keycloak

mirror of https://github.com/keycloak/keycloak.git synced 2026-01-10 15:32:05 -03:30

Author	SHA1	Message	Date
Thomas Darimont	478e0b3264	Make sure that there is single audience allowed by default in JWT tokens sent to client authentication closes #38819 Signed-off-by: mposolda <mposolda@gmail.com> Co-authored-by: Thomas Darimont <thomas.darimont@googlemail.com> Co-authored-by: mposolda <mposolda@gmail.com>	2025-04-10 18:08:10 +02:00
Pedro Igor	ae88d7921f	Improvements to partial evaluation Closes #38732 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2025-04-09 18:15:28 +02:00
Pedro Igor	87430fc181	Add impersonate-members scope to group resource type Closes #38566 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2025-04-07 14:56:27 +00:00
vramik	6488890585	[FGAP:V2] remove configure scope from Client resource type Closes #38567 Signed-off-by: vramik <vramik@redhat.com>	2025-04-07 07:05:02 -03:00
Marek Posolda	f984644d07	Clarify in documentation that legacy token exchange requires FGAP:v1 (#38694 ) closes #38693 Signed-off-by: mposolda <mposolda@gmail.com> Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com> Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net> Signed-off-by: Marek Posolda <mposolda@gmail.com>	2025-04-07 08:27:56 +02:00
Alexander Schwartz	d69a530d5b	Check HTML head for redirects Closes #38655 Signed-off-by: Alexander Schwartz <aschwart@redhat.com>	2025-04-04 18:40:41 +02:00
Stefan Guilhen	c4c3e2eee6	Allow redirection to idp when user email matches any of the org domains Signed-off-by: Stefan Guilhen <sguilhen@redhat.com> Co-authored-by: Martin Panzer <martin.panzer@active-logistics.com> Closes #33804	2025-04-04 11:28:04 -03:00
Vlasta Ramik	18c8308bb4	[FGAP] Remove redundant sentense from fine grained admin permissions docs Closes #38677 Signed-off-by: vramik <vramik@redhat.com>	2025-04-04 09:41:17 +02:00
vramik	f076b99407	FGAP documentation Closes #37245 Signed-off-by: vramik <vramik@redhat.com>	2025-04-03 09:44:32 -03:00
Marek Posolda	6654e56a7c	Polish documentation for audience and client scopes (#38484 ) closes #19127 Signed-off-by: mposolda <mposolda@gmail.com> Co-authored-by: Bruno Oliveira da Silva <bruno@abstractj.com> Signed-off-by: Marek Posolda <mposolda@gmail.com>	2025-04-03 08:43:06 +02:00
rmartinc	a10c8119d4	Define a max expiration window for Signed JWT client authentication Closes #38576 Signed-off-by: rmartinc <rmartinc@redhat.com>	2025-04-02 18:32:54 +02:00
Alexander Schwartz	e7474646ee	Explicit target for cross-reference 2FA in server admin guide (#38573 ) Closes #38572 Signed-off-by: Alexander Schwartz <aschwart@redhat.com>	2025-04-01 13:29:30 +02:00
mposolda	cd4e5bc784	Release notes for oid4vci docs closes #38485 Signed-off-by: mposolda <mposolda@gmail.com>	2025-03-29 19:25:24 +01:00
Steven Hawkins	06e0885f46	fix: adds back reporting of non-ip client addresses (#37797 ) closes: #36843 Signed-off-by: Steve Hawkins <shawkins@redhat.com> # Conflicts: # services/src/main/java/org/keycloak/protocol/oidc/tokenexchange/AbstractTokenExchangeProvider.java # services/src/main/java/org/keycloak/protocol/oidc/tokenexchange/StandardTokenExchangeProvider.java	2025-03-27 19:33:20 +00:00
Stefan Guilhen	89d659ee36	Add section about support for federated members in the organization documentation Signed-off-by: Stefan Guilhen <sguilhen@redhat.com> Closes #38471	2025-03-27 08:03:35 -03:00
Ricardo Martin	a7e63837db	Recovery codes documentation (#38407 ) Closes #30702 Signed-off-by: rmartinc <rmartinc@redhat.com> Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>	2025-03-27 09:59:14 +01:00
