Douglas Palmer
b0ef746f39
Permanently lock users out after X temporary lockouts during a brute force attack
...
Closes #26172
Signed-off-by: Douglas Palmer <dpalmer@redhat.com>
2024-02-22 09:34:51 +01:00
Takashi Norimatsu
9ea679ff35
Supporting OAuth 2.1 for confidential clients
...
closes #25314
Co-authored-by: shigeyuki kabano <shigeyuki.kabano.sj@hitachi.com>
Signed-off-by: Takashi Norimatsu <takashi.norimatsu.ws@hitachi.com>
2024-02-22 08:34:21 +01:00
Alexander Schwartz
25f2b52afd
Remove the preview note from Keycloak's HA guide
...
Closes #27084
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2024-02-21 19:59:15 +01:00
Jon Koops
89af9e3ffd
Write announcement and documentation for Account Console v3 ( #26318 )
...
Closes #26122
Signed-off-by: Jon Koops <jonkoops@gmail.com>
2024-02-21 13:42:33 -05:00
Alexander Schwartz
5f56a9b356
Keycloak users should not need to understand the depths of Quarkus configuration to implement Keycloak HA ( #27122 )
...
Closes #27121
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2024-02-21 13:49:14 +01:00
Alexander Schwartz
3b6886d970
Add warning about too long attribute values as it can exhaust caches ( #27126 )
...
Closes #27125
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2024-02-21 13:47:58 +01:00
Václav Muzikář
33425dacd9
Add proxy-headers
option to the Keycloak CR ( #27092 )
...
Closes #25179
Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>
2024-02-21 12:19:37 +01:00
Václav Muzikář
de60c9b469
Tweak the default memory request and limit in the Operator ( #27170 )
...
Closes #27169
Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>
2024-02-21 10:03:17 +01:00
Takashi Norimatsu
1bdbaa2ca5
Client policies: executor for validate and match a redirect URI
...
closes #25637
Signed-off-by: Takashi Norimatsu <takashi.norimatsu.ws@hitachi.com>
2024-02-20 08:37:33 +01:00
Joshua Sorah
018914d7fd
Change Open ID Connect to OpenID Connect in UI and docs
...
Closes #27093
Signed-off-by: Joshua Sorah <jsorah@redhat.com>
2024-02-19 17:01:57 +01:00
Václav Muzikář
fb49c21f90
Fix docs around --config-file
option ( #27129 )
...
Closes #22540
Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>
2024-02-19 15:13:09 +01:00
Takashi Norimatsu
849a920955
Rename Resident key to Discoverable Credential
...
closes #9508
Signed-off-by: Takashi Norimatsu <takashi.norimatsu.ws@hitachi.com>
2024-02-19 14:12:15 +01:00
Alexander Schwartz
5f797e3e71
Update Keycloak HA Guide new resource limit settings ( #27079 )
...
Closes #27078
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2024-02-19 10:41:49 +01:00
Alexander Schwartz
7135b4ec4c
Add Amazon Aurora PostgreSQL to the list of tested databases ( #27049 )
...
Closes #27048
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2024-02-19 09:16:49 +01:00
Marek Posolda
d8ab12eab7
Release notes for Keycloak 24 with OIDC contributions ( #27047 )
...
closes #25729
Signed-off-by: mposolda <mposolda@gmail.com>
Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
2024-02-16 08:34:20 +01:00
Vlasta Ramik
76453550a5
User attribute value length extension
...
Closes #9758
Signed-off-by: vramik <vramik@redhat.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Signed-off-by: Michal Hajas <mhajas@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Michal Hajas <mhajas@redhat.com>
2024-02-16 08:09:34 +01:00
Martin Bartoš
59007844d9
Supported option to specify resource management for pods in Keycloak CR ( #26661 )
...
Closes #26456
Signed-off-by: Martin Bartoš <mabartos@redhat.com>
2024-02-15 13:38:41 +01:00
rmartinc
4ff4c3f897
Increase internal algorithm security using HS512 and 128 byte hmac keys
...
