keycloak

mirror of https://github.com/keycloak/keycloak.git synced 2026-04-15 22:09:46 -04:00

Author	SHA1	Message	Date
Ricardo Martin	ef312b570c	Final changes for passkeys documentation (#41646 ) Closes #41557 Signed-off-by: rmartinc <rmartinc@redhat.com> Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com> Co-authored-by: Marek Posolda <mposolda@gmail.com>	2025-08-13 09:01:15 +02:00
Peter Skopek	651d651c30	Add missing artifact descriptions to allow Maven Central Portal Publisher pass validation process. (#40822 ) Signed-off-by: Peter Skopek <pskopek@redhat.com>	2025-08-12 16:50:17 +02:00
Alexander Schwartz	c2515bbb88	Fixing typo and formatting Closes #41620 Signed-off-by: Alexander Schwartz <aschwart@redhat.com> Signed-off-by: Alexander Schwartz <alexander.schwartz@gmx.net> Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>	2025-08-11 08:26:10 +02:00
Pedro Igor	84fc9bb3e5	Allow forwarding parameters set as a client note in the authentication session Closes #41670 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2025-08-06 14:57:47 -03:00
huyenvu2101	5436f9781c	Allow setting default value for userprofile attribute Closes #36160 Signed-off-by: huyenvu2101 <vhuyen2101@gmail.com>	2025-08-06 13:59:54 -03:00
Takashi Norimatsu	cb4e06b6f8	FAPI 2.0 Security Profile Final - Documentation closes #41121 Signed-off-by: Takashi Norimatsu <takashi.norimatsu.ws@hitachi.com>	2025-08-01 09:24:30 +02:00
forkimenjeckayang	43610cfa67	[OID4VCI] Update SD-JWT VCs Format Identifier to dc+sd-jwt (#41233 ) Closes #39293 Signed-off-by: forkimenjeckayang <forkimenjeckayang@gmail.com>	2025-08-01 09:13:35 +02:00
Alexander Schwartz	e1b3afb686	Refresh token for an OAuth2 based IDP when retrieving the IDP token Closes #14644 Signed-off-by: Alexander Schwartz <aschwart@redhat.com>	2025-07-31 11:11:34 +02:00
rmartinc	1f608fae6e	Create a new condition for credential type and add it to default flows Closes #41354 Signed-off-by: rmartinc <rmartinc@redhat.com>	2025-07-31 10:14:15 +02:00
Martin Bartoš	57cb321ce0	ExternalLinks are broken in documentation Closes #41491 Signed-off-by: Martin Bartoš <mabartos@redhat.com>	2025-07-30 11:21:11 +02:00
rmartinc	e0bba39da0	Allow configure encryption details for SAML clients Closes #40933 Signed-off-by: rmartinc <rmartinc@redhat.com>	2025-07-18 20:13:40 +02:00
Martin Kanis	85b494ec51	Review and update the documentation regarding the UPDATE EMAIL feature Closes #40226 Signed-off-by: Martin Kanis <mkanis@redhat.com>	2025-07-17 15:27:09 +00:00
Alexander Schwartz	180745b65f	Fix em-dash in SPI options in the docs Closes #41152 Signed-off-by: Alexander Schwartz <aschwart@redhat.com> Signed-off-by: Alexander Schwartz <alexander.schwartz@gmx.net> Co-authored-by: Steven Hawkins <shawkins@redhat.com>	2025-07-16 12:18:09 -03:00
Pedro Igor	87f30a6285	Adding a config to the UPDATE_EMAIL action to force users to verify email Closes #32569 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2025-07-16 16:21:08 +02:00
mposolda	274afa88fa	Add option 'Requires short state parameter' to OIDC IDP closes #40237 Signed-off-by: mposolda <mposolda@gmail.com>	2025-07-11 16:17:03 +02:00
Pascal Knüppel	f39a37d8d1	[OID4VCI] Move realm attributes to clientScope and protocol-mappers (#39768 ) fixes #39527 Signed-off-by: Pascal Knüppel <pascal.knueppel@governikus.de> Signed-off-by: Captain-P-Goldfish <captain.p.goldfish@gmx.de>	2025-07-10 14:46:36 +02:00
Pedro Ruivo	9322d71d61	UserSession Offline removed from DB if not in cache Fixes #40754 Signed-off-by: Pedro Ruivo <pruivo@redhat.com> Signed-off-by: Alexander Schwartz <alexander.schwartz@gmx.net> Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net>	2025-07-07 20:52:06 +02:00
Ricardo Martin	8624101701	Documentation changes for Passkeys (#40728 ) Closes #40705 Signed-off-by: rmartinc <rmartinc@redhat.com> Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net> Signed-off-by: Ricardo Martin <rmartinc@redhat.com>	2025-06-27 14:59:46 +02:00
andymunro	e7b4f745ad	Clarify OpenShift instructions (#40488 ) Closes #40487 Signed-off-by: AndyMunro <amunro@redhat.com>	2025-06-20 17:07:48 +02:00
Henrik S.	c952cb66ad	Update authentication flows documentation to match new GUI Closes #40514 Signed-off-by: Henrik S. <henrik.strath@volvocars.com> Signed-off-by: Alexander Schwartz <aschwart@redhat.com> Co-authored-by: Alexander Schwartz <aschwart@redhat.com>	2025-06-16 08:24:43 +00:00
