RepoMirrors/keycloak
1
0
Fork 0
mirror of https://github.com/keycloak/keycloak synced 2025-05-16 06:59:59 +00:00
Code Issues Actions 11 Packages Projects Releases Wiki Activity
28,053 Commits 19 Branches 259 Tags 813 MiB
1dc97d5d4d
Commit Graph

679 Commits

Author SHA1 Message Date
Emmanuel Lécharny
1dc97d5d4d
Update ldap.adoc with ApacheDS details 
Added some precision about ApacheDS password management.

Closes #39136

Signed-off-by: Emmanuel Lécharny <elecharny@apache.org>
Signed-off-by: Alexander Schwartz <alexander.schwartz@gmx.net>
Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net>
 2025-04-23 07:55:59 +02:00
Marek Posolda
f8a4a8da86
Unexpected AIA Cause Server Errors 
closes #37526

Signed-off-by: mposolda <mposolda@gmail.com>
 2025-04-17 14:15:07 +00:00
Marek Posolda
025b2ba442
Introducing IdpLinkAction as AIA to replace client-initiated account linking (#38952) 
closes #37269
closes #35446

Signed-off-by: mposolda <mposolda@gmail.com>


Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
Signed-off-by: Marek Posolda <mposolda@gmail.com>
 2025-04-17 13:20:05 +02:00
Alexander Schwartz
a312632468
Add new user event metrics to the release notes 
Closes #39027

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2025-04-17 10:58:34 +02:00
Alexander Schwartz
2be2958b8e
Update release notes docs for removed remote store 
Closes #39028

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2025-04-17 10:56:29 +02:00
Pedro Igor
1ba8fe16ac
Deprecate for removal Instagram Identity Broker (#38998) 
Closes #37967
Closes #36562

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-04-17 09:07:06 +02:00
andymunro
17e3bad7b2
Clarify upgrading language 
Closes #38956

Signed-off-by: AndyMunro <amunro@redhat.com>
Signed-off-by: Alexander Schwartz <alexander.schwartz@gmx.net>
Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net>
 2025-04-16 20:32:03 +00:00
Martin Bartoš
60fb7a5fa7
Support asynchronous logging (#38094) 
Closes #38578

Closes #28851

Signed-off-by: Martin Bartoš <mabartos@redhat.com>
 2025-04-16 15:08:15 +00:00
Michal Hajas
4dc4de7c12
Remove CACHE-EMBEDDED-REMOTE-STORE experimental feature 
Closes #34160

Signed-off-by: Michal Hajas <mhajas@redhat.com>
 2025-04-16 12:01:55 +00:00
Martin Bartoš
e7c7dce5c7
[Docs] Broken link in ExternalLinksTest for importmap (#38969) 
Closes #38930

Signed-off-by: Martin Bartoš <mabartos@redhat.com>
 2025-04-15 09:02:57 +00:00
Pedro Igor
288b6dae12
More information to docs 
Closes #38798

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-04-10 20:03:05 +02:00
Thomas Darimont
478e0b3264 Make sure that there is single audience allowed by default in JWT tokens sent to client authentication 
closes #38819

Signed-off-by: mposolda <mposolda@gmail.com>

Co-authored-by: Thomas Darimont <thomas.darimont@googlemail.com>
Co-authored-by: mposolda <mposolda@gmail.com>
 2025-04-10 18:08:10 +02:00
Pedro Igor
ae88d7921f
Improvements to partial evaluation 
Closes #38732

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-04-09 18:15:28 +02:00
Pedro Igor
87430fc181
Add impersonate-members scope to group resource type 
Closes #38566

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-04-07 14:56:27 +00:00
vramik
6488890585 [FGAP:V2] remove configure scope from Client resource type 
Closes #38567

Signed-off-by: vramik <vramik@redhat.com>
 2025-04-07 07:05:02 -03:00
Marek Posolda
f984644d07
Clarify in documentation that legacy token exchange requires FGAP:v1 (#38694) 
closes #38693

Signed-off-by: mposolda <mposolda@gmail.com>


Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net>
Signed-off-by: Marek Posolda <mposolda@gmail.com>
 2025-04-07 08:27:56 +02:00
Alexander Schwartz
d69a530d5b
Check HTML head for redirects 
Closes #38655

