diff --git a/docs/documentation/upgrading/topics/keycloak/changes-23_0_2.adoc b/docs/documentation/upgrading/topics/keycloak/changes-23_0_2.adoc index e7b1e79891..19cb057cbb 100644 --- a/docs/documentation/upgrading/topics/keycloak/changes-23_0_2.adoc +++ b/docs/documentation/upgrading/topics/keycloak/changes-23_0_2.adoc @@ -4,4 +4,10 @@ Version 1.8.0 introduced a lower-case for the hostname and scheme when comparing For realms relying on the old behavior, the valid redirect URIs for their clients should now hold separate entries for each URI that should be recognized by the server. -Although it introduces more steps and verbosity when configuring clients, the new behavior enables more secure deployments as pattern-based checks are frequently the cause of security issues. Not only due to how they are implemented but also how they are configured. \ No newline at end of file +Although it introduces more steps and verbosity when configuring clients, the new behavior enables more secure deployments as pattern-based checks are frequently the cause of security issues. Not only due to how they are implemented but also how they are configured. + += Operator -secrets-store Secret + +Older versions of the operator created a Secret to track watched Secrets. Newer versions of the operator no longer use the -secrets-store Secret, so it may be deleted. + +If you are on 23.0.0 or 23.0.1 and see "org.keycloak.operator.controllers.KeycloakAdminSecretDependentResource -> java.lang.IllegalStateException: More than 1 secondary resource related to primary" in the operator log then either delete the -secrets-store Secret, or upgrade to 23.0.2 where this is no longer an issue. \ No newline at end of file