mirror/keycloak
1
0
Fork 0
mirror of https://github.com/keycloak/keycloak.git synced 2026-04-28 19:10:51 -05:00
Code Issues Packages Projects Releases Wiki Activity
29,788 Commits 33 Branches 304 Tags
ca617d971156ea3d457b6bbfacf3191030a003c5
Commit Graph

1493 Commits

Author SHA1 Message Date
Sebastian Łaskawiec 9597537bf3 Additional fields for the Welcome Resource (#44758) 
* Additional fields added to the Welcome Page

Signed-off-by: Sebastian Łaskawiec <sebastian.laskawiec@gmail.com>

* Updated the order of fields

Signed-off-by: Sebastian Łaskawiec <sebastian.laskawiec@gmail.com>

---------

Signed-off-by: Sebastian Łaskawiec <sebastian.laskawiec@gmail.com>
 2025-12-17 13:11:44 +01:00
Martin Kanis 012cefb654 The existence of an organization attribute called id is not validated 
Closes #44522

Signed-off-by: Martin Kanis <mkanis@redhat.com>
 2025-12-17 08:05:32 -03:00
Steven Hawkins 148d14816c fix: allowing settable connection request timeout (#44592) 
also defaulting to 5000

closes: #44500

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
 2025-12-16 16:35:01 +00:00
Palpable 94ee6d81fb [OID4VCI] Realign naming of attribute configuring algorithms for credential (#44765) 
Closes #44621


Signed-off-by: Vitalisn4 <ngamvitalisyuh@gmail.com>
Signed-off-by: mposolda <mposolda@gmail.com>
Signed-off-by: Ingrid Kamga <Ingrid.Kamga@adorsys.com>
Co-authored-by: Marek Posolda <mposolda@gmail.com>
Co-authored-by: Ingrid Kamga <Ingrid.Kamga@adorsys.com>
 2025-12-16 14:46:17 +01:00
Martin Bartoš 917fb86438 [docs] Remove paragraph about Quarkus OTel logging guide reference (#44911) 
Signed-off-by: Martin Bartoš <mabartos@redhat.com>
 2025-12-15 19:43:08 +01:00
Martin Bartoš 29fdcedbc8 [OTel] Introduce preview support for OpenTelemetry Logs (#41265) 
Closes #41264

Co-authored-by: Ryan Emerson <remerson@redhat.com

Signed-off-by: Martin Bartoš <mabartos@redhat.com>
 2025-12-15 10:50:30 +01:00
Václav Muzikář da6c4df5ec Support EDB 18 (#44856) 
* Support EDB 18

Closes #44494

Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>

* Update test-framework/db-edb/container/README.md

Co-authored-by: Steven Hawkins <shawkins@redhat.com>
Signed-off-by: Václav Muzikář <vaclav@muzikari.cz>

---------

Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>
Signed-off-by: Václav Muzikář <vaclav@muzikari.cz>
Co-authored-by: Steven Hawkins <shawkins@redhat.com>
 2025-12-15 07:36:26 +01:00
Ruchika Jha 26fe8dc7d8 Added validation for client session timeout post comparing the realm session timeouts 
Closes #41019

Signed-off-by: ruchikajha95 <Ruchika.Jha1@ibm.com>
Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>
 2025-12-11 13:58:04 +01:00
Giuseppe Graziano c0c4067bdd JWT Authorization Grant feature to preview 
Closes #44492

Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>
 2025-12-11 10:37:30 +01:00
Martin Bartoš 8def691053 [OTel] Provide general options for telemetry settings (#41705) 
* [OTel] Provide general options for telemetry settings

Closes #41263

Co-authored-by: Ryan Emerson <remerson@redhat.com>
Signed-off-by: Martin Bartoš <mabartos@redhat.com>

* Update docs/guides/observability/telemetry.adoc

Co-authored-by: Václav Muzikář <vaclav@muzikari.cz>
Signed-off-by: Martin Bartoš <mabartos@redhat.com>

* Provide release notes and deprecation note

Signed-off-by: Martin Bartoš <mabartos@redhat.com>

* Ignore link to the telemetry guide for now

Signed-off-by: Martin Bartoš <mabartos@redhat.com>

---------

Signed-off-by: Martin Bartoš <mabartos@redhat.com>
Co-authored-by: Ryan Emerson <remerson@redhat.com>
Co-authored-by: Václav Muzikář <vaclav@muzikari.cz>
 2025-12-10 12:03:46 +00:00
Christian Glasmachers 921b10ee80 Login failure cache: Evict entries after the configured failure reset time 
Closes #44801

Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>
Signed-off-by: Alexander Schwartz <alexander.schwartz@gmx.net>
Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
Co-authored-by: Christian Glasmachers <Christian.Glasmachers-extern@deutschebahn.com>
Co-authored-by: Alexander Schwartz <alexander.schwartz@ibm.com>
Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net>
Co-authored-by: Pedro Ruivo <pruivo@users.noreply.github.com>
 2025-12-10 11:20:19 +01:00
rmartinc c9686cc040 Documentation for JWT Authorization Grant 
Closes #44136

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2025-12-09 12:13:21 +01:00
vramik 5dbc91e028 Deprecate Fine-Grained Admin Permissions v1 
Closes #44121

Signed-off-by: vramik <vramik@redhat.com>
 2025-12-08 10:26:27 -03:00
Alexander Schwartz 2f81a2fb76 Updating and ordering the release notes 
Closes #44706

Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>
 2025-12-08 10:55:33 +01:00
alyneldc 56b08c02ed Add documentation warning about 0.0.0.0 binding in dev mode (#43522) 
Inform users that Keycloak binds to all network addresses (0.0.0.0) by default in development mode. Add warning in Getting Started guide and configuration documentation, and enhance HttpOptions description.

Closes #43522

Signed-off-by: Lopes De Carvalho Alyne <alynelopes298@gmail.com>
 2025-12-07 14:45:34 +00:00
Pascal Knüppel 46e5979b17 [OID4VCI] Handle key_attestation_required in metadata endpoint (#44471) 
fixes #43801


Signed-off-by: Pascal Knüppel <pascal.knueppel@governikus.de>
Signed-off-by: Pascal Knüppel <captain.p.goldfish@gmx.de>
Signed-off-by: Captain-P-Goldfish <captain.p.goldfish@gmx.de>
Co-authored-by: Ingrid Kamga <xingridkamga@gmail.com>
 2025-12-05 16:00:32 +01:00
Sebastian Schuster b5178a2bec Added section on recommended isolation level to db guides 
Closes #44611

Signed-off-by: Sebastian Schuster <sebastian.schuster@bosch.com>
Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>
Co-authored-by: Alexander Schwartz <alexander.schwartz@ibm.com>
 2025-12-05 14:48:31 +01:00
forkimenjeckayang 4dd68c0316 [OID4VCI] Conformance Test Fixes (#44439) 
closes #44659


Signed-off-by: forkimenjeckayang <forkimenjeckayang@gmail.com>
 2025-12-04 09:03:38 +01:00
Robin Meese a9c1bcc9bd Add zh_Hans translators to docs/translation.md (#44610) 
Signed-off-by: Robin Meese <39960884+robson90@users.noreply.github.com>

Closes #44609
 2025-12-02 20:50:22 +01:00
Sebastian Łaskawiec aa789dd023 Logout confirmation 
Signed-off-by: Sebastian Łaskawiec <sebastian.laskawiec@gmail.com>
 2025-11-28 14:24:32 +01:00
Hisanobu Okuda efa881d016 Add MariaDB to MySQL description and specify SQL to support UTF-8 
Closes #44548

Signed-off-by: Hisanobu Okuda <hisanobu.okuda@gmail.com>
Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>
Co-authored-by: Alexander Schwartz <alexander.schwartz@ibm.com>
 2025-11-28 11:03:11 +01:00
Pedro Ruivo 3ed15e740a Add new option to schedule user session expiration 
Closes #44068

Signed-off-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com>
Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>
Signed-off-by: Ryan Emerson <remerson@ibm.com>
Co-authored-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com>
Co-authored-by: Alexander Schwartz <alexander.schwartz@ibm.com>
Co-authored-by: Ryan Emerson <remerson@ibm.com>
 2025-11-27 23:01:32 +01:00
Alexis Rico b0b38176f0 Manage Organization Invites 
Closes #38809

Signed-off-by: Alexis Rico <sferadev@gmail.com>
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-11-27 10:28:52 +01:00
Alexander Schwartz 2210b1ed50 Avoid un-escaped strings in the login templates for HTML entities 
Closes #44296

Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>
 2025-11-26 07:55:35 -03:00
ruchikajha95 570ac40025 Promote MDC Logging Feature to Supported State 
Closes #41205

Signed-off-by: Ruchika Jha <ruchika@li-0551ffcc-341d-11b2-a85c-a28deda416be.ibm.com>
Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>
Co-authored-by: Ruchika Jha <ruchika@li-0551ffcc-341d-11b2-a85c-a28deda416be.ibm.com>
Co-authored-by: Alexander Schwartz <alexander.schwartz@ibm.com>
 2025-11-25 18:53:34 +00:00
Ryan Emerson ebd4a6936a Utilise community wording in downstream high-availability guides 
Closes #4428

Signed-off-by: Ryan Emerson <remerson@ibm.com>
Signed-off-by: Alexander Schwartz <alexander.schwartz@gmx.net>
Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net>
 2025-11-25 09:10:21 +00:00
Awambeng 8406cf34fb [OID4VCI]: Realm-Configurable Time-Claim Normalization (Randomize/Round) to Mitigate Correlation (#43834) 
Closes #43399


Signed-off-by: Awambeng <awambengrodrick@gmail.com>
 2025-11-24 11:07:07 +01:00
Sebastian Łaskawiec 081d8e5a01 Move Kubernetes IdP to preview 
Closes #42947

Signed-off-by: Sebastian Łaskawiec <sebastian.laskawiec@defenseunicorns.com>
Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>
Co-authored-by: Alexander Schwartz <alexander.schwartz@ibm.com>
 2025-11-22 12:56:09 +01:00
Stian Thorgersen 2a78bc67d7 Refactoring around federated client authenticator to better handling lookup of IdPs and clients. Also, introducing updates to documentation. (#44325) 
Closes #44253
Closes #42987
Closes #44063

Signed-off-by: stianst <stianst@gmail.com>
Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net>
 2025-11-22 12:53:22 +01:00
Alexander Schwartz bb971dc6fc Efficient row-count on PostgreSQL 
Closes #44057

Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>
 2025-11-21 12:28:09 +01:00
Martin Bartoš a71ceee8f1 [Docs] Warn users about printing headers in HTTP access logs (#44353) 
Closes #43156

Signed-off-by: Martin Bartoš <mabartos@redhat.com>
 2025-11-20 14:48:01 +01:00
ruchikajha95 dc62067cfe Detailed how to skip test while building keycloak 
Closes #44338

Signed-off-by: Ruchika Jha <ruchika@li-0551ffcc-341d-11b2-a85c-a28deda416be.ibm.com>
Signed-off-by: Alexander Schwartz <alexander.schwartz@gmx.net>
Co-authored-by: Ruchika Jha <ruchika@li-0551ffcc-341d-11b2-a85c-a28deda416be.ibm.com>
Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net>
 2025-11-20 11:29:56 +01:00
Pedro Ruivo 13ef89664c More accurate user session expiration logic 
Closes #44204

Signed-off-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com>
Co-authored-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com>
 2025-11-19 21:06:17 +01:00
Carlos Rodríguez Hernández 2a876c143f Add support for PostgreSQL 18 (#44288) 
Signed-off-by: Carlos Rodríguez Hernández <carlos.rodriguez-hernandez@broadcom.com>
 2025-11-19 11:39:36 +01:00
Alexander Schwartz 15a9a36569 Align formatting of referenced RFCs 
Closes #44246

Signed-off-by: Alexander Schwartz <alexander.schwartz@gmx.net>
Co-authored-by: Stian Thorgersen <stian@redhat.com>
 2025-11-17 21:30:13 +01:00
Alexander Schwartz 167249dd6c Updating the specifics around kubernetes service accounts 
Closes #44064

Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>
 2025-11-17 11:23:39 +01:00
AvivGuiser 3c8af6dec5 set auto-mount service account token to false in keycloak pods (#40605) 
closes #38843

Signed-off-by: AvivGuiser <avivguiser@gmail.com>
Co-authored-by: Steven Hawkins <shawkins@redhat.com>
 2025-11-14 15:41:39 +00:00
Ricardo Martin 20f9bb1570 Fix recaptcha links to the new docs.cloud.google.com site 
Closes #44187

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2025-11-14 09:37:54 +01:00
Stian Thorgersen a2c1055f8d Proposed import order (#43432) 
* Add importOrder to Spotless