Steven Hawkins	76bc9fadcb	fix: adding a -- separator for spi options (#40005 ) * fix: adding a -- separator for spi options closes: #39063 Signed-off-by: Steve Hawkins <shawkins@redhat.com> * adding a warning for ambiguous spi options also adding a note about the change Signed-off-by: Steve Hawkins <shawkins@redhat.com> # Conflicts: # docs/documentation/upgrading/topics/changes/changes-26_3_0.adoc * updating docs to the new format Signed-off-by: Steve Hawkins <shawkins@redhat.com> # Conflicts: # docs/guides/high-availability/examples/generated/keycloak-ispn.yaml # docs/guides/high-availability/examples/generated/keycloak.yaml * internally using the new spi options also adding a deprecation notice Signed-off-by: Steve Hawkins <shawkins@redhat.com> * Apply suggestions from code review Co-authored-by: Martin Bartoš <mabartos@redhat.com> Signed-off-by: Steven Hawkins <shawkins@redhat.com> * correcting options output adding + + inlining where needed Signed-off-by: Steve Hawkins <shawkins@redhat.com> * adding test showing the env mapping with __ Signed-off-by: Steve Hawkins <shawkins@redhat.com> --------- Signed-off-by: Steve Hawkins <shawkins@redhat.com> Signed-off-by: Steven Hawkins <shawkins@redhat.com> Co-authored-by: Martin Bartoš <mabartos@redhat.com>	2025-06-13 16:13:53 +02:00
Ricardo Martin	b89f8a0225	Documentation changes for the 2FA additions Closes #40001 Signed-off-by: rmartinc <rmartinc@redhat.com>	2025-06-12 09:30:27 +02:00
mposolda	b03b9f9e3a	Improve documentation of service-accounts and make it more clear. Delete the unused file service-accounts.adoc closes #39748 Signed-off-by: mposolda <mposolda@gmail.com>	2025-06-05 08:45:12 +02:00
Pedro Igor	7cc055f8a6	Verify brokered user email based on the email_verified claim from the ID Token returned by the OP Closes #39885 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2025-05-29 10:45:18 -03:00
Pedro Igor	e6e6fa60fa	Adding OAuth2-based identity broker Closes #35266 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2025-05-27 12:07:01 -03:00
rmartinc	3c511635ba	Skip AIA for webauthn register if a crendential of teh correct type already exists Closes #39191 Signed-off-by: rmartinc <rmartinc@redhat.com>	2025-05-20 18:09:12 +02:00
Kai J. Witt	c76bb0683c	Make max auth age configurable for all required actions by default Moved the current configuration implementation for the update password Closes #39408 Signed-off-by: Kai Josef Witt <KWitt@vhv.de> Signed-off-by: Marek Posolda <mposolda@gmail.com> Co-authored-by: Kai Josef Witt <KWitt@vhv.de> Co-authored-by: Marek Posolda <mposolda@gmail.com>	2025-05-15 08:44:38 +02:00
Awambeng	ea4ef74917	Fix doc(oid4vc): Correct realm-attributes example and update HTTP method in docs (#39409 ) Closes #39264 Signed-off-by: Awambeng Rodrick <awambengrodrick@gmail.com>	2025-05-13 10:09:14 +02:00
rmartinc	4730dbdd8d	Make recovery codes supported Closes #38994 Signed-off-by: rmartinc <rmartinc@redhat.com>	2025-04-29 10:25:46 +02:00
mposolda	e9283ee71d	Documentation for recovery codes (deprecation of password policy and required action config) closes #39245 Signed-off-by: mposolda <mposolda@gmail.com>	2025-04-29 09:29:38 +02:00
Emmanuel Lécharny	a48469896e	Added a link to the ApacheDS doc for server side password hashing Closes #39136 Signed-off-by: Emmanuel Lécharny <elecharny@gmail.com>	2025-04-24 09:25:03 +00:00
Emmanuel Lécharny	1dc97d5d4d	Update ldap.adoc with ApacheDS details Added some precision about ApacheDS password management. Closes #39136 Signed-off-by: Emmanuel Lécharny <elecharny@apache.org> Signed-off-by: Alexander Schwartz <alexander.schwartz@gmx.net> Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net>	2025-04-23 07:55:59 +02:00
Marek Posolda	f8a4a8da86	Unexpected AIA Cause Server Errors closes #37526 Signed-off-by: mposolda <mposolda@gmail.com>	2025-04-17 14:15:07 +00:00
Pedro Igor	1ba8fe16ac	Deprecate for removal Instagram Identity Broker (#38998 ) Closes #37967 Closes #36562 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2025-04-17 09:07:06 +02:00
