keycloak

mirror of https://github.com/keycloak/keycloak.git synced 2026-04-10 03:26:14 -04:00

Author	SHA1	Message	Date
Giuseppe Graziano	bda0e2a67c	Invalidate sessions created with remember me when remember me is disabled for realm Closes #43328 Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>	2025-10-14 15:00:41 +00:00
mposolda	c2e49c8c59	'Service accounts roles' should be 'Service account roles' closes #43087 Signed-off-by: mposolda <mposolda@gmail.com>	2025-10-10 11:25:37 +02:00
Martin Kanis	a493213ad4	Hide read-only email attribute in update profile context with update … …email enabled (#43024 ) * Hide read-only email attribute in update profile context with update email enabled Closes #42990 Signed-off-by: Martin Kanis <mkanis@redhat.com> * Simplifying conditions when checking read/write on email attribute and more tests Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com> --------- Signed-off-by: Martin Kanis <mkanis@redhat.com> Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com> Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>	2025-10-07 12:52:55 +02:00
Pedro Igor	a3db07a8f5	Re-adding max age setting to the update email action (#43036 ) Closes #43035 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2025-09-30 05:31:23 +02:00
Vinod Anandan	f001b9dde1	Trigger Build. Signed-off-by: Vinod Anandan <vinod@owasp.org>	2025-09-25 10:14:15 +02:00
mposolda	389314a65e	Typo in the latest documentation closes #42918 Signed-off-by: mposolda <mposolda@gmail.com>	2025-09-24 17:23:52 +02:00
Alexander Schwartz	b95cb0c276	Adding explicit anchor for downstream docs Closes #42868 Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>	2025-09-24 11:21:08 +02:00
Marek Posolda	e09ce9e18d	Documentation update for DPoP (#42865 ) closes #42728 Signed-off-by: mposolda <mposolda@gmail.com> Signed-off-by: Marek Posolda <mposolda@gmail.com> Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>	2025-09-24 10:00:23 +02:00
vramik	23043b40b4	Fix `reset-password` scope documentation and upgrading guide Closes #42790 Signed-off-by: vramik <vramik@redhat.com>	2025-09-23 07:31:35 -03:00
rmartinc	2015e08e38	Move DPoP option to the capability section in the admin UI Closes #42746 Signed-off-by: rmartinc <rmartinc@redhat.com>	2025-09-22 17:27:48 +02:00
stianst	fb83a8ba09	Documentation for federated client authentication Closes #42721 Signed-off-by: stianst <stianst@gmail.com>	2025-09-19 11:54:03 +01:00
Stan Silvert	f99c91291c	Remove duplicated themes documentation. (#42571 ) * Remove duplicated themes documentation. Signed-off-by: Stan Silvert <ssilvert@redhat.com> * Move Theme SPI documentation to Themes Guide Signed-off-by: Stan Silvert <ssilvert@redhat.com> * Fix link so test will pass. Fixes #42396 Signed-off-by: Stan Silvert <ssilvert@redhat.com> * Fix broken links. Closes #42396 Signed-off-by: Stan Silvert <ssilvert@redhat.com> * Fix broken link. Closes #42396 Signed-off-by: Stan Silvert <ssilvert@redhat.com> --------- Signed-off-by: Stan Silvert <ssilvert@redhat.com>	2025-09-18 10:31:52 +02:00
Marek Posolda	d9d19791a4	Clarifying OIDC logout documentation. Removing obsolete unused docs p… (#42636 ) closes #41792 Signed-off-by: mposolda <mposolda@gmail.com> Signed-off-by: Marek Posolda <mposolda@gmail.com> Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>	2025-09-16 17:37:42 +02:00
Ricardo Martin	a2acdda535	Automatic download and cache of the SAML client public keys (#41947 ) Closes #17028 Signed-off-by: rmartinc <rmartinc@redhat.com>	2025-09-16 13:07:33 +02:00
Alexander Schwartz	5cfdaebcea	Add missing fields for client offline session timeout and lifespan Closes #42369 Signed-off-by: Alexander Schwartz <aschwart@redhat.com>	2025-09-11 11:46:50 +02:00
Bagautdino	d225bce21f	feat(FGAPv2): introduce RESET_PASSWORD scope and evaluation - Add RESET_PASSWORD to AdminPermissionsSchema.USERS - Require RESET_PASSWORD in UserResource.resetPassword() - Expose canResetPassword()/requireResetPassword() - Implement FGAP v2 deny-overrides + secure-by-default + optional fallback - Include access.resetPassword for Admin Console Closes #41901 Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com> Signed-off-by: Bagautdino <336373@edu.itmo.ru>	2025-09-03 15:10:56 -03:00
