diff --git a/distribution/feature-packs/server-feature-pack/src/main/resources/content/bin/migrate-domain-clustered.cli b/distribution/feature-packs/server-feature-pack/src/main/resources/content/bin/migrate-domain-clustered.cli
index def555ec91..0f477458de 100644
--- a/distribution/feature-packs/server-feature-pack/src/main/resources/content/bin/migrate-domain-clustered.cli
+++ b/distribution/feature-packs/server-feature-pack/src/main/resources/content/bin/migrate-domain-clustered.cli
@@ -199,4 +199,30 @@ if ((result.default-provider == undefined) && (result.provider.default.enabled =
    echo
 end-if
 
+# Migrate from 3.0.0 to 3.2.0
+if (outcome == failed) of /profile=$clusteredProfile/subsystem=infinispan/cache-container=keycloak/distributed-cache=authenticationSessions/:read-resource
+  echo Adding distributed-cache=authenticationSessions to keycloak cache container...
+  /profile=$clusteredProfile/subsystem=infinispan/cache-container=keycloak/distributed-cache=authenticationSessions/:add(mode=SYNC,owners=1)
+  echo
+end-if
+
+if (outcome == failed) of /profile=$clusteredProfile/subsystem=infinispan/cache-container=keycloak/local-cache=actionTokens/:read-resource
+  echo Adding local-cache=actionTokens to keycloak cache container...
+  /profile=$clusteredProfile/subsystem=infinispan/cache-container=keycloak/local-cache=actionTokens/:add(indexing=NONE,start=LAZY)
+  /profile=$clusteredProfile/subsystem=infinispan/cache-container=keycloak/local-cache=actionTokens/component=eviction/:write-attribute(name=strategy,value=NONE)
+  /profile=$clusteredProfile/subsystem=infinispan/cache-container=keycloak/local-cache=actionTokens/component=eviction/:write-attribute(name=max-entries,value=-1)
+  /profile=$clusteredProfile/subsystem=infinispan/cache-container=keycloak/local-cache=actionTokens/component=expiration/:write-attribute(name=interval,value=300000)
+  /profile=$clusteredProfile/subsystem=infinispan/cache-container=keycloak/local-cache=actionTokens/component=expiration/:write-attribute(name=max-idle,value=-1)
+  echo
+end-if
+
+if (outcome == success) of /profile=$clusteredProfile/subsystem=infinispan/cache-container=keycloak/distributed-cache=authorization/:read-resource
+  echo Replacing distributed-cache=authorization with local-cache=authorization
+  /profile=$clusteredProfile/subsystem=infinispan/cache-container=keycloak/distributed-cache=authorization/:remove
+  /profile=$clusteredProfile/subsystem=infinispan/cache-container=keycloak/local-cache=authorization/:add
+  /profile=$clusteredProfile/subsystem=infinispan/cache-container=keycloak/local-cache=authorization/component=eviction/:write-attribute(name=strategy,value=LRU)
+  /profile=$clusteredProfile/subsystem=infinispan/cache-container=keycloak/local-cache=authorization/component=eviction/:write-attribute(name=max-entries,value=10000)
+  echo
+end-if
+
 echo *** End Migration of /profile=$clusteredProfile ***
\ No newline at end of file
diff --git a/distribution/feature-packs/server-feature-pack/src/main/resources/content/bin/migrate-domain-standalone.cli b/distribution/feature-packs/server-feature-pack/src/main/resources/content/bin/migrate-domain-standalone.cli
index 4547b2ac8b..fc01c29cc1 100644
--- a/distribution/feature-packs/server-feature-pack/src/main/resources/content/bin/migrate-domain-standalone.cli
+++ b/distribution/feature-packs/server-feature-pack/src/main/resources/content/bin/migrate-domain-standalone.cli
@@ -187,4 +187,22 @@ if ((result.default-provider == undefined) && (result.provider.default.enabled =
    echo
 end-if
 
