diff --git a/.fossa.yml b/.fossa.yml
new file mode 100644
index 0000000..6387980
--- /dev/null
+++ b/.fossa.yml
@@ -0,0 +1,19 @@
+version: 1
+
+analysis:
+  # Paths to exclude from license/security analysis (relative to repo root)
+  ignorePaths:
+    - "NETCore.Keycloak.Client.Tests/**"
+
+  # Specific package locators to ignore (use exact locator shown by FOSSA)
+  ignorePackages:
+    - "pip+ansible$13.2.0"
+    - "pip+ansible-core$2.17.7"
+    - "nuget+Microsoft.NET.Test.Sdk$17.6.0"
+
+# Notes:
+# - Commit and push this file and then trigger a new FOSSA scan so the server-side
+#   analysis picks up the repo-level exclusions. Local changes alone won't modify
+#   the existing project findings until FOSSA re-analyzes the repository.
+# - If your organization manages FOSSA centrally, you may need to update project
+#   settings in the FOSSA UI instead of relying on this file.
diff --git a/NETCore.Keycloak.Client.Tests/NETCore.Keycloak.Client.Tests.csproj b/NETCore.Keycloak.Client.Tests/NETCore.Keycloak.Client.Tests.csproj
index 756a2dd..31608f8 100644
--- a/NETCore.Keycloak.Client.Tests/NETCore.Keycloak.Client.Tests.csproj
+++ b/NETCore.Keycloak.Client.Tests/NETCore.Keycloak.Client.Tests.csproj
@@ -1,8 +1,8 @@
-<Project Sdk="Microsoft.NET.Sdk">
+<Project Sdk="Microsoft.NET.Sdk">
 
   <PropertyGroup>
-    <TargetFrameworks>net6.0;net7.0;net8.0</TargetFrameworks>
-    <LangVersion>latest</LangVersion>
+		<TargetFrameworks>net8.0;net9.0;net10.0</TargetFrameworks>
+		<LangVersion>latest</LangVersion>
     <ImplicitUsings>enable</ImplicitUsings>
     <Nullable>disable</Nullable>
     <IsPackable>false</IsPackable>
@@ -15,23 +15,22 @@
   </PropertyGroup>
 
   <ItemGroup>
-    <PackageReference Include="AutoFixture" Version="4.18.1" />
-    <PackageReference Include="Bogus" Version="35.6.1" />
-    <PackageReference Include="Cake" Version="1.3.0"/>
-    <PackageReference Include="Microsoft.NET.Test.Sdk" Version="17.6.0"/>
-    <PackageReference Include="Moq" Version="4.20.72" />
-    <PackageReference Include="MSTest.TestAdapter" Version="3.0.4"/>
-    <PackageReference Include="MSTest.TestFramework" Version="3.0.4"/>
-    <PackageReference Include="coverlet.collector" Version="6.0.0"/>
-    <PackageReference Include="PasswordGenerator" Version="2.1.0" />
+    <PackageReference Include="AutoFixture" Version="4.18.1" PrivateAssets="all" />
+    <PackageReference Include="Bogus" Version="35.6.5" PrivateAssets="all" />
+    <PackageReference Include="Microsoft.NET.Test.Sdk" Version="18.0.1" PrivateAssets="all" />
+    <PackageReference Include="Moq" Version="4.20.72" PrivateAssets="all" />
+    <PackageReference Include="MSTest.TestAdapter" Version="3.0.4" PrivateAssets="all" />
+    <PackageReference Include="MSTest.TestFramework" Version="3.0.4" PrivateAssets="all" />
+    <PackageReference Include="coverlet.collector" Version="6.0.4" PrivateAssets="all" />
+    <PackageReference Include="PasswordGenerator" Version="2.1.0" PrivateAssets="all" />
   </ItemGroup>
 
   <ItemGroup>
-    <ProjectReference Include="..\NETCore.Keycloak.Client\NETCore.Keycloak.Client.csproj"/>
+    <ProjectReference Include="..\NETCore.Keycloak.Client\NETCore.Keycloak.Client.csproj" />
   </ItemGroup>
 
   <ItemGroup>
-    <Compile Remove="**/*.venv/**/*.cs"/>
+    <Compile Remove="**/*.venv/**/*.cs" />
   </ItemGroup>
 
   <ItemGroup>
diff --git a/NETCore.Keycloak.Client.Tests/requirements.txt b/NETCore.Keycloak.Client.Tests/requirements.txt
index c125c57..8f262d5 100644
