mirror/keycloak
1
0
Fork 0
mirror of https://github.com/keycloak/keycloak.git synced 2026-01-04 13:59:54 -06:00
Code Issues Packages Projects Releases Wiki Activity
27,969 Commits 20 Branches 287 Tags
514b1b452b1bb418e7c6169934129dbd31bd87c7
Commit Graph

1145 Commits

Author SHA1 Message Date
sophie [⛧-440729]
d1ff1b186e add option to the nginx x509 client cert lookup provider to not url-decode the passed client cert 
Closes #17171 

Signed-off-by: ⛧-440729 [sophie] <sophie@999eagle.moe>
 2025-04-11 10:38:38 +02:00
Pedro Igor
288b6dae12 More information to docs 
Closes #38798

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-04-10 20:03:05 +02:00
Thomas Darimont
478e0b3264 Make sure that there is single audience allowed by default in JWT tokens sent to client authentication 
closes #38819

Signed-off-by: mposolda <mposolda@gmail.com>

Co-authored-by: Thomas Darimont <thomas.darimont@googlemail.com>
Co-authored-by: mposolda <mposolda@gmail.com>
 2025-04-10 18:08:10 +02:00
Peter Zaoral
6d6f9667c6 Document how Keycloak is upgraded when Operator is upgraded via OLM (#38297) 
Closes: #35901

Signed-off-by: Peter Zaoral <pzaoral@redhat.com>
 2025-04-10 13:56:42 +02:00
Pedro Igor
ae88d7921f Improvements to partial evaluation 
Closes #38732

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-04-09 18:15:28 +02:00
Robin Meese
c0df401ccf add janher to dutch translation maintainer 
Closes: #38792

Signed-off-by: Robin Meese <39960884+robson90@users.noreply.github.com>
 2025-04-09 18:08:19 +02:00
Falko Modler
770a575f95 Allow zero tracing-sampler-ratio 
Closes #38764

Signed-off-by: Falko Modler <famod@users.noreply.github.com>
 2025-04-09 11:57:03 +00:00
Alexander Schwartz
73ee966feb Sorting the chapters of the HA guide 
Closes #38721

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2025-04-08 07:23:53 -03:00
Alexander Schwartz
2ad776553a Adding a guide on how to enable and use exemplars 
Closes #38688

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2025-04-08 07:23:28 -03:00
Pedro Igor
87430fc181 Add impersonate-members scope to group resource type 
Closes #38566

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-04-07 14:56:27 +00:00
vramik
6488890585 [FGAP:V2] remove configure scope from Client resource type 
Closes #38567

Signed-off-by: vramik <vramik@redhat.com>
 2025-04-07 07:05:02 -03:00
Marek Posolda
f984644d07 Clarify in documentation that legacy token exchange requires FGAP:v1 (#38694) 
closes #38693

Signed-off-by: mposolda <mposolda@gmail.com>


Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net>
Signed-off-by: Marek Posolda <mposolda@gmail.com>
 2025-04-07 08:27:56 +02:00
Alexander Schwartz
38b543af19 Review comments to align with style guide 
Closes #38338

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2025-04-05 14:04:21 -03:00
Alexander Schwartz
d69a530d5b Check HTML head for redirects 
Closes #38655

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2025-04-04 18:40:41 +02:00
Stefan Guilhen
c4c3e2eee6 Allow redirection to idp when user email matches any of the org domains 
Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
Co-authored-by: Martin Panzer <martin.panzer@active-logistics.com>

Closes #33804
 2025-04-04 11:28:04 -03:00
Alexander Schwartz
b3b30a8620 Rework observability page titles and summaries 
Closes #38583

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2025-04-04 11:14:00 +02:00
Vlasta Ramik
18c8308bb4 [FGAP] Remove redundant sentense from fine grained admin permissions docs 
Closes #38677

Signed-off-by: vramik <vramik@redhat.com>
 2025-04-04 09:41:17 +02:00
vramik
f076b99407 FGAP documentation 
Closes #37245

