diff --git a/apps/admin-ui/cypress/e2e/clients_test.spec.ts b/apps/admin-ui/cypress/e2e/clients_test.spec.ts
index 5d1f6d6ac1..8b83342424 100644
--- a/apps/admin-ui/cypress/e2e/clients_test.spec.ts
+++ b/apps/admin-ui/cypress/e2e/clients_test.spec.ts
@@ -763,22 +763,22 @@ describe("Clients test", () => {
advancedTab.clickAdvancedSwitches();
advancedTab.jumpToAdvanced();
- advancedTab.SelectKeyForCodeExchangeInput("S256");
+ advancedTab.selectKeyForCodeExchangeInput("S256");
advancedTab.saveAdvanced();
advancedTab.jumpToAdvanced();
advancedTab.checkAdvancedSwitchesOn();
- advancedTab.CheckKeyForCodeExchangeInput("S256");
+ advancedTab.checkKeyForCodeExchangeInput("S256");
- advancedTab.SelectKeyForCodeExchangeInput("plain");
- advancedTab.CheckKeyForCodeExchangeInput("plain");
+ advancedTab.selectKeyForCodeExchangeInput("plain");
+ advancedTab.checkKeyForCodeExchangeInput("plain");
advancedTab.jumpToAdvanced();
advancedTab.clickAdvancedSwitches();
advancedTab.revertAdvanced();
advancedTab.jumpToAdvanced();
- advancedTab.CheckKeyForCodeExchangeInput("S256");
+ advancedTab.checkKeyForCodeExchangeInput("S256");
//uncomment when revert button reverts all switches
//and ACR to LoA Mapping + Default ACR Values
//advancedTab.checkAdvancedSwitchesOn();
@@ -786,21 +786,21 @@ describe("Clients test", () => {
it("Authentication flow override", () => {
advancedTab.jumpToAuthFlow();
- advancedTab.SelectBrowserFlowInput("browser");
- advancedTab.SelectDirectGrantInput("docker auth");
- advancedTab.CheckBrowserFlowInput("browser");
- advancedTab.CheckDirectGrantInput("docker auth");
+ advancedTab.selectBrowserFlowInput("browser");
+ advancedTab.selectDirectGrantInput("docker auth");
+ advancedTab.checkBrowserFlowInput("browser");
+ advancedTab.checkDirectGrantInput("docker auth");
advancedTab.revertAuthFlowOverride();
advancedTab.jumpToAuthFlow();
- advancedTab.CheckBrowserFlowInput("");
- advancedTab.CheckDirectGrantInput("");
- advancedTab.SelectBrowserFlowInput("browser");
- advancedTab.SelectDirectGrantInput("docker auth");
+ advancedTab.checkBrowserFlowInput("");
+ advancedTab.checkDirectGrantInput("");
+ advancedTab.selectBrowserFlowInput("browser");
+ advancedTab.selectDirectGrantInput("docker auth");
advancedTab.saveAuthFlowOverride();
- advancedTab.SelectBrowserFlowInput("first broker login");
- advancedTab.SelectDirectGrantInput("first broker login");
+ advancedTab.selectBrowserFlowInput("first broker login");
+ advancedTab.selectDirectGrantInput("first broker login");
advancedTab.revertAuthFlowOverride();
//revert doesn't work after saving.
//advancedTab.CheckBrowserFlowInput("browser");
diff --git a/apps/admin-ui/cypress/support/pages/admin_console/manage/clients/client_details/tabs/AdvancedTab.ts b/apps/admin-ui/cypress/support/pages/admin_console/manage/clients/client_details/tabs/AdvancedTab.ts
index 36e9a5c4ff..2f4a7c56b7 100644
--- a/apps/admin-ui/cypress/support/pages/admin_console/manage/clients/client_details/tabs/AdvancedTab.ts
+++ b/apps/admin-ui/cypress/support/pages/admin_console/manage/clients/client_details/tabs/AdvancedTab.ts
@@ -217,6 +217,7 @@ export default class AdvancedTab extends PageObject {
}
checkAdvancedSwitchesOn() {
+ cy.get(this.oAuthMutualSwitch).scrollIntoView();
this.assertSwitchStateOn(cy.get(this.oAuthMutualSwitch));
this.assertSwitchStateOn(
cy.get(this.pushedAuthorizationRequestRequiredSwitch)
@@ -232,7 +233,7 @@ export default class AdvancedTab extends PageObject {
return this;
}
- SelectKeyForCodeExchangeInput(input: string) {
+ selectKeyForCodeExchangeInput(input: string) {
cy.get(this.keyForCodeExchangeInput).click();
cy.get(this.keyForCodeExchangeInput + " + ul")
.contains(input)
@@ -240,7 +241,7 @@ export default class AdvancedTab extends PageObject {
return this;
}
- CheckKeyForCodeExchangeInput(input: string) {
+ checkKeyForCodeExchangeInput(input: string) {
cy.get(this.keyForCodeExchangeInput).should("have.text", input);
return this;
}
@@ -260,7 +261,7 @@ export default class AdvancedTab extends PageObject {
return this;
}
- SelectBrowserFlowInput(input: string) {
+ selectBrowserFlowInput(input: string) {
cy.get(this.browserFlowInput).click();
cy.get(this.browserFlowInput + " + ul")
.contains(input)
