mposolda
7af753e166
Documentation for AIA
...
closes #25569
Signed-off-by: mposolda <mposolda@gmail.com>
Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
2024-02-12 09:42:34 +01:00
Thomas Darimont
93fc6a6c54
Shorter lifespan for offline session cache entries in memory
...
Closes #26810
Co-authored-by: Thomas Darimont <thomas.darimont@googlemail.com>
Co-authored-by: Martin Kanis <mkanis@redhat.com>
Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>
Signed-off-by: Martin Kanis <mkanis@redhat.com>
2024-02-09 19:44:04 +01:00
stianst
d2f74dd83d
Fix anchors in securing apps guide in prod profile
...
Closes #26853
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2024-02-09 12:31:30 +01:00
Pedro Igor
b91ad23b20
Update theme documentation about the considerations when deploying custom themes ( #26885 )
...
Related #23907
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
2024-02-09 04:21:54 +01:00
Steven Hawkins
77581d2527
fix: change from operator. to kc.operator. keys ( #26414 )
...
closes #12352
Signed-off-by: Steve Hawkins <shawkins@redhat.com>
2024-02-08 15:03:20 +01:00
Michal Hajas
de598577b1
Fix confusing SAML NameId mapper format tooltip
...
Closes #26051
Signed-off-by: Michal Hajas <mhajas@redhat.com>
Co-authored-by: Hynek Mlnařík <hmlnarik@users.noreply.github.com>
2024-02-08 11:21:11 +01:00
Stian Thorgersen
cd1e483134
Remove section on adding custom attributes with account v1 and custom themes ( #26858 )
...
Closes #26856
Signed-off-by: stianst <stianst@gmail.com>
2024-02-08 07:28:32 +01:00
Michael Schnitzler
fdfe41bdda
fix documentation for resetting OTP in "reset credentials" flow ( #26834 )
...
The former version stated that the "Reset OTP" step had to be disabled in the "reset credentials" authentication flow in order to keep the OTP unchanged. This leads to an error. More precisely, the "Reset - Conditional OTP" sub-flow has to be disabled.
Fixex #26834
Signed-off-by: Michael Schnitzler <schnitzler.michael+github@gmail.com>
2024-02-07 11:57:58 -03:00
Tero Saarni
ac1780a54f
Added event for temporary lockout for brute force protector ( #26630 )
...
This change adds event for brute force protector when user account is
temporarily disabled.
It also lowers the priority of free-text log for failed login attempts.
Signed-off-by: Tero Saarni <tero.saarni@est.tech>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
2024-02-07 14:13:33 +00:00
zak905
bcd423b270
rephrase sentence in changes-22_0_0.adoc for more clarity
...
Signed-off-by: zak905 <zakaria.amine88@gmail.com>
2024-02-07 09:32:43 -03:00
zak905
c7db7bd528
Update custom rest endpoint documentation and example
...
Add a mention about beans.xml and @Provider in the extending server documentation
Add beans.xml in the rest provider example
Add a mention about @Provider in the upgrading guides
Closes #25882
Signed-off-by: zak905 <zakaria.amine88@gmail.com>
Address suggested change for docs/documentation/server_development/topics/extensions.adoc
Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>
Address suggested change for docs/documentation/server_development/topics/extensions.adoc
Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>
Signed-off-by: zak905 <zakaria.amine88@gmail.com>
Address suggested change for docs/documentation/upgrading/topics/keycloak/changes-22_0_0.adoc
Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>
Signed-off-by: zak905 <zakaria.amine88@gmail.com>
2024-02-07 09:32:43 -03:00
mposolda
ab7426b857
User profile migration documentation for default validations and strange attributes
...
closes #26634
closes #25979
Signed-off-by: mposolda <mposolda@gmail.com>
Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
2024-02-06 16:48:03 -03:00
Stian Thorgersen
c4b1fd092a
Use code from RestEasy to create and set cookies ( #26558 )
...
Closes #26557
Signed-off-by: stianst <stianst@gmail.com>
2024-02-06 15:14:04 +01:00
Hynek Mlnarik
c866e8e6f9
Introduce index.ftl into base account theme
...
Fixes : #26487
Signed-off-by: Hynek Mlnarik <hmlnarik@redhat.com>
2024-02-06 14:29:07 +01:00
Alexander Schwartz
43c200a8ce
Update migration guide
...
Closes #26490
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2024-02-05 14:41:44 +01:00
Pedro Igor
4338f44955
Reviewing the user profile documentation
...
