mirrors/keycloak
1
0
Fork 0
mirror of https://github.com/keycloak/keycloak.git synced 2026-01-25 16:42:34 +00:00
Code Issues Packages Projects Releases Wiki Activity
NaN Commits 24 Branches 291 Tags
dependabot/github_actions/actions/cache-5.0.2
Commit Graph

928 Commits

Author SHA1 Message Date
rmartinc
07b9b9656b Allow client_id as an audience in the JWT Authorization Grant and Client Assertions 
Closes #45178

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2026-01-16 15:48:28 +01:00
Ruchika Jha
e2e11a3b8e Hide Remember Me session settings when Remember Me is disabled in realm settings edit page in UI 
Closes #44973

Signed-off-by: Ruchika <ruchika.jha1@ibm.com>
Signed-off-by: Ruchika Jha <Ruchika.Jha1@ibm.com>
Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>
Co-authored-by: Alexander Schwartz <alexander.schwartz@ibm.com>
 2026-01-15 16:46:50 +00:00
Pedro Igor
ab351170b4 Support aggregated policies during partial evaluation 
Closes #45324

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2026-01-15 15:20:52 +01:00
Pedro Igor
37ff64446b Allow hide organization brokers when the user does not map to any organization during login 
Closes #45422

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2026-01-15 15:19:43 +01:00
Alexander Schwartz
391593cfa7 Implement asynchronous logging when called from nonblocking threads 
Closes #45015

Signed-off-by: Alexander Schwartz <alexander.schwartz@gmx.net>
Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>
Signed-off-by: Martin Bartoš <mabartos@redhat.com>
Co-authored-by: Martin Bartoš <mabartos@redhat.com>
 2026-01-15 09:20:34 -03:00
Pedro Igor
cca5ef44fa Updating the documentation 
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2026-01-13 16:42:07 -03:00
Giuseppe Graziano
23aad2a942 DPoP Guide (#45274) 
Closes #42747

Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>
 2026-01-13 11:01:28 +01:00
Pedro Igor
c33d94da65 Allow admins with any admin role to map roles if the constraints apply 
Closes #44371
Closes #45182

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2026-01-12 12:56:30 -03:00
Stan Silvert
eb77c055f5 Clarify documentation. 
Signed-off-by: Stan Silvert <ssilvert@redhat.com>
 2026-01-12 10:36:10 -03:00
mposolda
1273c8db0e DCR endpoint ignores client's requested token_endpoint_auth_method in case it is client_secret_post 
closes #44403

Signed-off-by: mposolda <mposolda@gmail.com>
 2026-01-12 09:54:04 +01:00
Ryan Emerson
f8b114bdd8 Add indexes to BROKER_LINK table 
Closes #45009

Signed-off-by: Ryan Emerson <remerson@ibm.com>
Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>
Co-authored-by: Alexander Schwartz <alexander.schwartz@ibm.com>
 2026-01-09 16:09:40 +00:00
Alexander Schwartz
234526761e Fix section level in 26.5 migration guide 
Closes #45184

Signed-off-by: Alexander Schwartz <alexander.schwartz@gmx.net>
 2026-01-07 07:54:06 -03:00
Ryan Emerson
4a2ed7c4e6 Use correct anchor for mdc logging in 26.5.0 release notes 
Closes #45185

Signed-off-by: Ryan Emerson <remerson@ibm.com>
 2026-01-06 17:21:48 +01:00
olympus5
ffed84194e Realign source code examples in auth-spi doc 
closes #43757

Signed-off-by: olympus5 <erwan.iquel@gmail.com>
 2026-01-06 12:18:42 +01:00
Pedro Igor
0d5766f3a8 Allow running scheduled workflows 
Closes #44865

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2026-01-05 13:03:47 -03:00
Alexander Schwartz
e43cf55028 Finalizing 26.5 release notes 
Closes #45131

Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>
Signed-off-by: Alexander Schwartz <alexander.schwartz@gmx.net>
Co-authored-by: Stian Thorgersen <stian@redhat.com>
 2026-01-05 14:10:32 +01:00
Pedro Igor
3c0b308bb7 Document limitations when updating workflows 
Closes #45134

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2026-01-05 14:10:03 +01:00
Alexander Schwartz
a6bf194487 Remove usage of kcSanitize() to avoid printing HTML (#44755) 
Closes #44753


Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>
 2026-01-05 10:45:32 +01:00
Ryan Emerson
cafa1a86eb Disable state transfer for session caches when persistent sessions are enabled 
Closes #44518

Signed-off-by: Ryan Emerson <remerson@ibm.com>
Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>
Co-authored-by: Alexander Schwartz <alexander.schwartz@ibm.com>
 2026-01-05 08:53:59 +00:00
Ruchika Jha
60b369c622 Validate client session timeout and lifetime settings on realm settings edit 
Closes #44910

Signed-off-by: Ruchika <Ruchika.Jha1@ibm.com>
Signed-off-by: Ryan Emerson <remerson@ibm.com>
Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>
Co-authored-by: Ryan Emerson <remerson@ibm.com>
Co-authored-by: Alexander Schwartz <alexander.schwartz@ibm.com>
 2026-01-05 08:50:56 +00:00
Stian Thorgersen
f2c527239d Update JNDI reference in LDAP referrals documentation (#45129) 
Clarified the term 'JNDI' in the LDAP referrals section.

Closes #45040
 2026-01-05 09:01:40 +01:00
Robin Meese
0d0d468f27 Add ability to delete offline sessions via account console 
Closes #15502

Signed-off-by: Robin Meese <39960884+robson90@users.noreply.github.com>
Signed-off-by: Alexander Schwartz <alexander.schwartz@gmx.net>
Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net>
 2026-01-05 08:26:47 +01:00
Christian Ja
374e45b883 Use default locale from realm an intermediate fallback 
closes #40990

Signed-off-by: Christian Janker <christian.janker@gmx.at>
Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>
Co-authored-by: Alexander Schwartz <alexander.schwartz@ibm.com>
 2026-01-01 14:23:33 +00:00
Robin Meese
35ee49b5d4 Add logout event to UserSessionLimitsAuthenticator 
Closes #44843

Signed-off-by: Robin Meese <39960884+robson90@users.noreply.github.com>
Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>
Co-authored-by: Alexander Schwartz <alexander.schwartz@ibm.com>
 2026-01-01 13:22:54 +00:00
Stefan Guilhen
43634dd2ed Update docs/documentation/server_admin/topics/workflows/understanding-workflow-definition.adoc 
Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>
Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
 2025-12-29 10:29:38 -03:00
Stefan Guilhen
9865791084 Fix wrong provider references in workflows documentation 
Closes #45077

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
 2025-12-29 10:29:38 -03:00
Robin Meese
0957572751 Add logout event to SessionResource 
Closes #44842

Signed-off-by: Robin Meese <39960884+robson90@users.noreply.github.com>
Signed-off-by: Alexander Schwartz <alexander.schwartz@gmx.net>
Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net>
 2025-12-29 12:25:45 +00:00
Stefan Guilhen
0d09f755f1 Fix wrong event names in workflows documentation (#45002) 
Closes #45001

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
 2025-12-19 13:01:20 -05:00
Peter Zaoral
7da8a8a2e3 feat: add Windows service support (#44496) 
Closes: #37704

Signed-off-by: Peter Zaoral <pepo48@gmail.com>
 2025-12-19 16:55:42 +00:00
Stephan Seifermann
aefecade5c Client cert lookup provider compliant to RFC 9440 (#36161) 
* Client cert lookup provider compliant to RFC 9440 (#20761)

