Tobi
|
479859a7a3
|
Add new indices on offline_client_session
Closes #43566
Signed-off-by: twobiers <22715034+twobiers@users.noreply.github.com>
Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>
Co-authored-by: Alexander Schwartz <alexander.schwartz@ibm.com>
|
2025-10-31 17:49:47 +01:00 |
|
Pedro Ruivo
|
e40c5de050
|
Session cache affinity
Closes #42776
Signed-off-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com>
Signed-off-by: Alexander Schwartz <alexander.schwartz@gmx.net>
Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>
Co-authored-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com>
Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net>
Co-authored-by: Steven Hawkins <shawkins@redhat.com>
Co-authored-by: Alexander Schwartz <alexander.schwartz@ibm.com>
|
2025-10-30 21:01:09 +00:00 |
|
Alexander Schwartz
|
0f01444543
|
Allow only normalized paths in requests (#43765)
Closes #43763
Signed-off-by: Martin Bartoš <mabartos@redhat.com>
Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>
Co-authored-by: Martin Bartoš <mabartos@redhat.com>
|
2025-10-30 14:37:50 +01:00 |
|
Pedro Ruivo
|
6317c02a27
|
Refactor AuthenticationSessionManager
Closes #43825
Signed-off-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com>
Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>
Co-authored-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com>
Co-authored-by: Alexander Schwartz <alexander.schwartz@ibm.com>
|
2025-10-30 12:26:07 +01:00 |
|
Marek Posolda
|
2fc5419676
|
Avoid using UserCredentialManager from user storage extensions (#43695)
closes #43694
Signed-off-by: mposolda <mposolda@gmail.com>
|
2025-10-29 16:26:59 +01:00 |
|
Pedro Igor
|
2b785425fa
|
Allow managing realm admin roles if the the realm-admin role is granted
Closes #43579
Closes #43578
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
Co-authored-by: Vlasta Ramik <vramik@users.noreply.github.com>
|
2025-10-23 08:02:05 -03:00 |
|
Stian Thorgersen
|
84a161d4dd
|
Extract related methods from IdentityProvider to UserIdentityProvider (#43535)
Closes #43534
Signed-off-by: stianst <stianst@gmail.com>
|
2025-10-21 14:27:07 +00:00 |
|
Alexander Schwartz
|
6080f21c64
|
Adding this as a breaking change plus deprecation
Closes #43022
Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>
|
2025-10-21 09:58:33 -03:00 |
|
Martin Bartoš
|
419afce847
|
Fix anchors in the documentation
Closes #43084
Signed-off-by: Martin Bartoš <mabartos@redhat.com>
Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>
Co-authored-by: Václav Muzikář <vaclav@muzikari.cz>
Co-authored-by: Alexander Schwartz <alexander.schwartz@ibm.com>
|
2025-10-21 12:33:32 +00:00 |
|
Pedro Igor
|
c5b560e2d8
|
Update user profile to allow returning a brief user representation
Closes #42225
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
|
2025-10-21 12:52:31 +02:00 |
|
Ronaldo Paulino Jiconda
|
987ce19b45
|
Fix OIDC IDP broker basic auth encoding
Ensures that the client_id and client_secret are URL-encoded before being Base64-encoded for the Basic Auth header, following RFC 6749. This fixes authentication failures when the client_id contains special characters.