Closes #26154
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
2024-02-02 17:14:51 +01:00
christian-2
e14b523a8d
Fixes typo in Server Administration guide ( #26543 )
...
Signed-off-by: Christian Hörtnagl <christian2@univie.ac.at>
2024-02-01 19:36:32 +01:00
mposolda
56a605fae7
Documentation for SuppressRefreshTokenRotationExecutor
...
closes #26587
Signed-off-by: mposolda <mposolda@gmail.com>
Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
2024-02-01 17:18:50 +01:00
Martin Bartoš
14d97ca9ea
Update Maven dependency versions for docs
...
Update Maven Wrapper version
Closes #26689
Fixes #26686
Signed-off-by: Martin Bartoš <mabartos@redhat.com>
2024-02-01 13:42:25 +01:00
Pedro Igor
3a7ce54266
Allow formating numbers when rendering attributes
...
Closes keycloak#26320
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
2024-02-01 08:14:58 -03:00
Martin Kanis
a3fcacdab7
Map Store Removal: deprecate model legacy module
...
Closes #26598
Signed-off-by: Martin Kanis <mkanis@redhat.com>
2024-01-31 17:40:45 +01:00
Steven Hawkins
f55e903092
Convert watching to polling and adding infinispan config file support ( #26510 )
...
Signed-off-by: Steve Hawkins <shawkins@redhat.com>
2024-01-31 12:57:34 +00:00
Stian Thorgersen
bc3c27909e
Cookie Provider ( #26499 )
...
Closes #26500
Signed-off-by: stianst <stianst@gmail.com>
2024-01-26 10:45:00 +01:00
Martin Kanis
7797f778d1
Map Store Removal: Rename legacy modules
...
Closes #24107
Signed-off-by: Martin Kanis <mkanis@redhat.com>
2024-01-25 16:29:16 +01:00
Thomas Darimont
e7363905fa
Change password hashing defaults according to OWASP recommendations ( #16629 )
...
Changes according to the latest [OWASP cheat sheet for secure Password Storage](https://cheatsheetseries.owasp.org/cheatsheets/Password_Storage_Cheat_Sheet.html#pbkdf2 ):
- Changed default password hashing algorithm from pbkdf2-sha256 to pbkdf2-sha512
- Increased number of hash iterations for pbkdf2-sha1 from 20.000 to 1.300.000
- Increased number of hash iterations for pbkdf2-sha256 from 27.500 to 600.000
- Increased number of hash iterations for pbkdf2-sha512 from 30.000 to 210.000
- Adapt PasswordHashingTest to new defaults
- The test testBenchmarkPasswordHashingConfigurations can be used to compare the different hashing configurations.
- Document changes in changes document with note on performance and how
to keep the old behaviour.
- Log a warning at the first time when Pbkdf2PasswordHashProviderFactory is used directly
Fixes #16629
Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>
2024-01-24 18:35:51 +01:00
Stian Thorgersen
fea49765f0
Remove Jetty 9.4 adapters ( #26261 )
...
Only removing the distribution of the Jetty adapter for now, and leaving the rest for now. This is due to the complexity of removing all Jetty adapter code due to Spring, OSGI, Fuse, testsuite, etc. and it will be better to leave the rest of the clean-up to after 24 when we are removing most adapters
Closes #26255
Signed-off-by: stianst <stianst@gmail.com>
2024-01-24 11:17:29 +01:00
Martin Kanis
84603a9363
Map Store Removal: Rename Legacy* classes ( #26273 )
...
Closes #24105
Signed-off-by: Martin Kanis <mkanis@redhat.com>
2024-01-23 13:50:31 +00:00
Jon Koops
5bf2d4b6ec
Enable PKCE by default for Keycloak JS ( #26412 )
...
Closes #26411
Signed-off-by: Jon Koops <jonkoops@gmail.com>
2024-01-23 14:04:13 +01:00
rmartinc
2f0a0b6ad8
Remove deprecated mode for saml encryption
...
Closes #26291
Signed-off-by: rmartinc <rmartinc@redhat.com>
2024-01-18 16:52:10 +01:00
Lex Cao
a960d0d8fa
Add upgrading docs for changes to send-verify-email API
...
Closes #26146 .
Signed-off-by: Lex Cao <lexcao@foxmail.com>
2024-01-18 09:48:01 +01:00
Alexander Schwartz
b9498b91cb
Deprecating the offline session preloading ( #26160 )
...
Closes #25300
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2024-01-16 09:29:01 +01:00
Luca Orlandi
d70dd9db67
Update placeholders for hostname and port ( #24153 )
...
