keycloak

mirror of https://github.com/keycloak/keycloak.git synced 2026-04-25 16:39:42 -05:00

Author	SHA1	Message	Date
mposolda	e9283ee71d	Documentation for recovery codes (deprecation of password policy and required action config) closes #39245 Signed-off-by: mposolda <mposolda@gmail.com>	2025-04-29 09:29:38 +02:00
Alexander Schwartz	e7474646ee	Explicit target for cross-reference 2FA in server admin guide (#38573 ) Closes #38572 Signed-off-by: Alexander Schwartz <aschwart@redhat.com>	2025-04-01 13:29:30 +02:00
Ricardo Martin	a7e63837db	Recovery codes documentation (#38407 ) Closes #30702 Signed-off-by: rmartinc <rmartinc@redhat.com> Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>	2025-03-27 09:59:14 +01:00
andymunro	1f6f1571fd	update screens for new realm selector Closes #37083 Signed-off-by: AndyMunro <amunro@redhat.com>	2025-03-15 10:54:00 +01:00
Giuseppe Graziano	bd807ceac3	Select auth flow via acr using client policies (#36441 ) Closes #24297 Co-authored-by: Ben Cresitello-Dittmar <bcresitellodittmar@mitre.org> Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>	2025-01-23 19:46:07 +01:00
rmartinc	f89be1813d	Check next update time for CRL in certificate validation Closes #35983 Signed-off-by: rmartinc <rmartinc@redhat.com>	2025-01-22 14:58:35 +01:00
rmartinc	17d2dd58ca	Add some common headers for the links check in docs Closes #36675 Signed-off-by: rmartinc <rmartinc@redhat.com>	2025-01-22 12:21:29 +01:00
Stian Thorgersen	bc2665fc2a	Re-order items in release notes for 26.1 (#36346 ) * Re-order items in release notes for 26.1 Signed-off-by: stianst <stianst@gmail.com> * Review (#161) Signed-off-by: Alexander Schwartz <aschwart@redhat.com> --------- Signed-off-by: stianst <stianst@gmail.com> Signed-off-by: Alexander Schwartz <aschwart@redhat.com> Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net>	2025-01-14 09:21:04 +00:00
Marek Posolda	4ab34f4816	Updating release notes with core-clients contributions and features (#36066 ) closes #35953 Signed-off-by: mposolda <mposolda@gmail.com> Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com> Signed-off-by: Marek Posolda <mposolda@gmail.com>	2024-12-20 10:15:55 +01:00
Marek Posolda	a3fd076960	Adding ConditionalClientScopeAuthenticator (#36020 ) closes #36081 Signed-off-by: mposolda <mposolda@gmail.com> Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com> Signed-off-by: Marek Posolda <mposolda@gmail.com>	2024-12-20 09:53:51 +01:00
Thomas Darimont	3cdbbc5b15	Add support for Initiating User Registration via prompt=create (#10701 ) (#35903 ) Fixes #10701 Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>	2024-12-16 19:54:52 +01:00
Ricardo Martin	bbca6116b0	Implement a conditional authenticator to check if a sub-flow was executed or not previously in the process (#35668 ) Closes #35231 Signed-off-by: rmartinc <rmartinc@redhat.com> Co-authored-by: Marek Posolda <mposolda@gmail.com> Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>	2024-12-12 11:16:30 +01:00
Alexander Schwartz	b98cd12b58	Changing mis-formatted definition list of hashing algorithms to a table Closes #35416 Signed-off-by: Alexander Schwartz <aschwart@redhat.com>	2024-12-02 15:05:05 -03:00
Cornelius Roemer	29abfd3e89	Fix typos in .md and .adoc files using codespell interactive mode Closes #35256 This PR fixes a bunch of typos in docs files. I ran codespell on `.adoc` and `.md` files in the repo in interactive mode carefully checking each identified typo and proposed fix for false positives. The most widely read file with typos identified is likely the changelog/migration guide. Signed-off-by: Cornelius Roemer <cornelius.roemer@gmail.com>	2024-11-25 08:21:26 +01:00
AndyMunro	e2d221c4bd	Address QE comments on Server Admin Guide Closes #34916 Signed-off-by: AndyMunro <amunro@redhat.com>	2024-11-22 10:20:18 +01:00
Ricardo Martin	ca1c10f7ba	Use short UUID for ldap components (#34815 ) Closes #32143 Signed-off-by: rmartinc <rmartinc@redhat.com>	2024-11-15 15:15:04 +01:00
