upstream/keycloak
1
0
Fork 0
mirror of https://github.com/keycloak/keycloak.git synced 2026-04-11 03:56:23 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 16
30693 commits 29 branches 303 tags 894 MiB
Commit graph

53 commits

Author SHA1 Message Date
vramik
367f9e2cc8 Organization Groups Documentation 
Closes #45516

Signed-off-by: vramik <vramik@redhat.com>
 2026-03-10 10:31:50 -03:00
Ricardo Martin
2bd386842a
Step up authentication for saml - preview (#44185) 
Closes #10155


Signed-off-by: rmartinc <rmartinc@redhat.com>
 2026-02-23 19:57:00 +01:00
Pedro Igor
8df79202a0
Fixing organization members docs to mention they can join multiple organizations 
Closes #46040

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2026-02-13 14:54:10 +01:00
Tero Saarni
47b91b995d Add revert button to client credentials form
Some checks failed
Weblate Sync / Trigger Weblate to pull the latest changes (push) Has been cancelled
Details 
Signed-off-by: Tero Saarni <tero.saarni@est.tech>
 2026-01-28 18:36:36 +01:00
Tero Saarni
cb4c533464
Add support for looking up client secrets via Vault SPI (#39650) 
Fixes #13102


Signed-off-by: Tero Saarni <tero.saarni@est.tech>
 2026-01-28 16:45:30 +01:00
mposolda
1273c8db0e DCR endpoint ignores client's requested token_endpoint_auth_method in case it is client_secret_post 
closes #44403

Signed-off-by: mposolda <mposolda@gmail.com>
 2026-01-12 09:54:04 +01:00
Pedro Igor
7512a0412b
wip - workflows doc (#44685) 
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
Co-authored-by: Stan Silvert <ssilvert@redhat.com>
 2025-12-18 07:52:41 -05:00
stianst
fb83a8ba09 Documentation for federated client authentication 
Closes #42721

Signed-off-by: stianst <stianst@gmail.com>
 2025-09-19 11:54:03 +01:00
Sebastian Łaskawiec
988bf9cb0b
WelcomeResource do not create temporary admins (#41416) 
Signed-off-by: Sebastian Łaskawiec <sebastian.laskawiec@defenseunicorns.com>
 2025-08-18 17:31:26 +02:00
Ricardo Martin
ef312b570c
Final changes for passkeys documentation (#41646) 
Closes #41557

Signed-off-by: rmartinc <rmartinc@redhat.com>

Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
Co-authored-by: Marek Posolda <mposolda@gmail.com>
 2025-08-13 09:01:15 +02:00
Alexander Schwartz
e1b3afb686
Refresh token for an OAuth2 based IDP when retrieving the IDP token 
Closes #14644

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2025-07-31 11:11:34 +02:00
Ricardo Martin
8624101701
Documentation changes for Passkeys (#40728) 
Closes #40705

Signed-off-by: rmartinc <rmartinc@redhat.com>


Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net>
Signed-off-by: Ricardo Martin <rmartinc@redhat.com>
 2025-06-27 14:59:46 +02:00
Ricardo Martin
b89f8a0225
Documentation changes for the 2FA additions 
Closes #40001

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2025-06-12 09:30:27 +02:00
mposolda
e9283ee71d Documentation for recovery codes (deprecation of password policy and required action config) 
closes #39245

Signed-off-by: mposolda <mposolda@gmail.com>
 2025-04-29 09:29:38 +02:00
Pedro Igor
87430fc181
Add impersonate-members scope to group resource type 
Closes #38566

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-04-07 14:56:27 +00:00
vramik
f076b99407 FGAP documentation 
Closes #37245

Signed-off-by: vramik <vramik@redhat.com>
 2025-04-03 09:44:32 -03:00
Marek Posolda
6654e56a7c
Polish documentation for audience and client scopes (#38484) 
closes #19127

Signed-off-by: mposolda <mposolda@gmail.com>


Co-authored-by: Bruno Oliveira da Silva <bruno@abstractj.com>
Signed-off-by: Marek Posolda <mposolda@gmail.com>
 2025-04-03 08:43:06 +02:00
rmartinc
a10c8119d4 Define a max expiration window for Signed JWT client authentication 
Closes #38576

