mirror/keycloak
1
0
Fork 0
mirror of https://github.com/keycloak/keycloak.git synced 2026-02-06 07:19:01 -06:00
Code Issues Packages Projects Releases Wiki Activity
29,376 Commits 23 Branches 291 Tags
afd4d04dcf69c96e92a77a032e2ab8fbcaa705e8
Commit Graph

1412 Commits

Author SHA1 Message Date
Steven Hawkins
43ee41e8a8 fix: refining activation condition error handling (#43197) 
closes: #43096

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
 2025-10-15 11:44:39 +00:00
Alexander Schwartz
3b8bcd3f8a Use quoted values for boolean and number values in Operator examples 
Closes #43459

Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>
 2025-10-14 18:53:00 +02:00
Giuseppe Graziano
bda0e2a67c Invalidate sessions created with remember me when remember me is disabled for realm 
Closes #43328

Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>
 2025-10-14 15:00:41 +00:00
Steven Hawkins
700b86fad8 fix: refining https-protocols documentation (#43420) 
closes: #43164

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
 2025-10-14 08:01:08 -04:00
Steven Hawkins
f66359ce19 fix: updating service account docs 
closes: #17268

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
Signed-off-by: Steven Hawkins <shawkins@redhat.com>
Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net>
 2025-10-14 11:02:20 +02:00
rmartinc
248d6d1feb Upgrade xmlsec to 3.0.4 and remove KeycloakFipsSecurityProvider workaround 
Closes #43263

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2025-10-13 15:38:58 +02:00
Robin Meese
ca368706cc Update translation.md docs (#43402) 
Signed-off-by: Robin Meese <39960884+robson90@users.noreply.github.com>
 2025-10-13 13:26:23 +02:00
Alexander Schwartz
934ac48a54 Rework formatting for release notes 
Closes #43320

Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>
 2025-10-10 07:42:53 -03:00
mposolda
c2e49c8c59 'Service accounts roles' should be 'Service account roles' 
closes #43087

Signed-off-by: mposolda <mposolda@gmail.com>
 2025-10-10 11:25:37 +02:00
Pedro Ruivo
48f1978531 Update docs to include PostgreSQL SSL certificate 
Closes #43311

Signed-off-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com>
Co-authored-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com>
 2025-10-09 15:02:53 +02:00
Alexander Schwartz
94d428d450 Adding attributes for section links so they work in upstream and downstream 
Closes #43286

Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>
 2025-10-08 11:37:13 -03:00
rmartinc
94a4e062f7 Add a debug statement when the KeycloakFipsSecurityProvider is created 
Closes #43015

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2025-10-07 16:59:22 +02:00
Martin Kanis
a493213ad4 Hide read-only email attribute in update profile context with update … …email enabled (#43024) 
* Hide read-only email attribute in update profile context with update email enabled

Closes #42990

Signed-off-by: Martin Kanis <mkanis@redhat.com>

* Simplifying conditions when checking read/write on email attribute and more tests

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>

---------

Signed-off-by: Martin Kanis <mkanis@redhat.com>
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-10-07 12:52:55 +02:00
Steven Hawkins
7bfc33fd5f fix: auto-defaulting log console color (#42669) 
closes: #42445

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
Co-authored-by: Martin Bartoš <mabartos@redhat.com>
 2025-10-06 17:14:30 +00:00
Ryan Emerson
5cb0562fd2 Prevent users configuring max-count=-1 for caches with a default upper-bound 
Closes #33146

Signed-off-by: Ryan Emerson <remerson@ibm.com>
 2025-10-02 19:58:28 +00:00
Pedro Ruivo
c1f108297e Update Grafana dashboard version 
Closes #43148

Signed-off-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com>
Co-authored-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com>
 2025-10-02 10:18:35 +02:00
Martin Bartoš
70a9a600de ExternalLinksTest is broken due to missing path parameters 
Closes #43082

Signed-off-by: Martin Bartoš <mabartos@redhat.com>
Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>
Co-authored-by: Alexander Schwartz <alexander.schwartz@ibm.com>
 2025-10-02 10:15:58 +02:00
Alexander Schwartz
6b615650ec Moving section to the correct place 
Closes #43104

Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>
 2025-10-01 09:53:04 +02:00
Václav Muzikář
367fbdb78f Remove a link to Docker web from the docs 
Closes #43072

Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>
 2025-09-30 11:35:15 +00:00
Alexander Schwartz
37c808bd11 Reorder the release notes (#43026) 
* Reorder the release notes

Closes #42994

Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>

* Update docs/documentation/release_notes/topics/26_4_0.adoc

Co-authored-by: Stian Thorgersen <stian@redhat.com>
Signed-off-by: Alexander Schwartz <alexander.schwartz@gmx.net>