Alexander Schwartz	d4991ce56f	Fix server guide cross-references for downstream docs Closes #31947 Signed-off-by: Alexander Schwartz <aschwart@redhat.com>	2024-08-13 14:51:01 -03:00
rmartinc	942d5d0aa3	Convert chapter planning for securing applications and services to guides Final removal of the securing_apps documentation Final checks for links, order and other minor things Closes #31328 Signed-off-by: rmartinc <rmartinc@redhat.com>	2024-08-01 16:45:56 +02:00
Giuseppe Graziano	c3019fb2d3	Move oidc documentation to guides (#31627 ) Closes #31329 Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>	2024-07-30 09:46:14 +02:00
Pedro Igor	f4b1a5ca88	Updating docs Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-07-24 15:12:16 -03:00
Maciej Mierzwa	97e89e2071	feature: password age in days policy Closes #30210 Signed-off-by: Maciej Mierzwa <dev.maciej.mierzwa@gmail.com>	2024-07-24 15:12:16 -03:00
Douglas Palmer	54f4ab50f0	Broken external links Closes #30717 Signed-off-by: Douglas Palmer <dpalmer@redhat.com>	2024-06-25 09:55:50 +02:00
CARBONNEAUX Mathieu	acf79b81c7	add RS256 algorithm to webauthn default policy (#30528 ) closes #28020 Signed-off-by: Mathieu CARBONNEAUX <mathieu.carbonneaux@ch2o.info>	2024-06-19 10:16:46 +02:00
Marek Posolda	79c8c80058	Example for X.509 direct grant flow authentication (#30203 ) closes #29639 Signed-off-by: mposolda <mposolda@gmail.com> Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>	2024-06-06 11:58:09 +02:00
Marek Posolda	336b2c875f	Update release notes for Keycloak 25 (#29894 ) closes #29576 Signed-off-by: mposolda <mposolda@gmail.com> Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>	2024-05-29 14:19:17 +02:00
Marek Posolda	6dc28bc7b5	Clarify the documentation about step-up authentication (#29735 ) closes #28341 Signed-off-by: mposolda <mposolda@gmail.com> Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>	2024-05-21 19:46:27 +02:00
mposolda	bbd4b60163	Update documentation after adapters removal closes #28792 Signed-off-by: mposolda <mposolda@gmail.com>	2024-05-21 09:34:48 +02:00
Takashi Norimatsu	b4e7d9b1aa	Passkeys: Supporting WebAuthn Conditional UI (#24305 ) closes #24264 Signed-off-by: Takashi Norimatsu <takashi.norimatsu.ws@hitachi.com> Signed-off-by: mposolda <mposolda@gmail.com> Co-authored-by: mposolda <mposolda@gmail.com>	2024-05-16 07:58:43 +02:00
Dimitri Papadopoulos Orfanos	9db1443367	Fix typos found by codespell in docs (#28890 ) Run `chmod -x` on files that need not be executable. Signed-off-by: Dimitri Papadopoulos <3234522+DimitriPapadopoulos@users.noreply.github.com> Signed-off-by: Alexander Schwartz <aschwart@redhat.com> Co-authored-by: Alexander Schwartz <aschwart@redhat.com>	2024-05-03 12:41:16 +00:00
Alexander Schwartz	5b4a69a6e9	Limit the concurrency of password hashing to the number of CPU cores available Closes #28477 Signed-off-by: Alexander Schwartz <aschwart@redhat.com>	2024-04-15 15:05:09 +02:00
Christopher Miles	1646315939	Deny list lower cases all passwords when loading from file Closes #28381 We always lower case the inbound password before comparing against the deny list yet the deny list may contain passwords that contain upper case letters. With this change we will now convert passwords from the deny list into lower case while loading, ensuring that more passwords match the deny list. Signed-off-by: Christopher Miles <twitch@nervestaple.com>	2024-04-15 08:49:37 +02:00
Marek Posolda	13daaa55ba	Documentation for changes related to 'You are already logged in' scen… (#28595 ) closes #27879 Signed-off-by: mposolda <mposolda@gmail.com> Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>	2024-04-11 08:18:41 +02:00
Stian Thorgersen	c3a98ae387	Use Argon2 as default password hashing algorithm (#28162 ) Closes #28161 Signed-off-by: stianst <stianst@gmail.com>	2024-03-22 13:04:14 +00:00
Stian Thorgersen	cae92cbe8c	Argon2 password hashing provider (#28031 ) Closes #28030 Signed-off-by: stianst <stianst@gmail.com>	2024-03-22 07:08:09 +01:00