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
2024-01-11 12:05:05 +01:00
Kévin Martins
16dddfa49c
Complete the documentation for the use case of a resource from an email template. ( #25705 )
...
Signed-off-by: Kevin MARTINS <k.martins@ubitransport.com>
2024-01-10 18:08:04 -03:00
AndyMunro
b875acbc20
Change RHDG to Infinispan
...
Closes #26083
Signed-off-by: AndyMunro <amunro@redhat.com>
2024-01-10 17:18:50 +01:00
rmartinc
179ca3fa3a
Sanitize logs in JBossLoggingEventListenerProvider
...
Closes #25078
Signed-off-by: rmartinc <rmartinc@redhat.com>
2024-01-10 16:50:27 +01:00
Alexander Schwartz
4be4212dca
Remove conditionals about Linux vs. Windows ( #26031 )
...
Closes #26028
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2024-01-10 16:03:38 +01:00
Alexander Schwartz
01939bcf34
Remove concurrent loading of remote sessions as at startup time only one node is up anyway. ( #25709 )
...
Closes #22082
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Martin Kanis <martin-kanis@users.noreply.github.com>
2024-01-09 16:55:22 +01:00
shigeyuki kabano
8b65e6727b
Creating documentation for Lightweight access token( #25743 )
...
Closes keycloak#23725
Signed-off-by: shigeyuki kabano <shigeyuki.kabano.sj@hitachi.com>
2024-01-09 09:48:20 +01:00
Pedro Igor
7fad0e805e
Improve brute force documentation around how the effective wait time is calculated
...
Closes #25915
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net>
Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
2024-01-09 07:50:17 +00:00
Sebastian Schuster
92d6da437b
Fixed tiny doc typo ( #26012 )
...
Signed-off-by: Sebastian Schuster <sebastian.schuster@bosch.io>
2024-01-09 08:02:02 +01:00
Douglas Palmer
58d167fe59
Deleting a User or User Group might cause that all users suddenly get the permissions of the deleted user.
...
Closes #24651
Signed-off-by: Douglas Palmer <dpalmer@redhat.com>
2024-01-08 19:32:01 -03:00
Alexander Schwartz
badf3f461d
Making metrics with labels for embedded Infinispan the default
...
Closes #25935
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2024-01-08 21:29:03 +01:00
Jon Koops
ddcaa6dcbf
Add release announcement and migration for new welcome theme ( #25895 )
...
Closes #25894
Signed-off-by: Jon Koops <jonkoops@gmail.com>
2024-01-08 13:10:51 +00:00
Steven Hawkins
7bde7c30cc
fix: do not split on space for option errors ( #25876 )
...
closes #25783
Signed-off-by: Steve Hawkins <shawkins@redhat.com>
2024-01-05 13:01:17 +01:00
Pedro Igor
8ff9e71eae
Do not allow verifying email from a different account
...
Closes #14776
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
2024-01-05 12:45:07 +01:00
Ben Cresitello-Dittmar
057d8a00ac
Implement Authentication Method Reference (AMR) claim from OIDC specification
...
This implements a method for configuring authenticator reference values for Keycloak authenticator executions and a protocol mapper for populating the AMR claim in the resulting OIDC tokens.
This implementation adds a default configuration item to each authenticator execution, allowing administrators to configure an authenticator reference value. Upon successful completion of an authenticator during an authentication flow, Keycloak tracks the execution ID in a user session note.
The protocol mapper pulls the list of completed authenticators from the user session notes and loads the associated configurations for each authenticator execution. It then captures the list of authenticator references from these configs and sets it in the AMR claim of the resulting tokens.
Closes #19190
Signed-off-by: Ben Cresitello-Dittmar <bcresitellodittmar@mitre.org>
2024-01-03 14:59:05 -03:00
Steven Hawkins
667ce4be9e
enhance: supporting versioned features ( #24811 )
...
also adding a common PropertyMapper validation method
closes #24668
Co-authored-by: Václav Muzikář <vaclav@muzikari.cz>
Co-authored-by: Martin Bartoš <mabartos@redhat.com>
2024-01-03 17:56:31 +01:00
Pedro Igor
ceb085e7b8
Update the UPDATE_EMAIL feature to rely on the user profile configuration when rendering templates and validating the email
...
Closes #25704
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
2023-12-20 15:15:06 -03:00
Takashi Norimatsu
751cadc514
Documentation about Australia Consumer Data Right security profile
...
closes #25236
Signed-off-by: Takashi Norimatsu <takashi.norimatsu.ws@hitachi.com>
2023-12-19 21:06:03 +01:00
Konstantinos Georgilakis
ba8c22eaf0
Scope parameter in Oauth 2.0 token exchange
...