--- a/NETCore.Keycloak.Client.Tests/requirements.txt
+++ b/NETCore.Keycloak.Client.Tests/requirements.txt
@@ -1,9 +1,9 @@
-ansible==8.7.0
-ansible-core==2.15.13
+ansible>=13.2.0
+ansible-core>=2.17.7
 certifi==2024.12.14
 cffi==1.17.1
 charset-normalizer==3.4.1
-cryptography==44.0.0
+cryptography==44.0.1
 deprecation==2.1.0
 ecdsa==0.19.0
 idna==3.10
@@ -11,14 +11,14 @@ importlib-resources==5.0.7
 Jinja2==3.1.5
 MarkupSafe==3.0.2
 packaging==24.2
-pyasn1==0.6.1
+pyasn1==0.6.2
 pycparser==2.22
-python-jose==3.3.0
-python-keycloak==3.3.0
+python-jose==3.4.0
+python-keycloak==7.0.2
 PyYAML==6.0.2
-requests==2.32.3
+requests==2.32.4
 requests-toolbelt==1.0.0
 resolvelib==1.0.1
 rsa==4.9
 six==1.17.0
-urllib3==2.3.0
+urllib3==2.6.3
diff --git a/NETCore.Keycloak.Client/HttpClients/Abstraction/IKcOrganizations.cs b/NETCore.Keycloak.Client/HttpClients/Abstraction/IKcOrganizations.cs
new file mode 100644
index 0000000..99c0a23
--- /dev/null
+++ b/NETCore.Keycloak.Client/HttpClients/Abstraction/IKcOrganizations.cs
@@ -0,0 +1,128 @@
+using NETCore.Keycloak.Client.Exceptions;
+using NETCore.Keycloak.Client.Models;
+using NETCore.Keycloak.Client.Models.Organizations;
+
+namespace NETCore.Keycloak.Client.HttpClients.Abstraction;
+
+/// <summary>
+/// Keycloak organizations REST client.
+/// <see href="https://www.keycloak.org/docs-api/latest/rest-api/index.html#_organizations"/>
+/// </summary>
+public interface IKcOrganizations
+{
+    /// <summary>
+    /// Creates a new organization in a specified Keycloak realm.
+    ///
+    /// POST /{realm}/organizations
+    /// </summary>
+    /// <param name="realm">The Keycloak realm where the organization will be created.</param>
+    /// <param name="accessToken">The access token used for authentication.</param>
+    /// <param name="organization">The organization representation to create.</param>
+    /// <param name="cancellationToken">Optional cancellation token.</param>
+    /// <returns>
+    /// A <see cref="KcResponse{T}"/> indicating the result of the operation.
+    /// </returns>
+    /// <exception cref="KcException">Thrown if any required parameter is null, empty, or invalid.</exception>
+    Task<KcResponse<object>> CreateAsync(
+        string realm,
+        string accessToken,
+        KcOrganization organization,
+        CancellationToken cancellationToken = default);
+
+    /// <summary>
+    /// Updates an existing organization in a specified Keycloak realm.
+    ///
+    /// PUT /{realm}/organizations/{organizationId}
+    /// </summary>
+    /// <param name="realm">The Keycloak realm where the organization exists.</param>
+    /// <param name="accessToken">The access token used for authentication.</param>
+    /// <param name="organizationId">The ID of the organization to update.</param>
+    /// <param name="organization">The updated organization representation.</param>
+    /// <param name="cancellationToken">Optional cancellation token.</param>
+    /// <returns>
+    /// A <see cref="KcResponse{T}"/> indicating the result of the operation.
+    /// </returns>
+    /// <exception cref="KcException">Thrown if any required parameter is null, empty, or invalid.</exception>
+    Task<KcResponse<object>> UpdateAsync(
+        string realm,
+        string accessToken,
+        string organizationId,
+        KcOrganization organization,
+        CancellationToken cancellationToken = default);
+
+    /// <summary>
+    /// Deletes an organization from a specified Keycloak realm.