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2025-04-04 18:40:41 +02:00
Stefan Guilhen
c4c3e2eee6 Allow redirection to idp when user email matches any of the org domains
Some checks failed
Weblate Sync / Trigger Weblate to pull the latest changes (push) Has been cancelled
Details 
Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
Co-authored-by: Martin Panzer <martin.panzer@active-logistics.com>

Closes #33804
 2025-04-04 11:28:04 -03:00
Vlasta Ramik
18c8308bb4
[FGAP] Remove redundant sentense from fine grained admin permissions docs 
Closes #38677

Signed-off-by: vramik <vramik@redhat.com>
 2025-04-04 09:41:17 +02:00
vramik
f076b99407 FGAP documentation 
Closes #37245

Signed-off-by: vramik <vramik@redhat.com>
 2025-04-03 09:44:32 -03:00
Marek Posolda
6654e56a7c
Polish documentation for audience and client scopes (#38484) 
closes #19127

Signed-off-by: mposolda <mposolda@gmail.com>


Co-authored-by: Bruno Oliveira da Silva <bruno@abstractj.com>
Signed-off-by: Marek Posolda <mposolda@gmail.com>
 2025-04-03 08:43:06 +02:00
rmartinc
a10c8119d4 Define a max expiration window for Signed JWT client authentication 
Closes #38576

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2025-04-02 18:32:54 +02:00
Alexander Schwartz
e7474646ee
Explicit target for cross-reference 2FA in server admin guide (#38573) 
Closes #38572

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2025-04-01 13:29:30 +02:00
mposolda
cd4e5bc784 Release notes for oid4vci docs 
closes #38485

Signed-off-by: mposolda <mposolda@gmail.com>
 2025-03-29 19:25:24 +01:00
Steven Hawkins
06e0885f46
fix: adds back reporting of non-ip client addresses (#37797) 
closes: #36843

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
# Conflicts:
#	services/src/main/java/org/keycloak/protocol/oidc/tokenexchange/AbstractTokenExchangeProvider.java
#	services/src/main/java/org/keycloak/protocol/oidc/tokenexchange/StandardTokenExchangeProvider.java
 2025-03-27 19:33:20 +00:00
Stefan Guilhen
89d659ee36 Add section about support for federated members in the organization documentation 
Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>

Closes #38471
 2025-03-27 08:03:35 -03:00
Ricardo Martin
a7e63837db
Recovery codes documentation (#38407) 
Closes #30702

Signed-off-by: rmartinc <rmartinc@redhat.com>


Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
 2025-03-27 09:59:14 +01:00
Awambeng
27a7a301e7
Add documentation for configuring Keycloak as a VC issuer 
closes #38256

Signed-off-by: Awambeng Rodrick <awambengrodrick@gmail.com>
 2025-03-26 20:50:43 +01:00
Marek Posolda
db23d8e665
Clarify that XOAUTH2 configuration with Microsoft Office365 is community contributed 
Closes #38376

Signed-off-by: mposolda <mposolda@gmail.com>
Signed-off-by: Marek Posolda <mposolda@gmail.com>
Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net>
Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
 2025-03-26 15:54:38 +01:00
mposolda
11cb332964 Release notes updates for the community contributions related to core-clients areas 
closes #38374

Signed-off-by: mposolda <mposolda@gmail.com>
 2025-03-24 12:49:52 +01:00
Laurids Møller Jepsen
8f7c1871a7 Add client OIDC configuration for setting the header type in access tokens. 
If this setting is On, the access token header type will be "at+jwt" in compliance with RFC 9068, see https://datatracker.ietf.org/doc/html/rfc9068#section-2.1. If the setting is Off, the access token header type will be "JWT". The setting is Off per default.

