diff --git a/REFERENCE.md b/REFERENCE.md
index 9659d8c7..b25ffbc1 100644
--- a/REFERENCE.md
+++ b/REFERENCE.md
@@ -2408,7 +2408,9 @@ clientId
 
 ##### `client_secret`
 
-clientSecret
+clientSecret.
+Puppet has no way to check current value and will therefore emit a warning
+which can be suppressed by setting no_client_secret_warning to true
 
 ##### `default_scope`
 
@@ -2573,6 +2575,7 @@ The following parameters are available in the `keycloak_identity_provider` type.
 * [`alias`](#-keycloak_identity_provider--alias)
 * [`internal_id`](#-keycloak_identity_provider--internal_id)
 * [`name`](#-keycloak_identity_provider--name)
+* [`no_client_secret_warning`](#-keycloak_identity_provider--no_client_secret_warning)
 * [`provider`](#-keycloak_identity_provider--provider)
 * [`provider_id`](#-keycloak_identity_provider--provider_id)
 * [`realm`](#-keycloak_identity_provider--realm)
@@ -2591,6 +2594,14 @@ namevar
 
 The identity provider name
 
+##### <a name="-keycloak_identity_provider--no_client_secret_warning"></a>`no_client_secret_warning`
+
+Valid values: `true`, `false`, `yes`, `no`
+
+set this to true, to not display the puppet warning that we cannot ensure the client_secret
+
+Default value: `false`
+
 ##### <a name="-keycloak_identity_provider--provider"></a>`provider`
 
 The specific backend to use for this `keycloak_identity_provider` resource. You will seldom need to specify this ---
@@ -2856,7 +2867,9 @@ Default value: `1000`
 
 ##### `bind_credential`
 
-bindCredential
+bindCredential.
+Puppet has no way to check current value and will therefore emit a warning
+which can be suppressed by setting no_bind_credential_warning to true
 
 ##### `bind_dn`
 
@@ -3022,6 +3035,7 @@ The following parameters are available in the `keycloak_ldap_user_provider` type
 
 * [`id`](#-keycloak_ldap_user_provider--id)
 * [`name`](#-keycloak_ldap_user_provider--name)
+* [`no_bind_credential_warning`](#-keycloak_ldap_user_provider--no_bind_credential_warning)
 * [`provider`](#-keycloak_ldap_user_provider--provider)
 * [`realm`](#-keycloak_ldap_user_provider--realm)
 * [`resource_name`](#-keycloak_ldap_user_provider--resource_name)
@@ -3036,6 +3050,14 @@ namevar
 
 The LDAP user provider name
 
+##### <a name="-keycloak_ldap_user_provider--no_bind_credential_warning"></a>`no_bind_credential_warning`
+
+Valid values: `true`, `false`, `yes`, `no`
+
+set this to true, to not display the puppet warning that we cannot ensure the smtp_server_password
+
+Default value: `false`
+
 ##### <a name="-keycloak_ldap_user_provider--provider"></a>`provider`
 
 The specific backend to use for this `keycloak_ldap_user_provider` resource. You will seldom need to specify this ---
@@ -3487,7 +3509,9 @@ smtpServer host
 
 ##### `smtp_server_password`
 
-smtpServer password
+smtpServer password.
+Puppet has no way to check current value and will therefore emit a warning
+which can be suppressed by setting no_password_warning to true
 
 ##### `smtp_server_port`
 
@@ -3568,6 +3592,7 @@ The following parameters are available in the `keycloak_realm` type.
 * [`id`](#-keycloak_realm--id)
 * [`manage_roles`](#-keycloak_realm--manage_roles)
 * [`name`](#-keycloak_realm--name)
+* [`no_password_warning`](#-keycloak_realm--no_password_warning)
 * [`provider`](#-keycloak_realm--provider)
 
 ##### <a name="-keycloak_realm--id"></a>`id`
@@ -3588,6 +3613,14 @@ namevar
 
 The realm name
 
+##### <a name="-keycloak_realm--no_password_warning"></a>`no_password_warning`
+
+Valid values: `true`, `false`, `yes`, `no`
+
+set this to true, to not display the puppet warning that we cannot ensure the smtp_server_password
+
+Default value: `false`
+
 ##### <a name="-keycloak_realm--provider"></a>`provider`
 
 The specific backend to use for this `keycloak_realm` resource. You will seldom need to specify this --- Puppet will
diff --git a/lib/puppet/type/keycloak_identity_provider.rb b/lib/puppet/type/keycloak_identity_provider.rb
index 5277158a..c9608974 100644
--- a/lib/puppet/type/keycloak_identity_provider.rb
+++ b/lib/puppet/type/keycloak_identity_provider.rb
@@ -4,6 +4,9 @@
 require_relative '../../puppet_x/keycloak/array_property'
 require_relative '../../puppet_x/keycloak/integer_property'
 
+# needed for puppet >= 8
+require 'puppet/parameter/boolean'
+
 Puppet::Type.newtype(:keycloak_identity_provider) do
   desc <<-DESC
 Manage Keycloak identity providers
@@ -48,6 +51,11 @@
     desc 'realm'
   end
 