Pedro Igor	288b6dae12	More information to docs Closes #38798 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2025-04-10 20:03:05 +02:00
Pedro Igor	ae88d7921f	Improvements to partial evaluation Closes #38732 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2025-04-09 18:15:28 +02:00
Pedro Igor	87430fc181	Add impersonate-members scope to group resource type Closes #38566 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2025-04-07 14:56:27 +00:00
vramik	6488890585	[FGAP:V2] remove configure scope from Client resource type Closes #38567 Signed-off-by: vramik <vramik@redhat.com>	2025-04-07 07:05:02 -03:00
Stefan Guilhen	c4c3e2eee6	Allow redirection to idp when user email matches any of the org domains Signed-off-by: Stefan Guilhen <sguilhen@redhat.com> Co-authored-by: Martin Panzer <martin.panzer@active-logistics.com> Closes #33804	2025-04-04 11:28:04 -03:00
Vlasta Ramik	18c8308bb4	[FGAP] Remove redundant sentense from fine grained admin permissions docs Closes #38677 Signed-off-by: vramik <vramik@redhat.com>	2025-04-04 09:41:17 +02:00
vramik	f076b99407	FGAP documentation Closes #37245 Signed-off-by: vramik <vramik@redhat.com>	2025-04-03 09:44:32 -03:00
Marek Posolda	6654e56a7c	Polish documentation for audience and client scopes (#38484 ) closes #19127 Signed-off-by: mposolda <mposolda@gmail.com> Co-authored-by: Bruno Oliveira da Silva <bruno@abstractj.com> Signed-off-by: Marek Posolda <mposolda@gmail.com>	2025-04-03 08:43:06 +02:00
rmartinc	a10c8119d4	Define a max expiration window for Signed JWT client authentication Closes #38576 Signed-off-by: rmartinc <rmartinc@redhat.com>	2025-04-02 18:32:54 +02:00
Alexander Schwartz	e7474646ee	Explicit target for cross-reference 2FA in server admin guide (#38573 ) Closes #38572 Signed-off-by: Alexander Schwartz <aschwart@redhat.com>	2025-04-01 13:29:30 +02:00
mposolda	cd4e5bc784	Release notes for oid4vci docs closes #38485 Signed-off-by: mposolda <mposolda@gmail.com>	2025-03-29 19:25:24 +01:00
Stefan Guilhen	89d659ee36	Add section about support for federated members in the organization documentation Signed-off-by: Stefan Guilhen <sguilhen@redhat.com> Closes #38471	2025-03-27 08:03:35 -03:00
Ricardo Martin	a7e63837db	Recovery codes documentation (#38407 ) Closes #30702 Signed-off-by: rmartinc <rmartinc@redhat.com> Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>	2025-03-27 09:59:14 +01:00
Awambeng	27a7a301e7	Add documentation for configuring Keycloak as a VC issuer closes #38256 Signed-off-by: Awambeng Rodrick <awambengrodrick@gmail.com>	2025-03-26 20:50:43 +01:00
Marek Posolda	db23d8e665	Clarify that XOAUTH2 configuration with Microsoft Office365 is community contributed Closes #38376 Signed-off-by: mposolda <mposolda@gmail.com> Signed-off-by: Marek Posolda <mposolda@gmail.com> Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net> Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>	2025-03-26 15:54:38 +01:00
Sebastian Rose	4fb1c41155	Sending Mails via SMTP and XOAUTH2 authentication mechanism Closes #17432 Signed-off-by: Sebastian Rose <sebastian.rose@gmail.com>	2025-03-21 10:12:18 +01:00
Takashi Norimatsu	eb2153379a	DPoP: Refresh token created with DPoP can be refreshed without proof closes #36475 Signed-off-by: Takashi Norimatsu <takashi.norimatsu.ws@hitachi.com>	2025-03-17 12:53:19 +01:00
andymunro	1f6f1571fd	update screens for new realm selector Closes #37083 Signed-off-by: AndyMunro <amunro@redhat.com>	2025-03-15 10:54:00 +01:00
Marek Posolda	290905c9cf	Documentation for supported token-exchange (#38008 ) closes #37126 Signed-off-by: Marek Posolda <mposolda@gmail.com> Co-authored-by: Bruno Oliveira da Silva <bruno@abstractj.com> Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>	2025-03-14 09:55:44 +01:00
Mihir Vadalia	11a20a2eb3	Documentation for Optional Email Events Closes #37998 Signed-off-by: Mihir Vadalia <mihir@defensepoint.com> Co-authored-by: Mihir Vadalia <mihir@defensepoint.com>	2025-03-11 21:21:45 +01:00
Stefan Guilhen	86b2a6a95c	Fix docs to also mention roles Signed-off-by: Stefan Guilhen <sguilhen@redhat.com> Closes #28569 Signed-off-by: Jakob Overrein <jakob.overrein@basefarm-orange.com>	2025-03-10 16:13:36 -03:00
Stefan Guilhen	d44ebfd4d1	Document the addition of the Relative User Creation DN Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>	2025-03-10 16:13:36 -03:00
