Constant Field Values

Contents

• org.keycloak.*

org.keycloak.*

org.keycloak.authentication.AuthenticationFlow

Modifier and Type	Constant Field	Value
public static final String	BASIC_FLOW	"basic-flow"
public static final String	CLIENT_FLOW	"client-flow"
public static final String	FORM_FLOW	"form-flow"

org.keycloak.authentication.AuthenticatorSpi

Modifier and Type	Constant Field	Value
public static final String	SPI_NAME	"authenticator"

org.keycloak.authorization.model.Policy

Modifier and Type	Constant Field	Value
public static final String	CONFIG_SEPARATOR	"##"

org.keycloak.authorization.store.StoreFactorySpi

Modifier and Type	Constant Field	Value
public static final String	NAME	"authorizationPersister"

org.keycloak.broker.provider.AbstractIdentityProvider<C extends IdentityProviderModel>

Modifier and Type	Constant Field	Value
public static final String	ACCOUNT_LINK_URL	"account-link-url"

org.keycloak.broker.provider.ConfigConstants

Modifier and Type	Constant Field	Value
public static final String	GROUP	"group"
public static final String	ROLE	"role"

org.keycloak.broker.provider.IdentityProvider<C extends IdentityProviderModel>

Modifier and Type	Constant Field	Value
public static final String	EXTERNAL_IDENTITY_PROVIDER	"EXTERNAL_IDENTITY_PROVIDER"
public static final String	FEDERATED_ACCESS_TOKEN	"FEDERATED_ACCESS_TOKEN"

org.keycloak.broker.provider.IdentityProviderMapper

Modifier and Type	Constant Field	Value
public static final String	ANY_PROVIDER	"*"

org.keycloak.broker.provider.IdentityProviderSpi

Modifier and Type	Constant Field	Value
public static final String	IDENTITY_PROVIDER_SPI_NAME	"identity_provider"

org.keycloak.broker.social.SocialProviderSpi

Modifier and Type	Constant Field	Value
public static final String	SOCIAL_SPI_NAME	"social"

org.keycloak.client.clienttype.ClientTypeManager

Modifier and Type	Constant Field	Value
public static final String	SERVICE_ACCOUNT	"service-account"
public static final String	STANDARD	"standard"

org.keycloak.component.ComponentFactorySpi

Modifier and Type	Constant Field	Value
public static final String	NAME	"componentFactory"

org.keycloak.connections.httpclient.HttpClientProvider

Modifier and Type	Constant Field	Value
public static final long	DEFAULT_MAX_CONSUMED_RESPONSE_SIZE	10000000L

org.keycloak.cookie.CookieMaxAge

Modifier and Type	Constant Field	Value
public static final int	EXPIRED	0
public static final int	SESSION	-1
public static final int	YEAR	31536000

org.keycloak.credential.hash.AbstractPbkdf2PasswordHashProviderFactory

Modifier and Type	Constant Field	Value
public static final String	MAX_PADDING_LENGTH_PROPERTY	"max-padding-length"

org.keycloak.credential.hash.PasswordHashSpi

Modifier and Type	Constant Field	Value
public static final String	NAME	"password-hashing"

org.keycloak.credential.hash.Pbkdf2PasswordHashProvider

Modifier and Type	Constant Field	Value
public static final int	DEFAULT_DERIVED_KEY_SIZE	512

org.keycloak.credential.hash.Pbkdf2PasswordHashProviderFactory

Modifier and Type	Constant Field	Value
public static final int	DEFAULT_ITERATIONS	1300000
public static final String	ID	"pbkdf2"
public static final String	PBKDF2_ALGORITHM	"PBKDF2WithHmacSHA1"

org.keycloak.credential.hash.Pbkdf2Sha256PasswordHashProviderFactory

Modifier and Type	Constant Field	Value
public static final int	DEFAULT_ITERATIONS	600000
public static final String	ID	"pbkdf2-sha256"
public static final String	PBKDF2_ALGORITHM	"PBKDF2WithHmacSHA256"

org.keycloak.credential.hash.Pbkdf2Sha512PasswordHashProviderFactory

Modifier and Type	Constant Field	Value
public static final int	DEFAULT_ITERATIONS	210000
public static final String	ID	"pbkdf2-sha512"
public static final String	PBKDF2_ALGORITHM	"PBKDF2WithHmacSHA512"

org.keycloak.device.DeviceRepresentationSpi

Modifier and Type	Constant Field	Value
public static final String	NAME	"deviceRepresentation"

org.keycloak.email.EmailTemplateProvider

Modifier and Type	Constant Field	Value
public static final String	IDENTITY_PROVIDER_BROKER_CONTEXT	"identityProviderBrokerCtx"