Closes #36696

Signed-off-by: Laurids Møller Jepsen <laurids.jepsen@cryptomathic.com>
 2025-03-24 10:35:41 +01:00
Sebastian Rose
4fb1c41155 Sending Mails via SMTP and XOAUTH2 authentication mechanism 
Closes #17432

Signed-off-by: Sebastian Rose <sebastian.rose@gmail.com>
 2025-03-21 10:12:18 +01:00
Stian Thorgersen
a18948f731
Reorder items in release notes for 26.2 (#38290) 
Signed-off-by: stianst <stianst@gmail.com>
 2025-03-20 11:52:53 +01:00
Alexander Schwartz
c9b88c6bf6
Finalizing release notes and documentation for initial rolling update
Some checks are pending
Weblate Sync / Trigger Weblate to pull the latest changes (push) Waiting to run
Details 
Closes #38168

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2025-03-19 21:34:09 +01:00
Alexander Schwartz
b5d8c46202
Fix links that have been moved 
Closes #38190

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2025-03-18 13:36:41 +01:00
Takashi Norimatsu
eb2153379a
DPoP: Refresh token created with DPoP can be refreshed without proof 
closes #36475

Signed-off-by: Takashi Norimatsu <takashi.norimatsu.ws@hitachi.com>
 2025-03-17 12:53:19 +01:00
andymunro
1f6f1571fd
update screens for new realm selector 
Closes #37083

Signed-off-by: AndyMunro <amunro@redhat.com>
 2025-03-15 10:54:00 +01:00
Marek Posolda
290905c9cf
Documentation for supported token-exchange (#38008) 
closes #37126

Signed-off-by: Marek Posolda <mposolda@gmail.com>


Co-authored-by: Bruno Oliveira da Silva <bruno@abstractj.com>
Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
 2025-03-14 09:55:44 +01:00
Steven Hawkins
d9c3511fa5
fix: adding a check if the proxy is trusted prior to using a cert header (#37465) 
closes: #35861

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
Signed-off-by: Steven Hawkins <shawkins@redhat.com>
 2025-03-12 11:21:33 +01:00
Mihir Vadalia
11a20a2eb3
Documentation for Optional Email Events 
Closes #37998

Signed-off-by: Mihir Vadalia <mihir@defensepoint.com>
Co-authored-by: Mihir Vadalia <mihir@defensepoint.com>
 2025-03-11 21:21:45 +01:00
Uche Nwachukwu
df9efdf590
Update themes-react.adoc (#37977)
Some checks are pending
Weblate Sync / Trigger Weblate to pull the latest changes (push) Waiting to run
Details 
Spelling adjustment.

Signed-off-by: Uche Nwachukwu <nwachukwuuche@gmail.com>
 2025-03-10 22:33:04 +00:00
Stefan Guilhen
86b2a6a95c Fix docs to also mention roles 
Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>

Closes #28569

Signed-off-by: Jakob Overrein <jakob.overrein@basefarm-orange.com>
 2025-03-10 16:13:36 -03:00
Stefan Guilhen
d44ebfd4d1 Document the addition of the Relative User Creation DN 
Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
 2025-03-10 16:13:36 -03:00
Alexander Schwartz
151e019935
Make NetworkPolicy supported and enabled by default 
Closes #36036

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Signed-off-by: Alexander Schwartz <alexander.schwartz@gmx.net>
Co-authored-by: Pedro Ruivo <pruivo@users.noreply.github.com>
 2025-03-10 11:12:38 +01:00
Alexander Schwartz
b1785ce179
Quote a link that shouldn't be rendered as a link 
This should not be clickable.

Closes #37765

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2025-03-06 16:50:04 -03:00
Alexander Schwartz
bc7ec1208e
Enable the TLS based JGroups encryption by default and update the docs 
Closes #37696

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2025-03-03 10:50:51 -03:00
Giuseppe Graziano
690b5ecb25
Grant Type condition for client policies (#37665) 
Closes #37124

Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>
 2025-02-27 11:51:06 +01:00
Jon Koops
873e4ffb1f
Replace i18next backend with i18next-fetch-backend (#37633) 
Signed-off-by: Jon Koops <jonkoops@gmail.com>
 2025-02-26 08:36:12 -05:00
Martin Bartoš
6f0ed46404
Upgrade to Quarkus 3.19.0.CR1 (#37492) 
Closes #37436

Signed-off-by: Martin Bartoš <mabartos@redhat.com>
 2025-02-24 19:52:01 +01:00
Akbar Husain
9d3cfe0672
Remove X-XSS-Protection header (#36881) 
Closes #21728

Signed-off-by: akbarhusainpatel <apatel@intermiles.com>
 2025-02-19 08:42:26 +01:00