Closes #26374
Closes #43022
Signed-off-by: rpjicond <ronaldopaulino32@hotmail.com>
Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>
Co-authored-by: rpjicond <ronaldopaulino32@hotmail.com>
Co-authored-by: Alexander Schwartz <alexander.schwartz@ibm.com>
Co-authored-by: cgeorgilakis-grnet <cgeorgilakis@admin.grnet.gr>
|
2025-10-20 23:48:24 +02:00 |
|
Steven Hawkins
|
736d4920d7
|
fix: noting db support level changes (#43549)
closes: #43191
Signed-off-by: Steve Hawkins <shawkins@redhat.com>
|
2025-10-17 14:01:10 +02:00 |
|
Giuseppe Graziano
|
bda0e2a67c
|
Invalidate sessions created with remember me when remember me is disabled for realm
Closes #43328
Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>
|
2025-10-14 15:00:41 +00:00 |
|
Alexander Schwartz
|
934ac48a54
|
Rework formatting for release notes
Closes #43320
Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>
|
2025-10-10 07:42:53 -03:00 |
|
Steven Hawkins
|
7bfc33fd5f
|
fix: auto-defaulting log console color (#42669)
closes: #42445
Signed-off-by: Steve Hawkins <shawkins@redhat.com>
Co-authored-by: Martin Bartoš <mabartos@redhat.com>
|
2025-10-06 17:14:30 +00:00 |
|
Martin Bartoš
|
70a9a600de
|
ExternalLinksTest is broken due to missing path parameters
Closes #43082
Signed-off-by: Martin Bartoš <mabartos@redhat.com>
Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>
Co-authored-by: Alexander Schwartz <alexander.schwartz@ibm.com>
|
2025-10-02 10:15:58 +02:00 |
|
Alexander Schwartz
|
37c808bd11
|
Reorder the release notes (#43026)
* Reorder the release notes
Closes #42994
Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>
* Update docs/documentation/release_notes/topics/26_4_0.adoc
Co-authored-by: Stian Thorgersen <stian@redhat.com>
Signed-off-by: Alexander Schwartz <alexander.schwartz@gmx.net>
* Update docs/documentation/release_notes/topics/26_4_0.adoc
Co-authored-by: Stian Thorgersen <stian@redhat.com>
Signed-off-by: Alexander Schwartz <alexander.schwartz@gmx.net>
* Review
Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>
* Review
Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>
* Review
Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>
* Review
Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>
* Review
Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>
* Review
Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>
---------
Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>
Signed-off-by: Alexander Schwartz <alexander.schwartz@gmx.net>
Co-authored-by: Stian Thorgersen <stian@redhat.com>
|
2025-09-30 06:47:55 +00:00 |
|
Pedro Ruivo
|
53007546ad
|
Deprecate AuthenticatedClientSessionModel timestamp
Closes #42815
Signed-off-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com>
Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>
Co-authored-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com>
Co-authored-by: Alexander Schwartz <alexander.schwartz@ibm.com>
|
2025-09-29 14:16:39 +00:00 |
|
Stian Thorgersen
|
dbd516f8e6
|
Refactor SimpleHttp to make it injectable and usable outside server (#42936)
Closes #42902
Signed-off-by: stianst <stianst@gmail.com>
|
2025-09-29 08:37:05 +02:00 |
|
Martin Bartoš
|
f53e5ebdac
|
[Docs] Additional datasources support (#42655)
* [Docs] Additional datasources support
Closes #40388
Closes #42263
Co-authored-by: Václav Muzikář <vaclav@muzikari.cz>
Signed-off-by: Martin Bartoš <mabartos@redhat.com>
* Rename namedKey to wildcardKey in the code
Signed-off-by: Martin Bartoš <mabartos@redhat.com>
* Clarify the defaults for DB kind
Signed-off-by: Martin Bartoš <mabartos@redhat.com>
* Be more clear about the Named key reference in guide
Signed-off-by: Martin Bartoš <mabartos@redhat.com>
* Vasek's review
Signed-off-by: Martin Bartoš <mabartos@redhat.com>
---------
Signed-off-by: Martin Bartoš <mabartos@redhat.com>
Co-authored-by: Václav Muzikář <vaclav@muzikari.cz>
|
2025-09-27 08:45:12 +00:00 |
|
Václav Muzikář
|
b65a60e40d
|
Support for EDB 17 (#42341)
Closes #42742
Closes #42293
Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>
|
2025-09-26 16:04:47 +02:00 |
|
rmartinc
|
1d28c0cd35
|
Expose system-info information in the serverinfo endpoint only for users in the admin realm
Closes #42828
Signed-off-by: rmartinc <rmartinc@redhat.com>
|
2025-09-24 17:21:57 +02:00 |
|
Pedro Igor
|
73ee2cb3e2
|
Update upgrade guide about changes in how the parameter is propagated to OPs
Closes #42139
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
|
2025-09-24 09:03:04 -03:00 |
|
Pedro Igor
|
54d2451b35
|
Make user read-only and a proper error message when the user federation provider is not available
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
|
2025-09-24 04:03:13 -03:00 |
|
Alexander Schwartz
|
a9ed355bfc
|
Adding missing time column to index
Closes #42792
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
|
2025-09-23 07:33:08 -03:00 |
|
vramik
|
23043b40b4
|
Fix reset-password scope documentation and upgrading guide
Closes #42790
Signed-off-by: vramik <vramik@redhat.com>
|
2025-09-23 07:31:35 -03:00 |
|
Stan Silvert
|
f99c91291c
|
Remove duplicated themes documentation. (#42571)
* Remove duplicated themes documentation.