@@ -268,7 +269,7 @@ export default class AdvancedTab extends PageObject {
return this;
}
- SelectDirectGrantInput(input: string) {
+ selectDirectGrantInput(input: string) {
cy.get(this.directGrantInput).click();
cy.get(this.directGrantInput + " + ul")
.contains(input)
@@ -276,12 +277,12 @@ export default class AdvancedTab extends PageObject {
return this;
}
- CheckBrowserFlowInput(input: string) {
+ checkBrowserFlowInput(input: string) {
cy.get(this.browserFlowInput).should("have.text", input);
return this;
}
- CheckDirectGrantInput(input: string) {
+ checkDirectGrantInput(input: string) {
cy.get(this.directGrantInput).should("have.text", input);
return this;
}
diff --git a/apps/admin-ui/public/resources/en/clients-help.json b/apps/admin-ui/public/resources/en/clients-help.json
index 6fa1c64a45..a1636de09b 100644
--- a/apps/admin-ui/public/resources/en/clients-help.json
+++ b/apps/admin-ui/public/resources/en/clients-help.json
@@ -97,6 +97,10 @@
"advancedSettingsSaml": "This section is used to configure advanced settings of this client",
"assertionLifespan": "Lifespan set in the SAML assertion conditions. After that time the assertion will be invalid. The \"SessionNotOnOrAfter\" attribute is not modified and continue using the \"SSO Session Max\" time defined at realm level.",
"accessTokenLifespan": "Max time before an access token is expired. This value is recommended to be short relative to the SSO timeout.",
+ "clientSessionIdle": "Time a client session is allowed to be idle before it expires. Tokens are invalidated when a client session is expired. If not set it uses the standard SSO Session Idle value.",
+ "clientSessionMax": "Max time before a client session is expired. Tokens are invalidated when a client session is expired. If not set, it uses the standard SSO Session Max value.",
+ "clientOfflineSessionIdle": "Time a client offline session is allowed to be idle before it expires. Offline tokens are invalidated when a client offline session is expired. If not set it uses the Offline Session Idle value.",
+ "clientOfflineSessionMax": "Max time before a client offline session is expired. Offline tokens are invalidated when a client offline session is expired. If not set, it uses the Offline Session Max value.",
"oAuthMutual": "This enables support for OAuth 2.0 Mutual TLS Certificate Bound Access Tokens, which means that keycloak bind an access token and a refresh token with a X.509 certificate of a token requesting client exchanged in mutual TLS between keycloak's Token Endpoint and this client. These tokens can be treated as Holder-of-Key tokens instead of bearer tokens.",
"keyForCodeExchange": "Choose which code challenge method for PKCE is used. If not specified, keycloak does not applies PKCE to a client unless the client sends an authorization request with appropriate code challenge and code exchange method.",
"pushedAuthorizationRequestRequired": "Boolean parameter indicating whether the authorization server accepts authorization request data only via the pushed authorization request method.",
diff --git a/apps/admin-ui/public/resources/en/clients.json b/apps/admin-ui/public/resources/en/clients.json
index 587328e8b8..318bdf3cd8 100644
--- a/apps/admin-ui/public/resources/en/clients.json
+++ b/apps/admin-ui/public/resources/en/clients.json
@@ -479,6 +479,10 @@
"advancedSettings": "Advanced Settings",
"assertionLifespan": "Assertion Lifespan",
"accessTokenLifespan": "Access Token Lifespan",
+ "clientSessionIdle": "Client Session Idle",
+ "clientSessionMax": "Client Session Max",
+ "clientOfflineSessionIdle": "Client Offline Session Idle",
+ "clientOfflineSessionMax": "Client Offline Session Max",
"oAuthMutual": "OAuth 2.0 Mutual TLS Certificate Bound Access Tokens Enabled",
"keyForCodeExchange": "Proof Key for Code Exchange Code Challenge Method",
"pushedAuthorizationRequestRequired": "Pushed authorization request required",
diff --git a/apps/admin-ui/src/clients/advanced/AdvancedSettings.tsx b/apps/admin-ui/src/clients/advanced/AdvancedSettings.tsx
index f04c18bf07..36ce0c0e98 100644
--- a/apps/admin-ui/src/clients/advanced/AdvancedSettings.tsx
+++ b/apps/admin-ui/src/clients/advanced/AdvancedSettings.tsx
@@ -81,6 +81,46 @@ export const AdvancedSettings = ({
control={control}
/>
+
+
+
+
+
+
+
+