org.keycloak.events.Details

Modifier and Type	Constant Field	Value
public static final String	ACTION	"action"
public static final String	AUDIENCE	"audience"
public static final String	AUTH_METHOD	"auth_method"
public static final String	AUTH_TYPE	"auth_type"
public static final String	AUTHENTICATION_ERROR_DETAIL	"authentication_error_detail"
public static final String	CLIENT_AUTH_METHOD	"client_auth_method"
public static final String	CLIENT_REGISTRATION_POLICY	"client_registration_policy"
public static final String	CODE_ID	"code_id"
public static final String	CONSENT	"consent"
public static final String	CONSENT_VALUE_CONSENT_GRANTED	"consent_granted"
public static final String	CONSENT_VALUE_NO_CONSENT_REQUIRED	"no_consent_required"
public static final String	CONSENT_VALUE_PERSISTED_CONSENT	"persistent_consent"
public static final String	CONTEXT	"context"
public static final String	CREDENTIAL_ID	"credential_id"
public static final String	CREDENTIAL_TYPE	"credential_type"
public static final String	CREDENTIAL_USER_LABEL	"credential_user_label"
public static final String	CUSTOM_REQUIRED_ACTION	"custom_required_action"
public static final String	EMAIL	"email"
public static final String	EXISTING_USER	"previous_user"
public static final String	FIELDS_TO_UPDATE	"fields_to_update"
public static final String	FIRST_NAME	"first_name"
public static final String	GRANT_TYPE	"grant_type"
public static final String	GRANTED_CLIENT	"granted_client"
public static final String	IDENTITY_PROVIDER	"identity_provider"
public static final String	IDENTITY_PROVIDER_USERNAME	"identity_provider_identity"
public static final String	IMPERSONATOR	"impersonator"
public static final String	IMPERSONATOR_REALM	"impersonator_realm"
public static final String	LAST_NAME	"last_name"
public static final String	LOGIN_RETRY	"login_retry"
public static final String	LOGOUT_TRIGGERED_BY_ACTION_TOKEN	"logout_triggered_by_action_token"
public static final String	LOGOUT_TRIGGERED_BY_REQUIRED_ACTION	"logout_triggered_by_required_action"
public static final String	NODE_HOST	"node_host"
public static final String	NOT_BEFORE	"not_before"
public static final String	NUM_FAILURES	"num_failures"
public static final String	ORG_ID	"org_id"
public static final String	PERMISSION	"permission"
public static final String	PREF_PREVIOUS	"previous_"
public static final String	PREF_UPDATED	"updated_"
public static final String	PREVIOUS_EMAIL	"previous_email"
public static final String	PREVIOUS_FIRST_NAME	"previous_first_name"
public static final String	PREVIOUS_LAST_NAME	"previous_last_name"
public static final String	REASON	"reason"
public static final String	REDIRECT_URI	"redirect_uri"
public static final String	REDIRECTED_TO_CLIENT	"redirected_to_client"
public static final String	REFRESH_TOKEN_ID	"refresh_token_id"
public static final String	REFRESH_TOKEN_SUB	"refresh_token_sub"
public static final String	REFRESH_TOKEN_TYPE	"refresh_token_type"
public static final String	REGISTER_METHOD	"register_method"
public static final String	REMEMBER_ME	"remember_me"
public static final String	REQUESTED_ISSUER	"requested_issuer"
public static final String	REQUESTED_SUBJECT	"requested_subject"
public static final String	RESPONSE_MODE	"response_mode"
public static final String	RESPONSE_TYPE	"response_type"
public static final String	RESTART_AFTER_TIMEOUT	"restart_after_timeout"
public static final String	REVOKED_CLIENT	"revoked_client"
public static final String	SCOPE	"scope"
public static final String	SELECTED_CREDENTIAL_ID	"selected_credential_id"
public static final String	SIGNATURE_ALGORITHM	"signature_algorithm"
public static final String	SIGNATURE_REQUIRED	"signature_required"
public static final String	TOKEN_ID	"token_id"
public static final String	UPDATED_EMAIL	"updated_email"
public static final String	UPDATED_FIRST_NAME	"updated_first_name"
public static final String	UPDATED_LAST_NAME	"updated_last_name"
public static final String	UPDATED_REFRESH_TOKEN_ID	"updated_refresh_token_id"
public static final String	USERNAME	"username"
public static final String	VALIDATE_ACCESS_TOKEN	"validate_access_token"
public static final String	X509_CERTIFICATE_ISSUER_DISTINGUISHED_NAME	"x509_cert_issuer_distinguished_name"
public static final String	X509_CERTIFICATE_SERIAL_NUMBER	"x509_cert_serial_number"
public static final String	X509_CERTIFICATE_SUBJECT_DISTINGUISHED_NAME	"x509_cert_subject_distinguished_name"

org.keycloak.events.Errors

Modifier and Type	Constant Field	Value
public static final String	ACCESS_DENIED	"access_denied"
public static final String	ALREADY_LOGGED_IN	"already_logged_in"
public static final String	CLIENT_DISABLED	"client_disabled"
public static final String	CLIENT_NOT_FOUND	"client_not_found"
public static final String	CODE_VERIFIER_MISSING	"code_verifier_missing"
public static final String	CONSENT_DENIED	"consent_denied"
public static final String	COOKIE_NOT_FOUND	"cookie_not_found"
public static final String	CREDENTIAL_NOT_FOUND	"credential_not_found"
public static final String	DELETE_CREDENTIAL_FAILED	"delete_credential_failed"
public static final String	DIFFERENT_USER_AUTHENTICATED	"different_user_authenticated"
public static final String	DIFFERENT_USER_AUTHENTICATING	"different_user_authenticating"
public static final String	DISPLAY_UNSUPPORTED	"display_unsupported"
public static final String	EMAIL_ALREADY_VERIFIED	"email_already_verified"
public static final String	EMAIL_IN_USE	"email_in_use"
public static final String	EMAIL_SEND_FAILED	"email_send_failed"
public static final String	EXPIRED_CODE	"expired_code"
public static final String	EXPIRED_OAUTH2_DEVICE_CODE	"expired_oauth2_device_code"
public static final String	FEDERATED_IDENTITY_EXISTS	"federated_identity_account_exists"
public static final String	GENERIC_AUTHENTICATION_ERROR	"generic_authentication_error"
public static final String	IDENTITY_PROVIDER_ERROR	"identity_provider_error"
public static final String	IDENTITY_PROVIDER_LOGIN_FAILURE	"identity_provider_login_failure"
public static final String	ILLEGAL_ORIGIN	"illegal_origin"
public static final String	INVALID_AUTHENTICATION_SESSION	"invalid_authentication_session"
public static final String	INVALID_CLIENT	"invalid_client"
public static final String	INVALID_CLIENT_CREDENTIALS	"invalid_client_credentials"
public static final String	INVALID_CODE	"invalid_code"
public static final String	INVALID_CODE_CHALLENGE_METHOD	"invalid_code_challenge_method"
public static final String	INVALID_CODE_VERIFIER	"invalid_code_verifier"
public static final String	INVALID_CONFIG	"invalid_config"
public static final String	INVALID_DESTINATION	"invalid_destination"
public static final String	INVALID_DPOP_PROOF	"invalid_dpop_proof"
public static final String	INVALID_EMAIL	"invalid_email"
public static final String	INVALID_FORM	"invalid_form"
public static final String	INVALID_INPUT	"invalid_input"
public static final String	INVALID_ISSUER	"invalid_issuer"
public static final String	INVALID_OAUTH2_DEVICE_CODE	"invalid_oauth2_device_code"
public static final String	INVALID_OAUTH2_USER_CODE	"invalid_oauth2_user_code"
public static final String	INVALID_PERMISSION_TICKET	"invalid_permission_ticket"
public static final String	INVALID_REDIRECT_URI	"invalid_redirect_uri"
public static final String	INVALID_REGISTRATION	"invalid_registration"
public static final String	INVALID_REQUEST	"invalid_request"
public static final String	INVALID_SAML_ARTIFACT	"invalid_artifact"
public static final String	INVALID_SAML_ARTIFACT_RESPONSE	"invalid_artifact_response"
public static final String	INVALID_SAML_AUTHN_REQUEST	"invalid_authn_request"
public static final String	INVALID_SAML_DOCUMENT	"invalid_saml_document"
public static final String	INVALID_SAML_LOGOUT_REQUEST	"invalid_logout_request"
public static final String	INVALID_SAML_LOGOUT_RESPONSE	"invalid_logout_response"
public static final String	INVALID_SAML_RESPONSE	"invalid_saml_response"
public static final String	INVALID_SIGNATURE	"invalid_signature"
public static final String	INVALID_TOKEN	"invalid_token"
public static final String	INVALID_TOKEN_TYPE	"invalid_token_type"
public static final String	INVALID_USER_CREDENTIALS	"invalid_user_credentials"
public static final String	LOGOUT_FAILED	"logout_failed"
public static final String	MISSING_CREDENTIAL_ID	"missing_credential_id"
public static final String	MISSING_REQUIRED_DESTINATION	"missing_required_destination"
public static final String	NOT_ALLOWED	"not_allowed"
public static final String	NOT_LOGGED_IN	"not_logged_in"
public static final String	ORG_NOT_FOUND	"org_not_found"
public static final String	PASSWORD_CONFIRM_ERROR	"password_confirm_error"
public static final String	PASSWORD_MISSING	"password_missing"
public static final String	PASSWORD_REJECTED	"password_rejected"
public static final String	PKCE_VERIFICATION_FAILED	"pkce_verification_failed"
public static final String	REALM_DISABLED	"realm_disabled"
public static final String	REGISTRATION_DISABLED	"registration_disabled"
public static final String	REJECTED_BY_USER	"rejected_by_user"
public static final String	RESET_CREDENTIAL_DISABLED	"reset_credential_disabled"
public static final String	RESOLVE_REQUIRED_ACTIONS	"resolve_required_actions"
public static final String	SAML_TOKEN_NOT_FOUND	"saml_token_not_found"
public static final String	SESSION_EXPIRED	"session_expired"
public static final String	SLOW_DOWN	"slow_down"
public static final String	SSL_REQUIRED	"ssl_required"
public static final String	TOKEN_INTROSPECTION_FAILED	"token_introspection_failed"
public static final String	UNAUTHORIZED_CLIENT	"unauthorized_client"
public static final String	UNKNOWN_IDENTITY_PROVIDER	"unknown_identity_provider"
public static final String	UNSUPPORTED_NAMEID_FORMAT	"unsupported_nameid_format"
public static final String	USER_DELETE_ERROR	"user_delete_error"
public static final String	USER_DISABLED	"user_disabled"
public static final String	USER_NOT_FOUND	"user_not_found"
public static final String	USER_ORG_MEMBER_ALREADY	"user_org_member_already"
public static final String	USER_SESSION_NOT_FOUND	"user_session_not_found"
public static final String	USER_TEMPORARILY_DISABLED	"user_temporarily_disabled"
public static final String	USERNAME_IN_USE	"username_in_use"
public static final String	USERNAME_MISSING	"username_missing"

