Set directAccessGrantsEnabled default value to false (#37505)

* Set directAccessGrantsEnabled to false The Resource Owner Password Credentials Grant must not be used and should not be the default in Keycloak. Signed-off-by: Jim Martens <github@2martens.de> Closes #30226 * another default value... Signed-off-by: Niko Köbler <niko@n-k.de> --------- Signed-off-by: Niko Köbler <niko@n-k.de> Co-authored-by: Jim Martens <github@2martens.de>
2026-01-09 15:02:05 -03:30 · 2025-02-19 20:10:54 +01:00 · 2025-02-19 20:10:54 +01:00 · 9a3f47d68c
commit 9a3f47d68c
parent d9e4981742
2 changed files with 2 additions and 2 deletions
--- a/js/apps/admin-ui/src/clients/add/CapabilityConfig.tsx
+++ b/js/apps/admin-ui/src/clients/add/CapabilityConfig.tsx
@ -152,7 +152,7 @@ export const CapabilityConfig = ({
              <GridItem lg={8} sm={6}>
                <Controller
                  name="directAccessGrantsEnabled"
-                  defaultValue={true}
+                  defaultValue={false}
                  control={control}
                  render={({ field }) => (
                    <InputGroup>
--- a/js/apps/admin-ui/src/clients/add/NewClientForm.tsx
+++ b/js/apps/admin-ui/src/clients/add/NewClientForm.tsx
@ -68,7 +68,7 @@ export default function NewClientForm() {
      authorizationServicesEnabled: false,
      serviceAccountsEnabled: false,
      implicitFlowEnabled: false,
-      directAccessGrantsEnabled: true,
+      directAccessGrantsEnabled: false,
      standardFlowEnabled: true,
      frontchannelLogout: true,
      attributes: {