mirror/keycloak
1
0
Fork 0
mirror of https://github.com/keycloak/keycloak.git synced 2026-01-05 22:39:52 -06:00
Code Issues Packages Projects Releases Wiki Activity
29,369 Commits 18 Branches 287 Tags
cc6887feba299d80cb19abe7f9fbdc96dde8141e
Commit Graph

1423 Commits

Author SHA1 Message Date
Ryan Emerson
503637ab54 Utilise community wording in downstream high-availability guides (#44456) 
Closes #4428

Signed-off-by: Ryan Emerson <remerson@ibm.com>
Signed-off-by: Alexander Schwartz <alexander.schwartz@gmx.net>
Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net>
 2025-12-08 10:57:36 +01:00
Ricardo Martin
16ebf3e756 Move link changed for developer.mozilla.org (#44668) 
Closes #44661

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2025-12-08 10:43:13 +01:00
Martin Bartoš
4302296037 [Docs] Warn users about printing headers in HTTP access logs (#44353) (#44359) 
Closes #43156


(cherry picked from commit a71ceee8f1)

Signed-off-by: Martin Bartoš <mabartos@redhat.com>
 2025-11-26 11:24:34 +01:00
Pedro Igor
754c070cf8 [26.4] Only allow LDAP URL references when following referrals (#285) 
* Only allow LDAP URL references when following referrals

Closes #280

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>

* Updating docs

Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>

* Adjusting CI for slowness

Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>

* Update docs/documentation/release_notes/topics/26_4_6.adoc

Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>
Signed-off-by: Stian Thorgersen <stian@redhat.com>

---------

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>
Signed-off-by: Stian Thorgersen <stian@redhat.com>
Co-authored-by: Alexander Schwartz <alexander.schwartz@ibm.com>
Co-authored-by: Stian Thorgersen <stianst@gmail.com>
 2025-11-21 11:22:07 +01:00
Ricardo Martin
02803528d6 Fix recaptcha links to the new docs.cloud.google.com site 
Closes #44187


(cherry picked from commit 20f9bb1570)

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2025-11-14 12:03:37 +01:00
Pedro Igor
8aada2c8e2 Document missing artifact dependency for UserStoragePrivateUtil 
Closes #43212

Signed-off-by: Martin Kanis <mkanis@redhat.com>
Co-authored-by: Martin Kanis <mkanis@redhat.com>
 2025-11-11 13:46:51 +01:00
Steven Hawkins
5819ea2d32 fix: considering source ordinality with spi options (#43805) (#44019) 
closes: #43793


(cherry picked from commit 4a63fcffaf)

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
 2025-11-07 13:35:11 +01:00
Alexander Schwartz
d8055acb45 hide scopes from scopes_supported in discovery endpoint 
Closes #10388

Signed-off-by: cgeorgilakis-grnet <cgeorgilakis@admin.grnet.gr>
Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>
Co-authored-by: KONSTANTINOS GEORGILAKIS <55974447+cgeorgilakis@users.noreply.github.com>
 2025-11-04 14:42:35 -03:00
Tobi
0564876645 Add new indices on offline_client_session 
Closes #43566
Closes #43516

Signed-off-by: twobiers <22715034+twobiers@users.noreply.github.com>
Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>
Co-authored-by: Alexander Schwartz <alexander.schwartz@ibm.com>
 2025-11-03 16:07:05 -03:00
Martin Bartoš
013835ec53 ExternalLinksTest is broken due to missing path parameters 
Closes #43082

(cherry picked from commit 70a9a600de)

Signed-off-by: Martin Bartoš <mabartos@redhat.com>
Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>
Co-authored-by: Alexander Schwartz <alexander.schwartz@ibm.com>
 2025-11-03 13:00:41 +01:00
Alexander Schwartz
34b9ede377 Allow only normalized paths in requests (#43869) 
* Allow only normalized paths in requests

Closes #43763

Signed-off-by: Martin Bartoš <mabartos@redhat.com>
Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>
Co-authored-by: Martin Bartoš <mabartos@redhat.com>