Alexander Schwartz	665f4140da	Adding missing docs for 26.4 release notes Closes #42252 Signed-off-by: Alexander Schwartz <alexander.schwartz@gmx.net> Signed-off-by: Alexander Schwartz <aschwart@redhat.com> Co-authored-by: Vinod Anandan <vinod@owasp.org>	2025-09-02 17:47:12 -03:00
Tobias Genannt	ca93863d60	fix: Update to new dash standard Closes #42270 Signed-off-by: Tobias Genannt <tobias.genannt@gmail.com>	2025-09-01 12:49:02 +00:00
Alexis Rico	224ccbb79d	Make organization `domains` optional Closes #31285 Signed-off-by: Alexis Rico <sferadev@gmail.com>	2025-08-27 18:11:15 -03:00
Niko Köbler	236d2f9f62	Add configuration option to automatically add recovery codes action after otp configuration closes #41836 Signed-off-by: Niko Köbler <niko@n-k.de> Signed-off-by: Alexander Schwartz <aschwart@redhat.com> Co-authored-by: Alexander Schwartz <aschwart@redhat.com>	2025-08-27 17:56:59 +02:00
Ricardo Martin	46e990b7a7	Check for non-ascii local part on emails depending on SMTP configuration Closes #41994 Signed-off-by: rmartinc <rmartinc@redhat.com>	2025-08-21 08:16:47 +00:00
Steven Hawkins	b6f039a4cc	fix: adding a default for ldap connection timeout (#41726 ) closes: #39299 Signed-off-by: Steve Hawkins <shawkins@redhat.com> Signed-off-by: Steven Hawkins <shawkins@redhat.com>	2025-08-19 16:43:42 +00:00
Sebastian Łaskawiec	988bf9cb0b	WelcomeResource do not create temporary admins (#41416 ) Signed-off-by: Sebastian Łaskawiec <sebastian.laskawiec@defenseunicorns.com>	2025-08-18 17:31:26 +02:00
Ricardo Martin	949ef35a3b	Allow and control sending UTF-8 emails in the default email sender impl Closes #41023 Signed-off-by: rmartinc <rmartinc@redhat.com> Signed-off-by: Alexander Schwartz <aschwart@redhat.com> Co-authored-by: Alexander Schwartz <aschwart@redhat.com>	2025-08-15 10:43:38 +00:00
Pedro Igor	3bf46e5421	"linked-accounts" endpoint displays all Identity providers Closes #19732 Signed-off-by: Réda Housni Alaoui <reda-alaoui@hey.com> Co-authored-by: Réda Housni Alaoui <reda-alaoui@hey.com>	2025-08-14 15:21:03 +02:00
Ricardo Martin	ef312b570c	Final changes for passkeys documentation (#41646 ) Closes #41557 Signed-off-by: rmartinc <rmartinc@redhat.com> Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com> Co-authored-by: Marek Posolda <mposolda@gmail.com>	2025-08-13 09:01:15 +02:00
Peter Skopek	651d651c30	Add missing artifact descriptions to allow Maven Central Portal Publisher pass validation process. (#40822 ) Signed-off-by: Peter Skopek <pskopek@redhat.com>	2025-08-12 16:50:17 +02:00
Alexander Schwartz	c2515bbb88	Fixing typo and formatting Closes #41620 Signed-off-by: Alexander Schwartz <aschwart@redhat.com> Signed-off-by: Alexander Schwartz <alexander.schwartz@gmx.net> Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>	2025-08-11 08:26:10 +02:00
Pedro Igor	84fc9bb3e5	Allow forwarding parameters set as a client note in the authentication session Closes #41670 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2025-08-06 14:57:47 -03:00
huyenvu2101	5436f9781c	Allow setting default value for userprofile attribute Closes #36160 Signed-off-by: huyenvu2101 <vhuyen2101@gmail.com>	2025-08-06 13:59:54 -03:00
Takashi Norimatsu	cb4e06b6f8	FAPI 2.0 Security Profile Final - Documentation closes #41121 Signed-off-by: Takashi Norimatsu <takashi.norimatsu.ws@hitachi.com>	2025-08-01 09:24:30 +02:00
forkimenjeckayang	43610cfa67	[OID4VCI] Update SD-JWT VCs Format Identifier to dc+sd-jwt (#41233 ) Closes #39293 Signed-off-by: forkimenjeckayang <forkimenjeckayang@gmail.com>	2025-08-01 09:13:35 +02:00
Alexander Schwartz	e1b3afb686	Refresh token for an OAuth2 based IDP when retrieving the IDP token Closes #14644 Signed-off-by: Alexander Schwartz <aschwart@redhat.com>	2025-07-31 11:11:34 +02:00
rmartinc	1f608fae6e	Create a new condition for credential type and add it to default flows Closes #41354 Signed-off-by: rmartinc <rmartinc@redhat.com>	2025-07-31 10:14:15 +02:00
Martin Bartoš	57cb321ce0	ExternalLinks are broken in documentation Closes #41491 Signed-off-by: Martin Bartoš <mabartos@redhat.com>	2025-07-30 11:21:11 +02:00
rmartinc	e0bba39da0	Allow configure encryption details for SAML clients Closes #40933 Signed-off-by: rmartinc <rmartinc@redhat.com>	2025-07-18 20:13:40 +02:00