Giuseppe Graziano	690b5ecb25	Grant Type condition for client policies (#37665 ) Closes #37124 Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>	2025-02-27 11:51:06 +01:00
Jon Koops	3ccc88628f	Fix broken external link in Gitlab IdP docs (#37435 ) Closes #37434 Signed-off-by: Jon Koops <jonkoops@gmail.com>	2025-02-18 11:03:53 +00:00
rmartinc	6850f41060	Force login in reset-credentials to federated users Closes #37207 Signed-off-by: rmartinc <rmartinc@redhat.com>	2025-02-12 13:47:39 -03:00
Pedro Igor	bf3dcda87b	Updating messages Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2025-02-07 10:42:45 -03:00
Alexander Schwartz	690b0e4bef	VERIFY_EMAIL as supported Application Initiated Action Closes #25154 Signed-off-by: Alexander Schwartz <aschwart@redhat.com>	2025-02-06 16:49:28 +01:00
papastepano	0c46ad299c	Outdated documentation reCAPTCHA Closes #36887 Signed-off-by: Stepan Papazyan <papastepano@gmail.com>	2025-01-29 21:03:45 +00:00
Ricardo Martin	8671f86046	Provide an option to force login after reset credentials (#36856 ) Closes #36844 Signed-off-by: rmartinc <rmartinc@redhat.com> Co-authored-by: Ricardo Martin <rmartinc@redhat.com> Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com> Co-authored-by: Marek Posolda <mposolda@gmail.com> Signed-off-by: Marek Posolda <mposolda@gmail.com>	2025-01-28 18:35:02 +01:00
Giuseppe Graziano	bd807ceac3	Select auth flow via acr using client policies (#36441 ) Closes #24297 Co-authored-by: Ben Cresitello-Dittmar <bcresitellodittmar@mitre.org> Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>	2025-01-23 19:46:07 +01:00
rmartinc	f89be1813d	Check next update time for CRL in certificate validation Closes #35983 Signed-off-by: rmartinc <rmartinc@redhat.com>	2025-01-22 14:58:35 +01:00
rmartinc	17d2dd58ca	Add some common headers for the links check in docs Closes #36675 Signed-off-by: rmartinc <rmartinc@redhat.com>	2025-01-22 12:21:29 +01:00
Pedro Igor	aca84824c0	Allow enforce that users are members of organizations when authenticating Closes #34275 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2025-01-17 19:48:55 +01:00
Stian Thorgersen	bc2665fc2a	Re-order items in release notes for 26.1 (#36346 ) * Re-order items in release notes for 26.1 Signed-off-by: stianst <stianst@gmail.com> * Review (#161) Signed-off-by: Alexander Schwartz <aschwart@redhat.com> --------- Signed-off-by: stianst <stianst@gmail.com> Signed-off-by: Alexander Schwartz <aschwart@redhat.com> Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net>	2025-01-14 09:21:04 +00:00
Marek Posolda	4ab34f4816	Updating release notes with core-clients contributions and features (#36066 ) closes #35953 Signed-off-by: mposolda <mposolda@gmail.com> Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com> Signed-off-by: Marek Posolda <mposolda@gmail.com>	2024-12-20 10:15:55 +01:00
Marek Posolda	a3fd076960	Adding ConditionalClientScopeAuthenticator (#36020 ) closes #36081 Signed-off-by: mposolda <mposolda@gmail.com> Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com> Signed-off-by: Marek Posolda <mposolda@gmail.com>	2024-12-20 09:53:51 +01:00
Jan Verhaeghe	56246096e0	Align on one realm-name placeholder Closes #36047 Signed-off-by: Jan Verhaeghe <jan@hwfaq.be>	2024-12-19 13:48:18 +00:00
Thomas Darimont	3cdbbc5b15	Add support for Initiating User Registration via prompt=create (#10701 ) (#35903 ) Fixes #10701 Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>	2024-12-16 19:54:52 +01:00
Ricardo Martin	bbca6116b0	Implement a conditional authenticator to check if a sub-flow was executed or not previously in the process (#35668 ) Closes #35231 Signed-off-by: rmartinc <rmartinc@redhat.com> Co-authored-by: Marek Posolda <mposolda@gmail.com> Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>	2024-12-12 11:16:30 +01:00
rmartinc	769bd6c9d0	Improve the note about group synchronization in sssd Closes #35643 Signed-off-by: rmartinc <rmartinc@redhat.com>	2024-12-11 07:40:04 -03:00
Niko Köbler	2639f3ee43	set default ldap connection pooling to plain and ssl (#35763 ) * set default ldap connection pooling to plain and ssl closes #35758	2024-12-10 12:05:14 -03:00
Stian Thorgersen	5bc4ab1429	Delete OpenShift 3.x identity provider (#34331 ) Closes #34330 Signed-off-by: stianst <stianst@gmail.com>	2024-12-06 11:24:47 +01:00