Signed-off-by: Stan Silvert <ssilvert@redhat.com>
* Move Theme SPI documentation to Themes Guide
Signed-off-by: Stan Silvert <ssilvert@redhat.com>
* Fix link so test will pass.
Fixes #42396
Signed-off-by: Stan Silvert <ssilvert@redhat.com>
* Fix broken links.
Closes #42396
Signed-off-by: Stan Silvert <ssilvert@redhat.com>
* Fix broken link.
Closes #42396
Signed-off-by: Stan Silvert <ssilvert@redhat.com>
---------
Signed-off-by: Stan Silvert <ssilvert@redhat.com>
|
2025-09-18 10:31:52 +02:00 |
|
Pedro Ruivo
|
f7ff7e55d8
|
Replace UUID with composite key for client session cache
Closes #42547
Signed-off-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
|
2025-09-17 10:25:51 +00:00 |
|
Ryan Emerson
|
728118d62a
|
Validate wait_timeout parameter on MySQL and MariaDB
Closes #42300
Signed-off-by: Ryan Emerson <remerson@ibm.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
|
2025-09-16 09:38:52 +00:00 |
|
andymunro
|
bbe2beebbb
|
Keycloak 26.4 Upgrading Guide
Closes #42564
Signed-off-by: AndyMunro <amunro@redhat.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
|
2025-09-16 08:59:28 +02:00 |
|
Steven Hawkins
|
ae1e1d3cc3
|
fix: allows for schedulings to be defined for operator jobs (#42310)
* fix: allows for schedulings to be defined for operator jobs
closes: #42057
Signed-off-by: Steve Hawkins <shawkins@redhat.com>
* Update docs/guides/operator/advanced-configuration.adoc
Co-authored-by: Václav Muzikář <vaclav@muzikari.cz>
Signed-off-by: Steven Hawkins <shawkins@redhat.com>
---------
Signed-off-by: Steve Hawkins <shawkins@redhat.com>
Signed-off-by: Steven Hawkins <shawkins@redhat.com>
Co-authored-by: Václav Muzikář <vaclav@muzikari.cz>
|
2025-09-10 16:28:12 +00:00 |
|
Alexander Schwartz
|
473864a45d
|
Fixing the indentation of the sections
Closes #42501
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
|
2025-09-10 13:54:50 +02:00 |
|
Ryan Emerson
|
a3c95a2a34
|
Document tested and supported configurations for single-cluster deployments
Closes #42304
Signed-off-by: Ryan Emerson <remerson@ibm.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
|
2025-09-09 19:49:22 +00:00 |
|
mposolda
|
5a05d2123e
|
Unbounded login_hint parameter Can Corrupt KC_RESTART Cookie
closes #40857
Signed-off-by: mposolda <mposolda@gmail.com>
|
2025-09-09 11:05:19 +02:00 |
|
Pedro Igor
|
40476b53d9
|
fixup! align /users/count with /users behavior around service-accounts
|
2025-09-08 11:30:45 -03:00 |
|
Alexander Schwartz
|
ad12b418b4
|
Review
Closes #42369
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
|
2025-09-05 10:28:32 -03:00 |
|
Alexander Schwartz
|
78dce37197
|
Update documentation after changes to RFC8414 handling
Closes #42323
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
|
2025-09-05 10:28:32 -03:00 |
|
Bagautdino
|
d225bce21f
|
feat(FGAPv2): introduce RESET_PASSWORD scope and evaluation
- Add RESET_PASSWORD to AdminPermissionsSchema.USERS
- Require RESET_PASSWORD in UserResource.resetPassword()
- Expose canResetPassword()/requireResetPassword()
