npmpackage.info

Gathering detailed insights and metrics for @sbb-esta/angular-keycloak

@sbb-esta/angular-keycloak - 12.4.0 | npmpackage.info

@sbb-esta/angular-keycloak

Angular Library for SBB

12.4.0

115

NOASSERTION

TypeScript

136.66 kB

5.5

Installations

npm install @sbb-esta/angular-keycloak

Developer Guide

BETA

Typescript

No

Module System

CommonJS

Pull Requests

Open

4

Total

2,141

Closed

189

Merged

1,948

Issues

Open

32

Total

425

Closed

393

Releases

176

Release 20.0.1

20.0.1

Updated on Jun 19, 2025

Release 20.0.0

20.0.0

Updated on Jun 12, 2025

Release 20.0.0-next.4

20.0.0-next.4

Updated on Jun 11, 2025

Release 20.0.0-next.3

20.0.0-next.3

Updated on Jun 05, 2025

Release 20.0.0-next.2

20.0.0-next.2

Updated on Jun 05, 2025

Release 19.1.6

19.1.6

Updated on Apr 07, 2025

View All 176 releases

Languages

TypeScript

SCSS

HTML

Starlark

JavaScript

CSS

Shell

Dockerfile

TypeScript (84.09%)

SCSS (6.46%)

HTML (4.6%)

Starlark (3.45%)

JavaScript (1.15%)

CSS (0.19%)

Shell (0.03%)

Dockerfile (0.02%)

Developer

sbb-design-systems

Download Statistics

Total Downloads

Last Day

Last Week

Last Month

Last Year

GitHub Statistics

NOASSERTION License

115 Stars

5,054 Commits

22 Forks

10 Watchers

66 Branches

39 Contributors

Updated on Jul 04, 2025

Maintainers

View All 39 Contributors

Package Meta Information

Latest Version

12.4.0

Package Id

@sbb-esta/angular-keycloak@12.4.0

Unpacked Size

136.66 kB

Size

32.19 kB

File Count

Total Downloads

Cumulative downloads

Total Downloads

NaN

Last Day

NaN

Compared to previous day

Last Week

NaN

Compared to previous week

Last Month

NaN

Compared to previous month

Last Year

NaN

Compared to previous year

Weekly Downloads

Monthly Downloads

Yearly Downloads

Peer Dependencies

@angular/common @angular/core keycloak-js

SBB Keycloak Library for Angular

🛈 We recommend angular-oauth2-oidc to be used for authentication. See the documentation for details.

⚠ Deprecation Notice

The @sbb-esta/angular-keycloak package is deprecated and will be removed with the next major version. As mentioned above, we strongly recommend angular-oauth2-oidc.

Getting started

To use @sbb-esta/angular-keycloak you need to have node and npm installed. You can then install @sbb-esta/angular-keycloak with the following command:

npm install --save @sbb-esta/angular-keycloak keycloak-js@4.8.3

Authentication Module

The authentication module provides functionality for SSO with Keycloak. It provides an authentication service that you can use to handle all your authentication tasks.

It also provides an optional interceptor (Angular Interceptor). It is not contained in the authentication module but can be used by adding AUTH_INTERCEPTOR to the AppModule.

How to use the authentication module

After the redirect from the authentication server, keycloak needs to be notified even before Angular has started. This is achieved by using Angular App Initializers.

You can import the AuthModule in your app module or in your core module. Use the forRoot method to provide the configuration.

The keycloak configuration has to match the following interface:

interface KeycloakConfig {
  url?: string;
  realm?: string;
  clientId?: string;
}

...
import { AuthModule, AUTH_INTERCEPTOR } from '@sbb-esta/angular-keycloak';

import { environment } from '../environment/environment'; // Your Angular CLI Environment config

@NgModule({
  imports: [
    AuthModule.forRoot(environment.authConfig)
  ],
  declarations: [...],
  providers: [
    AUTH_INTERCEPTOR // Optional
  ]
})
export class CoreModule {
}

The AuthService is available via dependency injection inside your application.

import { AuthService } from '@sbb-esta/angular-keycloak';

@Component({
    selector: ...,
    templateUrl: ...
})
export class SampleComponent{

    constructor(private authService: AuthService) {
    }
}

Authentication Module

The Authentication Module provides the authentication service. It exposes the static forRoot method to configure authentication.

AuthModule.forRoot(
  config: string | KeycloakConfig,
  options?: KeycloakInitOptions,
  loginOptions?: KeycloakLoginOptions)

Parameter	Description
config	Required Either a configuration object or an url where the configuration is provided in json format
options	Optional Options object (defaults to { onLoad: 'check-sso', flow: 'implicit' })
loginOptions	Optional Login options object, which will be used on AuthService.login (defaults to { idpHint: 'azure_sbb_prod' })

Authentication Service

The Authentication Service provides the necessary API to interact with the authentication module.

