upstream/keycloak
1
0
Fork 0
mirror of https://github.com/keycloak/keycloak.git synced 2026-04-08 18:50:36 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 27
30693 commits 28 branches 303 tags 883 MiB
Commit graph

994 commits

Author SHA1 Message Date
Martin Bartoš
0b2ce29e89
[client-v2] Require 'clientId' in the payload (#47533) 
* Require clientId in the payload

Closes #47524

Signed-off-by: Martin Bartoš <mabartos@redhat.com>

* Require 'protocol' field to be specified

Closes #47579

Signed-off-by: Martin Bartoš <mabartos@redhat.com>

* Client API v2 CLI Client: Jakarta validation errors are not handled

Closes #47574

Signed-off-by: Martin Bartoš <mabartos@redhat.com>

* Use getRequest() for POST in test

Signed-off-by: Martin Bartoš <mabartos@redhat.com>

---------

Signed-off-by: Martin Bartoš <mabartos@redhat.com>
 2026-04-07 14:07:32 +02:00
RafaelWO
b6743de80d Add createdAfter/createdBefore filter to GET /admin/realms/{realm}/users 
Add server-side filtering of users by creation timestamp on the admin
REST API. This avoids the need to retrieve all users and filter
client-side, which is inefficient for large realms.

Two optional query parameters are added to both the user list and count
endpoints. They accept either ISO-8601 date strings (yyyy-MM-dd) or
epoch milliseconds, consistent with the existing events API date
filtering via DateUtil.

Closes #43829

Signed-off-by: RafaelWO <weingartner.rafael@hotmail.com>
 2026-04-06 10:10:54 -03:00
Ricardo Martin
2daea53e70
Support Java 25 with FIPS enabled (#47581) 
Closes #47666

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2026-04-01 09:57:25 +02:00
Michal Vavřík
8543f62100
chore(admin-cli): use junit in test scope (#47553) 
Signed-off-by: Michal Vavřík <michal.vavrik@aol.com>
 2026-03-28 08:40:42 -04:00
Michal Vavřík
859a7a095e
feat(admin-cli): provide basic Client API v2 CLI client (#47173) 
* Closes: https://github.com/keycloak/keycloak/issues/47166
* Closes: https://github.com/keycloak/keycloak/issues/47311

Provides basic Client API v2 CLI client.

Supports:

- client operations: create, patch, list, delete, get, update
- authetication options matching those of v1 CLI

Omitted changes:

- documentation, we do not advertise this new client and it is hidden behind `--v2` flag that is not mentioned anywhere in doc or help, hence invisible; until we implement remaining https://github.com/keycloak/keycloak/issues/45366 tasks
- "config" subcommand is shared between v1 and v2, hence its printed "help" follows the v1 style to keep status quo

Signed-off-by: Michal Vavřík <michal.vavrik@aol.com>
 2026-03-27 12:56:08 +01:00
Robin Meese
d7091c7935
Client API v2 Java client 
Closes #45364

Signed-off-by: Robin Meese <39960884+robson90@users.noreply.github.com>
 2026-03-27 11:01:35 +01:00
mposolda
4f7be5f412 Javadoc of Keycloak-admin-client for Keycloak server 26.6 release 
closes #47207

Signed-off-by: mposolda <mposolda@gmail.com>
 2026-03-27 09:43:18 +01:00
vramik
3db694ca5b Search for organization group membership ignores search param 
Closes #47051

Signed-off-by: vramik <vramik@redhat.com>
 2026-03-11 10:26:27 -03:00
vramik
8e1b170732 Searching for organization groups with populateHierarchy=true exposes internal org group 
Closes #47043

Signed-off-by: vramik <vramik@redhat.com>
 2026-03-11 09:29:09 -03:00
Martin Kanis
b7bef85f91
Organization Groups - Identity Provider Mappers (#46592) 
Closes #45512

Signed-off-by: Martin Kanis <mkanis@redhat.com>
 2026-02-26 13:44:12 +01:00
Vlasta Ramik
46f648dc95
Ability to retrive subgroups count for organization groups (#46534) 
Closes #46445

