692 Commits

Author	SHA1	Message	Date
andymunro	0fc18c3a0b	Make links generic ... Closes #39469 Signed-off-by: AndyMunro <amunro@redhat.com>	2025-05-09 16:18:15 +02:00
andymunro	afe6d4d4a0	Fix callouts ... Closes #39590 Signed-off-by: AndyMunro <amunro@redhat.com>	2025-05-09 14:10:59 +00:00
Alexander Schwartz	a17f551eb2	Log out other sessions including offline sessions on password change ... Closes #38850 Signed-off-by: Alexander Schwartz <aschwart@redhat.com>	2025-05-06 14:04:13 +02:00
Daniel Höxtermann	46ed361278	Fix footer ftl snippet in documentation ... Closes #39442 Signed-off-by: Daniel Höxtermann <daniel@hxtm.dev>	2025-05-05 06:46:15 +00:00
Alexander Schwartz	f79408788d	Document how to configure Istio to allow for JGroups mTLS ... Closes #39065 Signed-off-by: Alexander Schwartz <aschwart@redhat.com> Signed-off-by: Alexander Schwartz <alexander.schwartz@gmx.net> Co-authored-by: Pedro Ruivo <pruivo@users.noreply.github.com>	2025-05-02 12:08:02 +00:00
Steven Hawkins	24910d9e1c	addresses slow import/export performance by limiting persistence context size (#37926) ... * fix: addresses slow import/export performance with more batching closes: #37991 Signed-off-by: Steve Hawkins <shawkins@redhat.com> * removing flush/detach manipulation Signed-off-by: Steve Hawkins <shawkins@redhat.com> * refining the doc note about using multiple files for larger user counts Signed-off-by: Steve Hawkins <shawkins@redhat.com> * adding doc note about useExistingSession method removal and expanding javadocs Signed-off-by: Steve Hawkins <shawkins@redhat.com> --------- Signed-off-by: Steve Hawkins <shawkins@redhat.com>	2025-04-29 18:57:45 -04:00
Steven Hawkins	08b5183784	fix: relaxes the admin root redirect check (#39095) ... * fix: relaxes the admin root redirect check also deprecates the usage of local_admin closes: #39085 Signed-off-by: Steve Hawkins <shawkins@redhat.com> * moving deprecation to 26.3 also changing the adminroot test to seem like it's coming from a proxy Signed-off-by: Steve Hawkins <shawkins@redhat.com> --------- Signed-off-by: Steve Hawkins <shawkins@redhat.com>	2025-04-29 11:09:51 -04:00
rmartinc	4730dbdd8d	Make recovery codes supported ... Closes #38994 Signed-off-by: rmartinc <rmartinc@redhat.com>	2025-04-29 10:25:46 +02:00
mposolda	e9283ee71d	Documentation for recovery codes (deprecation of password policy and required action config) ... closes #39245 Signed-off-by: mposolda <mposolda@gmail.com>	2025-04-29 09:29:38 +02:00
Pedro Ruivo	eafe08a73a	Create CacheEmbeddedConfigProvider ... Closes #38497 Signed-off-by: Pedro Ruivo <pruivo@redhat.com> Signed-off-by: Alexander Schwartz <aschwart@redhat.com> Co-authored-by: Alexander Schwartz <aschwart@redhat.com>	2025-04-28 13:00:53 +02:00
Steven Hawkins	837c2e25a2	fix: adding docs about h2 migration (#39159) ... * fix: adding docs about h2 migration closes: #39046 Signed-off-by: Steve Hawkins <shawkins@redhat.com> * Update docs/documentation/upgrading/topics/changes/changes-26_2_0.adoc Co-authored-by: Václav Muzikář <vaclav@muzikari.cz> Signed-off-by: Steven Hawkins <shawkins@redhat.com> * Update docs/documentation/upgrading/topics/migrate_db.adoc Co-authored-by: Martin Bartoš <mabartos@redhat.com> Signed-off-by: Steven Hawkins <shawkins@redhat.com> * Apply suggestions from code review Co-authored-by: Václav Muzikář <vaclav@muzikari.cz> Signed-off-by: Steven Hawkins <shawkins@redhat.com> --------- Signed-off-by: Steve Hawkins <shawkins@redhat.com> Signed-off-by: Steven Hawkins <shawkins@redhat.com> Co-authored-by: Václav Muzikář <vaclav@muzikari.cz> Co-authored-by: Martin Bartoš <mabartos@redhat.com>	2025-04-24 17:37:03 +02:00
Emmanuel Lécharny	a48469896e	Added a link to the ApacheDS doc for server side password hashing ... Closes #39136 Signed-off-by: Emmanuel Lécharny <elecharny@gmail.com>	2025-04-24 09:25:03 +00:00
Alexander Schwartz	050d3ccba4	Fix broken link for XOAUTH2 configuration ... Closes #39096 Signed-off-by: Alexander Schwartz <aschwart@redhat.com>	2025-04-23 08:47:40 +02:00