Signed-off-by: vramik <vramik@redhat.com>
 2025-04-03 09:44:32 -03:00
Marek Posolda
6654e56a7c Polish documentation for audience and client scopes (#38484) 
closes #19127

Signed-off-by: mposolda <mposolda@gmail.com>


Co-authored-by: Bruno Oliveira da Silva <bruno@abstractj.com>
Signed-off-by: Marek Posolda <mposolda@gmail.com>
 2025-04-03 08:43:06 +02:00
rmartinc
a10c8119d4 Define a max expiration window for Signed JWT client authentication 
Closes #38576

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2025-04-02 18:32:54 +02:00
Alexander Schwartz
e7474646ee Explicit target for cross-reference 2FA in server admin guide (#38573) 
Closes #38572

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2025-04-01 13:29:30 +02:00
mposolda
cd4e5bc784 Release notes for oid4vci docs 
closes #38485

Signed-off-by: mposolda <mposolda@gmail.com>
 2025-03-29 19:25:24 +01:00
Steven Hawkins
06e0885f46 fix: adds back reporting of non-ip client addresses (#37797) 
closes: #36843

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
# Conflicts:
#	services/src/main/java/org/keycloak/protocol/oidc/tokenexchange/AbstractTokenExchangeProvider.java
#	services/src/main/java/org/keycloak/protocol/oidc/tokenexchange/StandardTokenExchangeProvider.java
 2025-03-27 19:33:20 +00:00
Akbar Husain
6d2de61b8e Fix some ascii doc warnings 
Closes #38479

Signed-off-by: akbarhusainpatel <apatel@intermiles.com>
Co-authored-by: akbarhusainpatel <apatel@intermiles.com>
 2025-03-27 19:42:18 +01:00
Peter Zaoral
1d6ef3c7a7 [Windows] Improve docs on handling quotes in PowerShell (#37468) 
Closes: #36697

Signed-off-by: Peter Zaoral <pzaoral@redhat.com>
 2025-03-27 17:00:15 +01:00
Stefan Guilhen
89d659ee36 Add section about support for federated members in the organization documentation 
Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>

Closes #38471
 2025-03-27 08:03:35 -03:00
Ricardo Martin
a7e63837db Recovery codes documentation (#38407) 
Closes #30702

Signed-off-by: rmartinc <rmartinc@redhat.com>


Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
 2025-03-27 09:59:14 +01:00
Awambeng
27a7a301e7 Add documentation for configuring Keycloak as a VC issuer 
closes #38256

Signed-off-by: Awambeng Rodrick <awambengrodrick@gmail.com>
 2025-03-26 20:50:43 +01:00
Marek Posolda
db23d8e665 Clarify that XOAUTH2 configuration with Microsoft Office365 is community contributed 
Closes #38376

Signed-off-by: mposolda <mposolda@gmail.com>
Signed-off-by: Marek Posolda <mposolda@gmail.com>
Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net>
Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
 2025-03-26 15:54:38 +01:00
juantoser
e180a00229 Comma removed 
The comma after “OpenID Connect” is not necessary. The phrase “OAuth2, OpenID Connect, and SAML compliant server” is listing three related terms, and the conjunction “and” already makes the separation clear.

Signed-off-by: juantoser <136793699+juantoser@users.noreply.github.com>
 2025-03-25 15:57:47 +01:00
mposolda
11cb332964 Release notes updates for the community contributions related to core-clients areas 
closes #38374

Signed-off-by: mposolda <mposolda@gmail.com>
 2025-03-24 12:49:52 +01:00
Laurids Møller Jepsen
8f7c1871a7 Add client OIDC configuration for setting the header type in access tokens. 
If this setting is On, the access token header type will be "at+jwt" in compliance with RFC 9068, see https://datatracker.ietf.org/doc/html/rfc9068#section-2.1. If the setting is Off, the access token header type will be "JWT". The setting is Off per default.