Closes #21578
Signed-off-by: cgeorgilakis-grnet <cgeorgilakis@admin.grnet.gr>
2023-12-18 15:44:26 -03:00
Pedro Igor
778847a3ce
Updating theme templates to render user attributes based on the user profile configuration
...
Closes #25149
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
2023-12-18 15:35:52 -03:00
Steven Hawkins
bee7595275
fix: adding the kube ca cert to the truststores
...
closes #10794
Signed-off-by: Steve Hawkins <shawkins@redhat.com>
Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net>
2023-12-18 15:56:43 +01:00
Steven Hawkins
e148021a67
fix: adding filtering to ignore anything runtime during a build ( #25434 )
...
fix: adding filtering to ignore anything runtime during a build
closes : #25166
Signed-off-by: Steve Hawkins <shawkins@redhat.com>
Co-authored-by: Martin Bartoš <mabartos@redhat.com>
2023-12-18 12:50:47 +00:00
Marek Posolda
be935c2763
Incorrect version of the fix in release notes ( #25661 )
...
closes #25660
Signed-off-by: mposolda <mposolda@gmail.com>
2023-12-18 11:56:58 +01:00
Takashi Norimatsu
59536becec
Client policies : executor for enforcing DPoP
...
closes #25315
Signed-off-by: Takashi Norimatsu <takashi.norimatsu.ws@hitachi.com>
2023-12-18 10:45:18 +01:00
AndyMunro
2853136bbb
Remove topic on user attributes in Account Console
...
Closes #22555
Signed-off-by: AndyMunro <amunro@redhat.com>
2023-12-15 12:07:35 +01:00
Erwin Rooijakkers
860978b15a
Change arg of getSubGroups to briefRepresentation
...
Parameter name briefRepresentation should mean briefRepresentation,
not full. This way callers will by default get the full
representation, unless true is passed as value for
briefRepresentation.
Fixes #25096
Signed-off-by: Erwin Rooijakkers <erwin@rooijakkers.software>
2023-12-14 17:23:27 +01:00
Steven Hawkins
08751001db
enhance: adds truststores to the keycloak cr ( #25215 )
...
also generally correcting the misspelling trustore
closes : #24798
Signed-off-by: Steve Hawkins <shawkins@redhat.com>
2023-12-14 11:15:06 -03:00
Václav Muzikář
e4c348e99e
Add new --proxy-headers
option ( #25178 )
...
* Add new `--proxy-headers` option
Closes #23431
Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>
Co-authored-by: Martin Bartoš <mabartos@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
* Address review comments vol. 03
Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>
* Address review comments vol. 04
Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>
---------
Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>
Co-authored-by: Martin Bartoš <mabartos@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
2023-12-13 10:48:12 -03:00
Pedro Igor
fa79b686b6
Refactoring user profile interfaces and consolidating user representation for both admin and account context
...
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
2023-12-13 08:27:55 +01:00
Steven Hawkins
4db4982e9d
enhance: adding a start optimized flag ( #25216 )
...
closes : #25015
Update docs/guides/operator/customizing-keycloak.adoc
Update docs/documentation/release_notes/topics/24_0_0.adoc
Update operator/src/main/java/org/keycloak/operator/crds/v2alpha1/deployment/KeycloakSpec.java
Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>
Co-authored-by: Václav Muzikář <vaclav@muzikari.cz>
2023-12-11 16:15:16 +00:00
Steven Hawkins
ba3451ff2e
doc: adding a note about removing the ( #25436 )
...
closes : #25307
Signed-off-by: Steve Hawkins <shawkins@redhat.com>
2023-12-08 17:47:33 +01:00
Alexander Schwartz
a08f112f79
Add links to guides and GitHub discussions ( #25271 )
...
This should increase the likelihood for feedback
Closes #25270
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2023-12-05 08:57:52 +01:00
Michal Hajas
cafc238ff2
Add documentation for lb-check
...
Closes #25077
Signed-off-by: Michal Hajas <mhajas@redhat.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
2023-11-30 12:47:06 +00:00
Steven Hawkins
8c3df19722
feature: add option for creating a global truststore ( #24473 )
...
closes #24148
Co-authored-by: Václav Muzikář <vaclav@muzikari.cz>
Co-authored-by: Martin Bartoš <mabartos@redhat.com>
2023-11-30 08:57:17 +01:00
rmartinc
16afecd6b4
Allow automatic download of SAML certificates in the identity provider
...