* Remove the trailing slash for base url in the account and admin tests

Closes #43863

Signed-off-by: rmartinc <rmartinc@redhat.com>
# Conflicts:
#	js/apps/account-ui/test/account-security/linked-accounts.spec.ts

---------

Signed-off-by: Martin Bartoš <mabartos@redhat.com>
Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>
Signed-off-by: rmartinc <rmartinc@redhat.com>
Co-authored-by: Martin Bartoš <mabartos@redhat.com>
Co-authored-by: Ricardo Martin <rmartinc@redhat.com>
 2025-10-31 15:57:40 +01:00
Ryan Emerson
7b60e54e62 Document debug log settings required to show applied Infinispan configuration 
Closes #43655

Signed-off-by: Ryan Emerson <remerson@ibm.com>
 2025-10-29 16:01:53 +01:00
Pedro Igor
abd5cd292f Do not lower-case username and email if users are not imported from LDAP 
Closes #43621

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-10-26 17:37:44 +01:00
Pedro Igor
59b20d1d63 Allow managing realm admin roles if the the realm-admin role is granted 
Closes #43579
Closes #43578

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
Co-authored-by: Vlasta Ramik <vramik@users.noreply.github.com>
 2025-10-23 21:53:17 +02:00
Stian Thorgersen
84fd00c9f7 SPIFFE should support OIDC JWK endpoint (#43651) (#43656) 
Closes #43650


(cherry picked from commit f6ac64907d)

Signed-off-by: stianst <stianst@gmail.com>
 2025-10-23 08:08:31 +02:00
Alexander Schwartz
4ad4ce5d58 Adding this as a breaking change plus deprecation 
Closes #43022

Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>
 2025-10-21 14:55:31 -03:00
Alexander Schwartz
7c50d94f14 Make intra-document links work in downstream 
Closes #43544

Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>
 2025-10-21 08:16:40 -03:00
Martin Kanis
add43bd394 Final review and update for UPDATE_EMAIL documentation 
Closes #42991


(cherry picked from commit 3f70da04f6)

Signed-off-by: Martin Kanis <mkanis@redhat.com>
 2025-10-21 12:45:29 +02:00
Steven Hawkins
c0ba2599b1 fix: noting db support level changes (#43549) (#43608) 
closes: #43191


(cherry picked from commit 736d4920d7)

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
 2025-10-21 11:45:06 +02:00
Giuseppe Graziano
e5e4e804f3 Update changes.adoc to include changes-26_4_1.adoc 
Closes #43328

Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>
 2025-10-16 10:49:46 +02:00
Giuseppe Graziano
a340941007 Invalidate sessions created with remember me when remember me is disabled for realm 
Closes #43328


(cherry picked from commit bda0e2a67c)

Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>
 2025-10-15 19:08:05 +00:00
Steven Hawkins
f860491397 fix: refining activation condition error handling 
closes: #43096


(cherry picked from commit 43ee41e8a8)

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
 2025-10-15 13:31:20 +00:00
Alexander Schwartz
7f17393b52 Use quoted values for boolean and number values in Operator examples 
Closes #43459

Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>
 2025-10-14 13:28:28 -04:00
Steven Hawkins
329b22ad35 fix: refining https-protocols documentation (#43420) (#43462) 
closes: #43164
(cherry picked from commit 700b86fad8)

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
 2025-10-14 17:08:26 +00:00
Alexander Schwartz
fbf98c7834 Rework formatting for release notes 
Closes #43320

Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>
 2025-10-10 07:42:36 -03:00
Alexander Schwartz
2d829e3db1 Adding attributes for section links so they work in upstream and downstream 
Closes #43286

Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>
 2025-10-10 07:42:20 -03:00
Martin Kanis
c0150ddbe4 Hide read-only email attribute in update profile context with update … …email enabled (#43024) 
* Hide read-only email attribute in update profile context with update email enabled

Closes #42990

Signed-off-by: Martin Kanis <mkanis@redhat.com>

* Simplifying conditions when checking read/write on email attribute and more tests

