Export data from realms to a file or directory. Usage: kc.sh export [OPTIONS] Export data from realms to a file or directory. Options: -h, --help This help message. --help-all This same help message but with additional options. --optimized Use this option to achieve an optimal startup time if you have previously built a server image using the 'build' command. Storage (Experimental): --storage Experimental: Sets the default storage mechanism for all areas. Possible values are: jpa, chm, hotrod, file. --storage-area-auth-session Experimental: Sets a storage mechanism for authentication sessions. Possible values are: jpa, chm, hotrod, file. --storage-area-authorization Experimental: Sets a storage mechanism for authorizations. Possible values are: jpa, chm, hotrod, file. --storage-area-client Experimental: Sets a storage mechanism for clients. Possible values are: jpa, chm, hotrod, file. --storage-area-client-scope Experimental: Sets a storage mechanism for client scopes. Possible values are: jpa, chm, hotrod, file. --storage-area-event-admin Experimental: Sets a storage mechanism for admin events. Possible values are: jpa, chm, hotrod, file. --storage-area-event-auth Experimental: Sets a storage mechanism for authentication and authorization events. Possible values are: jpa, chm, hotrod, file. --storage-area-group Experimental: Sets a storage mechanism for groups. Possible values are: jpa, chm, hotrod, file. --storage-area-login-failure Experimental: Sets a storage mechanism for login failures. Possible values are: jpa, chm, hotrod, file. --storage-area-realm Experimental: Sets a storage mechanism for realms. Possible values are: jpa, chm, hotrod, file. --storage-area-role Experimental: Sets a storage mechanism for roles. Possible values are: jpa, chm, hotrod, file. --storage-area-single-use-object Experimental: Sets a storage mechanism for single use objects. Possible values are: jpa, chm, hotrod. --storage-area-user Experimental: Sets a storage mechanism for users. Possible values are: jpa, chm, hotrod, file. --storage-area-user-session Experimental: Sets a storage mechanism for user and client sessions. Possible values are: jpa, chm, hotrod, file. --storage-deployment-state-version-seed Experimental: Secret that serves as a seed to mask the version number of Keycloak in URLs. Need to be identical across all servers in the cluster. Will default to a random number generated when starting the server which is secure but will lead to problems when a loadbalancer without sticky sessions is used or nodes are restarted. --storage-file-dir Experimental: Root directory for file map store. --storage-hotrod-host Experimental: Sets the host of the Infinispan server. --storage-hotrod*** Experimental: Sets the password of the Infinispan user. --storage-hotrod-port Experimental: Sets the port of the Infinispan server. --storage-hotrod-username Experimental: Sets the username of the Infinispan user. --storage-jpa-db Experimental: The database vendor for jpa map storage. Possible values are: postgres, cockroach. Default: postgres. Database: --db The database vendor. Possible values are: dev-file, dev-mem, mariadb, mssql, mysql, oracle, postgres. Default: dev-file. --db-driver The fully qualified class name of the JDBC driver. If not set, a default driver is set accordingly to the chosen database. --db*** The password of the database user. --db-pool-initial-size The initial size of the connection pool. --db-pool-max-size The maximum size of the connection pool. Default: 100. --db-pool-min-size The minimal size of the connection pool. --db-schema The database schema to be used. --db-url The full database JDBC URL. If not provided, a default URL is set based on the selected database vendor. For instance, if using 'postgres', the default JDBC URL would be 'jdbc:postgresql://localhost/keycloak'. --db-url-database Sets the database name of the default JDBC URL of the chosen vendor. If the `db-url` option is set, this option is ignored. --db-url-host Sets the hostname of the default JDBC URL of the chosen vendor. If the `db-url` option is set, this option is ignored. --db-url-port Sets the port of the default JDBC URL of the chosen vendor. If the `db-url` option is set, this option is ignored. --db-url-properties Sets the properties of the default JDBC URL of the chosen vendor. Make sure to set the properties accordingly to the format