all into the same classpath.

1 Like

Yes, adding 3rd party libs in Quarkus-based distro to /providers is the correct way to do it.
Official documentation is still lacking at this point, but there are already PRs merged to point this out. So, latest with next release, updated docs should be available.

1 Like

Thanks a lot.

Also just found this bit in migration guide to quarkus: Keycloak - Migration - Migrating to Quarkus distribution

Hello mr. dasniko, in the previous version my UserStorageProvider made access to an external legacy database using a Datasoutrce configured in wildfly. But now? How can I define a datasource with this quarkus version? Please help me.

You‘ve asked this now several time on various threads. If you don‘t get an answer, this might have some reasons. Most probably that nobody knows it at the moment!?

Maybe yes, but for me is a problem because I have to go in production soon with keycloak 17 and maybe I will have to do that with the legacy version, at the moment I really don’t know how to do it. Having a CustomUserStorage provider accessing a legacy database I think it’s a common use case and for me it’s strange that nobody thought about that. I hope someone will tell me how to do this.

Rule of thumb: every time you think something is „common“ - it isn‘t. :man_shrugging:
Especially in the field of authentication. I never heard so many different views and assumptions of what should be „common“. It‘s different, all the time.

The UserStorageProviderFactory is intended as a way to access to a source of legacy Users repository in example through the use of JPA and a DataSource configured on the App Server. Do you think nobody did a similar thing?
It’s for this motivation I said that it could be a common use case. I find a bit strange that nobody think how to access an external db with quarkus outside the standard datasource for the internal db of keycloak. Studying Quarkus I found how to declare multiple datasources and Persistence Units for JPA but trying to replicate this in the keycloak installation I’ve had many errors. It’s seems conflicts with keycloak db, I don’t know…

I know, I am using this particular SPI since version 1.3…

in example through the use of JPA and a DataSource configured on the App Server. Do you think nobody did a similar thing?

Oh yes, there are a lot companies doing this. But it seems that nobody who did this or is doing this is here in the forum or elseway, or just didn‘t start to migrate to KC17. :man_shrugging:

I don‘t use it this way, even if there is an example out there. I don‘t like the mix of dependencies between systems. And keeping a datasource in one server to another, foreign, system, is somewhat oldschool and IMHO too much coupling. I like to use API contracts more. And yes, it‘s worth the effort to put an API before a database in this case.

1 Like