mirror/keycloak
1
0
Fork 0
mirror of https://github.com/keycloak/keycloak.git synced 2026-01-30 03:19:40 -06:00
Code Issues Packages Projects Releases Wiki Activity
28,020 Commits 23 Branches 291 Tags
ffaa7c25922dfb4dc1a65e2c457b4400a05106dd
Commit Graph

674 Commits

Author SHA1 Message Date
Steven Hawkins
17ddab8e7e fix: adding docs about h2 migration (#39159) (#39194) 
* fix: adding docs about h2 migration

closes: #39046



* Update docs/documentation/upgrading/topics/changes/changes-26_2_0.adoc




* Update docs/documentation/upgrading/topics/migrate_db.adoc




* Apply suggestions from code review




---------





(cherry picked from commit 837c2e25a2)

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
Signed-off-by: Steven Hawkins <shawkins@redhat.com>
Co-authored-by: Václav Muzikář <vaclav@muzikari.cz>
Co-authored-by: Martin Bartoš <mabartos@redhat.com>
 2025-04-30 09:11:45 +02:00
Alexander Schwartz
2e1740b778 Fix broken link for XOAUTH2 configuration 
Closes #39096

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2025-04-23 08:47:59 +02:00
Alexander Schwartz
2129b9f6a3 Add new user event metrics to the release notes 
Closes #39027

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2025-04-17 09:04:50 +00:00
andymunro
e332f1a826 Clarify upgrading language 
Closes #38956

(cherry picked from commit 638fe81beb)

Signed-off-by: AndyMunro <amunro@redhat.com>
 2025-04-17 09:05:01 +02:00
Martin Bartoš
cb4b6c8c8e [Docs] Broken link in ExternalLinksTest for importmap 
Closes #38930

Signed-off-by: Martin Bartoš <mabartos@redhat.com>
 2025-04-15 11:07:51 +02:00
Pedro Igor
288b6dae12 More information to docs 
Closes #38798

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-04-10 20:03:05 +02:00
Thomas Darimont
478e0b3264 Make sure that there is single audience allowed by default in JWT tokens sent to client authentication 
closes #38819

Signed-off-by: mposolda <mposolda@gmail.com>

Co-authored-by: Thomas Darimont <thomas.darimont@googlemail.com>
Co-authored-by: mposolda <mposolda@gmail.com>
 2025-04-10 18:08:10 +02:00
Pedro Igor
ae88d7921f Improvements to partial evaluation 
Closes #38732

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-04-09 18:15:28 +02:00
Pedro Igor
87430fc181 Add impersonate-members scope to group resource type 
Closes #38566

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-04-07 14:56:27 +00:00
vramik
6488890585 [FGAP:V2] remove configure scope from Client resource type 
Closes #38567

Signed-off-by: vramik <vramik@redhat.com>
 2025-04-07 07:05:02 -03:00
Marek Posolda
f984644d07 Clarify in documentation that legacy token exchange requires FGAP:v1 (#38694) 
closes #38693

Signed-off-by: mposolda <mposolda@gmail.com>


Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net>
Signed-off-by: Marek Posolda <mposolda@gmail.com>
 2025-04-07 08:27:56 +02:00
Alexander Schwartz
d69a530d5b Check HTML head for redirects 
Closes #38655

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2025-04-04 18:40:41 +02:00
Stefan Guilhen
c4c3e2eee6 Allow redirection to idp when user email matches any of the org domains 
Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
Co-authored-by: Martin Panzer <martin.panzer@active-logistics.com>

Closes #33804
 2025-04-04 11:28:04 -03:00
Vlasta Ramik
18c8308bb4 [FGAP] Remove redundant sentense from fine grained admin permissions docs 
Closes #38677

Signed-off-by: vramik <vramik@redhat.com>
 2025-04-04 09:41:17 +02:00
vramik
f076b99407 FGAP documentation 
Closes #37245

Signed-off-by: vramik <vramik@redhat.com>
 2025-04-03 09:44:32 -03:00
Marek Posolda
6654e56a7c Polish documentation for audience and client scopes (#38484) 
closes #19127