Closes #13080
Signed-off-by: rmartinc <rmartinc@redhat.com>
2024-02-15 08:16:45 +01:00
Marek Posolda
16fca0118e
User profile - release notes and more migration instructions ( #27003 )
...
closes #26917
closes #26932
Signed-off-by: mposolda <mposolda@gmail.com>
Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>
Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
2024-02-15 08:14:16 +01:00
Marek Posolda
e2fb8406a3
Fixing the docs about default hashing iterations ( #27020 )
...
closes #26816
Signed-off-by: mposolda <mposolda@gmail.com>
Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
2024-02-15 08:11:44 +01:00
Joshua Sorah
b81233a4af
[docs] Align OAuth 2.0 Security Best Current Practice links ( #24706 )
...
Closes keycloak/keycloak#24705
Signed-off-by: Joshua Sorah <jsorah@gmail.com>
2024-02-13 13:53:56 +01:00
Michal Hajas
83f3e91e4f
Use http-pool-max-threads in HA guides
...
Closes #26849
Signed-off-by: Michal Hajas <mhajas@redhat.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
2024-02-13 10:01:59 +00:00
Pedro Igor
750bc2c09c
Reviewing references to user attribute management and UIs
...
Closes #26155
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
2024-02-12 16:01:34 +01:00
mposolda
7af753e166
Documentation for AIA
...
closes #25569
Signed-off-by: mposolda <mposolda@gmail.com>
Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
2024-02-12 09:42:34 +01:00
Thomas Darimont
93fc6a6c54
Shorter lifespan for offline session cache entries in memory
...
Closes #26810
Co-authored-by: Thomas Darimont <thomas.darimont@googlemail.com>
Co-authored-by: Martin Kanis <mkanis@redhat.com>
Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>
Signed-off-by: Martin Kanis <mkanis@redhat.com>
2024-02-09 19:44:04 +01:00
stianst
d2f74dd83d
Fix anchors in securing apps guide in prod profile
...
Closes #26853
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2024-02-09 12:31:30 +01:00
Pedro Igor
b91ad23b20
Update theme documentation about the considerations when deploying custom themes ( #26885 )
...
Related #23907
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
2024-02-09 04:21:54 +01:00
Steven Hawkins
77581d2527
fix: change from operator. to kc.operator. keys ( #26414 )
...
closes #12352
Signed-off-by: Steve Hawkins <shawkins@redhat.com>
2024-02-08 15:03:20 +01:00
Michal Hajas
de598577b1
Fix confusing SAML NameId mapper format tooltip
...
Closes #26051
Signed-off-by: Michal Hajas <mhajas@redhat.com>
Co-authored-by: Hynek Mlnařík <hmlnarik@users.noreply.github.com>
2024-02-08 11:21:11 +01:00
Stian Thorgersen
cd1e483134
Remove section on adding custom attributes with account v1 and custom themes ( #26858 )
...
Closes #26856
Signed-off-by: stianst <stianst@gmail.com>
2024-02-08 07:28:32 +01:00
Alexander Schwartz
786023fd06
Update HA guide about non-blocking probes ( #26783 )
...
Closes #26781
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2024-02-07 16:16:50 +01:00
Michael Schnitzler
fdfe41bdda
fix documentation for resetting OTP in "reset credentials" flow ( #26834 )
...
The former version stated that the "Reset OTP" step had to be disabled in the "reset credentials" authentication flow in order to keep the OTP unchanged. This leads to an error. More precisely, the "Reset - Conditional OTP" sub-flow has to be disabled.
Fixex #26834
Signed-off-by: Michael Schnitzler <schnitzler.michael+github@gmail.com>
2024-02-07 11:57:58 -03:00
Tero Saarni
ac1780a54f
Added event for temporary lockout for brute force protector ( #26630 )
...
This change adds event for brute force protector when user account is
temporarily disabled.
It also lowers the priority of free-text log for failed login attempts.
Signed-off-by: Tero Saarni <tero.saarni@est.tech>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
2024-02-07 14:13:33 +00:00
zak905
bcd423b270
rephrase sentence in changes-22_0_0.adoc for more clarity
...