Closes https://github.com/keycloak/keycloak/issues/24424
Signed-off-by: rmartinc <rmartinc@redhat.com>
2023-11-29 18:03:31 +01:00
rmartinc
3bc028fe2d
Remove lowercase for the hostname as recommended/advised by OAuth spec
...
Closes https://github.com/keycloak/keycloak/issues/25001
Signed-off-by: rmartinc <rmartinc@redhat.com>
2023-11-29 10:26:00 -03:00
Takashi Norimatsu
29aec9c5b5
Documentation Inconsistency about Open Banking(Finance) Brasil FAPI security profile
...
closes #25108
Signed-off-by: Takashi Norimatsu <takashi.norimatsu.ws@hitachi.com>
2023-11-29 07:39:51 -03:00
Steven Hawkins
dacee3a36b
doc: adding a note that quoting all of the arguments no longer works ( #25083 )
...
closes #25018
Signed-off-by: Steve Hawkins <shawkins@redhat.com>
2023-11-28 14:31:47 +01:00
Jon Koops
48fc29a5c6
Use exports
field for Keycloak JS ( #24974 )
...
Closes #24923
Signed-off-by: Jon Koops <jonkoops@gmail.com>
2023-11-24 10:50:02 +01:00
Stian Thorgersen
f41383a851
Release notes editorial for 23 ( #24972 )
...
Signed-off-by: stianst <stianst@gmail.com>
2023-11-23 13:34:45 +01:00
Alexander Schwartz
834ef79509
Adding a Keycloak High Availability section to Keycloak's docs
...
The content was moved over from the Keycloak Benchmark subproject.
Closes #24844
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Pedro Ruivo <pruivo@redhat.com>
Co-authored-by: Michal Hajas <mhajas@redhat.com>
Co-authored-by: Kamesh Akella <kakella@redhat.com>
Co-authored-by: Ryan Emerson <remerson@redhat.com>
Co-authored-by: Anna Manukyan <amanukya@redhat.com>
Co-authored-by: Thomas Darimont <thomas.darimont@googlemail.com>
Co-authored-by: Stian Thorgersen <stian@redhat.com>
Co-authored-by: Thomas Darimont <thomas.darimont@googlemail.com>
Co-authored-by: AndyMunro <amunro@redhat.com>
2023-11-23 12:27:47 +00:00
Martin Ledvinka
da260b386c
Fix incorrect preview feature reference (keycloak#24966).
...
Closes #24966 .
Signed-off-by: Martin Ledvinka <martin.ledvinka@fel.cvut.cz>
2023-11-23 12:48:00 +01:00
Jon Koops
e13d3264a2
Stop copying resources from Account v2 theme into 'common' ( #24929 )
...
Closes #24928
Signed-off-by: Jon Koops <jonkoops@gmail.com>
2023-11-22 17:03:52 +01:00
mposolda
87c45437a5
Release notes for max auth age password policy
...
Signed-off-by: mposolda <mposolda@gmail.com>
Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
2023-11-22 07:35:09 +01:00
Marek Posolda
765e4838e9
Remove OIDC and SAML adapters for Wildfly/EAP ZIP downloads. Update documentation. ( #24877 )
...
* Update EAP documentation for OIDC and SAML (#24734 )
Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
(cherry picked from commit d7f2ad747d90dd0475a016fcfd528fea4ebed043)
Signed-off-by: Stian Thorgersen <stianst@gmail.com>
* Remove OIDC and SAML adapters for Wildfly/EAP ZIP downloads. Update documentation.
Closes #24713
Signed-off-by: mposolda <mposolda@gmail.com>
Co-authored-by: Stian Thorgersen <stian@redhat.com>
---------
Signed-off-by: Stian Thorgersen <stianst@gmail.com>
Co-authored-by: Stian Thorgersen <stianst@gmail.com>
Co-authored-by: Stian Thorgersen <stian@redhat.com>
2023-11-21 14:22:00 +00:00
Václav Muzikář
15a83985b1
Implement load shedding
...
Closes #23340
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>
2023-11-21 13:43:09 +01:00
Tomas Ondrusko
8ac6120274
Social Identity Providers documentation adjustments ( #24840 )
...
Closes #24601
Signed-off-by: Tomas Ondrusko <tondrusk@redhat.com>
2023-11-20 22:26:11 +01:00
Thomas Darimont
d30d692335
Introduce MaxAuthAge Password policy ( #12943 )
...
This policy allows to specify the maximum age of an authentication
with which a password may be changed without re-authentication.
Defaults to 300 seconds (default taken from Constants.KC_ACTION_MAX_AGE) to remain backwards compatible.
