keycloak-scim/docs/documentation/upgrading/topics/keycloak/changes-21_1_0.adoc
Stian Thorgersen feb20de2ef
Update release notes for 21.1 (#19718)
* Update release notes for 21.1

* Update docs/documentation/release_notes/topics/21_1_0.adoc

Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>

* Update docs/documentation/upgrading/topics/keycloak/changes-21_1_0.adoc

Co-authored-by: Jon Koops <jonkoops@gmail.com>

* Update docs/documentation/release_notes/topics/21_1_0.adoc

Co-authored-by: Jon Koops <jonkoops@gmail.com>

* Update docs/documentation/upgrading/topics/keycloak/changes-21_1_0.adoc

Co-authored-by: Jon Koops <jonkoops@gmail.com>

---------

Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>
Co-authored-by: Jon Koops <jonkoops@gmail.com>
2023-04-14 16:04:44 +02:00

34 lines
1.9 KiB
Text

= Javascript engine available by default on the classpath
In the previous version, when Keycloak was used on Java 17 with Javascript providers (Script authenticator, Javascript authorization policy or Script protocol mappers for OIDC and SAML clients),
it was needed to copy javascript engine to the distribution. This is no longer needed as Nashorn javascript engine is available in Keycloak server by default. When you deploy script providers,
it is recommended to not copy the nashorn script engine and it's dependencies into the Keycloak distribution.
= Change of the default Client ID mapper of Service Account Client
Default `Client ID` mapper of `Service Account Client` has been changed. `Token Claim Name` field value has been changed from `clientId` to `client_id`.
`client_id` claim is compliant with OAuth2 specifications:
- https://datatracker.ietf.org/doc/html/rfc9068#section-2.2[JSON Web Token (JWT) Profile for OAuth 2.0 Access Tokens]
- https://www.rfc-editor.org/rfc/rfc7662#section-2.2[OAuth 2.0 Token Introspection]
- https://datatracker.ietf.org/doc/html/rfc8693#section-4.3[OAuth 2.0 Token Exchange]
`clientId` userSession note still exists.
= Keycloak JS adapter must be instanciated with the `new` operator
Historically it has been possible to create an instance of the Keycloak JS adapter by calling the `Keycloak()` function directly:
[source,javascript]
----
const keycloak = Keycloak();
----
To align this with modern conventions in the JavaScript world it has been possible to use the https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Operators/new[`new` operator] to create an instance instead:
[source,javascript]
----
const keycloak = new Keycloak();
----
The function-style constructor has been deprecated for a while, but starting this version we will actively log a deprecation message when it used. This style of constructor will be removed in a future version so make sure to migrate your code to use the `new` operator.