libre.sh/keycloak-scim
3
0
Fork 0
Code Issues 15 Pull requests Releases Packages Activity Actions
26435 commits 4 branches 5 tags 483 MiB
Commit graph

178 commits

Author SHA1 Message Date
Simon Levermann
dcf1d83199
Enable enforcement of a minimum ACR at the client level (#16884) (#33205) 
closes #16884 

Signed-off-by: Simon Levermann <github@simon.slevermann.de>
 2024-10-21 13:54:02 +02:00
mposolda
dbcb3151a9 Align admin console for client for backchannel and frontchannel logout 
closes #10138

Signed-off-by: mposolda <mposolda@gmail.com>

Co-authored-by: Erik Jan de Wit <edewit@redhat.com>
Signed-off-by: Marek Posolda <mposolda@gmail.com>
 2024-10-21 11:32:03 +02:00
Jake
946798aa01
Small grammatical error in documentation 
Closes #34009

Signed-off-by: Jake <156826184+jlanning-gl@users.noreply.github.com>
 2024-10-16 18:49:49 +02:00
Stefan Guilhen
a832381a37 Add section to clarify the impact of having imported LDAP users when performing searches 
Closes #16451

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
 2024-10-11 11:01:14 -03:00
vramik
b7eaa9b0cb Wildcard search not working for custom user attributes 
Closes #32451

Signed-off-by: vramik <vramik@redhat.com>
 2024-10-03 08:48:36 -03:00
Maksim Zvankovich
35eba8be8c Add option to include the organization id in the organization claims 
Closes #32746

Signed-off-by: Maksim Zvankovich <m.zvankovich@nexovagroup.eu>
Co-authored-by: Stefan Guilhen <sguilhen@redhat.com>
 2024-10-03 08:11:36 -03:00
vramik
c1653448f3 [Organizations] Allow orgs to define the redirect URL after user registers or accepts invitation link 
Closes #33201

Signed-off-by: vramik <vramik@redhat.com>
 2024-10-02 07:37:48 -03:00
Jon Koops
21704a70c1
Update documentation and release notes for Keycloak JS (#33409) 
Closes #32843

Signed-off-by: Jon Koops <jonkoops@gmail.com>
 2024-10-01 10:29:23 +02:00
vramik
412f1f85a9 Update Organization documentation 
Closes #33410

Signed-off-by: vramik <vramik@redhat.com>
 2024-10-01 09:29:49 +02:00
Stefan Guilhen
b717810061
Update organizations documentation in the server admin guide 
Closes #33199

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
 2024-09-27 16:27:54 +02:00
Stefan Guilhen
d87f67b4e6
Fix duplicated screenshots in the Fine grain admin permissions section of the Server Admin Guide 
Closes #31083

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
 2024-09-27 09:04:01 +02:00
Jon Koops
021a2af2fd
Compute SHA-256 digest for PKCE using the Web Crypto API (#33251) 
Closes #33250

Signed-off-by: Jon Koops <jonkoops@gmail.com>
 2024-09-25 16:19:16 +02:00
Jon Koops
188893222f Remove references of statically served Keycloak JS from documentation 
Closes #32821

Signed-off-by: Jon Koops <jonkoops@gmail.com>
 2024-09-12 09:38:00 +02:00
Alexander Schwartz
b88ecc0237
Removing the extra two-minute Window for persistent user sessions (#32660) 
Closes #28418

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Signed-off-by: Michal Hajas <mhajas@redhat.com>
Co-authored-by: Michal Hajas <mhajas@redhat.com>
 2024-09-09 09:28:48 +02:00
Theresa Henze
a1c23fef8c introduce event types to update/remove credentials 
Closes #10114

Signed-off-by: Theresa Henze <theresa.henze@bare.id>
 2024-09-03 18:27:27 +02:00
Thomas Darimont
88a5c96fff
Add kc_action to redirect URI after a required action is cancelled (#31925) 
Closes #31894

Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>
 2024-09-03 14:26:23 +00:00
Michal Hajas
af53af1506
Document persistent sessions are enabled by default 
Closes #32387