Awambeng	27a7a301e7	Add documentation for configuring Keycloak as a VC issuer closes #38256 Signed-off-by: Awambeng Rodrick <awambengrodrick@gmail.com>	2025-03-26 20:50:43 +01:00
Marek Posolda	db23d8e665	Clarify that XOAUTH2 configuration with Microsoft Office365 is community contributed Closes #38376 Signed-off-by: mposolda <mposolda@gmail.com> Signed-off-by: Marek Posolda <mposolda@gmail.com> Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net> Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>	2025-03-26 15:54:38 +01:00
mposolda	11cb332964	Release notes updates for the community contributions related to core-clients areas closes #38374 Signed-off-by: mposolda <mposolda@gmail.com>	2025-03-24 12:49:52 +01:00
Laurids Møller Jepsen	8f7c1871a7	Add client OIDC configuration for setting the header type in access tokens. If this setting is On, the access token header type will be "at+jwt" in compliance with RFC 9068, see https://datatracker.ietf.org/doc/html/rfc9068#section-2.1. If the setting is Off, the access token header type will be "JWT". The setting is Off per default. Closes #36696 Signed-off-by: Laurids Møller Jepsen <laurids.jepsen@cryptomathic.com>	2025-03-24 10:35:41 +01:00
Sebastian Rose	4fb1c41155	Sending Mails via SMTP and XOAUTH2 authentication mechanism Closes #17432 Signed-off-by: Sebastian Rose <sebastian.rose@gmail.com>	2025-03-21 10:12:18 +01:00
Stian Thorgersen	a18948f731	Reorder items in release notes for 26.2 (#38290 ) Signed-off-by: stianst <stianst@gmail.com>	2025-03-20 11:52:53 +01:00
Alexander Schwartz	c9b88c6bf6	Finalizing release notes and documentation for initial rolling update Closes #38168 Signed-off-by: Alexander Schwartz <aschwart@redhat.com>	2025-03-19 21:34:09 +01:00
Alexander Schwartz	b5d8c46202	Fix links that have been moved Closes #38190 Signed-off-by: Alexander Schwartz <aschwart@redhat.com>	2025-03-18 13:36:41 +01:00
Takashi Norimatsu	eb2153379a	DPoP: Refresh token created with DPoP can be refreshed without proof closes #36475 Signed-off-by: Takashi Norimatsu <takashi.norimatsu.ws@hitachi.com>	2025-03-17 12:53:19 +01:00
andymunro	1f6f1571fd	update screens for new realm selector Closes #37083 Signed-off-by: AndyMunro <amunro@redhat.com>	2025-03-15 10:54:00 +01:00
Marek Posolda	290905c9cf	Documentation for supported token-exchange (#38008 ) closes #37126 Signed-off-by: Marek Posolda <mposolda@gmail.com> Co-authored-by: Bruno Oliveira da Silva <bruno@abstractj.com> Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>	2025-03-14 09:55:44 +01:00
Steven Hawkins	d9c3511fa5	fix: adding a check if the proxy is trusted prior to using a cert header (#37465 ) closes: #35861 Signed-off-by: Steve Hawkins <shawkins@redhat.com> Signed-off-by: Steven Hawkins <shawkins@redhat.com>	2025-03-12 11:21:33 +01:00
Mihir Vadalia	11a20a2eb3	Documentation for Optional Email Events Closes #37998 Signed-off-by: Mihir Vadalia <mihir@defensepoint.com> Co-authored-by: Mihir Vadalia <mihir@defensepoint.com>	2025-03-11 21:21:45 +01:00
Uche Nwachukwu	df9efdf590	Update themes-react.adoc (#37977 ) Spelling adjustment. Signed-off-by: Uche Nwachukwu <nwachukwuuche@gmail.com>	2025-03-10 22:33:04 +00:00
Stefan Guilhen	86b2a6a95c	Fix docs to also mention roles Signed-off-by: Stefan Guilhen <sguilhen@redhat.com> Closes #28569 Signed-off-by: Jakob Overrein <jakob.overrein@basefarm-orange.com>	2025-03-10 16:13:36 -03:00
Stefan Guilhen	d44ebfd4d1	Document the addition of the Relative User Creation DN Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>	2025-03-10 16:13:36 -03:00