Alexander Schwartz	b98cd12b58	Changing mis-formatted definition list of hashing algorithms to a table Closes #35416 Signed-off-by: Alexander Schwartz <aschwart@redhat.com>	2024-12-02 15:05:05 -03:00
Pedro Igor	e9e19c2683	Allow asking for additional scopes when querying the account console root URL Closes #35243 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com> Signed-off-by: Alexander Schwartz <aschwart@redhat.com> Co-authored-by: Alexander Schwartz <aschwart@redhat.com>	2024-12-02 12:54:00 +00:00
Pedro Igor	45f9bcd673	Resolve scopes from bearer tokens when processing requests to the Account API Closes #35357 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-11-27 14:17:53 -03:00
Cornelius Roemer	29abfd3e89	Fix typos in .md and .adoc files using codespell interactive mode Closes #35256 This PR fixes a bunch of typos in docs files. I ran codespell on `.adoc` and `.md` files in the repo in interactive mode carefully checking each identified typo and proposed fix for false positives. The most widely read file with typos identified is likely the changelog/migration guide. Signed-off-by: Cornelius Roemer <cornelius.roemer@gmail.com>	2024-11-25 08:21:26 +01:00
Cornelius Roemer	610c08a0f3	Fix typo `www.recatcha.net` -> `www.recaptcha.net` in docs (#35210 ) closes #35210 Signed-off-by: Cornelius Roemer <cornelius.roemer@gmail.com>	2024-11-22 10:39:52 +01:00
AndyMunro	e2d221c4bd	Address QE comments on Server Admin Guide Closes #34916 Signed-off-by: AndyMunro <amunro@redhat.com>	2024-11-22 10:20:18 +01:00
Václav Muzikář	d60cb9aaef	fix: prevent inclusion of characters that could lead to FileVault path traversal (#35223 ) Closes: #35215 Signed-off-by: Peter Zaoral <pzaoral@redhat.com> Co-authored-by: Peter Zaoral <pepo48@gmail.com>	2024-11-22 10:18:00 +01:00
Ricardo Martin	ca1c10f7ba	Use short UUID for ldap components (#34815 ) Closes #32143 Signed-off-by: rmartinc <rmartinc@redhat.com>	2024-11-15 15:15:04 +01:00
Gilvan Filho	910caf5ff8	Update brute force docs Fixes #27378 Signed-off-by: Gilvan Filho <gilvan.sfilho@gmail.com> Signed-off-by: Alexander Schwartz <alexander.schwartz@gmx.net> Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net> Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>	2024-11-04 09:41:26 +00:00
AndyMunro	4984900bae	Make organizations chapter available in downstream Closes #34382 Signed-off-by: AndyMunro <amunro@redhat.com>	2024-10-28 10:28:24 +01:00
Gilvan Filho	e6cd1a05c1	Update docs/documentation/server_admin/topics/threat/brute-force.adoc Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com> Signed-off-by: Gilvan Filho <gilvan.sfilho@gmail.com>	2024-10-22 10:33:22 -03:00
Gilvan Filho	c4005d29f0	add linear strategy to brute force closes #25917 Signed-off-by: Gilvan Filho <gilvan.sfilho@gmail.com>	2024-10-22 10:33:22 -03:00
Simon Levermann	dcf1d83199	Enable enforcement of a minimum ACR at the client level (#16884 ) (#33205 ) closes #16884 Signed-off-by: Simon Levermann <github@simon.slevermann.de>	2024-10-21 13:54:02 +02:00
mposolda	dbcb3151a9	Align admin console for client for backchannel and frontchannel logout closes #10138 Signed-off-by: mposolda <mposolda@gmail.com> Co-authored-by: Erik Jan de Wit <edewit@redhat.com> Signed-off-by: Marek Posolda <mposolda@gmail.com>	2024-10-21 11:32:03 +02:00
Jake	946798aa01	Small grammatical error in documentation Closes #34009 Signed-off-by: Jake <156826184+jlanning-gl@users.noreply.github.com>	2024-10-16 18:49:49 +02:00
Stefan Guilhen	a832381a37	Add section to clarify the impact of having imported LDAP users when performing searches Closes #16451 Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>	2024-10-11 11:01:14 -03:00
vramik	b7eaa9b0cb	Wildcard search not working for custom user attributes Closes #32451 Signed-off-by: vramik <vramik@redhat.com>	2024-10-03 08:48:36 -03:00
Maksim Zvankovich	35eba8be8c	Add option to include the organization id in the organization claims Closes #32746 Signed-off-by: Maksim Zvankovich <m.zvankovich@nexovagroup.eu> Co-authored-by: Stefan Guilhen <sguilhen@redhat.com>	2024-10-03 08:11:36 -03:00