Signed-off-by: Michal Hajas <mhajas@redhat.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Pedro Ruivo <pruivo@users.noreply.github.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
 2024-08-30 09:20:58 +00:00
Yuvi Panda
5210b7e546 Use Google as example, not Google+ 
Google+ no longer exists

Signed-off-by: Yuvi Panda <yuvipanda@gmail.com>
 2024-08-26 10:18:52 +02:00
Pedro Igor
c1f6d5ca64 Support for selecting an organization when requesting the organization scope 
Closes #31438

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2024-08-21 13:04:58 +02:00
Yoshiyuki Tabata
cb6eb187ac Client Policy - Condition : Client - Client Attribute 
Closes https://github.com/keycloak/keycloak/issues/31766

Signed-off-by: Yoshiyuki Tabata <yoshiyuki.tabata.jy@hitachi.com>
 2024-08-14 09:56:56 +02:00
Alexander Schwartz
d4991ce56f Fix server guide cross-references for downstream docs 
Closes #31947

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2024-08-13 14:51:01 -03:00
Tero Saarni
62fd969fe1
Allow requests from local IPv6 addresses 
If administrator selects EXTERNAL for Require SSL setting, allow clear-text
HTTP requests when client is coming from IPv6 link-local or unique local
address (ULA).

Previously only private IPv4 addresses were allowed and private IPv6 addresses
were rejected.

Closes #30678

Signed-off-by: Tero Saarni <tero.saarni@est.tech>
 2024-08-05 16:38:55 +02:00
rmartinc
942d5d0aa3 Convert chapter planning for securing applications and services to guides 
Final removal of the securing_apps documentation
Final checks for links, order and other minor things
Closes #31328

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2024-08-01 16:45:56 +02:00
rmartinc
b07b120f2a Convert chapter client registration CLI from securing apps into guides 
Closes #31333

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2024-07-30 18:30:46 +02:00
Marek Posolda
5b52117351
Documentation for Delete Credential action and related changes (#31719) 
closes #31718


Signed-off-by: mposolda <mposolda@gmail.com>
Signed-off-by: Marek Posolda <mposolda@gmail.com>
Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
 2024-07-30 10:05:14 +02:00
Giuseppe Graziano
c3019fb2d3
Move oidc documentation to guides (#31627) 
Closes #31329

Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>
 2024-07-30 09:46:14 +02:00
Pedro Igor
f4b1a5ca88 Updating docs 
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2024-07-24 15:12:16 -03:00
Maciej Mierzwa
97e89e2071 feature: password age in days policy 
Closes #30210

Signed-off-by: Maciej Mierzwa <dev.maciej.mierzwa@gmail.com>
 2024-07-24 15:12:16 -03:00
rmartinc
9f2eddead8 Re-add notes about not supporting DPoP and holder-of-key in the remaining adapters 
Closes #30874

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2024-07-24 11:55:47 +02:00
rmartinc
764ef4831a Release notes and some notes for JavaKeystoreProvider changes 
Closes #31226

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2024-07-17 10:44:45 +02:00
Thomas Darimont
e79d10e71e
Add missing user event translations to admin-ui 
Fixes #27677

Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
 2024-07-12 10:04:57 +02:00
Steven Hawkins
4970a9b729
fix: deprecate KEYCLOAK_ADMIN and KEYCLOAK_ADMIN_PASSWORD 
closes: #30658

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
Signed-off-by: Steven Hawkins <shawkins@redhat.com>
Co-authored-by: Jon Koops <jonkoops@gmail.com>
 2024-07-11 18:07:57 +02:00
rmartinc
e80c3fee9b Change link to https://github.com/eclipse/microprofile/wiki/JWT_Auth 
Closes #31219

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2024-07-11 18:03:57 +02:00
rmartinc
096e335a92 Support for vault and AES and HMAC algorithms to JavaKeystoreKeyProvider 
Closes #30880
Closes #29755

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2024-07-11 12:40:45 +02:00
Lucy Linder
0f7c2364f0 Update links in ReCAPTCHA doc 
Google links changed and are now causing redirect issues reports.

