upstream/keycloak
1
0
Fork 0
mirror of https://github.com/keycloak/keycloak.git synced 2026-04-22 06:37:15 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 15
30289 commits 30 branches 304 tags 878 MiB
Commit graph

64 commits

Author SHA1 Message Date
Giuseppe Graziano
ebfc294c85
Executor for client uris pattern validation (#46300)
Some checks failed
Weblate Sync / Trigger Weblate to pull the latest changes (push) Has been cancelled
Details 
Closes #45645

Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>
 2026-02-24 16:26:00 +01:00
Pedro Igor
3e3a7befd1
Initial code for SCIM core and testsuite (#45978) 
Closes #45712

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2026-02-23 18:22:25 +01:00
Peter Skopek
248c635fda Rename Docker Registry to Distribution Registry 
Closes #45163

Signed-off-by: Peter Skopek <peter.skopek@ibm.com>
 2026-02-20 13:57:30 +01:00
Giuseppe Graziano
d6f07f27ec
User validation in JWT Authorization Grant (#46149) 
Closes #46144

Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>
 2026-02-10 13:09:05 +00:00
Giuseppe Graziano
6fd372cbe6
Doc for JWT auth grant with Google (#45895) 
Closes #45654


Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>
 2026-02-10 13:07:37 +01:00
Giuseppe Graziano
d95f456b4f Inaccuracy in the client registration guide 
Closes #45738

Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>
 2026-02-09 09:19:15 +01:00
rmartinc
69fabcf902 Documentation changes to deprecate Token Exchange V1 
Closes #45792

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2026-02-05 17:32:04 +01:00
rmartinc
c63f54ba3a Client policy executor to allow extra audiences for JWT authorization grant 
Closes #45180

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2026-02-03 13:39:31 +01:00
rmartinc
50366f03a6 Documentation for Authorization Chaining Across Domains 
Closes #45466

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2026-01-22 16:33:27 +01:00
Alexander Schwartz
5724ae1534
Updating specifications list to show DPoP as supported 
Closes #45584

Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>
 2026-01-20 09:35:26 +01:00
rmartinc
07b9b9656b Allow client_id as an audience in the JWT Authorization Grant and Client Assertions 
Closes #45178

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2026-01-16 15:48:28 +01:00
Giuseppe Graziano
23aad2a942
DPoP Guide (#45274) 
Closes #42747

Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>
 2026-01-13 11:01:28 +01:00
Takashi Norimatsu
ce67ec0d22
MCP Documentation for 26.5 (#44572) 
closes #44571

Signed-off-by: Takashi Norimatsu <takashi.norimatsu.ws@hitachi.com>
Co-authored-by: Alexander Schwartz <alexander.schwartz@ibm.com>
 2025-12-18 13:49:16 +01:00
Giuseppe Graziano
790fb557db
Limit access Token expiration for jwt authorization grant (#44775) 
Closes #43972


Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>
 2025-12-18 09:21:29 +01:00
Giuseppe Graziano
c0c4067bdd JWT Authorization Grant feature to preview 
Closes #44492

Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>
 2025-12-11 10:37:30 +01:00
rmartinc
c9686cc040 Documentation for JWT Authorization Grant 
Closes #44136

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2025-12-09 12:13:21 +01:00
Alexander Schwartz
15a9a36569
Align formatting of referenced RFCs 
Closes #44246

Signed-off-by: Alexander Schwartz <alexander.schwartz@gmx.net>
Co-authored-by: Stian Thorgersen <stian@redhat.com>
 2025-11-17 21:30:13 +01:00
Ricardo Martin
de49500393
Client policy to enforce only downscoping in Token Exchange (#44030) 
Closes #43931

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2025-11-12 08:48:42 +01:00
Stian Thorgersen
be6a3814fb
Add CORS support to OIDC dynamic client registration endpoints (#43625) 
Closes #8863

Signed-off-by: stianst <stianst@gmail.com>
 2025-10-30 12:12:08 +01:00
Peter Zaoral
f65adbf628
win-fix: correct hostname normalization condition for loopback addresses (#43634) 
Closes: #42794

Signed-off-by: Peter Zaoral <pzaoral@redhat.com>
Co-authored-by: Steven Hawkins <shawkins@redhat.com>
 2025-10-30 08:49:45 +01:00
Marek Posolda
5693899246
Picture of the token-exchange flow in the documentation 
closes #39881

Signed-off-by: mposolda <mposolda@gmail.com>
Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>
Co-authored-by: Alexander Schwartz <alexander.schwartz@ibm.com>
 2025-10-29 10:38:37 +00:00
Martin Bartoš
37bea126c7
[PERF] Jackson reflection-free serialization/deserialization (#42946) 
* [PERF] Jackson reflection-free serialization/deserialization

