keycloak

mirror of https://github.com/keycloak/keycloak.git synced 2026-01-09 23:12:06 -03:30

Author	SHA1	Message	Date
huyenvu2101	5436f9781c	Allow setting default value for userprofile attribute Closes #36160 Signed-off-by: huyenvu2101 <vhuyen2101@gmail.com>	2025-08-06 13:59:54 -03:00
Steven Hawkins	11924e6473	enhance: adding the ability to get the root config from a Scope closes: #36268 Signed-off-by: Steve Hawkins <shawkins@redhat.com>	2025-08-05 18:51:33 +02:00
Pascal Knüppel	f39a37d8d1	[OID4VCI] Move realm attributes to clientScope and protocol-mappers (#39768 ) fixes #39527 Signed-off-by: Pascal Knüppel <pascal.knueppel@governikus.de> Signed-off-by: Captain-P-Goldfish <captain.p.goldfish@gmx.de>	2025-07-10 14:46:36 +02:00
Martin Kanis	5a42390341	Make UPDATE_EMAIL a supported feature Closes #40227 Signed-off-by: Martin Kanis <mkanis@redhat.com>	2025-07-09 10:15:48 -03:00
Pedro Igor	304bcdce88	Do not show update email link if the email attribute is not writable Closes #39669 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2025-06-28 10:19:41 +02:00
Pavuluri Sai Krishna	76ab8bd21d	Implemented validation to ensure each OTP device has a unique label Closes #38465 Signed-off-by: Saikrishna <saikrishnap@optimeyes.ai> Signed-off-by: Alexander Schwartz <aschwart@redhat.com> Co-authored-by: Saikrishna <saikrishnap@optimeyes.ai> Co-authored-by: Alexander Schwartz <aschwart@redhat.com>	2025-06-12 12:08:05 +02:00
Alexander Schwartz	4af3d7cc9d	Redirect requests from outdated theme version to the current theme version Closes #39723 Signed-off-by: Alexander Schwartz <aschwart@redhat.com>	2025-06-11 11:13:55 +02:00
Rutger Lubbers	c9a7a20764	Throw a ProviderConfigPropertyNameNotUniqueException in case of a duplicate ProviderConfigProperty Closes #40233 Signed-off-by: Rutger Lubbers <RutgerLubbers@gmail.com>	2025-06-05 19:47:44 +02:00
Ricardo Martin	41110823c7	Integrate current auth-username-password-form authenticator with passkeys isConditionalMediationAvailable (#38781 ) Closes #29596 Signed-off-by: rmartinc <rmartinc@redhat.com>	2025-06-05 08:53:00 +02:00
Anchels	4fc065aadc	Removed unnecessary boxing/unboxing Closes #39987 Signed-off-by: Anchels <mishtitov@gmail.com>	2025-05-30 13:10:39 +02:00
Giuseppe Graziano	8833c0aa5d	Ignore Accept-Language header for reset email from admin api Closes #36986 Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>	2025-05-27 10:14:22 +02:00
Pedro Igor	8f9d02c305	Avoid resolving a client scope if it was requested using the dynamic scope format (#39752 ) Closes #39402 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2025-05-26 16:26:04 +02:00
Erik Jan de Wit	cbd0d18f6a	add description to groups fixes #39172 Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com> Signed-off-by: Alexander Schwartz <aschwart@redhat.com> Co-authored-by: Alexander Schwartz <aschwart@redhat.com>	2025-05-14 06:41:01 -04:00
Pedro Igor	34ad280665	Build user representations when searching based on the user profile settings Closes #39595 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2025-05-14 10:42:25 +02:00
rmartinc	11b032f9cd	Return user session started time when client note is missing for offline Closes #39021 Signed-off-by: rmartinc <rmartinc@redhat.com>	2025-05-06 12:43:18 +02:00
Steven Hawkins	24910d9e1c	addresses slow import/export performance by limiting persistence context size (#37926 ) * fix: addresses slow import/export performance with more batching closes: #37991 Signed-off-by: Steve Hawkins <shawkins@redhat.com> * removing flush/detach manipulation Signed-off-by: Steve Hawkins <shawkins@redhat.com> * refining the doc note about using multiple files for larger user counts Signed-off-by: Steve Hawkins <shawkins@redhat.com> * adding doc note about useExistingSession method removal and expanding javadocs Signed-off-by: Steve Hawkins <shawkins@redhat.com> --------- Signed-off-by: Steve Hawkins <shawkins@redhat.com>	2025-04-29 18:57:45 -04:00