- Implement FGAP v2 deny-overrides + secure-by-default + optional fallback
- Include access.resetPassword for Admin Console
Closes #41901
Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>
Signed-off-by: Bagautdino <336373@edu.itmo.ru>
|
2025-09-03 15:10:56 -03:00 |
|
Pedro Ruivo
|
935caa97ea
|
Disable peristent user session batching
Closes #41662
Signed-off-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
|
2025-09-01 14:33:21 +00:00 |
|
Sebastian Łaskawiec
|
4c0f071d45
|
Upgrade Prep doc polishing
Closes #41898
Signed-off-by: Sebastian Łaskawiec <sebastian.laskawiec@defenseunicorns.com>
|
2025-08-21 13:19:59 +02:00 |
|
Ricardo Martin
|
46e990b7a7
|
Check for non-ascii local part on emails depending on SMTP configuration
Closes #41994
Signed-off-by: rmartinc <rmartinc@redhat.com>
|
2025-08-21 08:16:47 +00:00 |
|
Steven Hawkins
|
b6f039a4cc
|
fix: adding a default for ldap connection timeout (#41726)
closes: #39299
Signed-off-by: Steve Hawkins <shawkins@redhat.com>
Signed-off-by: Steven Hawkins <shawkins@redhat.com>
|
2025-08-19 16:43:42 +00:00 |
|
Sebastian Łaskawiec
|
988bf9cb0b
|
WelcomeResource do not create temporary admins (#41416)
Signed-off-by: Sebastian Łaskawiec <sebastian.laskawiec@defenseunicorns.com>
|
2025-08-18 17:31:26 +02:00 |
|
Ryan Emerson
|
168d9cc090
|
Simplify Cache Configuration file by removing built-in cache configurations
Closes #41559
Signed-off-by: Ryan Emerson <remerson@ibm.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
|
2025-08-15 16:16:56 +00:00 |
|
Ricardo Martin
|
949ef35a3b
|
Allow and control sending UTF-8 emails in the default email sender impl
Closes #41023
Signed-off-by: rmartinc <rmartinc@redhat.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
|
2025-08-15 10:43:38 +00:00 |
|
Moshie Samuel
|
6958f57f0a
|
add configurable cooldown for email resend in VerifyEmail
Closes #41331
Signed-off-by: Moshie Samuel <moshie.samuel@gmail.com>
Signed-off-by: moshiem <moshiem@hardcorebiometric.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: moshiem <moshiem@hardcorebiometric.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
|
2025-08-15 07:31:00 +02:00 |
|
Alexander Schwartz
|
7629b7dc53
|
Show required fields when configuring protocol mappers
Closes #40619
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
|
2025-08-15 07:28:45 +02:00 |
|
Dmytro Filipenko
|
bd5818c4c8
|
Add HTML5 attributes to prevent password manager interference with OTP
* Closes #41831
Signed-off-by: dmfilipenko <wind.fd@gmail.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
|
2025-08-14 07:45:53 +00:00 |
|
Peter Skopek
|
651d651c30
|
Add missing artifact descriptions to allow Maven Central Portal Publisher pass validation process. (#40822)
Signed-off-by: Peter Skopek <pskopek@redhat.com>
|
2025-08-12 16:50:17 +02:00 |
|
Ryan Emerson
|
a2fe32617c
|
Default to stretched clusters on Kubernetes when possible
Closes #41666
Signed-off-by: Ryan Emerson <remerson@ibm.com>
|
2025-08-08 08:09:04 +02:00 |
|