AndyMunro	d61b1ddb09	Edit use of Keycloak in Server Admin Guide Closes #27955 Signed-off-by: AndyMunro <amunro@redhat.com>	2024-03-18 09:51:55 +01:00
Stian Thorgersen	81f3f211f3	Delete all deprecated and unmaintained examples (#27855 ) Signed-off-by: stianst <stianst@gmail.com>	2024-03-15 07:24:20 +01:00
Alexander Schwartz	4b697009d3	Clean up feature IDs in the docs (#27418 ) Closes #27416 Signed-off-by: Alexander Schwartz <aschwart@redhat.com>	2024-03-06 12:32:06 +01:00
Takashi Norimatsu	3db04d8d8d	Replace Security Key with Passkey in WebAuthn UIs and their documents closes #27147 Signed-off-by: Takashi Norimatsu <takashi.norimatsu.ws@hitachi.com>	2024-02-29 10:31:05 +01:00
Alexander Schwartz	6de61f61f0	Adding missing explicit IDs for cross-references Closes #27316 Signed-off-by: Alexander Schwartz <aschwart@redhat.com>	2024-02-28 08:37:52 +01:00
Takashi Norimatsu	849a920955	Rename Resident key to Discoverable Credential closes #9508 Signed-off-by: Takashi Norimatsu <takashi.norimatsu.ws@hitachi.com>	2024-02-19 14:12:15 +01:00
Marek Posolda	e2fb8406a3	Fixing the docs about default hashing iterations (#27020 ) closes #26816 Signed-off-by: mposolda <mposolda@gmail.com> Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>	2024-02-15 08:11:44 +01:00
Pedro Igor	750bc2c09c	Reviewing references to user attribute management and UIs Closes #26155 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-02-12 16:01:34 +01:00
mposolda	7af753e166	Documentation for AIA closes #25569 Signed-off-by: mposolda <mposolda@gmail.com> Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>	2024-02-12 09:42:34 +01:00
christian-2	e14b523a8d	Fixes typo in Server Administration guide (#26543 ) Signed-off-by: Christian Hörtnagl <christian2@univie.ac.at>	2024-02-01 19:36:32 +01:00
Ben Cresitello-Dittmar	057d8a00ac	Implement Authentication Method Reference (AMR) claim from OIDC specification This implements a method for configuring authenticator reference values for Keycloak authenticator executions and a protocol mapper for populating the AMR claim in the resulting OIDC tokens. This implementation adds a default configuration item to each authenticator execution, allowing administrators to configure an authenticator reference value. Upon successful completion of an authenticator during an authentication flow, Keycloak tracks the execution ID in a user session note. The protocol mapper pulls the list of completed authenticators from the user session notes and loads the associated configurations for each authenticator execution. It then captures the list of authenticator references from these configs and sets it in the AMR claim of the resulting tokens. Closes #19190 Signed-off-by: Ben Cresitello-Dittmar <bcresitellodittmar@mitre.org>	2024-01-03 14:59:05 -03:00
Thomas Darimont	d30d692335	Introduce MaxAuthAge Password policy (#12943 ) This policy allows to specify the maximum age of an authentication with which a password may be changed without re-authentication. Defaults to 300 seconds (default taken from Constants.KC_ACTION_MAX_AGE) to remain backwards compatible. A value of 0 will always require reauthentication to update the password. Add documentation for MaxAuthAgePasswordPolicy to server_admin Fixes #12943 Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>	2023-11-20 14:48:17 +01:00
AndyMunro	20f5edc708	Addressing Server Admin review comments Closes #24643 Signed-off-by: AndyMunro <amunro@redhat.com>	2023-11-13 15:48:02 +01:00
Takashi Norimatsu	1c8cddf145	passkeys: documentation closes #23660	2023-10-24 14:48:13 +02:00
mposolda	57e51e9dd4	Use an original domain name of Kerberos Principal in UserModel attribute instead of configured value of Kerberos realm in User federation closes #20045	2023-08-30 13:24:48 +02:00
Alexander Schwartz	08dfdffbfb	Fixed updated links for freeipa (#22040 ) Closes #22039	2023-07-28 07:31:03 +02:00

1 2

60 Commits