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>

---------

Signed-off-by: Martin Kanis <mkanis@redhat.com>
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>
(cherry picked from commit a493213ad4)
 2025-10-07 09:33:31 -03:00
Pedro Ruivo
da88957df2 Update Grafana dashboard version 
Closes #43148

Signed-off-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com>
Co-authored-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com>
 2025-10-02 10:42:02 +02:00
Alexander Schwartz
771ef3e840 Moving section to the correct place 
Closes #43104

Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>
 2025-10-01 13:08:17 +02:00
Václav Muzikář
96c44ecf42 Remove a link to Docker web from the docs 
Closes #43072

Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>
 2025-09-30 11:35:36 +00:00
Alexander Schwartz
37c808bd11 Reorder the release notes (#43026) 
* Reorder the release notes

Closes #42994

Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>

* Update docs/documentation/release_notes/topics/26_4_0.adoc

Co-authored-by: Stian Thorgersen <stian@redhat.com>
Signed-off-by: Alexander Schwartz <alexander.schwartz@gmx.net>

* Update docs/documentation/release_notes/topics/26_4_0.adoc

Co-authored-by: Stian Thorgersen <stian@redhat.com>
Signed-off-by: Alexander Schwartz <alexander.schwartz@gmx.net>

* Review

Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>

* Review

Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>

* Review

Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>

* Review

Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>

* Review

Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>

* Review

Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>

---------

Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>
Signed-off-by: Alexander Schwartz <alexander.schwartz@gmx.net>
Co-authored-by: Stian Thorgersen <stian@redhat.com>
 2025-09-30 06:47:55 +00:00
Pedro Igor
a3db07a8f5 Re-adding max age setting to the update email action (#43036) 
Closes #43035

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-09-30 05:31:23 +02:00
Alexander Schwartz
7bcf08fa31 Adding AWS reference to the documentation 
Closes #43032

Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>
 2025-09-29 22:28:53 +02:00
Vít Zikmund
896f147075 docs: Use BASH TCP redirect for HEALTHCHECK (#38131) 
* docs: Use BASH TCP redirect for HEALTHCHECK

Add a BASH script to perform an in-container healtcheck.

For the curious, here's how this works:

1. For the code within braces, a TCP connection is made to the keycloak's management port and a successful connection is redirected in the read-write fashion to the descriptor 0 (stdin).
   - When bash fails to connect (TCP RST), it ends up with an error right away.
   - When the connection is hanging (no reply till TCP retry timeout, usually about 1 minute), it just hangs, virtually being a subject to the HEALTHCHECK's timeout (which should be definitely smaller than the usual TCP retry timeout).
2. Then a simple hand-crafted HTTP HEAD request is sent to the socket using printf. This is supposed to always succeed, unless the send buffer of the socket is set ridiculously small on the target OS. In the other case it will just hang again, not being able to push all the bytes through, until that eventually happens or times out.
3. Next, the eventual response is being checked with grep to be the successful one. Only at this time it's return code (and the final) is 0.
   - When no response comes, it's hanging forever and is subject to timeout.
   - When a 503 response comes, grep doesn't match anything and returns 1.

Closes: #38126

Signed-off-by: Vit Zikmund <vit.zikmund@themama.ai>

* expanding bash healthcheck for scenarios that enable http health checks

Signed-off-by: Steve Hawkins <shawkins@redhat.com>

* Update docs/guides/observability/health.adoc

Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net>
Signed-off-by: Steven Hawkins <shawkins@redhat.com>

* Update docs/guides/observability/health.adoc

Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net>
Signed-off-by: Steven Hawkins <shawkins@redhat.com>

* Update docs/guides/observability/health.adoc

Signed-off-by: Steven Hawkins <shawkins@redhat.com>

---------

Signed-off-by: Vit Zikmund <vit.zikmund@themama.ai>
Signed-off-by: Steve Hawkins <shawkins@redhat.com>
Signed-off-by: Steven Hawkins <shawkins@redhat.com>
Co-authored-by: Steve Hawkins <shawkins@redhat.com>
Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net>
 2025-09-29 18:04:02 +02:00
Pedro Ruivo
53007546ad Deprecate AuthenticatedClientSessionModel timestamp 
Closes #42815