Emmanuel Lécharny	1dc97d5d4d	Update ldap.adoc with ApacheDS details ... Added some precision about ApacheDS password management. Closes #39136 Signed-off-by: Emmanuel Lécharny <elecharny@apache.org> Signed-off-by: Alexander Schwartz <alexander.schwartz@gmx.net> Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net>	2025-04-23 07:55:59 +02:00
Marek Posolda	f8a4a8da86	Unexpected AIA Cause Server Errors ... closes #37526 Signed-off-by: mposolda <mposolda@gmail.com>	2025-04-17 14:15:07 +00:00
Marek Posolda	025b2ba442	Introducing IdpLinkAction as AIA to replace client-initiated account linking (#38952) ... closes #37269 closes #35446 Signed-off-by: mposolda <mposolda@gmail.com> Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com> Signed-off-by: Marek Posolda <mposolda@gmail.com>	2025-04-17 13:20:05 +02:00
Alexander Schwartz	a312632468	Add new user event metrics to the release notes ... Closes #39027 Signed-off-by: Alexander Schwartz <aschwart@redhat.com>	2025-04-17 10:58:34 +02:00
Alexander Schwartz	2be2958b8e	Update release notes docs for removed remote store ... Closes #39028 Signed-off-by: Alexander Schwartz <aschwart@redhat.com>	2025-04-17 10:56:29 +02:00
Pedro Igor	1ba8fe16ac	Deprecate for removal Instagram Identity Broker (#38998) ... Closes #37967 Closes #36562 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2025-04-17 09:07:06 +02:00
andymunro	17e3bad7b2	Clarify upgrading language ... Closes #38956 Signed-off-by: AndyMunro <amunro@redhat.com> Signed-off-by: Alexander Schwartz <alexander.schwartz@gmx.net> Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net>	2025-04-16 20:32:03 +00:00
Martin Bartoš	60fb7a5fa7	Support asynchronous logging (#38094) ... Closes #38578 Closes #28851 Signed-off-by: Martin Bartoš <mabartos@redhat.com>	2025-04-16 15:08:15 +00:00
Michal Hajas	4dc4de7c12	Remove CACHE-EMBEDDED-REMOTE-STORE experimental feature ... Closes #34160 Signed-off-by: Michal Hajas <mhajas@redhat.com>	2025-04-16 12:01:55 +00:00
Martin Bartoš	e7c7dce5c7	[Docs] Broken link in ExternalLinksTest for importmap (#38969) ... Closes #38930 Signed-off-by: Martin Bartoš <mabartos@redhat.com>	2025-04-15 09:02:57 +00:00
Pedro Igor	288b6dae12	More information to docs ... Closes #38798 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2025-04-10 20:03:05 +02:00
Thomas Darimont	478e0b3264	Make sure that there is single audience allowed by default in JWT tokens sent to client authentication ... closes #38819 Signed-off-by: mposolda <mposolda@gmail.com> Co-authored-by: Thomas Darimont <thomas.darimont@googlemail.com> Co-authored-by: mposolda <mposolda@gmail.com>	2025-04-10 18:08:10 +02:00
Pedro Igor	ae88d7921f	Improvements to partial evaluation ... Closes #38732 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2025-04-09 18:15:28 +02:00
Pedro Igor	87430fc181	Add impersonate-members scope to group resource type ... Closes #38566 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2025-04-07 14:56:27 +00:00
vramik	6488890585	[FGAP:V2] remove configure scope from Client resource type ... Closes #38567 Signed-off-by: vramik <vramik@redhat.com>	2025-04-07 07:05:02 -03:00
Marek Posolda	f984644d07	Clarify in documentation that legacy token exchange requires FGAP:v1 (#38694) ... closes #38693 Signed-off-by: mposolda <mposolda@gmail.com> Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com> Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net> Signed-off-by: Marek Posolda <mposolda@gmail.com>	2025-04-07 08:27:56 +02:00
Alexander Schwartz	d69a530d5b	Check HTML head for redirects ... Closes #38655 Signed-off-by: Alexander Schwartz <aschwart@redhat.com>	2025-04-04 18:40:41 +02:00
Stefan Guilhen	c4c3e2eee6	Allow redirection to idp when user email matches any of the org domains ... Signed-off-by: Stefan Guilhen <sguilhen@redhat.com> Co-authored-by: Martin Panzer <martin.panzer@active-logistics.com> Closes #33804	2025-04-04 11:28:04 -03:00
Vlasta Ramik	18c8308bb4	[FGAP] Remove redundant sentense from fine grained admin permissions docs ... Closes #38677 Signed-off-by: vramik <vramik@redhat.com>	2025-04-04 09:41:17 +02:00