Closes #42945

Signed-off-by: Martin Bartoš <mabartos@redhat.com>

* Update docs/guides/server/configuration-production.adoc

Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net>
Signed-off-by: Martin Bartoš <mabartos@redhat.com>

* Docs improvements

Signed-off-by: Martin Bartoš <mabartos@redhat.com>

* Update docs/guides/server/configuration-production.adoc

Co-authored-by: Václav Muzikář <vaclav@muzikari.cz>
Signed-off-by: Martin Bartoš <mabartos@redhat.com>

* Polish the features template macros

Signed-off-by: Martin Bartoš <mabartos@redhat.com>

---------

Signed-off-by: Martin Bartoš <mabartos@redhat.com>
Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net>
Co-authored-by: Václav Muzikář <vaclav@muzikari.cz>
 2025-10-17 20:24:47 +02:00
Martin Bartoš
b807a45091
Divide logging guide to sub-guides for every log handler (#43132) 
* Divide logging guide to sub-guides for every log handler

Closes #43125

Signed-off-by: Martin Bartoš <mabartos@redhat.com>

* Ability to set level offset to guides, remove emojis

Signed-off-by: Martin Bartoš <mabartos@redhat.com>

* Add all relevant options to the logging guide

Signed-off-by: Martin Bartoš <mabartos@redhat.com>

* Update docs/guides/server/logging/file.adoc

Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
Signed-off-by: Martin Bartoš <mabartos@redhat.com>

* Update docs/guides/server/logging/syslog.adoc

Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
Signed-off-by: Martin Bartoš <mabartos@redhat.com>

* Update docs/guides/server/logging/syslog.adoc

Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
Signed-off-by: Martin Bartoš <mabartos@redhat.com>

* Update docs/guides/server/logging/syslog.adoc

Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
Signed-off-by: Martin Bartoš <mabartos@redhat.com>

* Update docs/guides/server/logging/syslog.adoc

Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
Signed-off-by: Martin Bartoš <mabartos@redhat.com>

* Update docs/guides/server/logging/console.adoc

Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
Signed-off-by: Martin Bartoš <mabartos@redhat.com>

* Update docs/guides/server/logging/console.adoc

Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
Signed-off-by: Martin Bartoš <mabartos@redhat.com>

* Improve link to other section

Signed-off-by: Martin Bartoš <mabartos@redhat.com>

---------

Signed-off-by: Martin Bartoš <mabartos@redhat.com>
Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
 2025-10-17 16:37:48 +02:00
Takashi Norimatsu
1649f8c847
Follow-up: FAPI 2.0 Message Signing final version support - updating the link to the final spec 
closes #42499

Signed-off-by: Takashi Norimatsu <takashi.norimatsu.ws@hitachi.com>
 2025-09-29 08:52:27 +02:00
Marek Posolda
d9d19791a4
Clarifying OIDC logout documentation. Removing obsolete unused docs p… (#42636) 
closes #41792


Signed-off-by: mposolda <mposolda@gmail.com>
Signed-off-by: Marek Posolda <mposolda@gmail.com>
Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
 2025-09-16 17:37:42 +02:00
Takashi Norimatsu
91fa1fe6b1 FAPI 2.0 Message Signing Final - Documentation 
closes #41313

Signed-off-by: Takashi Norimatsu <takashi.norimatsu.ws@hitachi.com>
 2025-09-10 09:32:23 +02:00
Takashi Norimatsu
d740c0f3db FAPI 2.0 Security Profile Final - Add FAPI 2.0 Final security profile as default profile of client policies 
closes #41120

Signed-off-by: Takashi Norimatsu <takashi.norimatsu.ws@hitachi.com>
 2025-09-08 17:23:53 +02:00
Alexander Schwartz
78dce37197 Update documentation after changes to RFC8414 handling 
Closes #42323

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2025-09-05 10:28:32 -03:00
Alexander Schwartz
c2515bbb88
Fixing typo and formatting 
Closes #41620

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Signed-off-by: Alexander Schwartz <alexander.schwartz@gmx.net>
Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
 2025-08-11 08:26:10 +02:00
Ryan Emerson
907ee2e4e2
High-availability guide restructuring 
* Refactor high-availability guide to include both single and multi cluster architectures