+    ///
+    /// DELETE /{realm}/organizations/{organizationId}
+    /// </summary>
+    /// <param name="realm">The Keycloak realm where the organization exists.</param>
+    /// <param name="accessToken">The access token used for authentication.</param>
+    /// <param name="organizationId">The ID of the organization to delete.</param>
+    /// <param name="cancellationToken">Optional cancellation token.</param>
+    /// <returns>
+    /// A <see cref="KcResponse{T}"/> indicating the result of the operation.
+    /// </returns>
+    /// <exception cref="KcException">Thrown if any required parameter is null, empty, or invalid.</exception>
+    Task<KcResponse<object>> DeleteAsync(
+        string realm,
+        string accessToken,
+        string organizationId,
+        CancellationToken cancellationToken = default);
+
+    /// <summary>
+    /// Retrieves a specific organization by its ID from a specified Keycloak realm.
+    ///
+    /// GET /{realm}/organizations/{organizationId}
+    /// </summary>
+    /// <param name="realm">The Keycloak realm to query.</param>
+    /// <param name="accessToken">The access token used for authentication.</param>
+    /// <param name="organizationId">The ID of the organization to retrieve.</param>
+    /// <param name="cancellationToken">Optional cancellation token.</param>
+    /// <returns>
+    /// A <see cref="KcResponse{T}"/> containing the <see cref="KcOrganization"/> details.
+    /// </returns>
+    /// <exception cref="KcException">Thrown if any required parameter is null, empty, or invalid.</exception>
+    Task<KcResponse<KcOrganization>> GetAsync(
+        string realm,
+        string accessToken,
+        string organizationId,
+        CancellationToken cancellationToken = default);
+
+    /// <summary>
+    /// Retrieves a list of organizations from a specified Keycloak realm, optionally filtered by criteria.
+    ///
+    /// GET /{realm}/organizations
+    /// </summary>
+    /// <param name="realm">The Keycloak realm from which organizations will be listed.</param>
+    /// <param name="accessToken">The access token used for authentication.</param>
+    /// <param name="filter">Optional filter criteria.</param>
+    /// <param name="cancellationToken">Optional cancellation token.</param>
+    /// <returns>
+    /// A <see cref="KcResponse{T}"/> containing an enumerable of <see cref="KcOrganization"/> objects.
+    /// </returns>
+    /// <exception cref="KcException">Thrown if any required parameter is null, empty, or invalid.</exception>
+    Task<KcResponse<IEnumerable<KcOrganization>>> ListAsync(
+        string realm,
+        string accessToken,
+        KcOrganizationFilter filter = null,
+        CancellationToken cancellationToken = default);
+
+    /// <summary>
+    /// Retrieves the count of organizations in a specified Keycloak realm, optionally filtered.
+    ///
+    /// GET /{realm}/organizations/count
+    /// </summary>
+    /// <param name="realm">The Keycloak realm to query.</param>
+    /// <param name="accessToken">The access token used for authentication.</param>
+    /// <param name="filter">Optional filter criteria.</param>
+    /// <param name="cancellationToken">Optional cancellation token.</param>
+    /// <returns>
+    /// A <see cref="KcResponse{T}"/> with the count of organizations.
+    /// </returns>
+    /// <exception cref="KcException">Thrown if any required parameter is null, empty, or invalid.</exception>
+    Task<KcResponse<long>> CountAsync(
+        string realm,
+        string accessToken,
+        KcOrganizationFilter filter = null,
+        CancellationToken cancellationToken = default);
+}
diff --git a/NETCore.Keycloak.Client/HttpClients/Abstraction/IKeycloakClient.cs b/NETCore.Keycloak.Client/HttpClients/Abstraction/IKeycloakClient.cs
index 70409ea..d5edde5 100644
--- a/NETCore.Keycloak.Client/HttpClients/Abstraction/IKeycloakClient.cs
+++ b/NETCore.Keycloak.Client/HttpClients/Abstraction/IKeycloakClient.cs
@@ -76,4 +76,9 @@ public interface IKeycloakClient
     /// See <see cref="IKcScopeMappings"/> for detailed operations.
