mirror/keycloak
1
0
Fork 0
mirror of https://github.com/keycloak/keycloak.git synced 2026-01-30 03:19:40 -06:00
Code Issues Packages Projects Releases Wiki Activity
28,020 Commits 23 Branches 291 Tags
ffaa7c25922dfb4dc1a65e2c457b4400a05106dd
Commit Graph

1160 Commits

Author SHA1 Message Date
andymunro
4892141fa9 Adjust introductory sentences 
Closes #39008

Signed-off-by: AndyMunro <amunro@redhat.com>
(cherry picked from commit 75557bc312)
 2025-04-30 22:20:34 +02:00
Alexander Schwartz
1b41e1bae5 Avoid automatic DB upgrades 
Closes #39274

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2025-04-30 13:49:00 +02:00
Alexander Schwartz
58bf1b9d1d SLO measurement should mention a month as a period (#39341) 
Closes #39312

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Signed-off-by: Michal Hajas <mhajas@redhat.com>
Co-authored-by: Michal Hajas <mhajas@redhat.com>
 2025-04-30 10:28:14 +02:00
Alexander Schwartz
eabe0fde15 fix: metric name Update jgrp_metrics.adoc 
Closes #39206

fix UDP metric name

Signed-off-by: Francisco Freire <franciscocfreire@gmail.com>
Co-authored-by: Francisco Freire <franciscocfreire@gmail.com>
 2025-04-30 10:25:12 +02:00
Steven Hawkins
17ddab8e7e fix: adding docs about h2 migration (#39159) (#39194) 
* fix: adding docs about h2 migration

closes: #39046



* Update docs/documentation/upgrading/topics/changes/changes-26_2_0.adoc




* Update docs/documentation/upgrading/topics/migrate_db.adoc




* Apply suggestions from code review




---------





(cherry picked from commit 837c2e25a2)

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
Signed-off-by: Steven Hawkins <shawkins@redhat.com>
Co-authored-by: Václav Muzikář <vaclav@muzikari.cz>
Co-authored-by: Martin Bartoš <mabartos@redhat.com>
 2025-04-30 09:11:45 +02:00
Steven Hawkins
84535e334c fix: documenting known issues with docker (#39162) (#39215) 
* fix: documenting known issues with docker

closes: #38801 #38893



* Update docs/guides/server/containers.adoc




---------




(cherry picked from commit 68096ee27e)

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
Signed-off-by: Steven Hawkins <shawkins@redhat.com>
Co-authored-by: Martin Bartoš <mabartos@redhat.com>
 2025-04-30 09:11:06 +02:00
Steve Hawkins
99ca24c832 fix: remove ANY mode modification of truststores 
also note that ANY should not be used in production

closes: CVE-2025-3501

Signed-off-by: Steve Hawkins <shawkins@redhat.com>

Add a test for the error (#1)

Signed-off-by: Ricardo Martin <rmartinc@redhat.com>

Update docs/guides/server/keycloak-truststore.adoc

Co-authored-by: Marek Posolda <mposolda@gmail.com>
Signed-off-by: Steven Hawkins <shawkins@redhat.com>
 2025-04-24 12:09:03 +02:00
Alexander Schwartz
2e1740b778 Fix broken link for XOAUTH2 configuration 
Closes #39096

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2025-04-23 08:47:59 +02:00
Alexander Schwartz
65ec7177aa Document operator Auto update strategy when used with podTemplate 
Closes #39059

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2025-04-22 11:51:51 +02:00
Michal Hajas
d35792d39e Change Grafana dashboards guide title to plural 
Closes #39057

Signed-off-by: Michal Hajas <mhajas@redhat.com>
(cherry picked from commit 922294cd28)
 2025-04-17 14:00:55 +00:00
Alexander Schwartz
2129b9f6a3 Add new user event metrics to the release notes 
Closes #39027

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2025-04-17 09:04:50 +00:00
andymunro
e332f1a826 Clarify upgrading language 
Closes #38956

(cherry picked from commit 638fe81beb)

Signed-off-by: AndyMunro <amunro@redhat.com>
 2025-04-17 09:05:01 +02:00
Alexander Schwartz
1b6fc30c44 fix(docs): correct typo in token exchange guide 
Fixed a typo in the example token exchange request section by replacing "folowing" with "following." This improves the clarity and professionalism of the documentation.

