mirror/keycloak
1
0
Fork 0
mirror of https://github.com/keycloak/keycloak.git synced 2026-05-08 08:01:18 -05:00
Code Issues Packages Projects Releases Wiki Activity

Automatic download and cache of the SAML client public keys (#41947)

Browse Source 
Closes #17028

Signed-off-by: rmartinc <rmartinc@redhat.com>
This commit is contained in:
Ricardo Martin
2025-09-16 13:07:33 +02:00
committed by GitHub
parent 3940f51cf0
commit a2acdda535
27 changed files with 815 additions and 184 deletions
Download Patch File Download Diff File Expand all files Collapse all files
docs/documentation/release_notes/topics/26_4_0.adoc
+5
View File
@@ -102,3 +102,8 @@ ifeval::[{project_community}==true]
Thank you to https://github.com/tnorimat[@tnorimat] for contributing this.
endif::[]
= Automatic certificate management for SAML clients
The SAML clients can now be configured to automatically download the signing and encrypting certificates from the SP entity metadata descriptor endpoint. In order to use this new feature, in the client *Settings* tab, section *Signature and Encryption*, configure the *Metadata descriptor URL* option (the URL where the SP metadata information with the certificates is published) and activate *Use metadata descriptor URL*. The certificates will be automatically downloaded and cached in the `public-key-storage` SPI from that URL.
For more information, see link:{adminguide_link}#_client-saml-configuration[Creating a SAML client] in the {adminguide_name}.