Signed-off-by: mposolda <mposolda@gmail.com>


Co-authored-by: Bruno Oliveira da Silva <bruno@abstractj.com>
Signed-off-by: Marek Posolda <mposolda@gmail.com>
 2025-04-03 08:43:06 +02:00
rmartinc
a10c8119d4 Define a max expiration window for Signed JWT client authentication 
Closes #38576

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2025-04-02 18:32:54 +02:00
Alexander Schwartz
e7474646ee Explicit target for cross-reference 2FA in server admin guide (#38573) 
Closes #38572

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2025-04-01 13:29:30 +02:00
mposolda
cd4e5bc784 Release notes for oid4vci docs 
closes #38485

Signed-off-by: mposolda <mposolda@gmail.com>
 2025-03-29 19:25:24 +01:00
Steven Hawkins
06e0885f46 fix: adds back reporting of non-ip client addresses (#37797) 
closes: #36843

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
# Conflicts:
#	services/src/main/java/org/keycloak/protocol/oidc/tokenexchange/AbstractTokenExchangeProvider.java
#	services/src/main/java/org/keycloak/protocol/oidc/tokenexchange/StandardTokenExchangeProvider.java
 2025-03-27 19:33:20 +00:00
Stefan Guilhen
89d659ee36 Add section about support for federated members in the organization documentation 
Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>

Closes #38471
 2025-03-27 08:03:35 -03:00
Ricardo Martin
a7e63837db Recovery codes documentation (#38407) 
Closes #30702

Signed-off-by: rmartinc <rmartinc@redhat.com>


Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
 2025-03-27 09:59:14 +01:00
Awambeng
27a7a301e7 Add documentation for configuring Keycloak as a VC issuer 
closes #38256

Signed-off-by: Awambeng Rodrick <awambengrodrick@gmail.com>
 2025-03-26 20:50:43 +01:00
Marek Posolda
db23d8e665 Clarify that XOAUTH2 configuration with Microsoft Office365 is community contributed 
Closes #38376

Signed-off-by: mposolda <mposolda@gmail.com>
Signed-off-by: Marek Posolda <mposolda@gmail.com>
Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net>
Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
 2025-03-26 15:54:38 +01:00
mposolda
11cb332964 Release notes updates for the community contributions related to core-clients areas 
closes #38374

Signed-off-by: mposolda <mposolda@gmail.com>
 2025-03-24 12:49:52 +01:00
Laurids Møller Jepsen
8f7c1871a7 Add client OIDC configuration for setting the header type in access tokens. 
If this setting is On, the access token header type will be "at+jwt" in compliance with RFC 9068, see https://datatracker.ietf.org/doc/html/rfc9068#section-2.1. If the setting is Off, the access token header type will be "JWT". The setting is Off per default.

Closes #36696

Signed-off-by: Laurids Møller Jepsen <laurids.jepsen@cryptomathic.com>
 2025-03-24 10:35:41 +01:00
Sebastian Rose
4fb1c41155 Sending Mails via SMTP and XOAUTH2 authentication mechanism 
Closes #17432

Signed-off-by: Sebastian Rose <sebastian.rose@gmail.com>
 2025-03-21 10:12:18 +01:00
Stian Thorgersen
a18948f731 Reorder items in release notes for 26.2 (#38290) 
Signed-off-by: stianst <stianst@gmail.com>
 2025-03-20 11:52:53 +01:00
Alexander Schwartz
c9b88c6bf6 Finalizing release notes and documentation for initial rolling update 
Closes #38168

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2025-03-19 21:34:09 +01:00
Alexander Schwartz
b5d8c46202 Fix links that have been moved 
Closes #38190

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2025-03-18 13:36:41 +01:00
Takashi Norimatsu
eb2153379a DPoP: Refresh token created with DPoP can be refreshed without proof 
closes #36475

Signed-off-by: Takashi Norimatsu <takashi.norimatsu.ws@hitachi.com>
 2025-03-17 12:53:19 +01:00
andymunro
1f6f1571fd update screens for new realm selector 
Closes #37083

Signed-off-by: AndyMunro <amunro@redhat.com>
 2025-03-15 10:54:00 +01:00
Marek Posolda
290905c9cf Documentation for supported token-exchange (#38008) 
closes #37126