+
+# Migrate from 3.0.0 to 3.2.0
+if (outcome == failed) of /profile=$standaloneProfile/subsystem=infinispan/cache-container=keycloak/local-cache=authenticationSessions/:read-resource
+  echo Adding local-cache=authenticationSessions to keycloak cache container...
+  /profile=$standaloneProfile/subsystem=infinispan/cache-container=keycloak/local-cache=authenticationSessions/:add(indexing=NONE,start=LAZY)
+  echo
+end-if
+
+if (outcome == failed) of /profile=$standaloneProfile/subsystem=infinispan/cache-container=keycloak/local-cache=actionTokens/:read-resource
+  echo Adding local-cache=actionTokens to keycloak cache container...
+  /profile=$standaloneProfile/subsystem=infinispan/cache-container=keycloak/local-cache=actionTokens/:add(indexing=NONE,start=LAZY)
+  /profile=$standaloneProfile/subsystem=infinispan/cache-container=keycloak/local-cache=actionTokens/component=eviction/:write-attribute(name=strategy,value=NONE)
+  /profile=$standaloneProfile/subsystem=infinispan/cache-container=keycloak/local-cache=actionTokens/component=eviction/:write-attribute(name=max-entries,value=-1)
+  /profile=$standaloneProfile/subsystem=infinispan/cache-container=keycloak/local-cache=actionTokens/component=expiration/:write-attribute(name=interval,value=300000)
+  /profile=$standaloneProfile/subsystem=infinispan/cache-container=keycloak/local-cache=actionTokens/component=expiration/:write-attribute(name=max-idle,value=-1)
+  echo
+end-if
+
 echo *** End Migration of /profile=$standaloneProfile ***
\ No newline at end of file
diff --git a/distribution/feature-packs/server-feature-pack/src/main/resources/content/bin/migrate-standalone-ha.cli b/distribution/feature-packs/server-feature-pack/src/main/resources/content/bin/migrate-standalone-ha.cli
index 65b6ef96ec..4d5fac67db 100644
--- a/distribution/feature-packs/server-feature-pack/src/main/resources/content/bin/migrate-standalone-ha.cli
+++ b/distribution/feature-packs/server-feature-pack/src/main/resources/content/bin/migrate-standalone-ha.cli
@@ -203,4 +203,31 @@ if ((result.default-provider == undefined) && (result.provider.default.enabled =
    /subsystem=keycloak-server/spi=connectionsInfinispan/:write-attribute(name=default-provider,value=default)
    echo
 end-if
+
+# Migrate from 3.0.0 to 3.2.0
+if (outcome == failed) of /subsystem=infinispan/cache-container=keycloak/distributed-cache=authenticationSessions/:read-resource
+  echo Adding distributed-cache=authenticationSessions to keycloak cache container...
+  /subsystem=infinispan/cache-container=keycloak/distributed-cache=authenticationSessions/:add(mode=SYNC,owners=1)
+  echo
+end-if
+
+if (outcome == failed) of /subsystem=infinispan/cache-container=keycloak/local-cache=actionTokens/:read-resource
+  echo Adding local-cache=actionTokens to keycloak cache container...
+  /subsystem=infinispan/cache-container=keycloak/local-cache=actionTokens/:add(indexing=NONE,start=LAZY)
+  /subsystem=infinispan/cache-container=keycloak/local-cache=actionTokens/component=eviction/:write-attribute(name=strategy,value=NONE)
+  /subsystem=infinispan/cache-container=keycloak/local-cache=actionTokens/component=eviction/:write-attribute(name=max-entries,value=-1)
+  /subsystem=infinispan/cache-container=keycloak/local-cache=actionTokens/component=expiration/:write-attribute(name=interval,value=300000)
+  /subsystem=infinispan/cache-container=keycloak/local-cache=actionTokens/component=expiration/:write-attribute(name=max-idle,value=-1)
+  echo
+end-if
+
+if (outcome == success) of /subsystem=infinispan/cache-container=keycloak/distributed-cache=authorization/:read-resource
+  echo Replacing distributed-cache=authorization with local-cache=authorization
+  /subsystem=infinispan/cache-container=keycloak/distributed-cache=authorization/:remove
+  /subsystem=infinispan/cache-container=keycloak/local-cache=authorization/:add
+  /subsystem=infinispan/cache-container=keycloak/local-cache=authorization/component=eviction/:write-attribute(name=strategy,value=LRU)
+  /subsystem=infinispan/cache-container=keycloak/local-cache=authorization/component=eviction/:write-attribute(name=max-entries,value=10000)
+  echo
+end-if
+
 echo *** End Migration ***
\ No newline at end of file
diff --git a/distribution/feature-packs/server-feature-pack/src/main/resources/content/bin/migrate-standalone.cli b/distribution/feature-packs/server-feature-pack/src/main/resources/content/bin/migrate-standalone.cli
index 3e0515deed..517759f3bb 100644
--- a/distribution/feature-packs/server-feature-pack/src/main/resources/content/bin/migrate-standalone.cli
+++ b/distribution/feature-packs/server-feature-pack/src/main/resources/content/bin/migrate-standalone.cli
@@ -195,4 +195,22 @@ if ((result.default-provider == undefined) && (result.provider.default.enabled =
    echo
 end-if
 