org.keycloak.events.EventStoreSpi

Modifier and Type	Constant Field	Value
public static final String	NAME	"eventsStore"

org.keycloak.forms.login.LoginFormsProvider

Modifier and Type	Constant Field	Value
public static final String	IDENTITY_PROVIDER_BROKER_CONTEXT	"identityProviderBrokerCtx"
public static final String	REGISTRATION_DISABLED	"registrationDisabled"
public static final String	UPDATE_PROFILE_CONTEXT_ATTR	"updateProfileCtx"
public static final String	USERNAME_HIDDEN	"usernameHidden"

org.keycloak.models.AccountRoles

Modifier and Type	Constant Field	Value
public static final String	DELETE_ACCOUNT	"delete-account"
public static final String	MANAGE_ACCOUNT	"manage-account"
public static final String	MANAGE_ACCOUNT_LINKS	"manage-account-links"
public static final String	MANAGE_CONSENT	"manage-consent"
public static final String	VIEW_APPLICATIONS	"view-applications"
public static final String	VIEW_CONSENT	"view-consent"
public static final String	VIEW_GROUPS	"view-groups"
public static final String	VIEW_PROFILE	"view-profile"

org.keycloak.models.ClaimMask

Modifier and Type	Constant Field	Value
public static final long	ADDRESS	256L
public static final long	ALL	1023L
public static final long	EMAIL	32L
public static final long	GENDER	64L
public static final long	LOCALE	128L
public static final long	NAME	1L
public static final long	PHONE	512L
public static final long	PICTURE	8L
public static final long	PROFILE	4L
public static final long	USERNAME	2L
public static final long	WEBSITE	16L

org.keycloak.models.ClientRegistrationAccessTokenConstants

Modifier and Type	Constant Field	Value
public static final String	ROTATION_ENABLED	"client.registration.access.token.enabled"

org.keycloak.models.ClientSecretConstants

Modifier and Type	Constant Field	Value
public static final String	CLIENT_ROTATED_SECRET	"client.secret.rotated"
public static final String	CLIENT_ROTATED_SECRET_CREATION_TIME	"client.secret.rotated.creation.time"
public static final String	CLIENT_ROTATED_SECRET_EXPIRATION_TIME	"client.secret.rotated.expiration.time"
public static final String	CLIENT_SECRET_CREATION_TIME	"client.secret.creation.time"
public static final String	CLIENT_SECRET_EXPIRATION	"client.secret.expiration.time"
public static final String	CLIENT_SECRET_REMAINING_EXPIRATION_TIME	"client.secret.remaining.expiration.time"
public static final String	CLIENT_SECRET_ROTATION_ENABLED	"client.secret.rotation.enabled"