Signed-off-by: Marek Posolda <mposolda@gmail.com>


Co-authored-by: Bruno Oliveira da Silva <bruno@abstractj.com>
Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
 2025-03-14 09:55:44 +01:00
Steven Hawkins
d9c3511fa5 fix: adding a check if the proxy is trusted prior to using a cert header (#37465) 
closes: #35861

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
Signed-off-by: Steven Hawkins <shawkins@redhat.com>
 2025-03-12 11:21:33 +01:00
Mihir Vadalia
11a20a2eb3 Documentation for Optional Email Events 
Closes #37998

Signed-off-by: Mihir Vadalia <mihir@defensepoint.com>
Co-authored-by: Mihir Vadalia <mihir@defensepoint.com>
 2025-03-11 21:21:45 +01:00
Uche Nwachukwu
df9efdf590 Update themes-react.adoc (#37977) 
Spelling adjustment.

Signed-off-by: Uche Nwachukwu <nwachukwuuche@gmail.com>
 2025-03-10 22:33:04 +00:00
Stefan Guilhen
86b2a6a95c Fix docs to also mention roles 
Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>

Closes #28569

Signed-off-by: Jakob Overrein <jakob.overrein@basefarm-orange.com>
 2025-03-10 16:13:36 -03:00
Stefan Guilhen
d44ebfd4d1 Document the addition of the Relative User Creation DN 
Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
 2025-03-10 16:13:36 -03:00
Alexander Schwartz
151e019935 Make NetworkPolicy supported and enabled by default 
Closes #36036

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Signed-off-by: Alexander Schwartz <alexander.schwartz@gmx.net>
Co-authored-by: Pedro Ruivo <pruivo@users.noreply.github.com>
 2025-03-10 11:12:38 +01:00
Alexander Schwartz
b1785ce179 Quote a link that shouldn't be rendered as a link 
This should not be clickable.

Closes #37765

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2025-03-06 16:50:04 -03:00
Alexander Schwartz
bc7ec1208e Enable the TLS based JGroups encryption by default and update the docs 
Closes #37696

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2025-03-03 10:50:51 -03:00
Giuseppe Graziano
690b5ecb25 Grant Type condition for client policies (#37665) 
Closes #37124

Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>
 2025-02-27 11:51:06 +01:00
Jon Koops
873e4ffb1f Replace i18next backend with i18next-fetch-backend (#37633) 
Signed-off-by: Jon Koops <jonkoops@gmail.com>
 2025-02-26 08:36:12 -05:00
Martin Bartoš
6f0ed46404 Upgrade to Quarkus 3.19.0.CR1 (#37492) 
Closes #37436

Signed-off-by: Martin Bartoš <mabartos@redhat.com>
 2025-02-24 19:52:01 +01:00
Akbar Husain
9d3cfe0672 Remove X-XSS-Protection header (#36881) 
Closes #21728

Signed-off-by: akbarhusainpatel <apatel@intermiles.com>
 2025-02-19 08:42:26 +01:00
Michal Hajas
f54bb16a61 Add Grafana dashboards to release notes 
Closes #37402

Signed-off-by: Michal Hajas <mhajas@redhat.com>
 2025-02-18 14:04:23 +01:00
Jon Koops
3ccc88628f Fix broken external link in Gitlab IdP docs (#37435) 
Closes #37434

Signed-off-by: Jon Koops <jonkoops@gmail.com>
 2025-02-18 11:03:53 +00:00
Václav Muzikář
764ca50fc4 Upgrade to Quarkus 3.18.2 (#37300) 
* Upgrade to Quarkus 3.18.2

Closes #37056

Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>

* Update docs/documentation/upgrading/topics/changes/changes-26_2_0.adoc

Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net>
Signed-off-by: Václav Muzikář <vaclav@muzikari.cz>

---------

Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>
Signed-off-by: Václav Muzikář <vaclav@muzikari.cz>
Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net>
 2025-02-17 16:30:05 +01:00
rmartinc
6850f41060 Force login in reset-credentials to federated users 
Closes #37207

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2025-02-12 13:47:39 -03:00
Alexander Schwartz
822eb4471d Ensure a sufficient virtual threads pool (#37197) 
Closes #37162

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2025-02-10 16:28:24 +01:00