Signed-off-by: zak905 <zakaria.amine88@gmail.com>
2024-02-07 09:32:43 -03:00
zak905
c7db7bd528
Update custom rest endpoint documentation and example
...
Add a mention about beans.xml and @Provider in the extending server documentation
Add beans.xml in the rest provider example
Add a mention about @Provider in the upgrading guides
Closes #25882
Signed-off-by: zak905 <zakaria.amine88@gmail.com>
Address suggested change for docs/documentation/server_development/topics/extensions.adoc
Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>
Address suggested change for docs/documentation/server_development/topics/extensions.adoc
Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>
Signed-off-by: zak905 <zakaria.amine88@gmail.com>
Address suggested change for docs/documentation/upgrading/topics/keycloak/changes-22_0_0.adoc
Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>
Signed-off-by: zak905 <zakaria.amine88@gmail.com>
2024-02-07 09:32:43 -03:00
mposolda
ab7426b857
User profile migration documentation for default validations and strange attributes
...
closes #26634
closes #25979
Signed-off-by: mposolda <mposolda@gmail.com>
Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
2024-02-06 16:48:03 -03:00
Alexander Schwartz
486b199548
Make label for Keycloak container images configurable
...
Closes #26819
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2024-02-06 16:16:00 +01:00
Stian Thorgersen
c4b1fd092a
Use code from RestEasy to create and set cookies ( #26558 )
...
Closes #26557
Signed-off-by: stianst <stianst@gmail.com>
2024-02-06 15:14:04 +01:00
Hynek Mlnarik
c866e8e6f9
Introduce index.ftl into base account theme
...
Fixes : #26487
Signed-off-by: Hynek Mlnarik <hmlnarik@redhat.com>
2024-02-06 14:29:07 +01:00
Alexander Schwartz
43c200a8ce
Update migration guide
...
Closes #26490
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2024-02-05 14:41:44 +01:00
Kamesh Akella
4459ed66ad
update cpu sizing based on the hashing changes
...
Closes #26490
Signed-off-by: Kamesh Akella <kamesh.asp@gmail.com>
2024-02-05 14:41:44 +01:00
Michal Hajas
80de12d59a
Update HA guides to use the new ISPN config options
...
Closes #26776
Signed-off-by: Michal Hajas <mhajas@redhat.com>
2024-02-05 11:40:08 +01:00
Pascal Paulis
2785bbd29b
added comment about MySQL Server parameter sql_generate_invisible_primary_key
...
Closes #23268
Signed-off-by: Pascal Paulis <ppaulis@gmail.com>
2024-02-05 10:36:31 +01:00
Pedro Igor
4338f44955
Reviewing the user profile documentation
...
Closes #26154
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
2024-02-02 17:14:51 +01:00
christian-2
e14b523a8d
Fixes typo in Server Administration guide ( #26543 )
...
Signed-off-by: Christian Hörtnagl <christian2@univie.ac.at>
2024-02-01 19:36:32 +01:00
mposolda
56a605fae7
Documentation for SuppressRefreshTokenRotationExecutor
...
closes #26587
Signed-off-by: mposolda <mposolda@gmail.com>
Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
2024-02-01 17:18:50 +01:00
Martin Bartoš
14d97ca9ea
Update Maven dependency versions for docs
...
Update Maven Wrapper version
Closes #26689
Fixes #26686
Signed-off-by: Martin Bartoš <mabartos@redhat.com>
2024-02-01 13:42:25 +01:00
Pedro Igor
3a7ce54266
Allow formating numbers when rendering attributes
...
Closes keycloak#26320
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
2024-02-01 08:14:58 -03:00
Martin Kanis
a3fcacdab7
Map Store Removal: deprecate model legacy module
...
Closes #26598
Signed-off-by: Martin Kanis <mkanis@redhat.com>
2024-01-31 17:40:45 +01:00
Steven Hawkins
66e45a335e
doc: noting the formats apply to spi options as well ( #26648 )
...
closes : #26468
Signed-off-by: Steve Hawkins <shawkins@redhat.com>
2024-01-31 16:09:47 +00:00