org.keycloak.models.Constants

Modifier and Type	Constant Field	Value
public static final String	ACCOUNT_CONSOLE_CLIENT_ID	"account-console"
public static final String	ACCOUNT_MANAGEMENT_CLIENT_ID	"account"
public static final String	ACR_LOA_MAP	"acr.loa.map"
public static final String	ADMIN_CLI_CLIENT_ID	"admin-cli"
public static final String	ADMIN_CONSOLE_CLIENT_ID	"security-admin-console"
public static final String	AIA_SILENT_CANCEL	"silent_cancel"
public static final String	AUTH_ADMIN_URL_PROP	"${authAdminUrl}"
public static final String	AUTH_BASE_URL_PROP	"${authBaseUrl}"
public static final String	AUTHENTICATION_EXECUTION	"authenticationExecution"
public static final String	AUTHENTICATION_EXECUTION_REFERENCE_MAX_AGE	"default.reference.maxAge"
public static final String	AUTHENTICATION_EXECUTION_REFERENCE_VALUE	"default.reference.value"
public static final String	AUTHENTICATION_EXPIRED_MESSAGE	"authentication_expired"
public static final String	AUTHENTICATORS_COMPLETED	"authenticators-completed"
public static final String	AUTHZ_UMA_AUTHORIZATION	"uma_authorization"
public static final String	AUTHZ_UMA_PROTECTION	"uma_protection"
public static final String	BROKER_SERVICE_CLIENT_ID	"broker"
public static final String	CFG_DELIMITER	"##"
public static final String	CLIENT_DATA	"client_data"
public static final String	CLIENT_ID	"client_id"
public static final String	CLIENT_POLICIES	"client-policies.policies"
public static final String	CLIENT_PROFILES	"client-policies.profiles"
public static final String	CREDENTIAL_ID	"credentialId"
public static final int	DEFAULT_ACCESS_TOKEN_LIFESPAN_FOR_IMPLICIT_FLOW_TIMEOUT	900
public static final String	DEFAULT_ACR_VALUES	"default.acr.values"
public static final int	DEFAULT_MAX_RESULTS	100
public static final int	DEFAULT_OFFLINE_SESSION_IDLE_TIMEOUT	2592000
public static final int	DEFAULT_OFFLINE_SESSION_MAX_LIFESPAN	5184000
public static final String	DEFAULT_ROLES_ROLE_PREFIX	"default-roles"
public static final int	DEFAULT_SESSION_IDLE_TIMEOUT	1800
public static final int	DEFAULT_SESSION_MAX_LIFESPAN	36000
public static final String	DEFAULT_SIGNATURE_ALGORITHM	"RS256"
public static final String	DEFAULT_WEBAUTHN_POLICY_NOT_SPECIFIED	"not specified"
public static final String	DEFAULT_WEBAUTHN_POLICY_RP_ENTITY_NAME	"keycloak"
public static final String	DEFAULT_WEBAUTHN_POLICY_SIGNATURE_ALGORITHMS	"ES256"
public static final String	EXECUTION	"execution"
public static final String	FORCE_LEVEL_OF_AUTHENTICATION	"force-level-of-authentication"
public static final String	GENERATE	"GENERATE"
public static final String	INSTALLED_APP_LOOPBACK	"http://127.0.0.1"
public static final String	INSTALLED_APP_URL	"http://localhost"
public static final String	INSTALLED_APP_URN	"urn:ietf:wg:oauth:2.0:oob"
public static final String	INTERNAL_SIGNATURE_ALGORITHM	"HS512"
public static final String	IS_AIA_REQUEST	"IS_AIA_REQUEST"
public static final String	KC_ACTION	"kc_action"
public static final String	KC_ACTION_ENFORCED	"kc_action_enforced"
public static final String	KC_ACTION_EXECUTING	"kc_action_executing"
public static final int	KC_ACTION_MAX_AGE	300
public static final String	KC_ACTION_PARAMETER	"kc_action_parameter"
public static final String	KC_ACTION_STATUS	"kc_action_status"
public static final String	KEY	"key"
public static final String	LEVEL_OF_AUTHENTICATION	"level-of-authentication"
public static final String	LOA_MAP	"loa-map"
public static final String	MAPPER_GRANTED_GROUPS	"MAPPER_GRANTED_GROUPS"
public static final String	MAPPER_GRANTED_ROLES	"MAPPER_GRANTED_ROLES"
public static final String	MAPPER_SESSION_NOTES	"MAPPER_SESSION_NOTES"
public static final int	MINIMUM_LOA	0
public static final int	NO_LOA	-1
public static final String	OFFLINE_ACCESS_ROLE	"offline_access"
public static final String	OFFLINE_ACCESS_SCOPE_CONSENT_TEXT	"${offlineAccessScopeConsentText}"
public static final String	READ_TOKEN_ROLE	"read-token"
public static final String	REALM_MANAGEMENT_CLIENT_ID	"realm-management"
public static final String	REQUESTED_LEVEL_OF_AUTHENTICATION	"requested-level-of-authentication"
public static final String	REUSE_ID	"reuse_id"
public static final String	SECURITY_ADMIN_CONSOLE_ATTR	"security.admin.console"
public static final String	SESSION_NOTE_LIGHTWEIGHT_USER	"keycloak.userModel"
public static final String	SKIP_LINK	"skipLink"
public static final String	SKIP_LOGOUT	"skip_logout"
public static final String	STORAGE_BATCH_ENABLED	"org.keycloak.storage.batch_enabled"
public static final String	STORAGE_BATCH_SIZE	"org.keycloak.storage.batch_size"
public static final String	SUPPORT_JWT_CLAIM_IN_INTROSPECTION_RESPONSE_ENABLED	"client.introspection.response.allow.jwt.claim.enabled"
public static final String	TAB_ID	"tab_id"
public static final String	TEMPLATE_ATTR_ACTION_URI	"actionUri"
public static final String	TEMPLATE_ATTR_REQUIRED_ACTIONS	"requiredActions"
public static final String	TOKEN	"token"
public static final String	TOTP_SECRET_KEY	"TOTP_SECRET_KEY"
public static final String	USE_LIGHTWEIGHT_ACCESS_TOKEN_ENABLED	"client.use.lightweight.access.token.enabled"
public static final String	USER_ATTRIBUTES_PREFIX	"user.attributes."
public static final String	VERIFY_EMAIL_KEY	"VERIFY_EMAIL_KEY"
public static final String	WEBAUTHN_PASSWORDLESS_PREFIX	"Passwordless"

org.keycloak.models.ContentSecurityPolicyBuilder

Modifier and Type	Constant Field	Value
public static final String	DIRECTIVE_NAME_FRAME_ANCESTORS	"frame-ancestors"
public static final String	DIRECTIVE_NAME_FRAME_SRC	"frame-src"
public static final String	DIRECTIVE_NAME_OBJECT_SRC	"object-src"
public static final String	DIRECTIVE_VALUE_NONE	"\'none\'"
public static final String	DIRECTIVE_VALUE_SELF	"\'self\'"