Closes #43235

Signed-off-by: stianst <stianst@gmail.com>

* Re-order imports with Spotless

Signed-off-by: stianst <stianst@gmail.com>

---------

Signed-off-by: stianst <stianst@gmail.com>
 2025-11-14 09:34:49 +01:00
Chance Coleman b2317dabdc Add configurable HTTP retry mechanism for OCSP validation (#42535) 
Closes #42401


Signed-off-by: UnicornChance <chance@defenseunicorns.com>
Signed-off-by: Chance Coleman <139784371+chance-coleman@users.noreply.github.com>
 2025-11-13 13:21:13 +01:00
vramik 748b58bf64 Remove creation of default policy, resource and permission upon enabling authorization for a client 
Closes #43867

Signed-off-by: vramik <vramik@redhat.com>
 2025-11-13 09:14:56 -03:00
Sebastian Łaskawiec 3288f83dc9 Adding an integration test with Minikube for Kubernetes Service Account Federated Authenticator 
Closes #42983

Signed-off-by: Sebastian Łaskawiec <sebastian.laskawiec@defenseunicorns.com>
Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>
Co-authored-by: Alexander Schwartz <alexander.schwartz@ibm.com>
 2025-11-13 08:52:46 +01:00
Ricardo Martin de49500393 Client policy to enforce only downscoping in Token Exchange (#44030) 
Closes #43931

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2025-11-12 08:48:42 +01:00
Steven Hawkins ed9d6cc40a fix: adding the built system property to the README (#43850) 
* fix: adding the built system property to the README

closes: #43606

Signed-off-by: Steve Hawkins <shawkins@redhat.com>

* removing the doc / note about directly launching from the jar

Signed-off-by: Steve Hawkins <shawkins@redhat.com>

* Update docs/building.md

Co-authored-by: Václav Muzikář <vaclav@muzikari.cz>
Signed-off-by: Steven Hawkins <shawkins@redhat.com>

* removing one more reference to running the jar directly

Signed-off-by: Steve Hawkins <shawkins@redhat.com>

* Move a chapter in README

Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>

---------

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
Signed-off-by: Steven Hawkins <shawkins@redhat.com>
Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>
Co-authored-by: Václav Muzikář <vaclav@muzikari.cz>
Co-authored-by: Václav Muzikář <vmuzikar@redhat.com>
 2025-11-11 15:06:48 +01:00
Stian Thorgersen 36011008e8 Remove PostgreSQL 13.x support (#44103) 
Closes #42905

Signed-off-by: stianst <stianst@gmail.com>
 2025-11-11 09:35:27 +01:00
Martin Kanis 39e1e40be4 Document missing artifact dependency for UserStoragePrivateUtil 
Closes #43212

Signed-off-by: Martin Kanis <mkanis@redhat.com>
 2025-11-10 10:41:12 -03:00
Martin Bartoš 1f9694358f Ability to enable/disable feature via single property (#43542) 
* Ability to enable/disable feature via single property

Closes #43541

Signed-off-by: Martin Bartoš <mabartos@redhat.com>

* Provide support for specifying profile preview

Signed-off-by: Martin Bartoš <mabartos@redhat.com>

* Remove duplication check, use the new WildcardOptionUtil

Signed-off-by: Martin Bartoš <mabartos@redhat.com>

* Create quarkus specific single profile config resolver

Signed-off-by: Martin Bartoš <mabartos@redhat.com>

* Remove the feature profile capability for single feature option

Signed-off-by: Martin Bartoš <mabartos@redhat.com>

---------

Signed-off-by: Martin Bartoš <mabartos@redhat.com>
 2025-11-07 13:35:39 +01:00
Steven Hawkins 4a63fcffaf fix: considering source ordinality with spi options (#43805) 
closes: #43793

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
 2025-11-06 18:01:18 +01:00
Stian Thorgersen b278dbbb3d Allow identity provider configuration without defaults for user authentication (#43963) 
Closes #43552

Signed-off-by: stianst <stianst@gmail.com>
 2025-11-05 10:13:40 -03:00
KONSTANTINOS GEORGILAKIS 1c0d4616a5 hide scopes from scopes_supported in discovery endpoint 
Closes #10388

Signed-off-by: cgeorgilakis-grnet <cgeorgilakis@admin.grnet.gr>
Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>
Co-authored-by: Alexander Schwartz <alexander.schwartz@ibm.com>
 2025-11-03 16:26:12 +00:00