Signed-off-by: vramik <vramik@redhat.com>
 2026-02-24 14:26:49 +01:00
vramik
4beaaf2ab4 Expose organization group membership for a member 
Closes #46454

Signed-off-by: vramik <vramik@redhat.com>
 2026-02-24 09:02:53 -03:00
vramik
5a4685909e Ability to add attributes to organization groups 
Closes #46263

Signed-off-by: vramik <vramik@redhat.com>
 2026-02-12 10:43:18 -03:00
Stefan Guilhen
c13a1772f8 Adds ability to migrate scheduled workflow resources from one step to another step in the same or different workflow 
Closes #45174

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
 2026-01-27 13:46:18 -03:00
mposolda
416a6017c2 Make authorizationDetails processing more generic and not tightly coupled to OID4VCI. Fixes 
closes #44961

Signed-off-by: mposolda <mposolda@gmail.com>
 2026-01-26 08:45:41 +01:00
vramik
111ba36504 Organization Groups Core Backend & API 
Closes #45562

Signed-off-by: vramik <vramik@redhat.com>
 2026-01-22 09:39:24 -03:00
Martin Kanis
4f91b5246e User REST Admin API - count and search returns different amount of users 
Closes #45219

Signed-off-by: Martin Kanis <mkanis@redhat.com>
 2026-01-16 07:29:42 -03:00
mposolda
bcc8f684f2 Javadoc of Keycloak-admin-client for Keycloak server 26.5 release 
closes #45217

Signed-off-by: mposolda <mposolda@gmail.com>
 2026-01-07 18:24:00 +01:00
Pedro Igor
0d5766f3a8 Allow running scheduled workflows 
Closes #44865

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2026-01-05 13:03:47 -03:00
Stefan Guilhen
484980dbbe Add API method to allow activating a workflow for all eligible resources 
Closes #44643

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
 2025-12-08 09:45:45 -03:00
Stefan Guilhen
65ab7f541d Add API method that fetches the scheduled workflow steps for a resource 
Closes #43660

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
 2025-12-03 11:09:55 -03:00
Alexis Rico
b0b38176f0
Manage Organization Invites 
Closes #38809

Signed-off-by: Alexis Rico <sferadev@gmail.com>
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-11-27 10:28:52 +01:00
Stefan Guilhen
3319e8d9b5 Add optional parameter in WorkflowResource.toRepresentation to allow retrieval of the rep without the ids 
Closes #44183

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
 2025-11-14 12:20:40 -03:00
Stian Thorgersen
a2c1055f8d
Proposed import order (#43432) 
* Add importOrder to Spotless

Closes #43235

Signed-off-by: stianst <stianst@gmail.com>

* Re-order imports with Spotless

Signed-off-by: stianst <stianst@gmail.com>

---------

Signed-off-by: stianst <stianst@gmail.com>
 2025-11-14 09:34:49 +01:00
Vlasta Ramik
d2697232b9
Rename bind endpoint to activate 
Closes #44155

Signed-off-by: vramik <vramik@redhat.com>
 2025-11-13 22:15:33 +01:00
Stefan Guilhen
da7993896d Allow ISO-8601 compatible format for the after field in workflow steps
Some checks are pending
Weblate Sync / Trigger Weblate to pull the latest changes (push) Waiting to run
Details 
- aligns the format with what is used in the JPA connection provider pool max lifetime for time-based configurations

Closes #42913

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
 2025-11-12 18:51:49 -03:00
Stefan Guilhen
7acf2ceccb Add pagination and search by name capabilities to WorkflowsResource 
Closes #44164

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
 2025-11-12 17:18:11 -03:00
vramik
84a679224b Add operation to deactivate a workflow execution for a resource 
Closes #42124

Signed-off-by: vramik <vramik@redhat.com>
 2025-11-12 17:02:17 -03:00
Stian Thorgersen
d8275fe5df
Remove wildcard imports (#44060) 
Closes #44059

Signed-off-by: stianst <stianst@gmail.com>
 2025-11-10 11:46:05 +01:00
vramik
4d912a9c21 Support for YAML payloads for Admin client for creation of workflows 
Closes #43666