expected by the database vendor, as well as appending the right character at the beginning of this property value. If the `db-url` option is set, this option is ignored. --db-username The username of the database user. Transaction: --transaction-xa-enabled If set to false, Keycloak uses a non-XA datasource in case the database does not support XA transactions. Default: true. Feature: --features Enables a set of one or more features. Possible values are: account-api, account2, account3, admin-api, admin-fine-grained-authz, admin2, authorization, ciba, client-policies, client-secret-rotation, declarative-user-profile, docker, dynamic-scopes, fips, impersonation, js-adapter, kerberos, map-storage, par, preview, recovery-codes, scripts, step-up-authentication, token-exchange, update-email, web-authn. --features-disabled Disables a set of one or more features. Possible values are: account-api, account2, account3, admin-api, admin-fine-grained-authz, admin2, authorization, ciba, client-policies, client-secret-rotation, declarative-user-profile, docker, dynamic-scopes, fips, impersonation, js-adapter, kerberos, map-storage, par, preview, recovery-codes, scripts, step-up-authentication, token-exchange, update-email, web-authn. Config: --config-keystore Specifies a path to the KeyStore Configuration Source. --config-keystore*** Specifies a password to the KeyStore Configuration Source. --config-keystore-type Specifies a type of the KeyStore Configuration Source. Default: PKCS12. Logging: --log Enable one or more log handlers in a comma-separated list. Possible values are: console, file, gelf. Default: console. --log-console-color Enable or disable colors when logging to console. Default: false. --log-console-format The format of unstructured console log entries. If the format has spaces in it, escape the value using "". Default: %d{yyyy-MM-dd HH:mm:ss,SSS} % -5p [%c] (%t) %s%e%n. --log-console-output Set the log output to JSON or default (plain) unstructured logging. Possible values are: default, json. Default: default. --log-file Set the log file path and filename. Default: data/log/keycloak.log. --log-file-format Set a format specific to file log entries. Default: %d{yyyy-MM-dd HH:mm:ss, SSS} %-5p [%c] (%t) %s%e%n. --log-file-output Set the log output to JSON or default (plain) unstructured logging. Possible values are: default, json. Default: default. --log-gelf-facility The facility (name of the process) that sends the message. Default: keycloak. --log-gelf-host Hostname of the Logstash or Graylog Host. By default UDP is used, prefix the host with 'tcp:' to switch to TCP. Example: 'tcp:localhost' Default: localhost. --log-gelf-include-location Include source code location. Default: true. --log-gelf-include-message-parameters Include message parameters from the log event. Default: true. --log-gelf-include-stack-trace If set to true, occuring stack traces are included in the 'StackTrace' field in the GELF output. Default: true. --log-gelf-level The log level specifying which message levels will be logged by the GELF logger. Message levels lower than this value will be discarded. Default: INFO. --log-gelf-max-message-size Maximum message size (in bytes). If the message size is exceeded, GELF will submit the message in multiple chunks. Default: 8192. --log-gelf-port The port the Logstash or Graylog Host is called on. Default: 12201. --log-gelf-timestamp-format Set the format for the GELF timestamp field. Uses Java SimpleDateFormat pattern. Default: yyyy-MM-dd HH:mm:ss,SSS. --log-level The log level of the root category or a comma-separated list of individual categories and their levels. For the root category, you don't need to specify a category. Default: info. Export: --dir Set the path to a directory where files will be created with the exported data. --file Set the path to a file that will be created with the exported data. To export more than 500 users, export to a directory with different files instead. --realm Set the name of the realm to export. If not set, all realms are going to be exported. --users Set how users should be exported. Possible values are: skip, realm_file, same_file, different_files. Default: different_files. --users-per-file Set the number of users per file. It is used only if 'users' is set to 'different_files'. Increasing this number leads to exponentially increased export times. Default: 50.