Signed-off-by: Stephan Seifermann <seiferma@users.noreply.github.com>

* Release notes

Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>

---------

Signed-off-by: Stephan Seifermann <seiferma@users.noreply.github.com>
Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>
Co-authored-by: Stephan Seifermann <seiferma@users.noreply.github.com>
Co-authored-by: Václav Muzikář <vmuzikar@redhat.com>
 2025-12-19 12:38:54 +01:00
Ricardo Martin
efc75f09b0 Fix link to https://azure.microsoft.com/en-us (#45036) 
Closes #45023

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2025-12-19 12:27:05 +01:00
Pedro Igor
6a437521a9 Only allow LDAP URL references when following referrals (#44993) 
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>
Signed-off-by: Stian Thorgersen <stian@redhat.com>
Co-authored-by: Alexander Schwartz <alexander.schwartz@ibm.com>
Co-authored-by: Stian Thorgersen <stianst@gmail.com>
 2025-12-18 14:27:10 +01:00
Pedro Igor
7512a0412b wip - workflows doc (#44685) 
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
Co-authored-by: Stan Silvert <ssilvert@redhat.com>
 2025-12-18 07:52:41 -05:00
Marek Posolda
4b68f6998b Release notes update for Keycloak 26.5 with core-clients related contributions (#44986) 
closes #44192

Signed-off-by: mposolda <mposolda@gmail.com>
 2025-12-18 10:48:27 +01:00
Martin Bartoš
548a89c823 [OTel] Micrometer to OpenTelemetry bridge support for metrics (#41716) 
* [OTel] Micrometer to OpenTelemetry bridge support for metrics

Closes #41006

Signed-off-by: Martin Bartoš <mabartos@redhat.com>

* Review: Docs rewording

Signed-off-by: Ryan Emerson <remerson@ibm.com>

* Review: Make TELEMETRY Option descriptions consistently use OpenTelemetry to reflect pattern established by telemetry-enabled, telemetry-endpoint etc

Signed-off-by: Ryan Emerson <remerson@ibm.com>

---------

Signed-off-by: Martin Bartoš <mabartos@redhat.com>
Signed-off-by: Ryan Emerson <remerson@ibm.com>
Co-authored-by: Ryan Emerson <remerson@ibm.com>
 2025-12-17 17:03:56 +01:00
Sebastian Łaskawiec
9597537bf3 Additional fields for the Welcome Resource (#44758) 
* Additional fields added to the Welcome Page

Signed-off-by: Sebastian Łaskawiec <sebastian.laskawiec@gmail.com>

* Updated the order of fields

Signed-off-by: Sebastian Łaskawiec <sebastian.laskawiec@gmail.com>

---------

Signed-off-by: Sebastian Łaskawiec <sebastian.laskawiec@gmail.com>
 2025-12-17 13:11:44 +01:00
Martin Kanis
012cefb654 The existence of an organization attribute called id is not validated 
Closes #44522

Signed-off-by: Martin Kanis <mkanis@redhat.com>
 2025-12-17 08:05:32 -03:00
Steven Hawkins
148d14816c fix: allowing settable connection request timeout (#44592) 
also defaulting to 5000

closes: #44500

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
 2025-12-16 16:35:01 +00:00
Palpable
94ee6d81fb [OID4VCI] Realign naming of attribute configuring algorithms for credential (#44765) 
Closes #44621


Signed-off-by: Vitalisn4 <ngamvitalisyuh@gmail.com>
Signed-off-by: mposolda <mposolda@gmail.com>
Signed-off-by: Ingrid Kamga <Ingrid.Kamga@adorsys.com>
Co-authored-by: Marek Posolda <mposolda@gmail.com>
Co-authored-by: Ingrid Kamga <Ingrid.Kamga@adorsys.com>
 2025-12-16 14:46:17 +01:00
Martin Bartoš
29fdcedbc8 [OTel] Introduce preview support for OpenTelemetry Logs (#41265) 
Closes #41264

Co-authored-by: Ryan Emerson <remerson@redhat.com

Signed-off-by: Martin Bartoš <mabartos@redhat.com>
 2025-12-15 10:50:30 +01:00
Václav Muzikář
da6c4df5ec Support EDB 18 (#44856) 
* Support EDB 18

