diff --git a/docs/documentation/server_development/topics/providers.adoc b/docs/documentation/server_development/topics/providers.adoc
index 0fcf83bba3..948c1cdc20 100644
--- a/docs/documentation/server_development/topics/providers.adoc
+++ b/docs/documentation/server_development/topics/providers.adoc
@@ -345,53 +345,6 @@ The name of the script file. This property is *mandatory* and should map to a fi
Once you have a JAR file with a descriptor and the scripts you want to deploy, you just need to copy the JAR to the {project_name} `providers/` directory, then run `bin/kc.[sh|bat] build`.
-===== Deploy the script engine on Java 15 and later
-
-To run the scripts, JavaScript providers require that a JavaScript engine is available in your Java application. Java 14 and lower versions include the Nashorn JavaScript Engine. It is
-automatically available as part of the Java itself and JavaScript providers are able to use this script engine by default. However, for Java 15 or higher versions, the script engine is not part
-of the Java itself. It needs to be added to your server because {project_name} does not have any script engine by default. Java 15 and higher versions require an extra step when deploying script
-providers - adding the script engine of your choice to your distribution.
-
-You can use any script engine. However, we only test with the Nashorn JavaScript Engine. The following steps assume that this engine is used:
-
-Install the script engine by copying the nashorn script engine JAR and its dependencies directly to the `KEYCLOAK_HOME/providers` directory. In the `pom.xml` file
-of your script project, you can declare the dependency such as this in the `dependencies` section:
-
-```xml
-
- org.openjdk.nashorn
- nashorn-core
- 15.3
-
-```
-
-and declare `maven-dependency-plugin` in the `plugins` section to copy the dependencies to the specified directory:
-
-```xml
-
- org.apache.maven.plugins
- maven-dependency-plugin
-
-
- copy-dependencies-quarkus
- package
-
- copy-dependencies
-
-
- ${project.build.directory}/keycloak-server-copy/providers
- nashorn-core,asm,asm-util,asm-commons
-
-
-
-
-```
-Once the project is built, copy the script engine and its dependencies to the `KEYCLOAK_HOME/providers` directory.
-```bash
-cp target/keycloak-server-copy/providers/*.jar KEYCLOAK_HOME/providers/
-```
-After re-augment the distribution with `kc.sh build`, the script engine should be deployed and your script providers should work.
-
=== Available SPIs
If you want to see list of all available SPIs at runtime, you can check `Server Info` page in Admin Console as described in <<_providers_admin_console,Admin Console>> section.
diff --git a/docs/documentation/upgrading/topics/keycloak/changes-21_1_0.adoc b/docs/documentation/upgrading/topics/keycloak/changes-21_1_0.adoc
new file mode 100644
index 0000000000..52b9fc1cc6
--- /dev/null
+++ b/docs/documentation/upgrading/topics/keycloak/changes-21_1_0.adoc
@@ -0,0 +1,16 @@
+= Javascript engine available by default on the classpath
+
+In the previous version, when Keycloak was used on Java 17 with Javascript providers (Script authenticator, Javascript authorization policy or Script protocol mappers for OIDC and SAML clients),
+it was needed to copy javascript engine to the distribution. This is no longer needed as Nashorn javascript engine is available in Keycloak server by default. When you deploy script providers,
+it is recommended to not copy the nashorn script engine and it's dependencies into the Keycloak distribution.
+
+= Change of the default Client ID mapper of Service Account Client
+
+Default `Client ID` mapper of `Service Account Client` has been changed. `Token Claim Name` field value has been changed from `clientId` to `client_id`.
+`client_id` claim is compliant with OAuth2 specifications:
+
+- https://datatracker.ietf.org/doc/html/rfc9068#section-2.2[JSON Web Token (JWT) Profile for OAuth 2.0 Access Tokens]
+- https://www.rfc-editor.org/rfc/rfc7662#section-2.2[OAuth 2.0 Token Introspection]
+- https://datatracker.ietf.org/doc/html/rfc8693#section-4.3[OAuth 2.0 Token Exchange]
+
+`clientId` userSession note still exists.