Signed-off-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com>
Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>
Co-authored-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com>
Co-authored-by: Alexander Schwartz <alexander.schwartz@ibm.com>
 2025-09-29 14:16:39 +00:00
rmartinc
a44758d4ae Upgrade bc-fips testing and documentation to 2.1.2 
Closes #42958

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2025-09-29 09:04:43 +02:00
Takashi Norimatsu
1649f8c847 Follow-up: FAPI 2.0 Message Signing final version support - updating the link to the final spec 
closes #42499

Signed-off-by: Takashi Norimatsu <takashi.norimatsu.ws@hitachi.com>
 2025-09-29 08:52:27 +02:00
Stian Thorgersen
dbd516f8e6 Refactor SimpleHttp to make it injectable and usable outside server (#42936) 
Closes #42902

Signed-off-by: stianst <stianst@gmail.com>
 2025-09-29 08:37:05 +02:00
Václav Muzikář
97ab82e483 Mark Azure SQL as supported (#42985) 
Closes #42743

Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>
 2025-09-29 08:31:08 +02:00
Martin Bartoš
f53e5ebdac [Docs] Additional datasources support (#42655) 
* [Docs] Additional datasources support

Closes #40388

Closes #42263

Co-authored-by: Václav Muzikář <vaclav@muzikari.cz>
Signed-off-by: Martin Bartoš <mabartos@redhat.com>

* Rename namedKey to wildcardKey in the code

Signed-off-by: Martin Bartoš <mabartos@redhat.com>

* Clarify the defaults for DB kind

Signed-off-by: Martin Bartoš <mabartos@redhat.com>

* Be more clear about the Named key reference in guide

Signed-off-by: Martin Bartoš <mabartos@redhat.com>

* Vasek's review

Signed-off-by: Martin Bartoš <mabartos@redhat.com>

---------

Signed-off-by: Martin Bartoš <mabartos@redhat.com>
Co-authored-by: Václav Muzikář <vaclav@muzikari.cz>
 2025-09-27 08:45:12 +00:00
Václav Muzikář
b65a60e40d Support for EDB 17 (#42341) 
Closes #42742
Closes #42293

Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>
 2025-09-26 16:04:47 +02:00
Pedro Ruivo
746a8211ff Update documentation to prefer CacheCR in multi-site 
Closes #42980

Signed-off-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com>
Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>
Co-authored-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com>
Co-authored-by: Alexander Schwartz <alexander.schwartz@ibm.com>
 2025-09-26 11:06:28 +00:00
Pedro Ruivo
56c1823082 Document Caffeine cache metrics 
Closes #42705

Signed-off-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com>
Co-authored-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com>
 2025-09-25 12:55:31 +02:00
Vinod Anandan
f001b9dde1 Trigger Build. 
Signed-off-by: Vinod Anandan <vinod@owasp.org>
 2025-09-25 10:14:15 +02:00
mposolda
389314a65e Typo in the latest documentation 
closes #42918

Signed-off-by: mposolda <mposolda@gmail.com>
 2025-09-24 17:23:52 +02:00
rmartinc
1d28c0cd35 Expose system-info information in the serverinfo endpoint only for users in the admin realm 
Closes #42828

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2025-09-24 17:21:57 +02:00
Pedro Igor
73ee2cb3e2 Update upgrade guide about changes in how the parameter is propagated to OPs 
Closes #42139

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-09-24 09:03:04 -03:00
Alexander Schwartz
b95cb0c276 Adding explicit anchor for downstream docs 
Closes #42868

Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>
 2025-09-24 11:21:08 +02:00
Robin Meese
e0d35e7589 Add Greek translators and admin-ui properties file 
Closes: #42862

Signed-off-by: Robin Meese <39960884+robson90@users.noreply.github.com>
 2025-09-24 10:26:02 +02:00
Marek Posolda
e09ce9e18d Documentation update for DPoP (#42865) 
closes #42728


Signed-off-by: mposolda <mposolda@gmail.com>
Signed-off-by: Marek Posolda <mposolda@gmail.com>
Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
 2025-09-24 10:00:23 +02:00