Closes #30095
Closes #41585

Signed-off-by: Ryan Emerson <remerson@ibm.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Signed-off-by: Alexander Schwartz <alexander.schwartz@gmx.net>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net>
 2025-08-06 18:38:37 +00:00
Ricardo Martin
f45280a65d
Add a securing-apps guide with the specifications implemented by keycloak 
Closes #41176

Signed-off-by: rmartinc <rmartinc@redhat.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
 2025-08-01 09:28:37 +00:00
Takashi Norimatsu
cb4e06b6f8 FAPI 2.0 Security Profile Final - Documentation 
closes #41121

Signed-off-by: Takashi Norimatsu <takashi.norimatsu.ws@hitachi.com>
 2025-08-01 09:24:30 +02:00
Thomas Darimont
0ae49b96c3
Fix link to client-registration in docs 
Fixes #40444

Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>
 2025-06-13 20:59:46 +02:00
Thomas Darimont
a89be114e9
Add link to OIDC discovery specification to the docs. 
Fixes #40440

Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>
 2025-06-12 11:35:44 +02:00
Niko Köbler
2e7a88f052
update links to OAuth 2.1 draft spec and change link from BCP to RFC9700 
closes #40419

Signed-off-by: Niko Köbler <niko@n-k.de>
 2025-06-11 18:48:43 +02:00
mposolda
fe2790a09d Fix documentation link to quickstarts to point to 'main' branch instead of 'latest' branch 
closes #39798

Signed-off-by: mposolda <mposolda@gmail.com>
 2025-05-19 10:32:06 +02:00
andymunro
0b3de6ee6c
Fix link to FGAP v1 
Closes #39541

Signed-off-by: AndyMunro <amunro@redhat.com>
 2025-05-08 09:00:40 +02:00
andymunro
75557bc312
Adjust introductory sentences 
Closes #39008

Signed-off-by: AndyMunro <amunro@redhat.com>
 2025-04-25 09:18:04 +02:00
Nicola Baiocco
34630a4176
fix(docs): correct typo in token exchange guide 
Fixed a typo in the example token exchange request section by replacing "folowing" with "following." This improves the clarity and professionalism of the documentation.

Closes #38976

Signed-off-by: Nicola Baiocco <nicola.baiocco@intesys.it>
 2025-04-15 22:34:02 +02:00
Marek Posolda
f984644d07
Clarify in documentation that legacy token exchange requires FGAP:v1 (#38694) 
closes #38693

Signed-off-by: mposolda <mposolda@gmail.com>


Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net>
Signed-off-by: Marek Posolda <mposolda@gmail.com>
 2025-04-07 08:27:56 +02:00
juantoser
e180a00229 Comma removed 
The comma after “OpenID Connect” is not necessary. The phrase “OAuth2, OpenID Connect, and SAML compliant server” is listing three related terms, and the conjunction “and” already makes the separation clear.

Signed-off-by: juantoser <136793699+juantoser@users.noreply.github.com>
 2025-03-25 15:57:47 +01:00
Marek Posolda
290905c9cf
Documentation for supported token-exchange (#38008) 
closes #37126

Signed-off-by: Marek Posolda <mposolda@gmail.com>


Co-authored-by: Bruno Oliveira da Silva <bruno@abstractj.com>
Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
 2025-03-14 09:55:44 +01:00
Giuseppe Graziano
356449bc49
Remove keycloak.js adapter doc (#37527) 
Closes #36659

Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>
 2025-02-20 17:11:23 +01:00
Giuseppe Graziano
7896af5827
Remove Node.js adapter documentation (#36573) 
closes #36440

Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>
 2025-01-28 12:23:17 +01:00
Jan Verhaeghe
56246096e0
Align on one realm-name placeholder 
Closes #36047

Signed-off-by: Jan Verhaeghe <jan@hwfaq.be>
 2024-12-19 13:48:18 +00:00
Alexander Schwartz
25e4995eb7 Fixing explicit Anchor for downstream 
Closes #34634

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2024-11-04 18:27:46 +01:00
Alexander Schwartz
373656593d Fixing cross-references between guides 
Closes #34624

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2024-11-04 16:11:08 +01:00
mposolda
d80cb010ff Make documentation more clear that keycloak javascript adapter and node.js adapter are OIDC 
closes #34570

Signed-off-by: mposolda <mposolda@gmail.com>
 2024-11-04 08:44:46 +01:00
Alexander Schwartz
6efeb0ad37 Fixing link to external docs 
Closes #33991

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2024-10-17 18:23:40 -03:00
mposolda
5218af1e79 Minor tweaks in SAML documentation 
closes #33426

Signed-off-by: mposolda <mposolda@gmail.com>
 2024-10-01 12:48:45 +02:00