+
+# Migrate from 3.0.0 to 3.2.0
+if (outcome == failed) of /subsystem=infinispan/cache-container=keycloak/local-cache=authenticationSessions/:read-resource
+  echo Adding local-cache=authenticationSessions to keycloak cache container...
+  /subsystem=infinispan/cache-container=keycloak/local-cache=authenticationSessions/:add(indexing=NONE,start=LAZY)
+  echo
+end-if
+
+if (outcome == failed) of /subsystem=infinispan/cache-container=keycloak/local-cache=actionTokens/:read-resource
+  echo Adding local-cache=actionTokens to keycloak cache container...
+  /subsystem=infinispan/cache-container=keycloak/local-cache=actionTokens/:add(indexing=NONE,start=LAZY)
+  /subsystem=infinispan/cache-container=keycloak/local-cache=actionTokens/component=eviction/:write-attribute(name=strategy,value=NONE)
+  /subsystem=infinispan/cache-container=keycloak/local-cache=actionTokens/component=eviction/:write-attribute(name=max-entries,value=-1)
+  /subsystem=infinispan/cache-container=keycloak/local-cache=actionTokens/component=expiration/:write-attribute(name=interval,value=300000)
+  /subsystem=infinispan/cache-container=keycloak/local-cache=actionTokens/component=expiration/:write-attribute(name=max-idle,value=-1)
+  echo
+end-if
+
 echo *** End Migration ***
\ No newline at end of file
diff --git a/model/jpa/src/main/resources/META-INF/jpa-changelog-3.2.0.xml b/model/jpa/src/main/resources/META-INF/jpa-changelog-3.2.0.xml
index c453a2e627..51be2fd18c 100644
--- a/model/jpa/src/main/resources/META-INF/jpa-changelog-3.2.0.xml
+++ b/model/jpa/src/main/resources/META-INF/jpa-changelog-3.2.0.xml
@@ -19,7 +19,7 @@
 <databaseChangeLog xmlns="http://www.liquibase.org/xml/ns/dbchangelog" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.liquibase.org/xml/ns/dbchangelog http://www.liquibase.org/xml/ns/dbchangelog/dbchangelog-3.1.xsd">
 
     <changeSet author="mposolda@redhat.com" id="3.2.0">
-        <dropPrimaryKey constraintName="CONSTRAINT_OFFLINE_CL_SES_PK2" tableName="OFFLINE_CLIENT_SESSION" />
+        <dropPrimaryKey constraintName="CONSTRAINT_OFFL_CL_SES_PK2" tableName="OFFLINE_CLIENT_SESSION" />
         <dropColumn tableName="OFFLINE_CLIENT_SESSION" columnName="CLIENT_SESSION_ID" />
         <addPrimaryKey columnNames="USER_SESSION_ID,CLIENT_ID, OFFLINE_FLAG" constraintName="CONSTRAINT_OFFL_CL_SES_PK3" tableName="OFFLINE_CLIENT_SESSION"/>
     </changeSet>
diff --git a/server-spi-private/src/main/java/org/keycloak/models/session/PersistentAuthenticatedClientSessionAdapter.java b/server-spi-private/src/main/java/org/keycloak/models/session/PersistentAuthenticatedClientSessionAdapter.java
index 20c3cb6a4d..1550d93854 100644
--- a/server-spi-private/src/main/java/org/keycloak/models/session/PersistentAuthenticatedClientSessionAdapter.java
+++ b/server-spi-private/src/main/java/org/keycloak/models/session/PersistentAuthenticatedClientSessionAdapter.java
@@ -244,6 +244,15 @@ public class PersistentAuthenticatedClientSessionAdapter implements Authenticate
         @JsonProperty("action")
         private String action;
 