     /// </summary>
     public IKcScopeMappings ScopeMappings { get; }
+
+    /// <summary>
+    /// Gets the organizations REST client for managing organizations.
+    /// </summary>
+    public IKcOrganizations Organizations { get; }
 }
diff --git a/NETCore.Keycloak.Client/HttpClients/Implementation/KcOrganizations.cs b/NETCore.Keycloak.Client/HttpClients/Implementation/KcOrganizations.cs
new file mode 100644
index 0000000..3bc7098
--- /dev/null
+++ b/NETCore.Keycloak.Client/HttpClients/Implementation/KcOrganizations.cs
@@ -0,0 +1,141 @@
+using Microsoft.Extensions.Logging;
+using NETCore.Keycloak.Client.HttpClients.Abstraction;
+using NETCore.Keycloak.Client.Models;
+using NETCore.Keycloak.Client.Models.Organizations;
+
+namespace NETCore.Keycloak.Client.HttpClients.Implementation;
+
+/// <inheritdoc cref="IKcOrganizations"/>
+internal sealed class KcOrganizations(string baseUrl,
+    ILogger logger) : KcHttpClientBase(logger, baseUrl), IKcOrganizations
+{
+    // Primary constructor on the class declaration is used; no explicit ctor body required.
+
+    /// <inheritdoc cref="IKcOrganizations.CreateAsync"/>
+    public Task<KcResponse<object>> CreateAsync(
+        string realm,
+        string accessToken,
+        KcOrganization organization,
+        CancellationToken cancellationToken = default)
+    {
+        ValidateAccess(realm, accessToken);
+        ValidateNotNull(nameof(organization), organization);
+
+        var url = $"{BaseUrl}/{realm}/organizations";
+        return ProcessRequestAsync<object>(
+            url,
+            HttpMethod.Post,
+            accessToken,
+            "Unable to create organization",
+            organization,
+            "application/json",
+            cancellationToken);
+    }
+
+    /// <inheritdoc cref="IKcOrganizations.UpdateAsync"/>
+    public Task<KcResponse<object>> UpdateAsync(
+        string realm,
+        string accessToken,
+        string organizationId,
+        KcOrganization organization,
+        CancellationToken cancellationToken = default)
+    {
+        ValidateAccess(realm, accessToken);
+        ValidateRequiredString(nameof(organizationId), organizationId);
+        ValidateNotNull(nameof(organization), organization);
+
+        var url = $"{BaseUrl}/{realm}/organizations/{organizationId}";
+        return ProcessRequestAsync<object>(
+            url,
+            HttpMethod.Put,
+            accessToken,
+            "Unable to update organization",
+            organization,
+            "application/json",
+            cancellationToken);
+    }
+
+    /// <inheritdoc cref="IKcOrganizations.DeleteAsync"/>
+    public Task<KcResponse<object>> DeleteAsync(
+        string realm,
+        string accessToken,
+        string organizationId,
+        CancellationToken cancellationToken = default)
+    {
+        ValidateAccess(realm, accessToken);
+        ValidateRequiredString(nameof(organizationId), organizationId);
+
+        var url = $"{BaseUrl}/{realm}/organizations/{organizationId}";
+        return ProcessRequestAsync<object>(
+            url,
+            HttpMethod.Delete,
+            accessToken,
+            "Unable to delete organization",
+            null,
+            "application/json",
+            cancellationToken);
+    }
+
+    /// <inheritdoc cref="IKcOrganizations.GetAsync"/>
+    public Task<KcResponse<KcOrganization>> GetAsync(
+        string realm,
+        string accessToken,
+        string organizationId,
+        CancellationToken cancellationToken = default)
+    {
+        ValidateAccess(realm, accessToken);
+        ValidateRequiredString(nameof(organizationId), organizationId);
+
+        var url = $"{BaseUrl}/{realm}/organizations/{organizationId}";
+        return ProcessRequestAsync<KcOrganization>(
+            url,
+            HttpMethod.Get,
+            accessToken,
+            "Unable to get organization",
+            null,
+            "application/json",
+            cancellationToken);
+    }
+
+    /// <inheritdoc cref="IKcOrganizations.ListAsync"/>
