From d0cab170a32c4369b69dc3359ea9e1eed9ecd146 Mon Sep 17 00:00:00 2001 From: Marek Posolda Date: Wed, 4 Dec 2024 18:51:15 +0100 Subject: [PATCH] Update release notes for Keycloak 26.1.0 with new community additions (#35590) closes #35588 Signed-off-by: mposolda Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com> Signed-off-by: Marek Posolda --- .../release_notes/topics/26_1_0.adoc | 28 +++++++++++++++++++ 1 file changed, 28 insertions(+) diff --git a/docs/documentation/release_notes/topics/26_1_0.adoc b/docs/documentation/release_notes/topics/26_1_0.adoc index d56034c2fb4..00bf046360f 100644 --- a/docs/documentation/release_notes/topics/26_1_0.adoc +++ b/docs/documentation/release_notes/topics/26_1_0.adoc @@ -11,6 +11,34 @@ darkMode=false Alternatively, you can disable dark mode support for the built-in Keycloak themes on a per-realm basis by turning off the "Dark mode" setting under the "Theme" tab in the realm settings. += Authorization Code Binding to a DPoP Key + +Support now exists for https://datatracker.ietf.org/doc/html/rfc9449#section-10[Authorization Code Binding to a DPoP Key] including support for the DPoP with Pushed Authorization Requests. + +ifeval::[{project_community}==true] +Many thanks to https://github.com/tnorimat[Takashi Norimatsu] for the contribution. +endif::[] + += Option to create certificates for generated EC keys + +A new option, `Generate certificate`, exists for EC-DSA and Ed-DSA key providers. When the generated key is created by a realm administrator, a +certificate might be generated for this key. The certificate information is available in the Admin Console and in the JWK representation of this key, which is available +from JWKS endpoint with the realm keys. + +ifeval::[{project_community}==true] +Many thanks to https://github.com/Captain-P-Goldfish[Pascal Knüppel] for the contribution. +endif::[] + += Minimum ACR Value for the client + +The option `Minimum ACR value` is added as a configuration option on the realm OIDC clients. This addition is an enhancement related to step-up authentication, which makes it possible +to enforce minimum ACR level when logging in to the particular client. + +ifeval::[{project_community}==true] +Many thanks to https://github.com/sonOfRa[Simon Levermann] for the contribution. +endif::[] + + = LDAP users are created as enabled by default when using Microsoft Active Directory If you are using Microsoft AD and creating users through the administrative interfaces, the user will created as enabled by default.