A value of 0 will always require reauthentication to update the password.
Add documentation for MaxAuthAgePasswordPolicy to server_admin
Fixes #12943
Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>
2023-11-20 14:48:17 +01:00
Erik Jan de Wit
44a95c72f1
added namespace migration documentation ( #24497 )
...
fixes : #23061
Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
2023-11-20 14:11:38 +01:00
rmartinc
5fad76070a
Use LinkedIn instead of LinkedIn OpenID Connect for better UI experience
...
Closes https://github.com/keycloak/keycloak/issues/24659
Signed-off-by: rmartinc <rmartinc@redhat.com>
2023-11-16 18:22:16 +01:00
Tomas Ondrusko
fe48afc1dc
Update Social Identity Providers documentation ( #24601 )
...
Signed-off-by: Tomas Ondrusko <tondrusk@redhat.com>
2023-11-16 17:58:53 +01:00
andymunro
d4cee15c3a
Correct Securing Apps Guide ( #24730 )
...
* Correcting Securing Apps guide
Closes #24729
Signed-off-by: AndyMunro <amunro@redhat.com>
* Update docs/documentation/securing_apps/topics/saml/java/general-config/sp_role_mappings_provider_element.adoc
Co-authored-by: Stian Thorgersen <stian@redhat.com>
---------
Signed-off-by: AndyMunro <amunro@redhat.com>
Co-authored-by: Stian Thorgersen <stian@redhat.com>
2023-11-14 11:04:55 +01:00
AndyMunro
20f5edc708
Addressing Server Admin review comments
...
Closes #24643
Signed-off-by: AndyMunro <amunro@redhat.com>
2023-11-13 15:48:02 +01:00
Alexander Schwartz
1b12fe132b
Update documentation for removal of the map store
...
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Closes #24092
2023-11-13 15:38:05 +01:00
vramik
71b6757c2f
Remove quarkus options related to map store
...
Signed-off-by: vramik <vramik@redhat.com>
Closes #24098
2023-11-13 12:34:52 +01:00
Alexander Schwartz
8acb6c1845
Fix broken link to node.js and internal anchor
...
Closes #24699
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2023-11-13 12:20:54 +01:00
andymunro
bf17fcc0be
Fix broken links ( #24476 )
2023-11-13 09:17:34 +01:00
Stian Thorgersen
565bc7d664
Add attributes.adoc for guides to share common attributes ( #24519 )
2023-11-08 15:09:04 +01:00
mposolda
4ec85707f4
Upgrading notes for user profile
...
closes #24491
Signed-off-by: mposolda <mposolda@gmail.com>
Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
2023-11-06 02:19:26 -08:00
vramik
593c14cd26
Data too long for column 'DETAILS_JSON'
...
Closes #17258
2023-11-02 20:29:35 +01:00
AndyMunro
9ef9c944d0
Minor changes to documentation
...
Closes #24456
2023-11-01 22:14:11 +01:00
mposolda
70e820469a
Updating release notes for Keycloak 23 with some 'core features' improvements
...
closes #23971
Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
2023-11-01 17:39:02 +01:00
rokkiter
e1735138cb
clean util * ( #24174 )
...
Signed-off-by: rokkiter <yongen.pan@daocloud.io>
2023-11-01 17:14:11 +01:00
Ivan Atanasov
7b0683879d
Updated documentations to mention Resteasy reactive migration
...
Closes #23444
2023-10-31 20:59:12 +01:00
Justin Tay
3ff0476cc3
Allow customization of aud claim with JWT Authentication
...
Closes #21445
2023-10-31 11:33:47 -07:00
rmartinc
7deb4ca545
Group count and PartialExport permission fixes
...
Closes https://github.com/keycloak/keycloak/issues/12171
2023-10-31 01:40:21 -07:00
Jon Koops
5464205ab2
Cache Node.js installation and PNPM store
...
Closes #23695
2023-10-30 07:50:06 -04:00
Axel Bocciarelli
427f7230f3
Fix typo in available-endpoints.adoc ( #24378 )
2023-10-30 09:53:33 +00:00
rmartinc
ea398c21da
Add a property to the User Profile Email Validator for max length of the local part
...
Closes https://github.com/keycloak/keycloak/issues/24273
2023-10-27 15:09:42 +02:00
Hynek Mlnařík
3f55cd72d7
Docs: Fix account name
...