+    public Task<KcResponse<IEnumerable<KcOrganization>>> ListAsync(
+        string realm,
+        string accessToken,
+        KcOrganizationFilter filter = null,
+        CancellationToken cancellationToken = default)
+    {
+        ValidateAccess(realm, accessToken);
+        filter ??= new KcOrganizationFilter();
+
+        var url = $"{BaseUrl}/{realm}/organizations{filter.BuildQuery()}";
+        return ProcessRequestAsync<IEnumerable<KcOrganization>>(
+            url,
+            HttpMethod.Get,
+            accessToken,
+            "Unable to list organizations",
+            null,
+            "application/json",
+            cancellationToken);
+    }
+
+    /// <inheritdoc cref="IKcOrganizations.CountAsync"/>
+    public Task<KcResponse<long>> CountAsync(
+        string realm,
+        string accessToken,
+        KcOrganizationFilter filter = null,
+        CancellationToken cancellationToken = default)
+    {
+        ValidateAccess(realm, accessToken);
+        filter ??= new KcOrganizationFilter();
+
+        var url = $"{BaseUrl}/{realm}/organizations/count{filter.BuildQuery()}";
+        return ProcessRequestAsync<long>(
+            url,
+            HttpMethod.Get,
+            accessToken,
+            "Unable to count organizations",
+            null,
+            "application/json",
+            cancellationToken);
+    }
+}
diff --git a/NETCore.Keycloak.Client/HttpClients/Implementation/KeycloakClient.cs b/NETCore.Keycloak.Client/HttpClients/Implementation/KeycloakClient.cs
index a62d077..d7d1ad8 100644
--- a/NETCore.Keycloak.Client/HttpClients/Implementation/KeycloakClient.cs
+++ b/NETCore.Keycloak.Client/HttpClients/Implementation/KeycloakClient.cs
@@ -44,6 +44,9 @@ public sealed class KeycloakClient : IKeycloakClient
     /// <inheritdoc cref="IKeycloakClient.ScopeMappings"/>
     public IKcScopeMappings ScopeMappings { get; }
 
+    /// <inheritdoc cref="IKeycloakClient.Organizations"/>
+    public IKcOrganizations Organizations { get; }
+
     /// <summary>
     /// Initializes a new instance of the <see cref="KeycloakClient"/> class.
     /// Provides access to various Keycloak API services through respective clients.
@@ -67,7 +70,7 @@ public KeycloakClient(string baseUrl, ILogger logger = null)
 
         // Remove the trailing slash from the base URL if it exists.
         baseUrl = baseUrl.EndsWith("/", StringComparison.Ordinal)
-            ? baseUrl.Remove(baseUrl.Length - 1, 1)
+            ? baseUrl[..^1]
             : baseUrl;
 
         // Define the admin API base URL for realm-specific administrative operations.
@@ -86,5 +89,6 @@ public KeycloakClient(string baseUrl, ILogger logger = null)
         ProtocolMappers = new KcProtocolMappers(adminUrl, logger);
         ScopeMappings = new KcScopeMappings(adminUrl, logger);
         RoleMappings = new KcRoleMappings(adminUrl, logger);
+        Organizations = new KcOrganizations(adminUrl, logger);
     }
 }
diff --git a/NETCore.Keycloak.Client/HttpClients/KcHttpClientBase.cs b/NETCore.Keycloak.Client/HttpClients/KcHttpClientBase.cs
index 2335ec5..ce24dc6 100644
--- a/NETCore.Keycloak.Client/HttpClients/KcHttpClientBase.cs
+++ b/NETCore.Keycloak.Client/HttpClients/KcHttpClientBase.cs
@@ -41,7 +41,7 @@ protected KcHttpClientBase(ILogger logger, string baseUrl)
 
         // Ensure the base URL does not end with a trailing slash.
         BaseUrl = baseUrl.EndsWith("/", StringComparison.Ordinal)
-            ? baseUrl.Remove(baseUrl.Length - 1, 1)
+            ? baseUrl[..^1]
             : baseUrl;
 
         Logger = logger;
diff --git a/NETCore.Keycloak.Client/Models/Organizations/KcOrganization.cs b/NETCore.Keycloak.Client/Models/Organizations/KcOrganization.cs
new file mode 100644
index 0000000..339dd82
--- /dev/null
+++ b/NETCore.Keycloak.Client/Models/Organizations/KcOrganization.cs
@@ -0,0 +1,83 @@
+using System.Text.Json.Serialization;
+
+namespace NETCore.Keycloak.Client.Models.Organizations;
+
+/// <summary>
+/// Represents an organization resource in Keycloak.