* Update docs/documentation/release_notes/topics/26_4_0.adoc

Co-authored-by: Stian Thorgersen <stian@redhat.com>
Signed-off-by: Alexander Schwartz <alexander.schwartz@gmx.net>

* Review

Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>

* Review

Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>

* Review

Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>

* Review

Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>

* Review

Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>

* Review

Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>

---------

Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>
Signed-off-by: Alexander Schwartz <alexander.schwartz@gmx.net>
Co-authored-by: Stian Thorgersen <stian@redhat.com>
 2025-09-30 06:47:55 +00:00
Pedro Igor
a3db07a8f5 Re-adding max age setting to the update email action (#43036) 
Closes #43035

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-09-30 05:31:23 +02:00
Alexander Schwartz
7bcf08fa31 Adding AWS reference to the documentation 
Closes #43032

Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>
 2025-09-29 22:28:53 +02:00
Vít Zikmund
896f147075 docs: Use BASH TCP redirect for HEALTHCHECK (#38131) 
* docs: Use BASH TCP redirect for HEALTHCHECK

Add a BASH script to perform an in-container healtcheck.

For the curious, here's how this works:

1. For the code within braces, a TCP connection is made to the keycloak's management port and a successful connection is redirected in the read-write fashion to the descriptor 0 (stdin).
   - When bash fails to connect (TCP RST), it ends up with an error right away.
   - When the connection is hanging (no reply till TCP retry timeout, usually about 1 minute), it just hangs, virtually being a subject to the HEALTHCHECK's timeout (which should be definitely smaller than the usual TCP retry timeout).
2. Then a simple hand-crafted HTTP HEAD request is sent to the socket using printf. This is supposed to always succeed, unless the send buffer of the socket is set ridiculously small on the target OS. In the other case it will just hang again, not being able to push all the bytes through, until that eventually happens or times out.
3. Next, the eventual response is being checked with grep to be the successful one. Only at this time it's return code (and the final) is 0.
   - When no response comes, it's hanging forever and is subject to timeout.
   - When a 503 response comes, grep doesn't match anything and returns 1.

Closes: #38126

Signed-off-by: Vit Zikmund <vit.zikmund@themama.ai>

* expanding bash healthcheck for scenarios that enable http health checks

Signed-off-by: Steve Hawkins <shawkins@redhat.com>

* Update docs/guides/observability/health.adoc

Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net>
Signed-off-by: Steven Hawkins <shawkins@redhat.com>

* Update docs/guides/observability/health.adoc

Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net>
Signed-off-by: Steven Hawkins <shawkins@redhat.com>

* Update docs/guides/observability/health.adoc

Signed-off-by: Steven Hawkins <shawkins@redhat.com>

---------

Signed-off-by: Vit Zikmund <vit.zikmund@themama.ai>
Signed-off-by: Steve Hawkins <shawkins@redhat.com>
Signed-off-by: Steven Hawkins <shawkins@redhat.com>
Co-authored-by: Steve Hawkins <shawkins@redhat.com>
Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net>
 2025-09-29 18:04:02 +02:00
Pedro Ruivo
53007546ad Deprecate AuthenticatedClientSessionModel timestamp 
Closes #42815

Signed-off-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com>
Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>
Co-authored-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com>
Co-authored-by: Alexander Schwartz <alexander.schwartz@ibm.com>
 2025-09-29 14:16:39 +00:00
rmartinc
a44758d4ae Upgrade bc-fips testing and documentation to 2.1.2 
Closes #42958

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2025-09-29 09:04:43 +02:00
Takashi Norimatsu
1649f8c847 Follow-up: FAPI 2.0 Message Signing final version support - updating the link to the final spec 
closes #42499

Signed-off-by: Takashi Norimatsu <takashi.norimatsu.ws@hitachi.com>
 2025-09-29 08:52:27 +02:00
Stian Thorgersen
dbd516f8e6 Refactor SimpleHttp to make it injectable and usable outside server (#42936) 
Closes #42902

Signed-off-by: stianst <stianst@gmail.com>
 2025-09-29 08:37:05 +02:00
Václav Muzikář
97ab82e483 Mark Azure SQL as supported (#42985) 
Closes #42743

Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>
 2025-09-29 08:31:08 +02:00
Martin Bartoš
f53e5ebdac [Docs] Additional datasources support (#42655) 
* [Docs] Additional datasources support

Closes #40388

Closes #42263

Co-authored-by: Václav Muzikář <vaclav@muzikari.cz>
Signed-off-by: Martin Bartoš <mabartos@redhat.com>