org.keycloak.models.DeploymentStateSpi

Modifier and Type	Constant Field	Value
public static final String	NAME	"deploymentState"

org.keycloak.models.LDAPConstants

Modifier and Type	Constant Field	Value
public static final String	AUTH_TYPE	"authType"
public static final String	AUTH_TYPE_NONE	"none"
public static final String	AUTH_TYPE_SIMPLE	"simple"
public static final String	BASE_DN	"baseDn"
public static final String	BATCH_SIZE_FOR_SYNC	"batchSizeForSync"
public static final String	BIND_CREDENTIAL	"bindCredential"
public static final String	BIND_DN	"bindDn"
public static final String	CN	"cn"
public static final String	COMMA	","
public static final String	CONNECTION_POOLING	"connectionPooling"
public static final String	CONNECTION_POOLING_AUTHENTICATION	"connectionPoolingAuthentication"
public static final String	CONNECTION_POOLING_DEBUG	"connectionPoolingDebug"
public static final String	CONNECTION_POOLING_INITSIZE	"connectionPoolingInitSize"
public static final String	CONNECTION_POOLING_MAXSIZE	"connectionPoolingMaxSize"
public static final String	CONNECTION_POOLING_PREFSIZE	"connectionPoolingPrefSize"
public static final String	CONNECTION_POOLING_PROTOCOL	"connectionPoolingProtocol"
public static final String	CONNECTION_POOLING_TIMEOUT	"connectionPoolingTimeout"
public static final String	CONNECTION_TIMEOUT	"connectionTimeout"
public static final String	CONNECTION_URL	"connectionUrl"
public static final String	CREATE_TIMESTAMP	"createTimestamp"
public static final String	CUSTOM_ATTRIBUTE_CREATE_DATE	"createDate"
public static final String	CUSTOM_ATTRIBUTE_EXPIRY_DATE	"expiryDate"
public static final String	CUSTOM_USER_SEARCH_FILTER	"customUserSearchFilter"
public static final int	DEFAULT_BATCH_SIZE_FOR_SYNC	1000
public static final int	DEFAULT_MAX_CONDITIONS	64
public static final String	EDIT_MODE	"editMode"
public static final String	EMAIL	"mail"
public static final String	EMPTY_ATTRIBUTE_VALUE	" "
public static final String	EMPTY_MEMBER_ATTRIBUTE_VALUE	"cn=empty-membership-placeholder"
public static final String	ENABLED	"enabled"
public static final String	ENTRY_UUID	"entryUUID"
public static final String	EQUAL	"="
public static final String	GIVENNAME	"givenName"
public static final String	GROUP	"group"
public static final String	GROUP_OF_ENTRIES	"groupOfEntries"
public static final String	GROUP_OF_NAMES	"groupOfNames"
public static final String	GROUP_OF_UNIQUE_NAMES	"groupOfUniqueNames"
public static final String	JPEG_PHOTO	"jpegPhoto"
public static final String	LDAP_ENTRY_DN	"LDAP_ENTRY_DN"
public static final String	LDAP_ID	"LDAP_ID"
public static final String	LDAP_MATCHING_RULE_IN_CHAIN	":1.2.840.113556.1.4.1941:"
public static final String	LDAP_PROVIDER	"ldap"
public static final String	MAX_CONDITIONS	"maxConditions"
public static final String	MEMBER	"member"
public static final String	MEMBER_OF	"memberOf"
public static final String	MODIFY_TIMESTAMP	"modifyTimestamp"
public static final String	MSAD_USER_ACCOUNT_CONTROL_MAPPER	"msad-user-account-control-mapper"
public static final String	MSADLDS_USER_ACCOUNT_CONTROL_MAPPER	"msad-lds-user-account-control-mapper"
public static final String	MSDS_USER_ACCOUNT_DISABLED	"msDS-UserAccountDisabled"
public static final String	MSDS_USER_PASSWORD_EXPIRED	"msDS-UserPasswordExpired"
public static final String	MSDS_USER_PASSWORD_NOTREQD	"msDS-UserPasswordNotRequired"
public static final String	NOVELL_EDIRECTORY_GUID	"guid"
public static final String	OBJECT_CLASS	"objectclass"
public static final String	OBJECT_GUID	"objectGUID"
public static final String	PAGINATION	"pagination"
public static final String	POSTAL_CODE	"postalCode"
public static final String	PWD_LAST_SET	"pwdLastSet"
public static final String	RDN_LDAP_ATTRIBUTE	"rdnLDAPAttribute"
public static final String	READ_TIMEOUT	"readTimeout"
public static final String	REFERRAL	"referral"
public static final String	SAM_ACCOUNT_NAME	"sAMAccountName"
public static final String	SEARCH_SCOPE	"searchScope"
public static final String	SN	"sn"
public static final String	START_TLS	"startTls"
public static final String	STREET	"street"
public static final String	SYNC_REGISTRATIONS	"syncRegistrations"
public static final String	TRUST_EMAIL	"trustEmail"
public static final String	UID	"uid"
public static final String	USE_PASSWORD_MODIFY_EXTENDED_OP	"usePasswordModifyExtendedOp"
public static final String	USE_TRUSTSTORE_ALWAYS	"always"
public static final String	USE_TRUSTSTORE_LDAPS_ONLY	"ldapsOnly"
public static final String	USE_TRUSTSTORE_NEVER	"never"
public static final String	USE_TRUSTSTORE_SPI	"useTruststoreSpi"
public static final String	USER_ACCOUNT_CONTROL	"userAccountControl"
public static final String	USER_OBJECT_CLASSES	"userObjectClasses"
public static final String	USER_PASSWORD_ATTRIBUTE	"userpassword"
public static final String	USERNAME_LDAP_ATTRIBUTE	"usernameLDAPAttribute"
public static final String	USERS_DN	"usersDn"
public static final String	UUID_LDAP_ATTRIBUTE	"uuidLDAPAttribute"
public static final String	VALIDATE_PASSWORD_POLICY	"validatePasswordPolicy"
public static final String	VENDOR	"vendor"
public static final String	VENDOR_ACTIVE_DIRECTORY	"ad"
public static final String	VENDOR_NOVELL_EDIRECTORY	"edirectory"
public static final String	VENDOR_OTHER	"other"
public static final String	VENDOR_RHDS	"rhds"
public static final String	VENDOR_TIVOLI	"tivoli"