Steven Hawkins	08b5183784	fix: relaxes the admin root redirect check (#39095 ) * fix: relaxes the admin root redirect check also deprecates the usage of local_admin closes: #39085 Signed-off-by: Steve Hawkins <shawkins@redhat.com> * moving deprecation to 26.3 also changing the adminroot test to seem like it's coming from a proxy Signed-off-by: Steve Hawkins <shawkins@redhat.com> --------- Signed-off-by: Steve Hawkins <shawkins@redhat.com>	2025-04-29 11:09:51 -04:00
rmartinc	887c2c2410	Improve metadata for Recovery Codes Closes #39243 Signed-off-by: rmartinc <rmartinc@redhat.com>	2025-04-29 10:23:59 +02:00
mposolda	4e95bde179	Avoid using password policy for configuration of recovery codes warning threshold closes #39214 Signed-off-by: mposolda <mposolda@gmail.com>	2025-04-28 10:06:01 +02:00
Marek Posolda	237d0553ae	Polishing recovery codes closes #39213 Signed-off-by: mposolda <mposolda@gmail.com>	2025-04-25 16:01:10 +02:00
Garth	2c06078484	Added ThemeManagerSpi and ported DefaultThemeManagerFactory to use it. Closes #38433. Signed-off-by: Garth <244253+xgp@users.noreply.github.com> Moved ThemeManagerSpi and ThemeManagerFactory to server-spi-private. Marked internal. Added to org.keycloak.provider.Spi file Signed-off-by: Garth <244253+xgp@users.noreply.github.com>	2025-04-25 09:35:10 +02:00
Michal Hajas	4dc4de7c12	Remove CACHE-EMBEDDED-REMOTE-STORE experimental feature Closes #34160 Signed-off-by: Michal Hajas <mhajas@redhat.com>	2025-04-16 12:01:55 +00:00
Peter Tóth	c6e1878087	Add organizations count endpoint Closes #38262 Signed-off-by: Péter Tóth <tothp@sztaki.hu>	2025-04-14 19:44:44 +00:00
Stefan Guilhen	a4ca92ab4d	Validate realm name for uniqueness before creating a new realm in the DB Signed-off-by: Stefan Guilhen <sguilhen@redhat.com> Closes #38426	2025-04-07 08:49:42 -04:00
Stefan Guilhen	c4c3e2eee6	Allow redirection to idp when user email matches any of the org domains Signed-off-by: Stefan Guilhen <sguilhen@redhat.com> Co-authored-by: Martin Panzer <martin.panzer@active-logistics.com> Closes #33804	2025-04-04 11:28:04 -03:00
rtufisi	134437a5a7	Create recovery keys in user storage or local (#38446 ) closes #38445 Signed-off-by: rtufisi <rtufisi@phasetwo.io>	2025-04-03 10:09:48 +02:00
Steven Hawkins	06e0885f46	fix: adds back reporting of non-ip client addresses (#37797 ) closes: #36843 Signed-off-by: Steve Hawkins <shawkins@redhat.com> # Conflicts: # services/src/main/java/org/keycloak/protocol/oidc/tokenexchange/AbstractTokenExchangeProvider.java # services/src/main/java/org/keycloak/protocol/oidc/tokenexchange/StandardTokenExchangeProvider.java	2025-03-27 19:33:20 +00:00
Sebastian Rose	4fb1c41155	Sending Mails via SMTP and XOAUTH2 authentication mechanism Closes #17432 Signed-off-by: Sebastian Rose <sebastian.rose@gmail.com>	2025-03-21 10:12:18 +01:00
Pedro Igor	a4000575a4	Initial support for partial evaluation Closes #38085 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2025-03-19 13:30:52 -03:00
Steven Hawkins	d9c3511fa5	fix: adding a check if the proxy is trusted prior to using a cert header (#37465 ) closes: #35861 Signed-off-by: Steve Hawkins <shawkins@redhat.com> Signed-off-by: Steven Hawkins <shawkins@redhat.com>	2025-03-12 11:21:33 +01:00
Marek Posolda	92c96033f2	Session type incorrectly set in access-token context when token created with scope=offline_access (#37701 ) closes #37694 Signed-off-by: mposolda <mposolda@gmail.com>	2025-02-27 15:53:23 +01:00
Giuseppe Graziano	fd3a4a3377	Support client policies for token exchange Closes #37122 Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>	2025-02-25 14:25:55 +01:00
Pedro Igor	1cb7a4736c	Slow query when checking if a realm has brokers and brokering is enabled Closes #37062 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com> Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net>	2025-02-05 13:49:32 +00:00
Pedro Igor	602df06191	Allows querying credential from user storage providers Closes #35020 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2025-02-05 07:56:05 -03:00