Closes : #24341
2023-10-27 09:32:27 +02:00
Alice
69497382d8
Group scalability upgrades ( #22700 )
...
closes #22372
Co-authored-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>
Co-authored-by: Michal Hajas <mhajas@redhat.com>
2023-10-26 16:50:45 +02:00
Thomas Darimont
d56baa80b3
Add support for passing acr_values in auth requests in keycloak.js ( #9383 ) ( #24259 )
...
Fixes #9383
2023-10-25 15:33:39 +02:00
Marek Posolda
1bd6aca629
Remove RegistrationProfile class and handle migration ( #24215 )
...
closes #24182
Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
2023-10-24 20:19:33 +02:00
Takashi Norimatsu
1c8cddf145
passkeys: documentation
...
closes #23660
2023-10-24 14:48:13 +02:00
Joshua Sorah
e889d0f12c
[docs] Update Docker Registry links to new locations. ( #24193 )
...
Closes keycloak/keycloak#24179
2023-10-23 08:27:36 +02:00
Alexander Schwartz
a3c29b8880
Tidy up documentation around Windows/Linux usage ( #23859 )
...
Closes #23856
2023-10-17 10:41:44 +02:00
Jon Koops
d32aac9dee
Remove unused GitHub workflow files from docs ( #24011 )
2023-10-16 13:15:43 +02:00
andymunro
6074cbf311
Limit Admin CLI windows support to upstream
...
Closes #23946
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
2023-10-13 12:08:11 +02:00
Steven Hawkins
478ceb0b34
modification of kc.sh to remove param eval ( #22585 )
...
* test
* modification of kc.sh to remove eval of env/args
Closes #22337
---------
Co-authored-by: rmartinc <rmartinc@redhat.com>
2023-10-12 17:10:53 +02:00
Yoshikazu Nojima
058d00fea8
Rewrite mention to add-user-keycloak since it was already removed
2023-10-05 16:56:31 -03:00
andymunro
1332e53a97
Code certain features as upstream only ( #23603 )
...
Closes #23581
2023-10-03 14:50:23 -04:00
Martin Bartoš
c9d93019c2
Remove deprecated auto-build CLI option ( #23361 )
...
Closes #23360
2023-09-27 18:56:38 +02:00
Marek Posolda
69466777c0
Clarify transient sessions documentation ( #23328 )
...
Closes #23044
Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
2023-09-27 15:14:52 +02:00
Joshua Sorah
778abf8597
Add references to OAuth 2.0 Security Best Practices for Implicit and
...
ROPC flow, reformat Device Auth section.
Apply suggestions from code review
Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
Closes keycloak/keycloak#23480
2023-09-27 11:43:57 +02:00
Steven Hawkins
7d1e9a783f
adds a default domain on openshift if one is not specified ( #23324 )
...
Closes #21741
2023-09-21 14:43:29 +02:00
Alexander Schwartz
5070f41007
Ignoring link for stackapps registration ( #23347 )
...
It now requires authentication.
Closes #23345
2023-09-21 12:44:45 +02:00
Alexander Schwartz
227b841c4a
Show images in the documentation in the IDE's preview ( #23055 )
...
Closes #23054
2023-09-19 11:28:48 +02:00
Alexander Schwartz
41fd12d20a
Prevent exception in the log ( #22201 )
...
Also speed up the external link check by avoiding checking each bug submission link in the rendered docs which only differs by its parameter.
Closes #22200
2023-09-19 11:04:01 +02:00
MorgeMoensch
95ecf446ca
Link to AdminGuide from REST-API Doc instead of just referencing it by text ( #23286 )
2023-09-15 14:43:29 +02:00
Martin Bartoš
3a3df50f74
Improve documentation about manual database migration ( #23247 )
...
Closes #23246
2023-09-15 10:41:33 +02:00
ImFlog
f4ec14c3fe
doc(js-providers): Add OIDC object mapper documentation
2023-09-14 11:42:06 -03:00
Andreas Blaettlinger
86c0e338d9
Toggle visibility of password input fields in login-ftl-based pages
...
Closes #22067
2023-09-14 08:04:35 -03:00
Stian Thorgersen
1194c2507d
Add 22.0.3 to release notes ( #23238 )
...
Closes #23235
2023-09-14 11:06:06 +02:00
Pedro Igor
5958c7948d
Ignore attributes when they are not prefixed with user.attributes prefix ( #23184 )
...