Martin Kanis	85b494ec51	Review and update the documentation regarding the UPDATE EMAIL feature Closes #40226 Signed-off-by: Martin Kanis <mkanis@redhat.com>	2025-07-17 15:27:09 +00:00
Alexander Schwartz	180745b65f	Fix em-dash in SPI options in the docs Closes #41152 Signed-off-by: Alexander Schwartz <aschwart@redhat.com> Signed-off-by: Alexander Schwartz <alexander.schwartz@gmx.net> Co-authored-by: Steven Hawkins <shawkins@redhat.com>	2025-07-16 12:18:09 -03:00
Pedro Igor	87f30a6285	Adding a config to the UPDATE_EMAIL action to force users to verify email Closes #32569 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2025-07-16 16:21:08 +02:00
mposolda	274afa88fa	Add option 'Requires short state parameter' to OIDC IDP closes #40237 Signed-off-by: mposolda <mposolda@gmail.com>	2025-07-11 16:17:03 +02:00
Pascal Knüppel	f39a37d8d1	[OID4VCI] Move realm attributes to clientScope and protocol-mappers (#39768 ) fixes #39527 Signed-off-by: Pascal Knüppel <pascal.knueppel@governikus.de> Signed-off-by: Captain-P-Goldfish <captain.p.goldfish@gmx.de>	2025-07-10 14:46:36 +02:00
Pedro Ruivo	9322d71d61	UserSession Offline removed from DB if not in cache Fixes #40754 Signed-off-by: Pedro Ruivo <pruivo@redhat.com> Signed-off-by: Alexander Schwartz <alexander.schwartz@gmx.net> Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net>	2025-07-07 20:52:06 +02:00
Ricardo Martin	8624101701	Documentation changes for Passkeys (#40728 ) Closes #40705 Signed-off-by: rmartinc <rmartinc@redhat.com> Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net> Signed-off-by: Ricardo Martin <rmartinc@redhat.com>	2025-06-27 14:59:46 +02:00
andymunro	e7b4f745ad	Clarify OpenShift instructions (#40488 ) Closes #40487 Signed-off-by: AndyMunro <amunro@redhat.com>	2025-06-20 17:07:48 +02:00
Henrik S.	c952cb66ad	Update authentication flows documentation to match new GUI Closes #40514 Signed-off-by: Henrik S. <henrik.strath@volvocars.com> Signed-off-by: Alexander Schwartz <aschwart@redhat.com> Co-authored-by: Alexander Schwartz <aschwart@redhat.com>	2025-06-16 08:24:43 +00:00
Steven Hawkins	76bc9fadcb	fix: adding a -- separator for spi options (#40005 ) * fix: adding a -- separator for spi options closes: #39063 Signed-off-by: Steve Hawkins <shawkins@redhat.com> * adding a warning for ambiguous spi options also adding a note about the change Signed-off-by: Steve Hawkins <shawkins@redhat.com> # Conflicts: # docs/documentation/upgrading/topics/changes/changes-26_3_0.adoc * updating docs to the new format Signed-off-by: Steve Hawkins <shawkins@redhat.com> # Conflicts: # docs/guides/high-availability/examples/generated/keycloak-ispn.yaml # docs/guides/high-availability/examples/generated/keycloak.yaml * internally using the new spi options also adding a deprecation notice Signed-off-by: Steve Hawkins <shawkins@redhat.com> * Apply suggestions from code review Co-authored-by: Martin Bartoš <mabartos@redhat.com> Signed-off-by: Steven Hawkins <shawkins@redhat.com> * correcting options output adding + + inlining where needed Signed-off-by: Steve Hawkins <shawkins@redhat.com> * adding test showing the env mapping with __ Signed-off-by: Steve Hawkins <shawkins@redhat.com> --------- Signed-off-by: Steve Hawkins <shawkins@redhat.com> Signed-off-by: Steven Hawkins <shawkins@redhat.com> Co-authored-by: Martin Bartoš <mabartos@redhat.com>	2025-06-13 16:13:53 +02:00
Ricardo Martin	b89f8a0225	Documentation changes for the 2FA additions Closes #40001 Signed-off-by: rmartinc <rmartinc@redhat.com>	2025-06-12 09:30:27 +02:00
mposolda	b03b9f9e3a	Improve documentation of service-accounts and make it more clear. Delete the unused file service-accounts.adoc closes #39748 Signed-off-by: mposolda <mposolda@gmail.com>	2025-06-05 08:45:12 +02:00
Pedro Igor	7cc055f8a6	Verify brokered user email based on the email_verified claim from the ID Token returned by the OP Closes #39885 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2025-05-29 10:45:18 -03:00
Pedro Igor	e6e6fa60fa	Adding OAuth2-based identity broker Closes #35266 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2025-05-27 12:07:01 -03:00

1 2 3 4 5 ...

294 commits