+  newparam(:no_client_secret_warning, boolean: true, parent: Puppet::Parameter::Boolean) do
+    desc 'set this to true, to not display the puppet warning that we cannot ensure the client_secret'
+    defaultto :false
+  end
+
   newproperty(:display_name) do
     desc 'displayName'
   end
@@ -149,11 +157,13 @@
   end
 
   newproperty(:client_secret) do
-    desc 'clientSecret'
+    desc "clientSecret.
+         Puppet has no way to check current value and will therefore emit a warning
+         which can be suppressed by setting no_client_secret_warning to true"
 
     def insync?(is)
       if is =~ %r{^\*+$}
-        Puppet.warning("Parameter 'client_secret' is set and Puppet has no way to check current value")
+        Puppet.warning("Parameter 'client_secret' is set and Puppet has no way to check current value") unless @resource[:no_client_secret_warning]
         true
       else
         false
diff --git a/lib/puppet/type/keycloak_ldap_user_provider.rb b/lib/puppet/type/keycloak_ldap_user_provider.rb
index a3966368..9b900c83 100644
--- a/lib/puppet/type/keycloak_ldap_user_provider.rb
+++ b/lib/puppet/type/keycloak_ldap_user_provider.rb
@@ -4,6 +4,9 @@
 require_relative '../../puppet_x/keycloak/array_property'
 require_relative '../../puppet_x/keycloak/integer_property'
 
+# needed for puppet >= 8
+require 'puppet/parameter/boolean'
+
 Puppet::Type.newtype(:keycloak_ldap_user_provider) do
   desc <<-DESC
 Manage Keycloak LDAP user providers
@@ -44,6 +47,11 @@
     desc 'parentId'
   end
 
+  newparam(:no_bind_credential_warning, boolean: true, parent: Puppet::Parameter::Boolean) do
+    desc 'set this to true, to not display the puppet warning that we cannot ensure the smtp_server_password'
+    defaultto :false
+  end
+
   newproperty(:enabled, boolean: true) do
     desc 'enabled'
     newvalues(:true, :false)
@@ -128,11 +136,13 @@
   end
 
   newproperty(:bind_credential) do
-    desc 'bindCredential'
+    desc "bindCredential.
+          Puppet has no way to check current value and will therefore emit a warning
+          which can be suppressed by setting no_bind_credential_warning to true"
 
     def insync?(is)
       if is =~ %r{^\*+$}
-        Puppet.warning("Parameter 'bind_credential' is set and Puppet has no way to check current value")
+        Puppet.warning("Parameter 'bind_credential' is set and Puppet has no way to check current value") unless @resource[:no_bind_credential_warning]
         true
       else
         false
diff --git a/lib/puppet/type/keycloak_realm.rb b/lib/puppet/type/keycloak_realm.rb
index edbe87c7..706b8836 100644
--- a/lib/puppet/type/keycloak_realm.rb
+++ b/lib/puppet/type/keycloak_realm.rb
@@ -4,6 +4,9 @@
 require_relative '../../puppet_x/keycloak/array_property'
 require_relative '../../puppet_x/keycloak/integer_property'
 
+# needed for puppet >= 8
+require 'puppet/parameter/boolean'
+
 Puppet::Type.newtype(:keycloak_realm) do
   desc <<-DESC
 Manage Keycloak realms
@@ -32,6 +35,11 @@
     end
   end
 
+  newparam(:no_password_warning, boolean: true, parent: Puppet::Parameter::Boolean) do
+    desc 'set this to true, to not display the puppet warning that we cannot ensure the smtp_server_password'
+    defaultto :false
+  end
+
   newproperty(:display_name) do
     desc 'displayName'
   end
@@ -274,11 +282,13 @@
   end
 
   newproperty(:smtp_server_password) do
-    desc 'smtpServer password'
+    desc "smtpServer password.
+          Puppet has no way to check current value and will therefore emit a warning
+          which can be suppressed by setting no_password_warning to true"
 
     def insync?(is)
       if is =~ %r{^\*+$}
-        Puppet.warning("Property 'smtp_server_password' is set and Puppet has no way to check current value")
+        Puppet.warning("Property 'smtp_server_password' is set and Puppet has no way to check current value") unless @resource[:no_password_warning]
         true
       else
         false
diff --git a/spec/unit/puppet/type/keycloak_identity_provider_spec.rb b/spec/unit/puppet/type/keycloak_identity_provider_spec.rb
index fc96bd4e..54a65935 100644
--- a/spec/unit/puppet/type/keycloak_identity_provider_spec.rb
+++ b/spec/unit/puppet/type/keycloak_identity_provider_spec.rb
@@ -156,6 +156,7 @@
   describe 'boolean properties' do
     # Test boolean properties
     [
+      :no_client_secret_warning,
       :enabled,
       :trust_email,
       :store_token,
diff --git a/spec/unit/puppet/type/keycloak_ldap_user_provider_spec.rb b/spec/unit/puppet/type/keycloak_ldap_user_provider_spec.rb
index 66ed428b..15a80e8d 100644
--- a/spec/unit/puppet/type/keycloak_ldap_user_provider_spec.rb
+++ b/spec/unit/puppet/type/keycloak_ldap_user_provider_spec.rb
@@ -257,6 +257,7 @@
   describe 'boolean properties' do
     # Test boolean properties
     [
+      :no_bind_credential_warning,
       :enabled,
       :import_enabled,
       :trust_email,
diff --git a/spec/unit/puppet/type/keycloak_realm_spec.rb b/spec/unit/puppet/type/keycloak_realm_spec.rb
index a7024920..1dfed80b 100644
--- a/spec/unit/puppet/type/keycloak_realm_spec.rb
+++ b/spec/unit/puppet/type/keycloak_realm_spec.rb
@@ -134,6 +134,7 @@
   describe 'boolean properties' do
     # Test boolean properties
     [
+      :no_password_warning,
       :user_managed_access_allowed,
       :remember_me,
       :registration_allowed,