Co-authored-by: mposolda <mposolda@gmail.com>
Co-authored-by: stianst <stianst@gmail.com>
2023-09-14 10:35:47 +02:00
mposolda
b10da3d3b5
Move email validation change docs to migration guide of 22.0.4
...
closes #23177
2023-09-13 08:39:30 +02:00
Marek Posolda
56b94148a0
Remove bearer-only occurences in the documentation when possible. Mak… ( #23148 )
...
closes #23066
Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
2023-09-12 09:38:19 +02:00
mposolda
36dd9cb937
Move email validation change docs to migration guide of 22.0.3
...
closes #23124
2023-09-11 21:03:34 +02:00
Jon Koops
82bf84eb6b
Fix broken redirect in con-advanced-settings.adoc
...
Closes #23134
2023-09-11 11:46:54 +02:00
kaustubh-rh
62927433dc
Fix for Keycloak 22.0.1 unable to create user with long email address ( #23109 )
...
Closes #22825
2023-09-11 08:56:13 +02:00
rmartinc
7da52a43bd
Add old LinkedIn provider to the deprecated profile
...
Closes https://github.com/keycloak/keycloak/issues/23067
2023-09-08 10:05:17 +02:00
Christoph Schulz
51d19c505b
Add indent mentioned beforehand in Preface ( #23036 )
2023-09-07 08:14:23 +02:00
Martin Bartoš
6ca78b7554
Return Oracle JDBC driver to the upstream
...
Closes #22999
2023-09-06 19:11:29 +02:00
rmartinc
8887be7887
Add a new identity provider for LinkedIn based on OIDC
...
Closes https://github.com/keycloak/keycloak/issues/22383
2023-09-06 16:13:31 +02:00
Pedro Igor
13e5a02b9f
Role mappers must return a single value when they are not multivalued
...
Closes #20218
2023-08-31 19:16:12 +02:00
andymunro
228da84385
Blank Java section in Securing Apps
...
Closes #22800
2023-08-30 13:48:12 +02:00
mposolda
57e51e9dd4
Use an original domain name of Kerberos Principal in UserModel attribute instead of configured value of Kerberos realm in User federation
...
closes #20045
2023-08-30 13:24:48 +02:00
Marek Posolda
6f989fc132
Fallback to next LDAP/Kerberos provider when not able to find authenticated Kerberos principal ( #22531 )
...
closes #22352 #9422
2023-08-29 11:21:01 +00:00
Martin Bartoš
fcf65389ea
Remove Oracle Database JDBC driver from the Keycloak distribution ( #22577 )
...
* Remove Oracle Database JDBC driver from the Keycloak distribution
Closes #22452
* Remove profile for proprietary Oracle JDBC driver
---------
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
2023-08-21 15:13:49 +00:00
Marek Posolda
4900165691
Update docs/documentation/server_admin/topics/clients/oidc/con-advanced-settings.adoc
...
Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
2023-08-08 09:47:28 +02:00
mposolda
710f28ce9e
DPoP release notes and documentation polishing
...
closes #21922
2023-08-08 09:47:28 +02:00
Takashi Norimatsu
e46de8afeb
DPoP documentation
...
closes #21917
2023-08-04 09:24:21 +02:00
Marek Posolda
d954dfec5e
Release notes and documentation for FAPI 2 ( #22228 )
...
Closes #21945
Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
2023-08-04 08:21:27 +02:00
Peter Zaoral
c5d9e222db
Update OCP4 Social IdP example setup in the latest docs
...
* improved openshift.adoc
Closes #22159
Signed-off-by: Peter Zaoral <pzaoral@redhat.com>
2023-08-03 18:57:08 +02:00
rmartinc
05bac4ff0e
Remove option Nerver Expires for tokens in Advanced OIDC client configuration
...
Closes https://github.com/keycloak/keycloak/issues/21927
2023-08-03 12:16:08 +02:00
Alexander Schwartz
5c6df3d26e
Ignore new NodeJS redirect ( #22187 )
...
Closes #22186
2023-08-03 11:01:33 +02:00
Alexander Schwartz
748c53df7f
Use Java mechanisms to read language files and default to UTF-8 ( #21755 )
...
Closes #21753
2023-08-01 11:27:10 +02:00
aghArdeshir
e64269de70
Remove duplicated description of Scope in JavaScriptAdapter docs ( #22084 )
...
The first one had more information than the second one, so I removed the second one altogether
2023-07-31 08:23:41 +00:00
Alexander Schwartz
08dfdffbfb
Fixed updated links for freeipa ( #22040 )
...
Closes #22039
2023-07-28 07:31:03 +02:00
Vlasta Ramik
29b67fc8df
Inconsistent Wildcard handling for JPA ( #21671 )
...
* Inconsistent Wildcard handling for JPA
Closes #20610
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
2023-07-27 17:03:22 +02:00