Releases: stianst/keycloak
Releases · stianst/keycloak
Test
Upgrading
Before upgrading refer to the migration guide for a complete list of changes.
All resolved issues
New features
- #23155 [WebAuthn] origin validation not support for non-Web platforms
core
Enhancements
- #505 Quickstarts - Wildfly upgrade and README cleanup
quickstarts
- #9318 User profile configuration API is incorrectly typed
docs
- #10128 Improve failed test behaviour
operator
- #10620 Internationalized Domain Names in email address
user-profile
- #10713 Update the server to use RESTEasy Reactive
- #11668 Declarative User Profile: weird behaviour in Account Management Console
user-profile
- #12406 Remove "You are already logged-in" during authentication
authentication
- #14009 CreatedTimestamp on REST import not used
- #14165 Cannot refresh RPT tokens
authorization-services
- #14400 Add proxy options to Keycloak CR
operator
- #15018 Enhancements around proxy and hostname configuration
- #15072 Allow setting a help text to an attribute
user-profile
- #15109 Refactor patch-sources.sh used by the Operator
operator
- #17258 Data too long for column 'DETAILS_JSON'
storage
- #20343 message bundles are not included in the realm export
import-export
- #20584 FAPI 2.0 security profile - supporting RFC 9207 OAuth 2.0 Authorization Server Issuer Identification
- #20695 Add support for single-tenant in Microsoft Identity Provider
- #20794 Can we simplify TokenManager.getRefreshExpiration() and TokenManager.getOfflineExpiration()?
oidc
- #20884 [Admin Console v2] Policy creation at Permissions screen missing
admin/ui
- #21073 Identity providers: pagination in admin REST API
- #21154 Allow existing mappers for Custom Identity Providers
identity-brokering
- #21181 Add FAPI 2.0 security profile as default profile of client policies
- #21182 Enhancing Pluggable Features of Token Manager
- #21183 More flexibility for Introspection endpoint
oidc
- #21200 DPoP support 1st phase
- #21444 Set `client_id` when using `private_key_jwt` with OIDC IdP
identity-brokering
- #21945 Release notes for FAPI 2
- #22034 Keycloak, javascript lib to not use the escape() function
adapter/javascript
- #22215 DPoP verification in UserInfo endpoint
oidc
- #22318 Allow overriding Account Console resources for full control and backwards compatibility
- #22372 Expand Group providers to allow for paginated lookup of subgroups
storage
- #22725 Do not initialize barrier build items for deployment
dist/quarkus
- #22868 Clarification on the tooltip of option "Validate Password Policy" of LDAP provider
admin/ui
- #23194 Add regex support in 'Condition - User attribute' execution
authentication
- #23527 Better usability when disabling user profile and loosing the previous cofiguration
user-profile
- #23891 Add feature flag for OAuth 2.0 device authorization grant flow
oidc
- #24024 User profile tweaks in registration forms
user-profile
- #24072 Lots of parameters related to identity brokering uses `providerId` when they expect `providerAlias`
identity-brokering
- #24273 Add a property to the User Profile Email Validator for max length of the local part
user-profile
- #24278 Transient users: documentation
core
- #24387 Move some UserProfile and Validation classes into keycloak-server-spi
user-profile
- #24494 Transient users: Consents
core
- #24535 Moving UPConfig and related classes from keycloak-services
user-profile
Bugs
- #468 Cant build it
quickstarts
- #8939 PAR fails to authenticate for public client
oidc
- #9004 Access Token claims not imported using OpenID Connect v1.0 Identity Provider Attribute Importer Mappers
oidc
- #10710 Rollup.js complains about the use of eval in one of keycloak.js's dependencies
adapter/javascript
- #11699 Under heavy load, DefaultBruteForceProtector blocks the whole system
authentication
- #12062 Declarative User Profile export
user-profile
- #12171 Inconsistent authorization behavior when exporting data from a realm
authorization-services
- #14134 [keycloak 18] cannot import users with correct ID in partial import
admin/api
- #16379 Inconsistent handling of parenthesis in auth flow name
admin/api
- #16526 Token introspection response does not follow RFC6479 "scope" parameter format
oidc
- #19093 The create new user page requires the admin user to be given the "Manage-Realm" role in order to see the user profile attributes in the create new user page
admin/api
- #19125 kcadm do not update defaultGroups
docs
- #19154 Non working API docs link
docs
- #19555 When update-email feature is enabled, changing emails two times in a row causes unintuitive behaviour
authentication
- #20135 Searching for multiple types in the Events section gives an error
admin/client-js
- #20218 Role mappers must return a single value when they are not multivalued
oidc
- #20316 Email pattern is not compliant
account/api