+/// <see href="https://www.keycloak.org/docs-api/latest/rest-api/index.html#OrganizationRepresentation"/>
+/// </summary>
+public sealed class KcOrganization
+{
+    /// <summary>
+    /// Gets or sets the organization id.
+    /// </summary>
+    /// <value>
+    /// A string representing the unique identifier of the organization.
+    /// </value>
+    [JsonPropertyName("id")]
+    public string Id { get; set; }
+
+    /// <summary>
+    /// Gets or sets the organization name.
+    /// </summary>
+    /// <value>
+    /// A string representing the display name of the organization.
+    /// </value>
+    [JsonPropertyName("name")]
+    public string Name { get; set; }
+
+    /// <summary>
+    /// Gets or sets the organization alias.
+    /// </summary>
+    /// <value>
+    /// A string representing an alternate identifier or alias for the organization.
+    /// </value>
+    [JsonPropertyName("alias")]
+    public string Alias { get; set; }
+
+    /// <summary>
+    /// Gets or sets a value indicating whether the organization is enabled.
+    /// </summary>
+    /// <value>
+    /// A nullable boolean that is true when the organization is enabled, false when disabled,
+    /// or null if the enabled state is not set.
+    /// </value>
+    [JsonPropertyName("enabled")]
+    public bool? Enabled { get; set; }
+
+    /// <summary>
+    /// Gets or sets the organization description.
+    /// </summary>
+    /// <value>
+    /// A string containing a human-readable description for the organization.
+    /// </value>
+    [JsonPropertyName("description")]
+    public string Description { get; set; }
+
+    /// <summary>
+    /// Gets or sets the redirect URL for the organization.
+    /// </summary>
+    /// <value>
+    /// A string representing the redirect URL associated with the organization (for example, after login or registration flows).
+    /// </value>
+    [JsonPropertyName("redirectUrl")]
+    public string RedirectUrl { get; set; }
+
+    /// <summary>
+    /// Custom attributes associated with the organization.
+    /// </summary>
+    /// <value>
+    /// A dictionary where the key is the attribute name and the value is a list of values for that attribute (Keycloak style).
+    /// </value>
+    [JsonPropertyName("attributes")]
+    public Dictionary<string, List<string>> Attributes { get; set; }
+
+    /// <summary>
+    /// Gets or sets the organization domains.
+    /// </summary>
+    /// <value>
+    /// A collection of <see cref="KcOrganizationDomain"/> representing domains associated with the organization.
+    /// </value>
+    [JsonPropertyName("domains")]
+    public ICollection<KcOrganizationDomain> Domains { get; set; } = [];
+}
diff --git a/NETCore.Keycloak.Client/Models/Organizations/KcOrganizationDomain.cs b/NETCore.Keycloak.Client/Models/Organizations/KcOrganizationDomain.cs
new file mode 100644
index 0000000..f4424e6
--- /dev/null
+++ b/NETCore.Keycloak.Client/Models/Organizations/KcOrganizationDomain.cs
@@ -0,0 +1,29 @@
+using System.Text.Json.Serialization;
+
+namespace NETCore.Keycloak.Client.Models.Organizations;
+
+/// <summary>
+/// Represents an organization domain in Keycloak.
+/// <see href="https://www.keycloak.org/docs-api/latest/rest-api/index.html#OrganizationDomainRepresentation"/>
+/// </summary>
+public sealed class KcOrganizationDomain
+{
+    /// <summary>
+    /// Gets or sets the domain name.
+    /// </summary>
+    /// <value>
+    /// A string representing the domain name (for example, "example.com").
+    /// </value>
+    [JsonPropertyName("name")]
+    public string Name { get; set; }
+
+    /// <summary>
+    /// Gets or sets a value indicating whether the domain is verified.
+    /// </summary>
+    /// <value>
+    /// A nullable boolean indicating whether the domain has been verified by Keycloak. 