+        // TODO: Keeping those just for backwards compatibility. @JsonIgnoreProperties doesn't work on Wildfly - probably due to classloading issues
+        @JsonProperty("userSessionNotes")
+        private Map<String, String> userSessionNotes;
+        @JsonProperty("executionStatus")
+        private Map<String, Object> executionStatus;
+        @JsonProperty("requiredActions")
+        private Set<String> requiredActions;
+
+
         public String getAuthMethod() {
             return authMethod;
         }
@@ -292,5 +301,28 @@ public class PersistentAuthenticatedClientSessionAdapter implements Authenticate
             this.action = action;
         }
 
+        public Map<String, String> getUserSessionNotes() {
+            return userSessionNotes;
+        }
+
+        public void setUserSessionNotes(Map<String, String> userSessionNotes) {
+            this.userSessionNotes = userSessionNotes;
+        }
+
+        public Map<String, Object> getExecutionStatus() {
+            return executionStatus;
+        }
+
+        public void setExecutionStatus(Map<String, Object> executionStatus) {
+            this.executionStatus = executionStatus;
+        }
+
+        public Set<String> getRequiredActions() {
+            return requiredActions;
+        }
+
+        public void setRequiredActions(Set<String> requiredActions) {
+            this.requiredActions = requiredActions;
+        }
     }
 }
diff --git a/server-spi-private/src/main/java/org/keycloak/models/session/PersistentUserSessionAdapter.java b/server-spi-private/src/main/java/org/keycloak/models/session/PersistentUserSessionAdapter.java
index 170d381c49..23436e05e0 100644
--- a/server-spi-private/src/main/java/org/keycloak/models/session/PersistentUserSessionAdapter.java
+++ b/server-spi-private/src/main/java/org/keycloak/models/session/PersistentUserSessionAdapter.java
@@ -50,7 +50,9 @@ public class PersistentUserSessionAdapter implements UserSessionModel {
         data.setNotes(other.getNotes());
         data.setRememberMe(other.isRememberMe());
         data.setStarted(other.getStarted());
-        data.setState(other.getState());
+        if (other.getState() != null) {
+            data.setState(other.getState().toString());
+        }
 
         this.model = new PersistentUserSessionModel();
         this.model.setUserSessionId(other.getId());
@@ -192,12 +194,24 @@ public class PersistentUserSessionAdapter implements UserSessionModel {
 
     @Override
     public State getState() {
-        return getData().getState();
+        String state = getData().getState();
+
+        if (state == null) {
+            return null;
+        }
+
+        // Migration to Keycloak 3.2
+        if (state.equals("LOGGING_IN")) {
+            return State.LOGGED_IN;
+        }
+
+        return State.valueOf(state);
     }
 
     @Override
     public void setState(State state) {
-        getData().setState(state);
+        String stateStr = state==null ? null : state.toString();
+        getData().setState(stateStr);
     }
 
     @Override
@@ -243,7 +257,7 @@ public class PersistentUserSessionAdapter implements UserSessionModel {
         private Map<String, String> notes;
 
         @JsonProperty("state")
-        private State state;
+        private String state;
 
         public String getBrokerSessionId() {
             return brokerSessionId;
@@ -301,11 +315,11 @@ public class PersistentUserSessionAdapter implements UserSessionModel {
             this.notes = notes;
         }
 
-        public State getState() {
+        public String getState() {
             return state;
         }
 
-        public void setState(State state) {
+        public void setState(String state) {
             this.state = state;
         }
     }
diff --git a/testsuite/integration/src/test/resources/log4j.properties b/testsuite/integration/src/test/resources/log4j.properties
index dcff0ec3a0..2c6e8849ca 100755
--- a/testsuite/integration/src/test/resources/log4j.properties
+++ b/testsuite/integration/src/test/resources/log4j.properties
@@ -21,7 +21,9 @@ log4j.appender.stdout=org.apache.log4j.ConsoleAppender
 log4j.appender.stdout.layout=org.apache.log4j.PatternLayout
 log4j.appender.stdout.layout.ConversionPattern=%d{HH:mm:ss,SSS} %-5p %t [%c] %m%n
 
-log4j.logger.org.keycloak=info
+# For debug, run KeycloakServer with -Dkeycloak.logging.level=debug
+keycloak.logging.level=info
+log4j.logger.org.keycloak=${keycloak.logging.level}
 
 
 # Enable to view events