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2025-04-02 18:32:54 +02:00
Ricardo Martin
a7e63837db
Recovery codes documentation (#38407) 
Closes #30702

Signed-off-by: rmartinc <rmartinc@redhat.com>


Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
 2025-03-27 09:59:14 +01:00
andymunro
1f6f1571fd
update screens for new realm selector 
Closes #37083

Signed-off-by: AndyMunro <amunro@redhat.com>
 2025-03-15 10:54:00 +01:00
rmartinc
6850f41060 Force login in reset-credentials to federated users 
Closes #37207

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2025-02-12 13:47:39 -03:00
Ricardo Martin
8671f86046
Provide an option to force login after reset credentials (#36856) 
Closes #36844

Signed-off-by: rmartinc <rmartinc@redhat.com>


Co-authored-by: Ricardo Martin <rmartinc@redhat.com>
Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
Co-authored-by: Marek Posolda <mposolda@gmail.com>
Signed-off-by: Marek Posolda <mposolda@gmail.com>
 2025-01-28 18:35:02 +01:00
Marek Posolda
a3fd076960
Adding ConditionalClientScopeAuthenticator (#36020) 
closes #36081 

Signed-off-by: mposolda <mposolda@gmail.com>


Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
Signed-off-by: Marek Posolda <mposolda@gmail.com>
 2024-12-20 09:53:51 +01:00
Ricardo Martin
bbca6116b0
Implement a conditional authenticator to check if a sub-flow was executed or not previously in the process (#35668) 
Closes #35231

Signed-off-by: rmartinc <rmartinc@redhat.com>


Co-authored-by: Marek Posolda <mposolda@gmail.com>
Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
 2024-12-12 11:16:30 +01:00
AndyMunro
e2d221c4bd Address QE comments on Server Admin Guide 
Closes #34916

Signed-off-by: AndyMunro <amunro@redhat.com>
 2024-11-22 10:20:18 +01:00
Gilvan Filho
910caf5ff8
Update brute force docs 
Fixes #27378

Signed-off-by: Gilvan Filho <gilvan.sfilho@gmail.com>
Signed-off-by: Alexander Schwartz <alexander.schwartz@gmx.net>
Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net>
Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
 2024-11-04 09:41:26 +00:00
Simon Levermann
dcf1d83199
Enable enforcement of a minimum ACR at the client level (#16884) (#33205) 
closes #16884 

Signed-off-by: Simon Levermann <github@simon.slevermann.de>
 2024-10-21 13:54:02 +02:00
Maksim Zvankovich
35eba8be8c Add option to include the organization id in the organization claims 
Closes #32746

Signed-off-by: Maksim Zvankovich <m.zvankovich@nexovagroup.eu>
Co-authored-by: Stefan Guilhen <sguilhen@redhat.com>
 2024-10-03 08:11:36 -03:00
vramik
c1653448f3 [Organizations] Allow orgs to define the redirect URL after user registers or accepts invitation link 
Closes #33201

Signed-off-by: vramik <vramik@redhat.com>
 2024-10-02 07:37:48 -03:00
Stefan Guilhen
b717810061
Update organizations documentation in the server admin guide 
Closes #33199

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
 2024-09-27 16:27:54 +02:00
Stefan Guilhen
d87f67b4e6
Fix duplicated screenshots in the Fine grain admin permissions section of the Server Admin Guide 
Closes #31083

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
 2024-09-27 09:04:01 +02:00
Marek Posolda
6dc28bc7b5
Clarify the documentation about step-up authentication (#29735) 
closes #28341

Signed-off-by: mposolda <mposolda@gmail.com>


Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
 2024-05-21 19:46:27 +02:00
Takashi Norimatsu
b4e7d9b1aa
Passkeys: Supporting WebAuthn Conditional UI (#24305) 
closes #24264

Signed-off-by: Takashi Norimatsu <takashi.norimatsu.ws@hitachi.com>
Signed-off-by: mposolda <mposolda@gmail.com>


Co-authored-by: mposolda <mposolda@gmail.com>
 2024-05-16 07:58:43 +02:00
AndyMunro
4a5055c3cc Update create realm topics to replace Master 
Closes #29280

Signed-off-by: AndyMunro <amunro@redhat.com>
 2024-05-08 17:37:20 +02:00
Dimitri Papadopoulos Orfanos
9db1443367
Fix typos found by codespell in docs (#28890) 
Run `chmod -x` on files that need not be executable.