Method	Description
login: Promise	When you call this method you are redirected to the authentication server where you need to enter your credentials. After a successful login you are then redirect to your app. The AuthModule then internally stores the authorization token. This token is stored persistent. It is also available after a window refresh. You can get the token by calling the getToken() method of the auth service.
getToken: string	This method returns the stored token. Notice that it only returns the token and not the complete authHeader. To get the authHeader you can use the getAuthHeader() method on the authService.
getAuthHeader: any	This method returns an auth header object. This auth header object has an authorization property that contains Bearer + token as value.
refreshToken: Promise	This method allows you to refresh the token. It returns a promise that indicates if the refresh has been successful or not. Don't forget to call getToken() again to get the refreshed token.
getUserInfo: Observable	This method returns you an Observable who streams the user profile. This user profile has the following structure. - id?: string - username?: string - email?: string - firstName?: string - lastName?: string - enabled?: boolean - emailVerified?: boolean - totp?: boolean - createdTimestamp?: number
authenticated: boolean	Returns a boolean that indicates if the user is authenticated or not.
logout: Promise	logout: voidThis method will logout the current user and remove the token from the auth module.

No vulnerabilities found.

10

Maintained

Determines if the project is "actively maintained".

10

Dangerous-Workflow

Determines if the project's GitHub Action workflows avoid dangerous patterns.

10

Binary-Artifacts

Determines if the project has generated executable (binary) artifacts in the source repository.

10

Packaging

Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.

10

SAST

Determines if the project uses static code analysis.

9

License

Determines if the project has defined a license.

6

Code-Review

Determines if the project requires human code review before pull requests (aka merge requests) are merged.

1

Pinned-Dependencies

Determines if the project has declared and pinned the dependencies of its build process.