rmartinc	25953f2fbb	Add option to sign the IdP metadata for SAML Closes #34132 Signed-off-by: rmartinc <rmartinc@redhat.com>	2025-01-15 11:50:26 +01:00
Michal Hajas	3839f8e3b5	Add metric for password validations (#36049 ) Closes #36048 Signed-off-by: Michal Hajas <mhajas@redhat.com> Signed-off-by: Alexander Schwartz <aschwart@redhat.com> Co-authored-by: Alexander Schwartz <aschwart@redhat.com>	2025-01-07 10:05:47 +01:00
rmartinc	e7e6185175	Fix expires_in in internal to external token exchange Closes #35704 Signed-off-by: rmartinc <rmartinc@redhat.com>	2024-12-18 09:08:19 +01:00
Thomas Darimont	368c1f5a76	Add ProviderConfigProperty types for numeric values Fixes #29511 Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>	2024-12-16 14:53:06 +01:00
vramik	044807f162	[FGAP] Create new internal client which would hold the authorization objects for feature V2 Closes #34565 Signed-off-by: vramik <vramik@redhat.com>	2024-12-05 11:56:13 -03:00
Stefan Guilhen	9861acc2aa	UserSessionProvider.removeUserSessions now removes all user sessions (both regular and offline) Closes #31359 Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>	2024-11-29 12:35:15 -03:00
Pedro Igor	45f9bcd673	Resolve scopes from bearer tokens when processing requests to the Account API Closes #35357 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-11-27 14:17:53 -03:00
Pedro Igor	5d6b9c1460	Resolve scopes from authenticated client sessions when selecting attributes Closes #35192 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-11-22 12:32:24 +01:00
vramik	440e81c8b9	Add a realm-level setting to enable FGAP to a realm Closes #34920 Signed-off-by: vramik <vramik@redhat.com>	2024-11-19 09:59:34 -03:00
Giuseppe Graziano	05adf19848	Authentication session with changelog transaction Closes #23881 Closes #32658 Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>	2024-11-15 14:10:15 +01:00
Giuseppe Graziano	84f60bc121	Ignore Accept-Language header for email themes Closes #10233 Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>	2024-11-15 10:29:11 +01:00
Pedro Igor	d04f7900f5	added membershipType to members list and membership type filter Signed-off-by: Agnieszka Gancarczyk <agagancarczyk@gmail.com> Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com> Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com> Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-11-12 09:13:18 -03:00
Pedro Igor	b70303f293	Adding organization membership provider events Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-11-07 17:19:43 -03:00
Thomas Darimont	3315ea718a	Add ability to enable OID4VCI Verifiable Credentials per realm (#34524 ) - Added new realm property verifiableCredentialsEnabled - Updated RealmRepresentation - Guarded route to Oid4VCI page - Add boolean switch to Realm settings page to control Verifiable Credentials enablement - We now only show the Verifiable Credentials page in the nave if the "Verifiable Credentials" realm setting is enabled. Fixes #34524 Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>	2024-11-04 14:58:30 +01:00
Ryan Emerson	902abfdae4	JDBC_PING as default discovery protocol Closes #29399 - Add ProviderFactory#dependsOn to allow dependencies between ProviderFactories to be explicitly defined - Disable Infinispan default shutdownhook disabled to ensure lifecycle is managed exclusively by Keycloak - Remove Infinispan shutdown hook in KeycloakRecorder and manage EmbeddedCacheManager lifecycle only in DefaultInfinispanConnectionProviderFactory#close Signed-off-by: Ryan Emerson <remerson@redhat.com> Signed-off-by: Alexander Schwartz <aschwart@redhat.com> Co-authored-by: Alexander Schwartz <aschwart@redhat.com>	2024-10-22 20:19:19 +00:00
Gilvan Filho	c4005d29f0	add linear strategy to brute force closes #25917 Signed-off-by: Gilvan Filho <gilvan.sfilho@gmail.com>	2024-10-22 10:33:22 -03:00

1 2 3 4 5 ...

872 Commits