Alexander Schwartz	151e019935	Make NetworkPolicy supported and enabled by default Closes #36036 Signed-off-by: Alexander Schwartz <aschwart@redhat.com> Signed-off-by: Alexander Schwartz <alexander.schwartz@gmx.net> Co-authored-by: Pedro Ruivo <pruivo@users.noreply.github.com>	2025-03-10 11:12:38 +01:00
Alexander Schwartz	b1785ce179	Quote a link that shouldn't be rendered as a link This should not be clickable. Closes #37765 Signed-off-by: Alexander Schwartz <aschwart@redhat.com>	2025-03-06 16:50:04 -03:00
Alexander Schwartz	bc7ec1208e	Enable the TLS based JGroups encryption by default and update the docs Closes #37696 Signed-off-by: Alexander Schwartz <aschwart@redhat.com>	2025-03-03 10:50:51 -03:00
Giuseppe Graziano	690b5ecb25	Grant Type condition for client policies (#37665 ) Closes #37124 Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>	2025-02-27 11:51:06 +01:00
Jon Koops	873e4ffb1f	Replace i18next backend with `i18next-fetch-backend` (#37633 ) Signed-off-by: Jon Koops <jonkoops@gmail.com>	2025-02-26 08:36:12 -05:00
Martin Bartoš	6f0ed46404	Upgrade to Quarkus 3.19.0.CR1 (#37492 ) Closes #37436 Signed-off-by: Martin Bartoš <mabartos@redhat.com>	2025-02-24 19:52:01 +01:00
Akbar Husain	9d3cfe0672	Remove `X-XSS-Protection` header (#36881 ) Closes #21728 Signed-off-by: akbarhusainpatel <apatel@intermiles.com>	2025-02-19 08:42:26 +01:00
Michal Hajas	f54bb16a61	Add Grafana dashboards to release notes Closes #37402 Signed-off-by: Michal Hajas <mhajas@redhat.com>	2025-02-18 14:04:23 +01:00
Jon Koops	3ccc88628f	Fix broken external link in Gitlab IdP docs (#37435 ) Closes #37434 Signed-off-by: Jon Koops <jonkoops@gmail.com>	2025-02-18 11:03:53 +00:00
Václav Muzikář	764ca50fc4	Upgrade to Quarkus 3.18.2 (#37300 ) * Upgrade to Quarkus 3.18.2 Closes #37056 Signed-off-by: Václav Muzikář <vmuzikar@redhat.com> * Update docs/documentation/upgrading/topics/changes/changes-26_2_0.adoc Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net> Signed-off-by: Václav Muzikář <vaclav@muzikari.cz> --------- Signed-off-by: Václav Muzikář <vmuzikar@redhat.com> Signed-off-by: Václav Muzikář <vaclav@muzikari.cz> Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net>	2025-02-17 16:30:05 +01:00
rmartinc	6850f41060	Force login in reset-credentials to federated users Closes #37207 Signed-off-by: rmartinc <rmartinc@redhat.com>	2025-02-12 13:47:39 -03:00
Alexander Schwartz	822eb4471d	Ensure a sufficient virtual threads pool (#37197 ) Closes #37162 Signed-off-by: Alexander Schwartz <aschwart@redhat.com>	2025-02-10 16:28:24 +01:00
Pedro Igor	bf3dcda87b	Updating messages Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2025-02-07 10:42:45 -03:00
Alexander Schwartz	690b0e4bef	VERIFY_EMAIL as supported Application Initiated Action Closes #25154 Signed-off-by: Alexander Schwartz <aschwart@redhat.com>	2025-02-06 16:49:28 +01:00
Martin Bartoš	98f74026c6	Certificate reloading does not work for the management interface (#37052 ) Fixes #37039 Signed-off-by: Martin Bartoš <mabartos@redhat.com> Co-authored-by: Steven Hawkins <shawkins@redhat.com>	2025-02-05 14:39:21 +01:00
Pedro Igor	602df06191	Allows querying credential from user storage providers Closes #35020 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2025-02-05 07:56:05 -03:00
Martin Bartoš	20203746fb	Support ECS for logs Closes #36854 Signed-off-by: Martin Bartoš <mabartos@redhat.com>	2025-02-04 17:59:30 +01:00
papastepano	0c46ad299c	Outdated documentation reCAPTCHA Closes #36887 Signed-off-by: Stepan Papazyan <papastepano@gmail.com>	2025-01-29 21:03:45 +00:00

... 4 5 6 7 8 ...

918 Commits