Release notes and upgrade notes to KEYCLOAK-11971

release_notes/topics/8_0_0.adoc

@@ -57,6 +57,10 @@ are supported now. Thanks to https://github.com/madgaet[madgaet] and https://git
 
 Thanks to https://github.com/jonkoops[jonkoops] now it's possible to enable or disable logging for the JS adapter.
 
+== Credentials support removed from the JavaScript adapter
+
+The option to provide client credentials in the JavaScript adapter was removed. Thanks to https://github.com/jonkoops[jonkoops] 
+
 == Updates for Gatekeeper 
 
 * Secure token and logout endpoint were included in Gatekeeper. Thanks to https://github.com/fredbi[fredbi]
@@ -67,4 +71,4 @@ ifeval::[{project_community}==true]
 == Deploying Scripts to the Server
 
 Please take a look at link:{releasenotes_link}#keycloak-7-0-1-final[7.0.1 {releasenotes_name}] for more details on how you can now deploy and run scripts to customize specific behavior.
-endif::[]
+endif::[]

upgrading/topics/keycloak/changes.adoc

@@ -26,6 +26,10 @@ through the RESTful Admin API.
 For now on, this capability is *disabled* by default and users should prefer to deploy scripts directly to the server. For more details,
 please take a look at link:{developerguide_jsproviders_link}[{developerguide_jsproviders_name}].
 
+==== Client Credentials in the JavaScript adapter
+
+In the previous releases, developers were allowed to provide client credentials to the JavaScript adapter. For now on, this capability was *removed*, because client-side apps are not safe to keep secrets.
+
 === Migrating to 7.0.0
 
 ==== Upgrade to Wildfly 17