Narrative

Keycloak provides a lot of features out of the box, but at times some level of customization is needed. For Java developers there is a huge range of SPIs that allow all sorts of customizations, but not every developer knows Java, and it can also be a fairly high level of effort to write a Java provider as it needs to be compiled/built first. Ability to have extensions in other languages such as JavaScript makes it easier for developers without knowledge of Java to customize Keycloak.

Support for JavaScript providers (authenticator, authorization service policies, and protocol mappers) have been available as a preview feature in Keycloak for so long that it's not even present in our release notes (from 4.0.0 onwards).

Relevant documentation is available in the server developer guide.

Value Proposition

• JavaScript providers provides a simpler and low barrier approach for customization for non-Java developers
• Making the feature supported makes it possible to use this feature in production deployments

Acceptance Criteria

• Review scripts preview feature to consider if it is ready to graduate to a fully supported feature
• Resolve any important open bugs reported against the feature
• Review if Nashorn is a still suitable and actively maintained engine for executing JavaScript within Java (this may not be the case as there is very little activity in the repository, and last release was over 2 years go
• Feature mark as fully supported and enabled by default