* Rename namedKey to wildcardKey in the code

Signed-off-by: Martin Bartoš <mabartos@redhat.com>

* Clarify the defaults for DB kind

Signed-off-by: Martin Bartoš <mabartos@redhat.com>

* Be more clear about the Named key reference in guide

Signed-off-by: Martin Bartoš <mabartos@redhat.com>

* Vasek's review

Signed-off-by: Martin Bartoš <mabartos@redhat.com>

---------

Signed-off-by: Martin Bartoš <mabartos@redhat.com>
Co-authored-by: Václav Muzikář <vaclav@muzikari.cz>
 2025-09-27 08:45:12 +00:00
Václav Muzikář
b65a60e40d Support for EDB 17 (#42341) 
Closes #42742
Closes #42293

Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>
 2025-09-26 16:04:47 +02:00
Pedro Ruivo
746a8211ff Update documentation to prefer CacheCR in multi-site 
Closes #42980

Signed-off-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com>
Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>
Co-authored-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com>
Co-authored-by: Alexander Schwartz <alexander.schwartz@ibm.com>
 2025-09-26 11:06:28 +00:00
Pedro Ruivo
56c1823082 Document Caffeine cache metrics 
Closes #42705

Signed-off-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com>
Co-authored-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com>
 2025-09-25 12:55:31 +02:00
Vinod Anandan
f001b9dde1 Trigger Build. 
Signed-off-by: Vinod Anandan <vinod@owasp.org>
 2025-09-25 10:14:15 +02:00
mposolda
389314a65e Typo in the latest documentation 
closes #42918

Signed-off-by: mposolda <mposolda@gmail.com>
 2025-09-24 17:23:52 +02:00
rmartinc
1d28c0cd35 Expose system-info information in the serverinfo endpoint only for users in the admin realm 
Closes #42828

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2025-09-24 17:21:57 +02:00
Pedro Igor
73ee2cb3e2 Update upgrade guide about changes in how the parameter is propagated to OPs 
Closes #42139

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-09-24 09:03:04 -03:00
Alexander Schwartz
b95cb0c276 Adding explicit anchor for downstream docs 
Closes #42868

Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>
 2025-09-24 11:21:08 +02:00
Robin Meese
e0d35e7589 Add Greek translators and admin-ui properties file 
Closes: #42862

Signed-off-by: Robin Meese <39960884+robson90@users.noreply.github.com>
 2025-09-24 10:26:02 +02:00
Marek Posolda
e09ce9e18d Documentation update for DPoP (#42865) 
closes #42728


Signed-off-by: mposolda <mposolda@gmail.com>
Signed-off-by: Marek Posolda <mposolda@gmail.com>
Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
 2025-09-24 10:00:23 +02:00
Pedro Igor
54d2451b35 Make user read-only and a proper error message when the user federation provider is not available 
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-09-24 04:03:13 -03:00
rmartinc
c05b84a0d2 Ignore external links to https://www.npmjs.com/package 
Closes #42856

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2025-09-23 12:36:46 +02:00
Alexander Schwartz
a9ed355bfc Adding missing time column to index 
Closes #42792

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2025-09-23 07:33:08 -03:00
vramik
23043b40b4 Fix reset-password scope documentation and upgrading guide 
Closes #42790

Signed-off-by: vramik <vramik@redhat.com>
 2025-09-23 07:31:35 -03:00
Ryan Emerson
93ede306f5 Refine high-availability guide wording 
Closes #42869

Signed-off-by: Ryan Emerson <remerson@ibm.com>
Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>
Co-authored-by: Alexander Schwartz <alexander.schwartz@ibm.com>
 2025-09-23 10:14:49 +00:00
rmartinc
2015e08e38 Move DPoP option to the capability section in the admin UI 
Closes #42746

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2025-09-22 17:27:48 +02:00
Pedro Ruivo
47f85631f3 Automatically create external caches for MULTI_SITE deployments 
Closes #32129

Signed-off-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com>
Co-authored-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com>
 2025-09-19 18:56:38 +02:00
Ryan Emerson
bda79de605 Update docs to reflect that Operator ClusterRoleBinding contains hardcoded namespace 
- Added missing labels to Operator roles

Closes #42678

Signed-off-by: Ryan Emerson <remerson@ibm.com>
 2025-09-19 17:27:26 +02:00
Pedro Ruivo
f9ec39bc5f Update tested load numbers 
Closes #42757

Signed-off-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com>
Signed-off-by: Pedro Ruivo <pruivo@users.noreply.github.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com>
Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
 2025-09-19 15:42:17 +02:00
stianst
fb83a8ba09 Documentation for federated client authentication 
Closes #42721

Signed-off-by: stianst <stianst@gmail.com>
 2025-09-19 11:54:03 +01:00
Stian Thorgersen
3841fea16d Promote CLIENT_AUTH_FEDERATED and SPIFFE features to preview (#42753) 
Closes #42722

Signed-off-by: stianst <stianst@gmail.com>
Co-authored-by: Ryan Emerson <remerson@ibm.com>
 2025-09-19 09:46:37 +00:00