Reason

dependency not pinned by hash detected -- score normalized to 1

Details

Warn: third-party GitHubAction not pinned by hash: .github/workflows/angular-components-sync.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/sbb-design-systems/sbb-angular/angular-components-sync.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/angular-components-sync.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/sbb-design-systems/sbb-angular/angular-components-sync.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/cache-cleanup.yml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/sbb-design-systems/sbb-angular/cache-cleanup.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:47: update your workflow using https://app.stepsecurity.io/secureworkflow/sbb-design-systems/sbb-angular/codeql-analysis.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:58: update your workflow using https://app.stepsecurity.io/secureworkflow/sbb-design-systems/sbb-angular/codeql-analysis.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:72: update your workflow using https://app.stepsecurity.io/secureworkflow/sbb-design-systems/sbb-angular/codeql-analysis.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/continuous-integration.yml:74: update your workflow using https://app.stepsecurity.io/secureworkflow/sbb-design-systems/sbb-angular/continuous-integration.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/continuous-integration.yml:75: update your workflow using https://app.stepsecurity.io/secureworkflow/sbb-design-systems/sbb-angular/continuous-integration.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/continuous-integration.yml:98: update your workflow using https://app.stepsecurity.io/secureworkflow/sbb-design-systems/sbb-angular/continuous-integration.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/continuous-integration.yml:99: update your workflow using https://app.stepsecurity.io/secureworkflow/sbb-design-systems/sbb-angular/continuous-integration.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/continuous-integration.yml:123: update your workflow using https://app.stepsecurity.io/secureworkflow/sbb-design-systems/sbb-angular/continuous-integration.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/continuous-integration.yml:124: update your workflow using https://app.stepsecurity.io/secureworkflow/sbb-design-systems/sbb-angular/continuous-integration.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/continuous-integration.yml:136: update your workflow using https://app.stepsecurity.io/secureworkflow/sbb-design-systems/sbb-angular/continuous-integration.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/continuous-integration.yml:159: update your workflow using https://app.stepsecurity.io/secureworkflow/sbb-design-systems/sbb-angular/continuous-integration.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/continuous-integration.yml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/sbb-design-systems/sbb-angular/continuous-integration.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/continuous-integration.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/sbb-design-systems/sbb-angular/continuous-integration.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/continuous-integration.yml:47: update your workflow using https://app.stepsecurity.io/secureworkflow/sbb-design-systems/sbb-angular/continuous-integration.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/continuous-integration.yml:48: update your workflow using https://app.stepsecurity.io/secureworkflow/sbb-design-systems/sbb-angular/continuous-integration.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/maintenance-changelog.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/sbb-design-systems/sbb-angular/maintenance-changelog.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/maintenance-changelog.yml:51: update your workflow using https://app.stepsecurity.io/secureworkflow/sbb-design-systems/sbb-angular/maintenance-changelog.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/maintenance-changelog.yml:53: update your workflow using https://app.stepsecurity.io/secureworkflow/sbb-design-systems/sbb-angular/maintenance-changelog.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/maintenance-cherry-pick.yml:34: update your workflow using https://app.stepsecurity.io/secureworkflow/sbb-design-systems/sbb-angular/maintenance-cherry-pick.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/maintenance-cherry-pick.yml:70: update your workflow using https://app.stepsecurity.io/secureworkflow/sbb-design-systems/sbb-angular/maintenance-cherry-pick.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/maintenance-cherry-pick.yml:72: update your workflow using https://app.stepsecurity.io/secureworkflow/sbb-design-systems/sbb-angular/maintenance-cherry-pick.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/maintenance-tagging.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/sbb-design-systems/sbb-angular/maintenance-tagging.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/maintenance-tagging.yml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/sbb-design-systems/sbb-angular/maintenance-tagging.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/pr-title-lint.yml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/sbb-design-systems/sbb-angular/pr-title-lint.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr-title-lint.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/sbb-design-systems/sbb-angular/pr-title-lint.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/preview-deployment.yml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/sbb-design-systems/sbb-angular/preview-deployment.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/preview-deployment.yml:31: update your workflow using https://app.stepsecurity.io/secureworkflow/sbb-design-systems/sbb-angular/preview-deployment.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/preview-deployment.yml:36: update your workflow using https://app.stepsecurity.io/secureworkflow/sbb-design-systems/sbb-angular/preview-deployment.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/preview-deployment.yml:46: update your workflow using https://app.stepsecurity.io/secureworkflow/sbb-design-systems/sbb-angular/preview-deployment.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/preview-image-cleanup.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/sbb-design-systems/sbb-angular/preview-image-cleanup.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/preview-image-cleanup.yml:61: update your workflow using https://app.stepsecurity.io/secureworkflow/sbb-design-systems/sbb-angular/preview-image-cleanup.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:31: update your workflow using https://app.stepsecurity.io/secureworkflow/sbb-design-systems/sbb-angular/release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:32: update your workflow using https://app.stepsecurity.io/secureworkflow/sbb-design-systems/sbb-angular/release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:42: update your workflow using https://app.stepsecurity.io/secureworkflow/sbb-design-systems/sbb-angular/release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:86: update your workflow using https://app.stepsecurity.io/secureworkflow/sbb-design-systems/sbb-angular/release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:87: update your workflow using https://app.stepsecurity.io/secureworkflow/sbb-design-systems/sbb-angular/release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/renovate.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/sbb-design-systems/sbb-angular/renovate.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/renovate.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/sbb-design-systems/sbb-angular/renovate.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/renovate.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/sbb-design-systems/sbb-angular/renovate.yml/main?enable=pin
Warn: containerImage not pinned by hash: .github/Dockerfile.regenerate:2: pin your Docker image by updating nginxinc/nginx-unprivileged:stable to nginxinc/nginx-unprivileged:stable@sha256:0bc3a04325a4e2737a7ae78749af987df8c7a9004c4fff63cfa915bd46b1ffee
Warn: containerImage not pinned by hash: .github/Dockerfile.regenerate.ngssc:2: pin your Docker image by updating nginxinc/nginx-unprivileged:stable to nginxinc/nginx-unprivileged:stable@sha256:0bc3a04325a4e2737a7ae78749af987df8c7a9004c4fff63cfa915bd46b1ffee
Warn: containerImage not pinned by hash: Dockerfile:1: pin your Docker image by updating nginxinc/nginx-unprivileged:stable to nginxinc/nginx-unprivileged:stable@sha256:0bc3a04325a4e2737a7ae78749af987df8c7a9004c4fff63cfa915bd46b1ffee
Info: 19 out of 43 GitHub-owned GitHubAction dependencies pinned
Info: 0 out of 18 third-party GitHubAction dependencies pinned
Info: 0 out of 3 containerImage dependencies pinned

0

Token-Permissions

Determines if the project's workflows follow the principle of least privilege.

0

CII-Best-Practices

Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.

0

Security-Policy

Determines if the project has published a security policy.

0

Fuzzing

Determines if the project uses fuzzing.

0

Vulnerabilities

Determines if the project has open, known unfixed vulnerabilities.

Score

5.5

/10

Last Scanned on 2025-06-30

The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.

Learn More