Closes #38976

Signed-off-by: Nicola Baiocco <nicola.baiocco@intesys.it>
(cherry picked from commit 34630a4176)

Co-authored-by: Nicola Baiocco <nicola.baiocco@intesys.it>
 2025-04-16 14:42:49 +02:00
Martin Bartoš
cb4b6c8c8e [Docs] Broken link in ExternalLinksTest for importmap 
Closes #38930

Signed-off-by: Martin Bartoš <mabartos@redhat.com>
 2025-04-15 11:07:51 +02:00
Alexander Schwartz
4e0c628813 Avoid duplicate ID in downstream (#38949) 
Closes #38920

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2025-04-15 10:29:00 +02:00
sophie [⛧-440729]
d1ff1b186e add option to the nginx x509 client cert lookup provider to not url-decode the passed client cert 
Closes #17171 

Signed-off-by: ⛧-440729 [sophie] <sophie@999eagle.moe>
 2025-04-11 10:38:38 +02:00
Pedro Igor
288b6dae12 More information to docs 
Closes #38798

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-04-10 20:03:05 +02:00
Thomas Darimont
478e0b3264 Make sure that there is single audience allowed by default in JWT tokens sent to client authentication 
closes #38819

Signed-off-by: mposolda <mposolda@gmail.com>

Co-authored-by: Thomas Darimont <thomas.darimont@googlemail.com>
Co-authored-by: mposolda <mposolda@gmail.com>
 2025-04-10 18:08:10 +02:00
Peter Zaoral
6d6f9667c6 Document how Keycloak is upgraded when Operator is upgraded via OLM (#38297) 
Closes: #35901

Signed-off-by: Peter Zaoral <pzaoral@redhat.com>
 2025-04-10 13:56:42 +02:00
Pedro Igor
ae88d7921f Improvements to partial evaluation 
Closes #38732

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-04-09 18:15:28 +02:00
Robin Meese
c0df401ccf add janher to dutch translation maintainer 
Closes: #38792

Signed-off-by: Robin Meese <39960884+robson90@users.noreply.github.com>
 2025-04-09 18:08:19 +02:00
Falko Modler
770a575f95 Allow zero tracing-sampler-ratio 
Closes #38764

Signed-off-by: Falko Modler <famod@users.noreply.github.com>
 2025-04-09 11:57:03 +00:00
Alexander Schwartz
73ee966feb Sorting the chapters of the HA guide 
Closes #38721

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2025-04-08 07:23:53 -03:00
Alexander Schwartz
2ad776553a Adding a guide on how to enable and use exemplars 
Closes #38688

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2025-04-08 07:23:28 -03:00
Pedro Igor
87430fc181 Add impersonate-members scope to group resource type 
Closes #38566

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-04-07 14:56:27 +00:00
vramik
6488890585 [FGAP:V2] remove configure scope from Client resource type 
Closes #38567

Signed-off-by: vramik <vramik@redhat.com>
 2025-04-07 07:05:02 -03:00
Marek Posolda
f984644d07 Clarify in documentation that legacy token exchange requires FGAP:v1 (#38694) 
closes #38693

Signed-off-by: mposolda <mposolda@gmail.com>


Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net>
Signed-off-by: Marek Posolda <mposolda@gmail.com>
 2025-04-07 08:27:56 +02:00
Alexander Schwartz
38b543af19 Review comments to align with style guide 
Closes #38338

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2025-04-05 14:04:21 -03:00
Alexander Schwartz
d69a530d5b Check HTML head for redirects 
Closes #38655

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2025-04-04 18:40:41 +02:00
Stefan Guilhen
c4c3e2eee6 Allow redirection to idp when user email matches any of the org domains 
Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
Co-authored-by: Martin Panzer <martin.panzer@active-logistics.com>

Closes #33804
 2025-04-04 11:28:04 -03:00
Alexander Schwartz
b3b30a8620 Rework observability page titles and summaries 
Closes #38583

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2025-04-04 11:14:00 +02:00
Vlasta Ramik
18c8308bb4 [FGAP] Remove redundant sentense from fine grained admin permissions docs 
Closes #38677

Signed-off-by: vramik <vramik@redhat.com>
 2025-04-04 09:41:17 +02:00
vramik
f076b99407 FGAP documentation 
Closes #37245

Signed-off-by: vramik <vramik@redhat.com>
 2025-04-03 09:44:32 -03:00
Marek Posolda
6654e56a7c Polish documentation for audience and client scopes (#38484) 
closes #19127