org.keycloak.models.OAuth2DeviceUserCodeSpi

Modifier and Type	Constant Field	Value
public static final String	NAME	"oauth2DeviceUserCode"

org.keycloak.models.RealmSpi

Modifier and Type	Constant Field	Value
public static final String	NAME	"realm"

org.keycloak.models.SingleUseObjectSpi

Modifier and Type	Constant Field	Value
public static final String	NAME	"singleUseObject"

org.keycloak.models.UserLoginFailureSpi

Modifier and Type	Constant Field	Value
public static final String	NAME	"loginFailure"

org.keycloak.models.UserSessionSpi

Modifier and Type	Constant Field	Value
public static final String	NAME	"userSessions"

org.keycloak.models.light.LightweightUserAdapter

Modifier and Type	Constant Field	Value
public static final String	ID_PREFIX	"lightweight-"

org.keycloak.models.utils.DefaultAuthenticationFlows

Modifier and Type	Constant Field	Value
public static final String	BROWSER_FLOW	"browser"
public static final String	CLIENT_AUTHENTICATION_FLOW	"clients"
public static final String	DIRECT_GRANT_FLOW	"direct grant"
public static final String	DOCKER_AUTH	"docker auth"
public static final String	FIRST_BROKER_LOGIN_FLOW	"first broker login"
public static final String	FIRST_BROKER_LOGIN_HANDLE_EXISTING_SUBFLOW	"Handle Existing Account"
public static final String	IDP_CREATE_UNIQUE_USER_CONFIG_ALIAS	"create unique user config"
public static final String	IDP_REVIEW_PROFILE_CONFIG_ALIAS	"review profile config"
public static final String	LOGIN_FORMS_FLOW	"forms"
public static final String	REGISTRATION_FLOW	"registration"
public static final String	REGISTRATION_FORM_FLOW	"registration form"
public static final String	RESET_CREDENTIALS_FLOW	"reset credentials"
public static final String	SAML_ECP_FLOW	"saml ecp"

org.keycloak.models.utils.DefaultKeyProviders

Modifier and Type	Constant Field	Value
public static final String	DEFAULT_PRIORITY	"100"

org.keycloak.models.utils.FormMessage

Modifier and Type	Constant Field	Value
public static final String	GLOBAL	"global"

org.keycloak.models.utils.KeycloakModelUtils

Modifier and Type	Constant Field	Value
public static final String	AUTH_TYPE_CLIENT_SECRET	"client-secret"
public static final String	AUTH_TYPE_CLIENT_SECRET_JWT	"client-secret-jwt"
public static final String	GROUP_PATH_ESCAPE	"~"
public static final String	GROUP_PATH_SEPARATOR	"/"

org.keycloak.models.utils.RepresentationToModel

Modifier and Type	Constant Field	Value
public static final String	OIDC	"openid-connect"

org.keycloak.models.utils.SessionTimeoutHelper

Modifier and Type	Constant Field	Value
public static final int	IDLE_TIMEOUT_WINDOW_SECONDS	120
public static final int	PERIODIC_CLEANER_IDLE_TIMEOUT_WINDOW_SECONDS	180
public static final int	PERIODIC_TASK_INTERVAL_SECONDS	60

org.keycloak.models.utils.SystemClientUtil

Modifier and Type	Constant Field	Value
public static final String	SYSTEM_CLIENT_ID	"_system"

org.keycloak.models.utils.TimeBasedOTP

Modifier and Type	Constant Field	Value
public static final int	DEFAULT_DELAY_WINDOW	1
public static final int	DEFAULT_INTERVAL_SECONDS	30

org.keycloak.organization.OrganizationSpi

Modifier and Type	Constant Field	Value
public static final String	NAME	"organization"

org.keycloak.policy.BlacklistPasswordPolicyProvider

Modifier and Type	Constant Field	Value
public static final String	ERROR_MESSAGE	"invalidPasswordBlacklistedMessage"

org.keycloak.policy.BlacklistPasswordPolicyProviderFactory

Modifier and Type	Constant Field	Value
public static final String	BLACKLISTS_FALSE_POSITIVE_PROBABILITY_PROPERTY	"falsePositiveProbability"
public static final String	BLACKLISTS_PATH_PROPERTY	"blacklistsPath"
public static final double	DEFAULT_FALSE_POSITIVE_PROBABILITY	1.0E-4
public static final String	ID	"passwordBlacklist"
public static final String	JBOSS_SERVER_DATA_DIR	"jboss.server.data.dir"
public static final String	SYSTEM_PROPERTY	"keycloak.password.blacklists.path"

org.keycloak.policy.DigitsPasswordPolicyProviderFactory

Modifier and Type	Constant Field	Value
public static final String	ID	"digits"

org.keycloak.policy.LengthPasswordPolicyProviderFactory

Modifier and Type	Constant Field	Value
public static final String	ID	"length"

org.keycloak.policy.LowerCasePasswordPolicyProviderFactory

Modifier and Type	Constant Field	Value
public static final String	ID	"lowerCase"

org.keycloak.policy.MaxAuthAgePasswordPolicyProviderFactory

Modifier and Type	Constant Field	Value
public static final int	DEFAULT_MAX_AUTH_AGE	300

org.keycloak.policy.MaximumLengthPasswordPolicyProviderFactory

Modifier and Type	Constant Field	Value
public static final int	DEFAULT_MAX_LENGTH	64
public static final String	ID	"maxLength"

org.keycloak.policy.NotContainsUsernamePasswordPolicyProviderFactory

Modifier and Type	Constant Field	Value
public static final String	ID	"notContainsUsername"

org.keycloak.policy.NotEmailPasswordPolicyProviderFactory

Modifier and Type	Constant Field	Value
public static final String	ID	"notEmail"

org.keycloak.policy.NotUsernamePasswordPolicyProviderFactory

Modifier and Type	Constant Field	Value
public static final String	ID	"notUsername"

org.keycloak.policy.RegexPatternsPasswordPolicyProviderFactory

Modifier and Type	Constant Field	Value
public static final String	ID	"regexPattern"

org.keycloak.policy.SpecialCharsPasswordPolicyProviderFactory

Modifier and Type	Constant Field	Value
public static final String	ID	"specialChars"

org.keycloak.policy.UpperCasePasswordPolicyProviderFactory

Modifier and Type	Constant Field	Value
public static final String	ID	"upperCase"