+    /// True if verified; false if not; null if the verification state is unknown.
+    /// </value>
+    [JsonPropertyName("verified")]
+    public bool? Verified { get; set; }
+}
diff --git a/NETCore.Keycloak.Client/Models/Organizations/KcOrganizationFilter.cs b/NETCore.Keycloak.Client/Models/Organizations/KcOrganizationFilter.cs
new file mode 100644
index 0000000..81910a1
--- /dev/null
+++ b/NETCore.Keycloak.Client/Models/Organizations/KcOrganizationFilter.cs
@@ -0,0 +1,76 @@
+using System.Globalization;
+using System.Text;
+using NETCore.Keycloak.Client.Models.Common;
+using Newtonsoft.Json;
+
+namespace NETCore.Keycloak.Client.Models.Organizations;
+
+/// <summary>
+/// Represents a filter for querying Keycloak organizations.
+/// </summary>
+public sealed class KcOrganizationFilter : KcFilter
+{
+    /// <summary>
+    /// Gets or sets a query string for searching custom attributes, formatted as 'key1:value1 key2:value2'.
+    /// </summary>
+    /// <value>
+    /// A string representing the custom attribute search query.
+    /// </value>
+    [JsonProperty("q")]
+    public string Q { get; set; }
+
+    /// <summary>
+    /// Gets or sets a value indicating whether the query parameters must match exactly.
+    /// </summary>
+    /// <value>
+    /// <c>true</c> if the parameters must match exactly; otherwise, <c>false</c>.
+    /// </value>
+    [JsonProperty("exact")]
+    public bool? Exact { get; set; }
+
+    /// <summary>
+    /// Builds the query string based on the filter properties.
+    /// </summary>
+    /// <returns>
+    /// A string containing the query parameters to be appended to a URL.
+    /// </returns>
+    public new string BuildQuery()
+    {
+        var builder = new StringBuilder($"?max={Max}");
+
+        // Include brief representation if specified
+        if ( BriefRepresentation != null )
+        {
+            _ = builder.Append(CultureInfo.CurrentCulture,
+                $"&briefRepresentation={BriefRepresentation.ToString().ToLower(CultureInfo.CurrentCulture)}");
+        }
+
+        // Include pagination offset if specified
+        if ( First != null )
+        {
+            _ = builder.Append(CultureInfo.CurrentCulture,
+                $"&first={string.Create(CultureInfo.CurrentCulture, $"{First}").ToLower(CultureInfo.CurrentCulture)}");
+        }
+
+        // Include custom attribute query if specified
+        if ( !string.IsNullOrWhiteSpace(Q) )
+        {
+            _ = builder.Append(CultureInfo.CurrentCulture, $"&q={Q}");
+        }
+
+        // Include general search query if specified
+        if ( !string.IsNullOrWhiteSpace(Search) )
+        {
+            _ = builder.Append(CultureInfo.CurrentCulture, $"&search={Search}");
+        }
+
+        // Include exact match filter if specified
+        if ( Exact != null )
+        {
+            _ = builder.Append(CultureInfo.CurrentCulture,
+                $"&exact={Exact.ToString().ToLower(CultureInfo.CurrentCulture)}");
+        }
+
+        return builder.ToString();
+    }
+}
diff --git a/NETCore.Keycloak.Client/NETCore.Keycloak.Client.csproj b/NETCore.Keycloak.Client/NETCore.Keycloak.Client.csproj
index 2cbe2e8..4a870bb 100644
--- a/NETCore.Keycloak.Client/NETCore.Keycloak.Client.csproj
+++ b/NETCore.Keycloak.Client/NETCore.Keycloak.Client.csproj
@@ -14,7 +14,7 @@
     <RepositoryType>git</RepositoryType>
     <PackageReadmeFile>README.md</PackageReadmeFile>
     <PackageProjectUrl>https://github.com/Black-Cockpit/NETCore.Keycloak</PackageProjectUrl>
-    <TargetFrameworks>net6.0;net7.0;net8.0</TargetFrameworks>
+    <TargetFrameworks>net8.0;net9.0;net10.0</TargetFrameworks>