vramik	f076b99407	FGAP documentation ... Closes #37245 Signed-off-by: vramik <vramik@redhat.com>	2025-04-03 09:44:32 -03:00
Marek Posolda	6654e56a7c	Polish documentation for audience and client scopes (#38484) ... closes #19127 Signed-off-by: mposolda <mposolda@gmail.com> Co-authored-by: Bruno Oliveira da Silva <bruno@abstractj.com> Signed-off-by: Marek Posolda <mposolda@gmail.com>	2025-04-03 08:43:06 +02:00
rmartinc	a10c8119d4	Define a max expiration window for Signed JWT client authentication ... Closes #38576 Signed-off-by: rmartinc <rmartinc@redhat.com>	2025-04-02 18:32:54 +02:00
Alexander Schwartz	e7474646ee	Explicit target for cross-reference 2FA in server admin guide (#38573) ... Closes #38572 Signed-off-by: Alexander Schwartz <aschwart@redhat.com>	2025-04-01 13:29:30 +02:00
mposolda	cd4e5bc784	Release notes for oid4vci docs ... closes #38485 Signed-off-by: mposolda <mposolda@gmail.com>	2025-03-29 19:25:24 +01:00
Steven Hawkins	06e0885f46	fix: adds back reporting of non-ip client addresses (#37797) ... closes: #36843 Signed-off-by: Steve Hawkins <shawkins@redhat.com> # Conflicts: # services/src/main/java/org/keycloak/protocol/oidc/tokenexchange/AbstractTokenExchangeProvider.java # services/src/main/java/org/keycloak/protocol/oidc/tokenexchange/StandardTokenExchangeProvider.java	2025-03-27 19:33:20 +00:00
Stefan Guilhen	89d659ee36	Add section about support for federated members in the organization documentation ... Signed-off-by: Stefan Guilhen <sguilhen@redhat.com> Closes #38471	2025-03-27 08:03:35 -03:00
Ricardo Martin	a7e63837db	Recovery codes documentation (#38407) ... Closes #30702 Signed-off-by: rmartinc <rmartinc@redhat.com> Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>	2025-03-27 09:59:14 +01:00
Awambeng	27a7a301e7	Add documentation for configuring Keycloak as a VC issuer ... closes #38256 Signed-off-by: Awambeng Rodrick <awambengrodrick@gmail.com>	2025-03-26 20:50:43 +01:00
Marek Posolda	db23d8e665	Clarify that XOAUTH2 configuration with Microsoft Office365 is community contributed ... Closes #38376 Signed-off-by: mposolda <mposolda@gmail.com> Signed-off-by: Marek Posolda <mposolda@gmail.com> Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net> Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>	2025-03-26 15:54:38 +01:00
mposolda	11cb332964	Release notes updates for the community contributions related to core-clients areas ... closes #38374 Signed-off-by: mposolda <mposolda@gmail.com>	2025-03-24 12:49:52 +01:00
Laurids Møller Jepsen	8f7c1871a7	Add client OIDC configuration for setting the header type in access tokens. ... If this setting is On, the access token header type will be "at+jwt" in compliance with RFC 9068, see https://datatracker.ietf.org/doc/html/rfc9068#section-2.1. If the setting is Off, the access token header type will be "JWT". The setting is Off per default. Closes #36696 Signed-off-by: Laurids Møller Jepsen <laurids.jepsen@cryptomathic.com>	2025-03-24 10:35:41 +01:00
Sebastian Rose	4fb1c41155	Sending Mails via SMTP and XOAUTH2 authentication mechanism ... Closes #17432 Signed-off-by: Sebastian Rose <sebastian.rose@gmail.com>	2025-03-21 10:12:18 +01:00
Stian Thorgersen	a18948f731	Reorder items in release notes for 26.2 (#38290) ... Signed-off-by: stianst <stianst@gmail.com>	2025-03-20 11:52:53 +01:00
Alexander Schwartz	c9b88c6bf6	Finalizing release notes and documentation for initial rolling update ... Closes #38168 Signed-off-by: Alexander Schwartz <aschwart@redhat.com>	2025-03-19 21:34:09 +01:00
Alexander Schwartz	b5d8c46202	Fix links that have been moved ... Closes #38190 Signed-off-by: Alexander Schwartz <aschwart@redhat.com>	2025-03-18 13:36:41 +01:00
Takashi Norimatsu	eb2153379a	DPoP: Refresh token created with DPoP can be refreshed without proof ... closes #36475 Signed-off-by: Takashi Norimatsu <takashi.norimatsu.ws@hitachi.com>	2025-03-17 12:53:19 +01:00
andymunro	1f6f1571fd	update screens for new realm selector ... Closes #37083 Signed-off-by: AndyMunro <amunro@redhat.com>	2025-03-15 10:54:00 +01:00