vramik	c1653448f3	[Organizations] Allow orgs to define the redirect URL after user registers or accepts invitation link Closes #33201 Signed-off-by: vramik <vramik@redhat.com>	2024-10-02 07:37:48 -03:00
Jon Koops	21704a70c1	Update documentation and release notes for Keycloak JS (#33409 ) Closes #32843 Signed-off-by: Jon Koops <jonkoops@gmail.com>	2024-10-01 10:29:23 +02:00
vramik	412f1f85a9	Update Organization documentation Closes #33410 Signed-off-by: vramik <vramik@redhat.com>	2024-10-01 09:29:49 +02:00
Stefan Guilhen	b717810061	Update organizations documentation in the server admin guide Closes #33199 Signed-off-by: Stefan Guilhen <sguilhen@redhat.com> Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>	2024-09-27 16:27:54 +02:00
Stefan Guilhen	d87f67b4e6	Fix duplicated screenshots in the Fine grain admin permissions section of the Server Admin Guide Closes #31083 Signed-off-by: Stefan Guilhen <sguilhen@redhat.com> Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>	2024-09-27 09:04:01 +02:00
Jon Koops	021a2af2fd	Compute SHA-256 digest for PKCE using the Web Crypto API (#33251 ) Closes #33250 Signed-off-by: Jon Koops <jonkoops@gmail.com>	2024-09-25 16:19:16 +02:00
Jon Koops	188893222f	Remove references of statically served Keycloak JS from documentation Closes #32821 Signed-off-by: Jon Koops <jonkoops@gmail.com>	2024-09-12 09:38:00 +02:00
Alexander Schwartz	b88ecc0237	Removing the extra two-minute Window for persistent user sessions (#32660 ) Closes #28418 Signed-off-by: Alexander Schwartz <aschwart@redhat.com> Signed-off-by: Michal Hajas <mhajas@redhat.com> Co-authored-by: Michal Hajas <mhajas@redhat.com>	2024-09-09 09:28:48 +02:00
Theresa Henze	a1c23fef8c	introduce event types to update/remove credentials Closes #10114 Signed-off-by: Theresa Henze <theresa.henze@bare.id>	2024-09-03 18:27:27 +02:00
Thomas Darimont	88a5c96fff	Add `kc_action` to redirect URI after a required action is cancelled (#31925 ) Closes #31894 Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>	2024-09-03 14:26:23 +00:00
Michal Hajas	af53af1506	Document persistent sessions are enabled by default Closes #32387 Signed-off-by: Michal Hajas <mhajas@redhat.com> Signed-off-by: Alexander Schwartz <aschwart@redhat.com> Co-authored-by: Pedro Ruivo <pruivo@users.noreply.github.com> Co-authored-by: Alexander Schwartz <aschwart@redhat.com>	2024-08-30 09:20:58 +00:00
Yuvi Panda	5210b7e546	Use Google as example, not Google+ Google+ no longer exists Signed-off-by: Yuvi Panda <yuvipanda@gmail.com>	2024-08-26 10:18:52 +02:00
Pedro Igor	c1f6d5ca64	Support for selecting an organization when requesting the organization scope Closes #31438 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-08-21 13:04:58 +02:00
Yoshiyuki Tabata	cb6eb187ac	Client Policy - Condition : Client - Client Attribute Closes https://github.com/keycloak/keycloak/issues/31766 Signed-off-by: Yoshiyuki Tabata <yoshiyuki.tabata.jy@hitachi.com>	2024-08-14 09:56:56 +02:00
Alexander Schwartz	d4991ce56f	Fix server guide cross-references for downstream docs Closes #31947 Signed-off-by: Alexander Schwartz <aschwart@redhat.com>	2024-08-13 14:51:01 -03:00
Tero Saarni	62fd969fe1	Allow requests from local IPv6 addresses If administrator selects EXTERNAL for Require SSL setting, allow clear-text HTTP requests when client is coming from IPv6 link-local or unique local address (ULA). Previously only private IPv4 addresses were allowed and private IPv6 addresses were rejected. Closes #30678 Signed-off-by: Tero Saarni <tero.saarni@est.tech>	2024-08-05 16:38:55 +02:00
rmartinc	942d5d0aa3	Convert chapter planning for securing applications and services to guides Final removal of the securing_apps documentation Final checks for links, order and other minor things Closes #31328 Signed-off-by: rmartinc <rmartinc@redhat.com>	2024-08-01 16:45:56 +02:00
rmartinc	b07b120f2a	Convert chapter client registration CLI from securing apps into guides Closes #31333 Signed-off-by: rmartinc <rmartinc@redhat.com>	2024-07-30 18:30:46 +02:00
Marek Posolda	5b52117351	Documentation for Delete Credential action and related changes (#31719 ) closes #31718 Signed-off-by: mposolda <mposolda@gmail.com> Signed-off-by: Marek Posolda <mposolda@gmail.com> Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>	2024-07-30 10:05:14 +02:00