     <LangVersion>latest</LangVersion>
     <ImplicitUsings>enable</ImplicitUsings>
     <Nullable>disable</Nullable>
@@ -24,21 +24,42 @@
     <GenerateDocumentationFile>true</GenerateDocumentationFile>
     <EnforceCodeStyleInBuild>true</EnforceCodeStyleInBuild>
     <AnalysisMode>All</AnalysisMode>
-    <NoWarn>$(NoWarn);CA1031, CA1054, CA1056, CA1865, CA1815, CA1711</NoWarn>
+    <NoWarn>$(NoWarn);CA1031, CA1054, CA1056, CA1865, CA1815, CA1711, CA1873, IDE0040</NoWarn>
   </PropertyGroup>
 
   <ItemGroup>
-    <PackageReference Include="Microsoft.AspNetCore.Authentication" Version="2.2.0"/>
-    <PackageReference Include="Microsoft.AspNetCore.Authentication.Abstractions" Version="2.2.0"/>
-    <PackageReference Include="Microsoft.AspNetCore.Authorization" Version="8.0.11"/>
-    <PackageReference Include="Microsoft.Extensions.DependencyInjection" Version="8.0.1"/>
-    <PackageReference Include="Microsoft.Extensions.DependencyInjection.Abstractions" Version="8.0.2"/>
-    <PackageReference Include="Newtonsoft.Json" Version="13.0.3"/>
-    <PackageReference Include="System.IdentityModel.Tokens.Jwt" Version="8.3.0"/>
-    <PackageReference Include="System.Text.Json" Version="8.0.5"/>
-    <PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="6.0.33"/>
-    <None Include="black_cockpit.png" Pack="true" PackagePath="\"/>
-    <None Include="LICENSE" Pack="true" PackagePath="\"/>
-    <None Include="README.md" Pack="true" PackagePath="\"/>
+
+    <PackageReference Include="Newtonsoft.Json" Version="13.0.4" />
+    <PackageReference Include="System.IdentityModel.Tokens.Jwt" Version="8.15.0" />
+
+    <None Include="black_cockpit.png" Pack="true" PackagePath="\" />
+    <None Include="README.md" Pack="true" PackagePath="\" />
   </ItemGroup>
+
+	<ItemGroup Condition="'$(TargetFramework)' == 'net8.0'">
+		<PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="8.0.22" />
+		<PackageReference Include="Microsoft.AspNetCore.Authorization" Version="8.0.22" />
+		<PackageReference Include="Microsoft.Extensions.DependencyInjection" Version="10.0.1" />
+		<PackageReference Include="Microsoft.Extensions.DependencyInjection.Abstractions" Version="10.0.1" />
+		<PackageReference Include="Microsoft.AspNetCore.Authentication" Version="2.3.9" />
+		<PackageReference Include="Microsoft.AspNetCore.Authentication.Abstractions" Version="2.3.9" />
+	</ItemGroup>
+
+	<ItemGroup Condition="'$(TargetFramework)' == 'net9.0'">
+		<PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="9.0.11" />
+		<PackageReference Include="Microsoft.AspNetCore.Authorization" Version="9.0.11" />
+		<PackageReference Include="Microsoft.Extensions.DependencyInjection" Version="10.0.1" />
+		<PackageReference Include="Microsoft.Extensions.DependencyInjection.Abstractions" Version="10.0.1" />
+		<PackageReference Include="Microsoft.AspNetCore.Authentication" Version="2.3.9" />
+		<PackageReference Include="Microsoft.AspNetCore.Authentication.Abstractions" Version="2.3.9" />
+	</ItemGroup>
+
+	<ItemGroup Condition="'$(TargetFramework)' == 'net10.0'">
+		<PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="10.0.1" />
+		<PackageReference Include="Microsoft.AspNetCore.Authorization" Version="10.0.1" />
+		<PackageReference Include="Microsoft.Extensions.DependencyInjection" Version="10.0.1" />
+		<PackageReference Include="Microsoft.Extensions.DependencyInjection.Abstractions" Version="10.0.1" />
+		<PackageReference Include="Microsoft.AspNetCore.Authentication" Version="2.3.9" />
+		<PackageReference Include="Microsoft.AspNetCore.Authentication.Abstractions" Version="2.3.9" />
+	</ItemGroup>
 </Project>