org.keycloak.protocol.oidc.OIDCConfigAttributes

Modifier and Type	Constant Field	Value
public static final String	ACCESS_TOKEN_LIFESPAN	"access.token.lifespan"
public static final String	ACCESS_TOKEN_SIGNED_RESPONSE_ALG	"access.token.signed.response.alg"
public static final String	AUTHORIZATION_ENCRYPTED_RESPONSE_ALG	"authorization.encrypted.response.alg"
public static final String	AUTHORIZATION_ENCRYPTED_RESPONSE_ENC	"authorization.encrypted.response.enc"
public static final String	AUTHORIZATION_SIGNED_RESPONSE_ALG	"authorization.signed.response.alg"
public static final String	BACKCHANNEL_LOGOUT_REVOKE_OFFLINE_TOKENS	"backchannel.logout.revoke.offline.tokens"
public static final String	BACKCHANNEL_LOGOUT_SESSION_REQUIRED	"backchannel.logout.session.required"
public static final String	BACKCHANNEL_LOGOUT_URL	"backchannel.logout.url"
public static final String	CLIENT_OFFLINE_SESSION_IDLE_TIMEOUT	"client.offline.session.idle.timeout"
public static final String	CLIENT_OFFLINE_SESSION_MAX_LIFESPAN	"client.offline.session.max.lifespan"
public static final String	CLIENT_SESSION_IDLE_TIMEOUT	"client.session.idle.timeout"
public static final String	CLIENT_SESSION_MAX_LIFESPAN	"client.session.max.lifespan"
public static final String	DPOP_BOUND_ACCESS_TOKENS	"dpop.bound.access.tokens"
public static final String	EXCLUDE_ISSUER_FROM_AUTH_RESPONSE	"exclude.issuer.from.auth.response"
public static final String	EXCLUDE_SESSION_STATE_FROM_AUTH_RESPONSE	"exclude.session.state.from.auth.response"
public static final String	FRONT_CHANNEL_LOGOUT_SESSION_REQUIRED	"frontchannel.logout.session.required"
public static final String	FRONT_CHANNEL_LOGOUT_URI	"frontchannel.logout.url"
public static final String	ID_TOKEN_AS_DETACHED_SIGNATURE	"id.token.as.detached.signature"
public static final String	ID_TOKEN_ENCRYPTED_RESPONSE_ALG	"id.token.encrypted.response.alg"
public static final String	ID_TOKEN_ENCRYPTED_RESPONSE_ENC	"id.token.encrypted.response.enc"
public static final String	ID_TOKEN_SIGNED_RESPONSE_ALG	"id.token.signed.response.alg"
public static final String	JWKS_STRING	"jwks.string"
public static final String	JWKS_URL	"jwks.url"
public static final String	PKCE_CODE_CHALLENGE_METHOD	"pkce.code.challenge.method"
public static final String	POST_LOGOUT_REDIRECT_URIS	"post.logout.redirect.uris"
public static final String	REQUEST_OBJECT_ENCRYPTION_ALG	"request.object.encryption.alg"
public static final String	REQUEST_OBJECT_ENCRYPTION_ENC	"request.object.encryption.enc"
public static final String	REQUEST_OBJECT_REQUIRED	"request.object.required"
public static final String	REQUEST_OBJECT_REQUIRED_REQUEST	"request only"
public static final String	REQUEST_OBJECT_REQUIRED_REQUEST_OR_REQUEST_URI	"request or request_uri"
public static final String	REQUEST_OBJECT_REQUIRED_REQUEST_URI	"request_uri only"
public static final String	REQUEST_OBJECT_SIGNATURE_ALG	"request.object.signature.alg"
public static final String	REQUEST_URIS	"request.uris"
public static final String	TOKEN_ENDPOINT_AUTH_SIGNING_ALG	"token.endpoint.auth.signing.alg"
public static final String	USE_JWKS_STRING	"use.jwks.string"
public static final String	USE_JWKS_URL	"use.jwks.url"
public static final String	USE_LOWER_CASE_IN_TOKEN_RESPONSE	"token.response.type.bearer.lower-case"
public static final String	USE_MTLS_HOK_TOKEN	"tls.client.certificate.bound.access.tokens"
public static final String	USE_REFRESH_TOKEN	"use.refresh.tokens"
public static final String	USE_REFRESH_TOKEN_FOR_CLIENT_CREDENTIALS_GRANT	"client_credentials.use_refresh_token"
public static final String	USER_INFO_ENCRYPTED_RESPONSE_ALG	"user.info.encrypted.response.alg"
public static final String	USER_INFO_ENCRYPTED_RESPONSE_ENC	"user.info.encrypted.response.enc"
public static final String	USER_INFO_RESPONSE_SIGNATURE_ALG	"user.info.response.signature.alg"

org.keycloak.protocol.oidc.TokenExchangeSpi

Modifier and Type	Constant Field	Value
public static final String	SPI_NAME	"oauth2-token-exchange"

org.keycloak.protocol.oidc.grants.OAuth2GrantTypeSpi

Modifier and Type	Constant Field	Value
public static final String	SPI_NAME	"oauth2-grant-type"

org.keycloak.services.clientpolicy.condition.AbstractClientPolicyConditionProviderFactory

Modifier and Type	Constant Field	Value
public static final String	IS_NEGATIVE_LOGIC	"is-negative-logic"

org.keycloak.services.clientpolicy.condition.ClientPolicyConditionSpi

Modifier and Type	Constant Field	Value
public static final String	SPI_NAME	"client-policy-condition"

org.keycloak.services.clientpolicy.executor.ClientPolicyExecutorSpi

Modifier and Type	Constant Field	Value
public static final String	SPI_NAME	"client-policy-executor"

org.keycloak.services.cors.Cors

Modifier and Type	Constant Field	Value
public static final String	ACCESS_CONTROL_ALLOW_CREDENTIALS	"Access-Control-Allow-Credentials"
public static final String	ACCESS_CONTROL_ALLOW_HEADERS	"Access-Control-Allow-Headers"
public static final String	ACCESS_CONTROL_ALLOW_METHODS	"Access-Control-Allow-Methods"
public static final String	ACCESS_CONTROL_ALLOW_ORIGIN	"Access-Control-Allow-Origin"
public static final String	ACCESS_CONTROL_ALLOW_ORIGIN_WILDCARD	"*"
public static final String	ACCESS_CONTROL_EXPOSE_HEADERS	"Access-Control-Expose-Headers"
public static final String	ACCESS_CONTROL_MAX_AGE	"Access-Control-Max-Age"
public static final String	AUTHORIZATION_HEADER	"Authorization"
public static final String	DEFAULT_ALLOW_HEADERS	"Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, DPoP"
public static final String	DEFAULT_ALLOW_METHODS	"GET, HEAD, OPTIONS"
public static final String	ORIGIN_HEADER	"Origin"