Giuseppe Graziano	c3019fb2d3	Move oidc documentation to guides (#31627 ) Closes #31329 Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>	2024-07-30 09:46:14 +02:00
Pedro Igor	f4b1a5ca88	Updating docs Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-07-24 15:12:16 -03:00
Maciej Mierzwa	97e89e2071	feature: password age in days policy Closes #30210 Signed-off-by: Maciej Mierzwa <dev.maciej.mierzwa@gmail.com>	2024-07-24 15:12:16 -03:00
rmartinc	9f2eddead8	Re-add notes about not supporting DPoP and holder-of-key in the remaining adapters Closes #30874 Signed-off-by: rmartinc <rmartinc@redhat.com>	2024-07-24 11:55:47 +02:00
rmartinc	764ef4831a	Release notes and some notes for JavaKeystoreProvider changes Closes #31226 Signed-off-by: rmartinc <rmartinc@redhat.com>	2024-07-17 10:44:45 +02:00
Thomas Darimont	e79d10e71e	Add missing user event translations to admin-ui Fixes #27677 Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com> Signed-off-by: Alexander Schwartz <aschwart@redhat.com> Co-authored-by: Alexander Schwartz <aschwart@redhat.com>	2024-07-12 10:04:57 +02:00
Steven Hawkins	4970a9b729	fix: deprecate KEYCLOAK_ADMIN and KEYCLOAK_ADMIN_PASSWORD closes: #30658 Signed-off-by: Steve Hawkins <shawkins@redhat.com> Signed-off-by: Steven Hawkins <shawkins@redhat.com> Co-authored-by: Jon Koops <jonkoops@gmail.com>	2024-07-11 18:07:57 +02:00
rmartinc	e80c3fee9b	Change link to https://github.com/eclipse/microprofile/wiki/JWT_Auth Closes #31219 Signed-off-by: rmartinc <rmartinc@redhat.com>	2024-07-11 18:03:57 +02:00
rmartinc	096e335a92	Support for vault and AES and HMAC algorithms to JavaKeystoreKeyProvider Closes #30880 Closes #29755 Signed-off-by: rmartinc <rmartinc@redhat.com>	2024-07-11 12:40:45 +02:00
Lucy Linder	0f7c2364f0	Update links in ReCAPTCHA doc Google links changed and are now causing redirect issues reports. Closes: #31187 Signed-off-by: Lucy Linder <lucy.derlin@gmail.com>	2024-07-11 00:27:09 +02:00
Martin Kanis	922eaa9fc8	Disable username prohibited chars validator when email as username is… (#31140 ) * Disable username prohibited chars validator when email as the username is set Closes #25339 Signed-off-by: Martin Kanis <mkanis@redhat.com> Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com> Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-07-10 09:46:24 -03:00
Pedro Igor	b745ac8259	Documenting LDAP connection pooling Closes #30995 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-07-04 13:21:47 +02:00
Christoph Schulz	657aff787f	Add missing comma to (#30914 ) Signed-off-by: Christoph Schulz <mail@ciis0.de> Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net>	2024-06-28 13:13:13 +00:00
Stan Silvert	a1445cd93f	Minor doc fix. (#30899 ) Signed-off-by: Stan Silvert <ssilvert@redhat.com>	2024-06-27 16:18:32 -04:00
Douglas Palmer	54f4ab50f0	Broken external links Closes #30717 Signed-off-by: Douglas Palmer <dpalmer@redhat.com>	2024-06-25 09:55:50 +02:00
Pedro Igor	a0ad680346	Adding an alias to organization and exposing them to templates Closes #30312 Closes #30313 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-06-20 14:36:14 -03:00
CARBONNEAUX Mathieu	acf79b81c7	add RS256 algorithm to webauthn default policy (#30528 ) closes #28020 Signed-off-by: Mathieu CARBONNEAUX <mathieu.carbonneaux@ch2o.info>	2024-06-19 10:16:46 +02:00
Thibault Morin	f6fa869b12	feat(SAML): add Artifact Binding on brokering scenarios when Keycloak is SP (#29619 ) * feat: add Artifact Binding on brokering scenarios when Keycloak is SP Signed-off-by: tmorin <git@morin.io> * Adding broker test and minor improvements Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com> * Fixing IdentityProviderTest Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com> * Renaming methods related to idp initiated flows Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com> * Fixing partial_import_test.spec.ts Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com> --------- Signed-off-by: tmorin <git@morin.io> Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com> Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-06-14 08:54:49 -03:00
daviddelannoy	d4fc5249c4	fix label error for persistent-user-sessions feature flag in documentation Closes #30368 Signed-off-by: daviddelannoy <16318239+daviddelannoy@users.noreply.github.com>	2024-06-12 09:32:10 +00:00