Signed-off-by: vramik <vramik@redhat.com>
 2025-11-03 13:09:17 -03:00
Stian Thorgersen
1048c8d9c9
Filter out non-user authentication IdPs from account and login (#43798) 
Closes #43553

Signed-off-by: stianst <stianst@gmail.com>
 2025-10-31 12:40:04 +01:00
Tomáš Kyjovský
4c64b7189c
Deprecate org.keycloak.common.util.Base64 
Closes #43370

Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>
Signed-off-by: 1867605+tkyjovsk@users.noreply.github.com
Co-authored-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com>
Co-authored-by: Alexander Schwartz <alexander.schwartz@ibm.com>
 2025-10-30 09:12:14 +01:00
Steven Hawkins
6d93df8cad
fix: using RFC6749 for kcadm / kcreg 
closes: #43532

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
 2025-10-16 16:52:51 +00:00
Stefan Guilhen
652270302d Workflows code cleanup 
Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
 2025-10-13 09:53:30 -03:00
stianst
aedd7fe5db Remove unused imports as part of #43233 
Signed-off-by: stianst <stianst@gmail.com>
 2025-10-13 13:32:01 +02:00
Steven Hawkins
817c78f0d9
fix: adds error handling for common redirect codes (#43276) 
closes: #31401

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
 2025-10-08 08:55:07 +02:00
mposolda
bb34b80174 Update javadoc of java admin-client for Keycloak 26.4 
closes #42468

Signed-off-by: mposolda <mposolda@gmail.com>
 2025-09-24 20:49:23 +02:00
Pedro Igor
fe8fce859d Improve the Workflow JSON schema 
Closes #42697

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-09-24 04:04:44 -03:00
Martin Kanis
7ae9ebb467 [RLM] Allow adding and removing actions to existing policies 
Closes #42384

Signed-off-by: Martin Kanis <mkanis@redhat.com>
 2025-09-18 12:13:13 -03:00
vramik
d0e83cc05e Rename RLM to Workflows 
Closes #42512

Signed-off-by: vramik <vramik@redhat.com>
 2025-09-16 08:52:50 -03:00
Pedro Igor
0d5dfc3eae
Add support for ad-hoc policies (#42508) 
Closes #42126

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-09-10 15:40:17 +00:00
Steven Hawkins
05c7c625d3
fix: don't show the local access screen if a service account exists (#42218) 
closes: #42201

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
 2025-09-05 18:22:31 +02:00
mposolda
624d236ced DPoP verification support for admin/account REST API endpoints. Java admin-client DPoP support 
closes #33942

Signed-off-by: mposolda <mposolda@gmail.com>
 2025-09-02 14:29:30 +02:00
Pedro Igor
a64c5c0d70 Adding RLM Admin API and basic endpoints 
Closes #40346

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-08-28 14:49:21 -03:00
Steven Hawkins
2ce3474ed5
fix: addressing possible npes (#41944) 
close: #40659

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
 2025-08-18 23:51:17 +02:00
Steven Hawkins
fdca122469
fix: ensuring streams are closed 
closes: #40660

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
 2025-08-15 07:40:54 +02:00
Akbar Husain
06f80416fb
Replace keySet with entrySet 
Closes #40064

Signed-off-by: akbarhusainpatel <apatel@intermiles.com>
Co-authored-by: akbarhusainpatel <apatel@intermiles.com>
 2025-08-14 17:31:15 +02:00
Peter Skopek
651d651c30 Add missing artifact descriptions to allow Maven Central Portal Publisher pass validation process. (#40822) 
Signed-off-by: Peter Skopek <pskopek@redhat.com>
 2025-08-12 16:50:17 +02:00
Barathwaja S
81a7f38a76 Added emailVerified filtering for users endpoint; updated user count endpoint with logic to support enabled, emailVerified, idpAlias, idpUserId, and exact field query parameters 
Closes #38556
Closes #29295

Signed-off-by: Barathwaja S <sbarathwaj4@gmail.com>
 2025-07-03 17:05:36 -03:00
Michael-AT-Corporation
ff9e7c2371 Added new searchByAttributes function to UsersResource with the exact parameter 
Closes #39609

Signed-off-by: Michael-AT-Corporation <michael-hu@ooutlook.de>
 2025-07-03 13:51:46 -03:00