Signed-off-by: mposolda <mposolda@gmail.com>


Co-authored-by: Bruno Oliveira da Silva <bruno@abstractj.com>
Signed-off-by: Marek Posolda <mposolda@gmail.com>
 2025-04-03 08:43:06 +02:00
rmartinc
a10c8119d4 Define a max expiration window for Signed JWT client authentication 
Closes #38576

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2025-04-02 18:32:54 +02:00
Alexander Schwartz
e7474646ee Explicit target for cross-reference 2FA in server admin guide (#38573) 
Closes #38572

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2025-04-01 13:29:30 +02:00
mposolda
cd4e5bc784 Release notes for oid4vci docs 
closes #38485

Signed-off-by: mposolda <mposolda@gmail.com>
 2025-03-29 19:25:24 +01:00
Steven Hawkins
06e0885f46 fix: adds back reporting of non-ip client addresses (#37797) 
closes: #36843

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
# Conflicts:
#	services/src/main/java/org/keycloak/protocol/oidc/tokenexchange/AbstractTokenExchangeProvider.java
#	services/src/main/java/org/keycloak/protocol/oidc/tokenexchange/StandardTokenExchangeProvider.java
 2025-03-27 19:33:20 +00:00
Akbar Husain
6d2de61b8e Fix some ascii doc warnings 
Closes #38479

Signed-off-by: akbarhusainpatel <apatel@intermiles.com>
Co-authored-by: akbarhusainpatel <apatel@intermiles.com>
 2025-03-27 19:42:18 +01:00
Peter Zaoral
1d6ef3c7a7 [Windows] Improve docs on handling quotes in PowerShell (#37468) 
Closes: #36697

Signed-off-by: Peter Zaoral <pzaoral@redhat.com>
 2025-03-27 17:00:15 +01:00
Stefan Guilhen
89d659ee36 Add section about support for federated members in the organization documentation 
Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>

Closes #38471
 2025-03-27 08:03:35 -03:00
Ricardo Martin
a7e63837db Recovery codes documentation (#38407) 
Closes #30702

Signed-off-by: rmartinc <rmartinc@redhat.com>


Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
 2025-03-27 09:59:14 +01:00
Awambeng
27a7a301e7 Add documentation for configuring Keycloak as a VC issuer 
closes #38256

Signed-off-by: Awambeng Rodrick <awambengrodrick@gmail.com>
 2025-03-26 20:50:43 +01:00
Marek Posolda
db23d8e665 Clarify that XOAUTH2 configuration with Microsoft Office365 is community contributed 
Closes #38376

Signed-off-by: mposolda <mposolda@gmail.com>
Signed-off-by: Marek Posolda <mposolda@gmail.com>
Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net>
Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
 2025-03-26 15:54:38 +01:00
juantoser
e180a00229 Comma removed 
The comma after “OpenID Connect” is not necessary. The phrase “OAuth2, OpenID Connect, and SAML compliant server” is listing three related terms, and the conjunction “and” already makes the separation clear.

Signed-off-by: juantoser <136793699+juantoser@users.noreply.github.com>
 2025-03-25 15:57:47 +01:00
mposolda
11cb332964 Release notes updates for the community contributions related to core-clients areas 
closes #38374

Signed-off-by: mposolda <mposolda@gmail.com>
 2025-03-24 12:49:52 +01:00
Laurids Møller Jepsen
8f7c1871a7 Add client OIDC configuration for setting the header type in access tokens. 
If this setting is On, the access token header type will be "at+jwt" in compliance with RFC 9068, see https://datatracker.ietf.org/doc/html/rfc9068#section-2.1. If the setting is Off, the access token header type will be "JWT". The setting is Off per default.

Closes #36696

Signed-off-by: Laurids Møller Jepsen <laurids.jepsen@cryptomathic.com>
 2025-03-24 10:35:41 +01:00
Robin Meese
4c094e12c3 Add Italian and Romanian language 
Closes: #38355

Signed-off-by: Robin Meese <39960884+robson90@users.noreply.github.com>
 2025-03-23 16:00:50 +01:00
Sebastian Rose
4fb1c41155 Sending Mails via SMTP and XOAUTH2 authentication mechanism 
Closes #17432

Signed-off-by: Sebastian Rose <sebastian.rose@gmail.com>
 2025-03-21 10:12:18 +01:00
Stian Thorgersen
a18948f731 Reorder items in release notes for 26.2 (#38290) 
Signed-off-by: stianst <stianst@gmail.com>
 2025-03-20 11:52:53 +01:00