Closes #36696

Signed-off-by: Laurids Møller Jepsen <laurids.jepsen@cryptomathic.com>
 2025-03-24 10:35:41 +01:00
Robin Meese
4c094e12c3 Add Italian and Romanian language 
Closes: #38355

Signed-off-by: Robin Meese <39960884+robson90@users.noreply.github.com>
 2025-03-23 16:00:50 +01:00
Sebastian Rose
4fb1c41155 Sending Mails via SMTP and XOAUTH2 authentication mechanism 
Closes #17432

Signed-off-by: Sebastian Rose <sebastian.rose@gmail.com>
 2025-03-21 10:12:18 +01:00
Stian Thorgersen
a18948f731 Reorder items in release notes for 26.2 (#38290) 
Signed-off-by: stianst <stianst@gmail.com>
 2025-03-20 11:52:53 +01:00
Alexander Schwartz
c9b88c6bf6 Finalizing release notes and documentation for initial rolling update 
Closes #38168

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2025-03-19 21:34:09 +01:00
Alexander Schwartz
b5d8c46202 Fix links that have been moved 
Closes #38190

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2025-03-18 13:36:41 +01:00
Alexander Schwartz
7aa5130628 Validate single quotes in themes 
Closes #37930

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2025-03-17 15:18:02 +01:00
Alexander Schwartz
d4054032a6 Fix broken link to configuration for production 
Closes #38152

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2025-03-17 09:31:50 -03:00
Takashi Norimatsu
eb2153379a DPoP: Refresh token created with DPoP can be refreshed without proof 
closes #36475

Signed-off-by: Takashi Norimatsu <takashi.norimatsu.ws@hitachi.com>
 2025-03-17 12:53:19 +01:00
Pedro Ruivo
96a5b19110 Operator: Implement an explicit update strategy 
Closes #37416

Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
 2025-03-17 08:28:26 +01:00
andymunro
1f6f1571fd update screens for new realm selector 
Closes #37083

Signed-off-by: AndyMunro <amunro@redhat.com>
 2025-03-15 10:54:00 +01:00
Marek Posolda
290905c9cf Documentation for supported token-exchange (#38008) 
closes #37126

Signed-off-by: Marek Posolda <mposolda@gmail.com>


Co-authored-by: Bruno Oliveira da Silva <bruno@abstractj.com>
Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
 2025-03-14 09:55:44 +01:00
Steven Hawkins
d9c3511fa5 fix: adding a check if the proxy is trusted prior to using a cert header (#37465) 
closes: #35861

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
Signed-off-by: Steven Hawkins <shawkins@redhat.com>
 2025-03-12 11:21:33 +01:00
Mihir Vadalia
11a20a2eb3 Documentation for Optional Email Events 
Closes #37998

Signed-off-by: Mihir Vadalia <mihir@defensepoint.com>
Co-authored-by: Mihir Vadalia <mihir@defensepoint.com>
 2025-03-11 21:21:45 +01:00
Uche Nwachukwu
df9efdf590 Update themes-react.adoc (#37977) 
Spelling adjustment.

Signed-off-by: Uche Nwachukwu <nwachukwuuche@gmail.com>
 2025-03-10 22:33:04 +00:00
Stefan Guilhen
86b2a6a95c Fix docs to also mention roles 
Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>

Closes #28569

Signed-off-by: Jakob Overrein <jakob.overrein@basefarm-orange.com>
 2025-03-10 16:13:36 -03:00
Stefan Guilhen
d44ebfd4d1 Document the addition of the Relative User Creation DN 
Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
 2025-03-10 16:13:36 -03:00
Alexander Schwartz
151e019935 Make NetworkPolicy supported and enabled by default 
Closes #36036

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Signed-off-by: Alexander Schwartz <alexander.schwartz@gmx.net>
Co-authored-by: Pedro Ruivo <pruivo@users.noreply.github.com>
 2025-03-10 11:12:38 +01:00
Alexander Schwartz
b1785ce179 Quote a link that shouldn't be rendered as a link 
This should not be clickable.

Closes #37765

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2025-03-06 16:50:04 -03:00