The Keycloak Password Hashprovider extension enables Keycloak to support other password hashing algorithm than the built-in PBKDF2.

Currently, we support

• (only available on Keycloak version 21+): validation of Argon2 and BCrypt password hashes. This can be used for migrating existing user credentials to keycloak. Please consult the User migration guide for more information.

Our Keycloak Password Hashprovider extension can be downloaded as a Java Archive (jar) and can simply be placed in the providers directory of your Keycloak.

This project is based on our Custom Keycloak repository. It is structured as a multi-module Maven build and contains the following top-level modules:

• config : provides the build stage configuration and the setup of Keycloak
• container : creates the custom docker image
• docker-compose : provides a sample for launching the custom docker image
• extensions : provides the keycloak password hashprovider extension
• server : provides a Keycloak installation for local development & testing
• themes : provides samples for custom themes

Please see the tutorial for the setup of this project.

sozialinfo.ch

For more support for this extension or your Keycloak project in general have a look at keycloak.ch