org.keycloak.services.managers.BruteForceProtector

Modifier and Type	Constant Field	Value
public static final String	DISABLED_BY_PERMANENT_LOCKOUT	"permanentLockout"

org.keycloak.sessions.AuthenticationSessionSpi

Modifier and Type	Constant Field	Value
public static final String	PROVIDER_ID	"authenticationSessions"

org.keycloak.userprofile.DefaultAttributes

Modifier and Type	Constant Field	Value
public static final String	DEFAULT_MAX_LENGTH_ATTRIBUTES	"2048"
public static final String	READ_ONLY_ATTRIBUTE_KEY	"kc.read.only"

org.keycloak.userprofile.UserProfileSpi

Modifier and Type	Constant Field	Value
public static final String	ID	"userProfile"

org.keycloak.userprofile.UserProfileUtil

Modifier and Type	Constant Field	Value
public static final String	USER_METADATA_GROUP	"user-metadata"

org.keycloak.utils.EmailValidationUtil

Modifier and Type	Constant Field	Value
public static final String	MAX_EMAIL_LOCAL_PART_LENGTH	"max-email-local-part-length"
public static final int	MAX_LOCAL_PART_LENGTH	64

org.keycloak.utils.OCSPProvider

Modifier and Type	Constant Field	Value
protected static final int	TIME_SKEW	900000

org.keycloak.validate.validators.AbstractNumberValidator

Modifier and Type	Constant Field	Value
public static final String	KEY_MAX	"max"
public static final String	KEY_MIN	"min"
public static final String	MESSAGE_INVALID_NUMBER	"error-invalid-number"
public static final String	MESSAGE_NUMBER_OUT_OF_RANGE	"error-number-out-of-range"
public static final String	MESSAGE_NUMBER_OUT_OF_RANGE_TOO_BIG	"error-number-out-of-range-too-big"
public static final String	MESSAGE_NUMBER_OUT_OF_RANGE_TOO_SMALL	"error-number-out-of-range-too-small"

org.keycloak.validate.validators.DoubleValidator

Modifier and Type	Constant Field	Value
public static final String	ID	"double"

org.keycloak.validate.validators.EmailValidator

Modifier and Type	Constant Field	Value
public static final String	ID	"email"
public static final String	MAX_LOCAL_PART_LENGTH_PROPERTY	"max-local-length"
public static final String	MESSAGE_INVALID_EMAIL	"error-invalid-email"

org.keycloak.validate.validators.IntegerValidator

Modifier and Type	Constant Field	Value
public static final String	ID	"integer"

org.keycloak.validate.validators.IsoDateValidator

Modifier and Type	Constant Field	Value
public static final String	ID	"iso-date"
public static final String	MESSAGE_INVALID_DATE	"error-invalid-date"

org.keycloak.validate.validators.LengthValidator

Modifier and Type	Constant Field	Value
public static final String	ID	"length"
public static final String	KEY_MAX	"max"
public static final String	KEY_MIN	"min"
public static final String	KEY_TRIM_DISABLED	"trim-disabled"
public static final String	MESSAGE_INVALID_LENGTH	"error-invalid-length"
public static final String	MESSAGE_INVALID_LENGTH_TOO_LONG	"error-invalid-length-too-long"
public static final String	MESSAGE_INVALID_LENGTH_TOO_SHORT	"error-invalid-length-too-short"

org.keycloak.validate.validators.LocalDateValidator

Modifier and Type	Constant Field	Value
public static final String	ID	"local-date"
public static final String	MESSAGE_INVALID_DATE	"error-invalid-date"

org.keycloak.validate.validators.NotBlankValidator

Modifier and Type	Constant Field	Value
public static final String	ID	"not-blank"
public static final String	MESSAGE_BLANK	"error-invalid-blank"

org.keycloak.validate.validators.NotEmptyValidator

Modifier and Type	Constant Field	Value
public static final String	ID	"not-empty"
public static final String	MESSAGE_ERROR_EMPTY	"error-empty"

org.keycloak.validate.validators.OptionsValidator

Modifier and Type	Constant Field	Value
public static final String	ID	"options"
public static final String	KEY_OPTIONS	"options"

org.keycloak.validate.validators.PatternValidator

Modifier and Type	Constant Field	Value
public static final String	CFG_ERROR_MESSAGE	"error-message"
public static final String	CFG_PATTERN	"pattern"
public static final String	ID	"pattern"
public static final String	MESSAGE_NO_MATCH	"error-pattern-no-match"

org.keycloak.validate.validators.UriValidator

Modifier and Type	Constant Field	Value
public static final String	ID	"uri"
public static final String	KEY_ALLOW_FRAGMENT	"allowFragment"
public static final String	KEY_ALLOWED_SCHEMES	"allowedSchemes"
public static final String	KEY_REQUIRE_VALID_URL	"requireValidUrl"
public static final String	MESSAGE_INVALID_FRAGMENT	"error-invalid-uri-fragment"
public static final String	MESSAGE_INVALID_SCHEME	"error-invalid-uri-scheme"
public static final String	MESSAGE_INVALID_URI	"error-invalid-uri"

org.keycloak.validate.validators.ValidatorConfigValidator

Modifier and Type	Constant Field	Value
public static final String	ID	"validatorConfig"
public static final String	MESSAGE_CONFIG_INVALID_BOOLEAN_VALUE	"error-validator-config-invalid-boolean-value"
public static final String	MESSAGE_CONFIG_INVALID_NUMBER_VALUE	"error-validator-config-invalid-number-value"
public static final String	MESSAGE_CONFIG_INVALID_STRING_VALUE	"error-validator-config-invalid-string-value"
public static final String	MESSAGE_CONFIG_INVALID_VALUE	"error-validator-config-invalid-value"
public static final String	MESSAGE_CONFIG_MISSING_VALUE	"error-validator-config-missing-value"