\ No newline at end of file
diff --git a/docs/documentation/upgrading/topics/keycloak/changes-22_0_0.adoc b/docs/documentation/upgrading/topics/keycloak/changes-22_0_0.adoc
index a866bafcf7..9b55613fe4 100644
--- a/docs/documentation/upgrading/topics/keycloak/changes-22_0_0.adoc
+++ b/docs/documentation/upgrading/topics/keycloak/changes-22_0_0.adoc
@@ -1,14 +1,3 @@
-= Change of the default Client ID mapper of Service Account Client
-
-Default `Client ID` mapper of `Service Account Client` has been changed. `Token Claim Name` field value has been changed from `clientId` to `client_id`.
-`client_id` claim is compliant with OAuth2 specifications:
-
-- https://datatracker.ietf.org/doc/html/rfc9068#section-2.2[JSON Web Token (JWT) Profile for OAuth 2.0 Access Tokens]
-- https://www.rfc-editor.org/rfc/rfc7662#section-2.2[OAuth 2.0 Token Introspection]
-- https://datatracker.ietf.org/doc/html/rfc8693#section-4.3[OAuth 2.0 Token Exchange]
-
-`clientId` userSession note still exists.
-
= Legacy Promise API removed from Keycloak JS adapter
The legacy Promise API methods have been removed from the Keycloak JS adapter. This means that calling `.success()` and `.error()` on promises returned from the adapter is no longer possible. Instead standardized Promise methods such as https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Promise/then[`.then()`] and https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Promise/catch[`.catch()`] should be used.
diff --git a/docs/documentation/upgrading/topics/keycloak/changes.adoc b/docs/documentation/upgrading/topics/keycloak/changes.adoc
index c4133a343c..229c7bf903 100644
--- a/docs/documentation/upgrading/topics/keycloak/changes.adoc
+++ b/docs/documentation/upgrading/topics/keycloak/changes.adoc
@@ -4,6 +4,10 @@
include::changes-22_0_0.adoc[leveloffset=3]
+=== Migrating to 21.1.0
+
+include::changes-21_1_0.adoc[leveloffset=3]
+
=== Migrating to 21.0.2
include::changes-21_0_2.adoc[leveloffset=3]
diff --git a/pom.xml b/pom.xml
index a90cf3053d..9064b018f8 100644
--- a/pom.xml
+++ b/pom.xml
@@ -111,7 +111,7 @@
6.0.3
2.2.3
1.6.0.Final
- 15.3
+ 15.4
1.5.4
5.0.3.Final
30.1-jre
diff --git a/quarkus/runtime/pom.xml b/quarkus/runtime/pom.xml
index 1ce06af4a3..8e60313aba 100644
--- a/quarkus/runtime/pom.xml
+++ b/quarkus/runtime/pom.xml
@@ -641,6 +641,11 @@
org.jboss.spec.javax.xml.bind
jboss-jaxb-api_2.3_spec
+
+ org.openjdk.nashorn
+ nashorn-core
+ ${nashorn.version}
+
com.sun.xml.messaging.saaj
saaj-impl
diff --git a/testsuite/integration-arquillian/servers/auth-server/quarkus/pom.xml b/testsuite/integration-arquillian/servers/auth-server/quarkus/pom.xml
index b7df0fcc3e..519a5ffabf 100644
--- a/testsuite/integration-arquillian/servers/auth-server/quarkus/pom.xml
+++ b/testsuite/integration-arquillian/servers/auth-server/quarkus/pom.xml
@@ -264,43 +264,6 @@
-
-
- jdk15
-
- [15,)
-
-
-
-
- org.openjdk.nashorn
- nashorn-core
-
-
-
-
-
-
- org.apache.maven.plugins
- maven-dependency-plugin
-
-
- copy-dependencies-quarkus
- generate-resources
-
- copy-dependencies
-
-
- ${auth.server.home}/providers
- nashorn-core,asm,asm-util,asm-commons
-
-
-
-
-
-
-
-
auth-server-fips140-2
diff --git a/testsuite/utils/pom.xml b/testsuite/utils/pom.xml
index f1d2a341b7..072c6f1e42 100755
--- a/testsuite/utils/pom.xml
+++ b/testsuite/utils/pom.xml
@@ -276,21 +276,6 @@
-
-
- jdk15
-
- [15,)
-
-
-
-
- org.openjdk.nashorn
- nashorn-core
-
-
-
-
keycloak-server