Closes: #31187

Signed-off-by: Lucy Linder <lucy.derlin@gmail.com>
 2024-07-11 00:27:09 +02:00
Martin Kanis
922eaa9fc8
Disable username prohibited chars validator when email as username is… (#31140) 
* Disable username prohibited chars validator when email as the username is set

Closes #25339

Signed-off-by: Martin Kanis <mkanis@redhat.com>
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>
 2024-07-10 09:46:24 -03:00
Pedro Igor
b745ac8259 Documenting LDAP connection pooling 
Closes #30995

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2024-07-04 13:21:47 +02:00
Christoph Schulz
657aff787f
Add missing comma to (#30914) 
Signed-off-by: Christoph Schulz <mail@ciis0.de>
Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net>
 2024-06-28 13:13:13 +00:00
Stan Silvert
a1445cd93f
Minor doc fix. (#30899) 
Signed-off-by: Stan Silvert <ssilvert@redhat.com>
 2024-06-27 16:18:32 -04:00
Douglas Palmer
54f4ab50f0 Broken external links 
Closes #30717

Signed-off-by: Douglas Palmer <dpalmer@redhat.com>
 2024-06-25 09:55:50 +02:00
Pedro Igor
a0ad680346 Adding an alias to organization and exposing them to templates 
Closes #30312
Closes #30313

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2024-06-20 14:36:14 -03:00
CARBONNEAUX Mathieu
acf79b81c7
add RS256 algorithm to webauthn default policy (#30528) 
closes #28020 

Signed-off-by: Mathieu CARBONNEAUX <mathieu.carbonneaux@ch2o.info>
 2024-06-19 10:16:46 +02:00
Thibault Morin
f6fa869b12
feat(SAML): add Artifact Binding on brokering scenarios when Keycloak is SP (#29619) 
* feat: add Artifact Binding on brokering scenarios when Keycloak is SP

Signed-off-by: tmorin <git@morin.io>

* Adding broker test and minor improvements

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>

* Fixing IdentityProviderTest

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>

* Renaming methods related to idp initiated flows

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>

* Fixing partial_import_test.spec.ts

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>

---------

Signed-off-by: tmorin <git@morin.io>
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>
 2024-06-14 08:54:49 -03:00
daviddelannoy
d4fc5249c4
fix label error for persistent-user-sessions feature flag in documentation 
Closes #30368

Signed-off-by: daviddelannoy <16318239+daviddelannoy@users.noreply.github.com>
 2024-06-12 09:32:10 +00:00
Pedro Igor
22da43c619
Fixing broken link (#30299) 
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2024-06-10 15:22:48 +02:00
Pedro Igor
c35bf11b1b
Adding organization section (#29796) 
Closes #28731

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
 2024-06-10 09:08:50 +02:00
Steven Hawkins
c7e9ee2bff
fix: adds handling for all kcadm prompts as env variables (#29430) 
closes: #21961

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
 2024-06-06 13:08:23 +00:00
Marek Posolda
79c8c80058
Example for X.509 direct grant flow authentication (#30203) 
closes #29639

Signed-off-by: mposolda <mposolda@gmail.com>


Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
 2024-06-06 11:58:09 +02:00
Marek Posolda
193439788e
Release notes for support application/jwt response in token introspec… (#30105) 
closes #30104

Signed-off-by: mposolda <mposolda@gmail.com>


Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
 2024-06-04 06:49:13 +02:00
Martin Bartoš
262fc09edc
OpenJDK 21 support (#28518) 
* OpenJDK 21 support

Closes #28517

Co-authored-by: Václav Muzikář <vaclav@muzikari.cz>
Signed-off-by: Martin Bartoš <mabartos@redhat.com>

* x509 SAN UPN other name is not handled in JDK 21 (#904)

closes #29968

Signed-off-by: mposolda <mposolda@gmail.com>

---------

Signed-off-by: Martin Bartoš <mabartos@redhat.com>
Signed-off-by: mposolda <mposolda@gmail.com>
Co-authored-by: Václav Muzikář <vaclav@muzikari.cz>
Co-authored-by: Marek Posolda <mposolda@gmail.com>
 2024-06-03 14:17:28 +02:00