I updated to Spring Boot 3 in a project that uses the Keycloak Spring Adapter. Unfortunately, it doesn’t start because the KeycloakWebSecurityConfigurerAdapter extends WebSecurityConfigurerAdapter which was first deprecated in Spring Security and then removed. Is there currently another way to implement security with Keycloak? Or to put it in other words: How can I use Spring Boot 3 in combination with the Keycloak adapter?

We created a client resource server in keycloak and policies, permissions, scopes for resources, which works well, policy enforcer is used but the only problem that intercepts all requests (endpoint) backend including the public url which restricts and prevents access, we are new to this issue
if anyone can help in indicating how to solve the problem thank you in advance.

I am encountering a persistent issue when trying to create a user in Keycloak using the Keycloak Admin Client. Despite ensuring that the userProfileMetadata field is not present in the JSON payload, the Keycloak server responds with a 400 Bad Request error, indicating that the field is unrecognized. No matter whether the userProfileMetadata field is in the User json or not, I keep getting the error!

Could you please advise if it’s possible to request more information from the user during the first login using a required action? Is it feasible for this required action to redirect the user to a data-providing form processed by a separate spring-boot application integrated with Keycloak? Would any token be available at this point so that only users going through the data provision stage have access to the endpoint?