Signed-off-by: Dimitri Papadopoulos <3234522+DimitriPapadopoulos@users.noreply.github.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
 2024-05-03 12:41:16 +00:00
Martin Bartoš
c5553b46b4
Update Welcome page image in docs 
Closes #27719

Signed-off-by: Martin Bartoš <mabartos@redhat.com>
 2024-03-08 15:00:36 +01:00
Lucy Linder
84d48a9877 Update documentation for reCAPTCHA support 
Signed-off-by: Lucy Linder <lucy.derlin@gmail.com>
 2024-03-04 20:28:06 +09:00
Takashi Norimatsu
3db04d8d8d Replace Security Key with Passkey in WebAuthn UIs and their documents 
closes #27147

Signed-off-by: Takashi Norimatsu <takashi.norimatsu.ws@hitachi.com>
 2024-02-29 10:31:05 +01:00
Pedro Igor
b98e115183 Updating docs and account message 
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2024-02-22 22:58:22 +09:00
Jon Koops
89af9e3ffd
Write announcement and documentation for Account Console v3 (#26318) 
Closes #26122

Signed-off-by: Jon Koops <jonkoops@gmail.com>
 2024-02-21 13:42:33 -05:00
Pedro Igor
750bc2c09c Reviewing references to user attribute management and UIs 
Closes #26155

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2024-02-12 16:01:34 +01:00
Pedro Igor
4338f44955 Reviewing the user profile documentation 
Closes #26154

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2024-02-02 17:14:51 +01:00
shigeyuki kabano
8b65e6727b Creating documentation for Lightweight access token(#25743) 
Closes keycloak#23725

Signed-off-by: shigeyuki kabano <shigeyuki.kabano.sj@hitachi.com>
 2024-01-09 09:48:20 +01:00
Ben Cresitello-Dittmar
057d8a00ac Implement Authentication Method Reference (AMR) claim from OIDC specification 
This implements a method for configuring authenticator reference values for Keycloak authenticator executions and a protocol mapper for populating the AMR claim in the resulting OIDC tokens.

This implementation adds a default configuration item to each authenticator execution, allowing administrators to configure an authenticator reference value. Upon successful completion of an authenticator during an authentication flow, Keycloak tracks the execution ID in a user session note.

The protocol mapper pulls the list of completed authenticators from the user session notes and loads the associated configurations for each authenticator execution. It then captures the list of authenticator references from these configs and sets it in the AMR claim of the resulting tokens.

Closes #19190

Signed-off-by: Ben Cresitello-Dittmar <bcresitellodittmar@mitre.org>
 2024-01-03 14:59:05 -03:00
Tomas Ondrusko
fe48afc1dc Update Social Identity Providers documentation (#24601) 
Signed-off-by: Tomas Ondrusko <tondrusk@redhat.com>
 2023-11-16 17:58:53 +01:00
AndyMunro
20f5edc708 Addressing Server Admin review comments 
Closes #24643

Signed-off-by: AndyMunro <amunro@redhat.com>
 2023-11-13 15:48:02 +01:00
AndyMunro
9ef9c944d0 Minor changes to documentation 
Closes #24456
 2023-11-01 22:14:11 +01:00
rmartinc
8887be7887 Add a new identity provider for LinkedIn based on OIDC 
Closes https://github.com/keycloak/keycloak/issues/22383
 2023-09-06 16:13:31 +02:00
Peter Zaoral
c5d9e222db Update OCP4 Social IdP example setup in the latest docs 
* improved openshift.adoc

Closes #22159

Signed-off-by: Peter Zaoral <pzaoral@redhat.com>
 2023-08-03 18:57:08 +02:00
rmartinc
20121ee9da Update docs and tooltips for lifespan and idle timeout changes 
Closes https://github.com/keycloak/keycloak/issues/20791
 2023-06-20 09:01:32 +02:00