Closes #44494

Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>

* Update test-framework/db-edb/container/README.md

Co-authored-by: Steven Hawkins <shawkins@redhat.com>
Signed-off-by: Václav Muzikář <vaclav@muzikari.cz>

---------

Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>
Signed-off-by: Václav Muzikář <vaclav@muzikari.cz>
Co-authored-by: Steven Hawkins <shawkins@redhat.com>
 2025-12-15 07:36:26 +01:00
Ruchika Jha
26fe8dc7d8 Added validation for client session timeout post comparing the realm session timeouts 
Closes #41019

Signed-off-by: ruchikajha95 <Ruchika.Jha1@ibm.com>
Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>
 2025-12-11 13:58:04 +01:00
Giuseppe Graziano
c0c4067bdd JWT Authorization Grant feature to preview 
Closes #44492

Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>
 2025-12-11 10:37:30 +01:00
Martin Bartoš
8def691053 [OTel] Provide general options for telemetry settings (#41705) 
* [OTel] Provide general options for telemetry settings

Closes #41263

Co-authored-by: Ryan Emerson <remerson@redhat.com>
Signed-off-by: Martin Bartoš <mabartos@redhat.com>

* Update docs/guides/observability/telemetry.adoc

Co-authored-by: Václav Muzikář <vaclav@muzikari.cz>
Signed-off-by: Martin Bartoš <mabartos@redhat.com>

* Provide release notes and deprecation note

Signed-off-by: Martin Bartoš <mabartos@redhat.com>

* Ignore link to the telemetry guide for now

Signed-off-by: Martin Bartoš <mabartos@redhat.com>

---------

Signed-off-by: Martin Bartoš <mabartos@redhat.com>
Co-authored-by: Ryan Emerson <remerson@redhat.com>
Co-authored-by: Václav Muzikář <vaclav@muzikari.cz>
 2025-12-10 12:03:46 +00:00
Christian Glasmachers
921b10ee80 Login failure cache: Evict entries after the configured failure reset time 
Closes #44801

Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>
Signed-off-by: Alexander Schwartz <alexander.schwartz@gmx.net>
Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
Co-authored-by: Christian Glasmachers <Christian.Glasmachers-extern@deutschebahn.com>
Co-authored-by: Alexander Schwartz <alexander.schwartz@ibm.com>
Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net>
Co-authored-by: Pedro Ruivo <pruivo@users.noreply.github.com>
 2025-12-10 11:20:19 +01:00
rmartinc
c9686cc040 Documentation for JWT Authorization Grant 
Closes #44136

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2025-12-09 12:13:21 +01:00
vramik
5dbc91e028 Deprecate Fine-Grained Admin Permissions v1 
Closes #44121

Signed-off-by: vramik <vramik@redhat.com>
 2025-12-08 10:26:27 -03:00
Alexander Schwartz
2f81a2fb76 Updating and ordering the release notes 
Closes #44706

Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>
 2025-12-08 10:55:33 +01:00
Pascal Knüppel
46e5979b17 [OID4VCI] Handle key_attestation_required in metadata endpoint (#44471) 
fixes #43801


Signed-off-by: Pascal Knüppel <pascal.knueppel@governikus.de>
Signed-off-by: Pascal Knüppel <captain.p.goldfish@gmx.de>
Signed-off-by: Captain-P-Goldfish <captain.p.goldfish@gmx.de>
Co-authored-by: Ingrid Kamga <xingridkamga@gmail.com>
 2025-12-05 16:00:32 +01:00
Sebastian Schuster
b5178a2bec Added section on recommended isolation level to db guides 
Closes #44611

Signed-off-by: Sebastian Schuster <sebastian.schuster@bosch.com>
Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>
Co-authored-by: Alexander Schwartz <alexander.schwartz@ibm.com>
 2025-12-05 14:48:31 +01:00