Keycloak Deprecates Most Adapters – Impact on Spring Security and Boot
On February 14, the Keycloak team announced the deprecation of most adapters—including Spring Security and Spring Boot integrations—detailing which adapters will be discontinued, which will remain, and a timeline for the phase‑out, while noting the rise of Spring Authorization Server as a replacement.
On February 14, the Keycloak team announced that most of its adapters, including those for Spring Security and Spring Boot, are being deprecated.
Keycloak adapters have not received the love and attention they need.
The deprecation list includes OpenID Connect Java adapters, OpenID Connect Node.js adapters, SAML Tomcat and Jetty adapters, OpenID Connect WildFly adapters, and the Spring Security/Spring Boot adapters. The adapters that will continue to be maintained are the OpenID Connect client‑side JavaScript adapter and the SAML WildFly and servlet filter.
Keycloak has also published a timeline: February 2022 – adapters deprecated; September 2022 – no new major/minor releases of adapters; December 2022 – micro‑adapter releases stopped.
Keycloak remains a powerful OIDC server, though its learning curve is steep and local tutorials are scarce; the emerging Spring Authorization Server project is expected to fill the resulting gap.
Programmer DD
A tinkering programmer and author of "Spring Cloud Microservices in Action"
How this landed with the community
Was this worth your time?
0 Comments
Thoughtful readers leave field notes, pushback, and hard-won operational detail here.