Pedro Igor	22da43c619	Fixing broken link (#30299 ) Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-06-10 15:22:48 +02:00
Pedro Igor	c35bf11b1b	Adding organization section (#29796 ) Closes #28731 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com> Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>	2024-06-10 09:08:50 +02:00
Steven Hawkins	c7e9ee2bff	fix: adds handling for all kcadm prompts as env variables (#29430 ) closes: #21961 Signed-off-by: Steve Hawkins <shawkins@redhat.com>	2024-06-06 13:08:23 +00:00
Marek Posolda	79c8c80058	Example for X.509 direct grant flow authentication (#30203 ) closes #29639 Signed-off-by: mposolda <mposolda@gmail.com> Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>	2024-06-06 11:58:09 +02:00
Marek Posolda	193439788e	Release notes for support application/jwt response in token introspec… (#30105 ) closes #30104 Signed-off-by: mposolda <mposolda@gmail.com> Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>	2024-06-04 06:49:13 +02:00
Martin Bartoš	262fc09edc	OpenJDK 21 support (#28518 ) * OpenJDK 21 support Closes #28517 Co-authored-by: Václav Muzikář <vaclav@muzikari.cz> Signed-off-by: Martin Bartoš <mabartos@redhat.com> * x509 SAN UPN other name is not handled in JDK 21 (#904) closes #29968 Signed-off-by: mposolda <mposolda@gmail.com> --------- Signed-off-by: Martin Bartoš <mabartos@redhat.com> Signed-off-by: mposolda <mposolda@gmail.com> Co-authored-by: Václav Muzikář <vaclav@muzikari.cz> Co-authored-by: Marek Posolda <mposolda@gmail.com>	2024-06-03 14:17:28 +02:00
Marek Posolda	336b2c875f	Update release notes for Keycloak 25 (#29894 ) closes #29576 Signed-off-by: mposolda <mposolda@gmail.com> Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>	2024-05-29 14:19:17 +02:00
Pedro Igor	bbb83236f5	Do not lower-case the username from the IdP when creating the federated identity Closes #28495 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-05-29 01:58:20 -03:00
Marek Posolda	6dc28bc7b5	Clarify the documentation about step-up authentication (#29735 ) closes #28341 Signed-off-by: mposolda <mposolda@gmail.com> Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>	2024-05-21 19:46:27 +02:00
mposolda	bbd4b60163	Update documentation after adapters removal closes #28792 Signed-off-by: mposolda <mposolda@gmail.com>	2024-05-21 09:34:48 +02:00
Takashi Norimatsu	b4e7d9b1aa	Passkeys: Supporting WebAuthn Conditional UI (#24305 ) closes #24264 Signed-off-by: Takashi Norimatsu <takashi.norimatsu.ws@hitachi.com> Signed-off-by: mposolda <mposolda@gmail.com> Co-authored-by: mposolda <mposolda@gmail.com>	2024-05-16 07:58:43 +02:00
Alexander Schwartz	8deca303e2	Update instruction on how to enable persistent sessions (#29490 ) Closes #29489 Signed-off-by: Alexander Schwartz <aschwart@redhat.com>	2024-05-15 13:26:51 +02:00
christian2	e200ccfa53	Fix URL endpoint for Docker registry v2 authentication Closes #29132 Signed-off-by: Christian Hörtnagl <christian2@univie.ac.at>	2024-05-13 13:51:06 +02:00
Alexander Schwartz	6fbe207d64	Create documentation for persistent user sessions Closes #29218 Signed-off-by: Alexander Schwartz <aschwart@redhat.com> Signed-off-by: Michal Hajas <mhajas@redhat.com> Co-authored-by: Michal Hajas <mhajas@redhat.com>	2024-05-13 11:02:45 +02:00
AndyMunro	4a5055c3cc	Update create realm topics to replace Master Closes #29280 Signed-off-by: AndyMunro <amunro@redhat.com>	2024-05-08 17:37:20 +02:00
Nathan Raj	8ff1ae0c08	Update stack-overflow.adoc (#29363 ) Corrected capitalisation for heading	2024-05-08 16:06:33 +02:00
Thore	4b194d00be	iso-date validator for the user-profile Adds a new validator in order to be able to validate user-model fields which should be modified/supplied by a datepicker. Closes #11757 Signed-off-by: Thore <thore@kruess.xyz>	2024-05-07 11:42:39 -03:00
Dimitri Papadopoulos Orfanos	9db1443367	Fix typos found by codespell in docs (#28890 ) Run `chmod -x` on files that need not be executable. Signed-off-by: Dimitri Papadopoulos <3234522+DimitriPapadopoulos@users.noreply.github.com> Signed-off-by: Alexander Schwartz <aschwart@redhat.com> Co-authored-by: Alexander Schwartz <aschwart@redhat.com>	2024-05-03 12:41:16 +00:00

1 2 3 4 5 ...

369 commits