1 Release published by 1 person

• 25.0.1

  published Jun 20, 2024

91 Pull requests merged by 29 people

• Use provided scope for maven-plugin dependencies

  #30760 merged Jun 27, 2024

• Bump mocha from 10.5.1 to 10.5.2

  #30845 merged Jun 27, 2024

• Print keycloak's server response

  #30720 merged Jun 26, 2024

• Removing chrome-install dependency from GH actions, and Chrome and Firefox webdriver system property from CI worflow.

  #30820 merged Jun 26, 2024

• Conditionally show Client Offline Session Max

  #30802 merged Jun 26, 2024

• Use the Keycloak server URL for common resources (#30823)

  #30827 merged Jun 26, 2024

• Use the Keycloak server URL for common resources (#30823)

  #30825 merged Jun 26, 2024

• New operator failing on health checks

  #30830 merged Jun 26, 2024

• Describe mTLS overrides for the management interface

  #30814 merged Jun 26, 2024

• New operator failing on health checks

  #30709 merged Jun 26, 2024

• Use the Keycloak server URL for common resources

  #30823 merged Jun 26, 2024

• messages: Correct {Client,Realm} Role prefix description to make sense

  #30277 merged Jun 26, 2024

• Add availability for features and make kerberos use it

  #30790 merged Jun 26, 2024

• Restored multivalued switch on create attribute

  #30811 merged Jun 26, 2024

• Backport to restore multivalued switch on create attribute

  #30813 merged Jun 26, 2024

• rename 'realm name' field to 'realm ID' on create-realm page

  #28106 merged Jun 26, 2024

• Revoked token cache expiration fix (22.0)

  #30584 merged Jun 26, 2024

• Describe mTLS overrides for the management interface

  #30735 merged Jun 26, 2024

• Re-augment at start after a previous dev mode

  #30461 merged Jun 26, 2024

• Bump @types/node from 20.14.8 to 20.14.9

  #30776 merged Jun 26, 2024

• Bump mocha from 10.5.0 to 10.5.1

  #30775 merged Jun 26, 2024

• Support for service accounts when fetch roles is enabled

  #30687 merged Jun 25, 2024

• Double Form Submit in Admin UI loading to error messages

  #30438 merged Jun 25, 2024

• Backport to fix the refreshing of translations on the user details tab

  #30522 merged Jun 25, 2024

• Broken external links

  #30762 merged Jun 25, 2024

• Broken external links

  #30763 merged Jun 25, 2024

• Broken external links

  #30764 merged Jun 25, 2024

• fix: add proxy env propagation

  #30741 merged Jun 25, 2024

• ui: make Scope Details page's Description a textarea, like Roles'

  #30273 merged Jun 25, 2024

• Fix current page highlight in Account UI sidebar navigation (#30403)

  #30409 merged Jun 25, 2024

• docs: remove reference to features-disabled=default (#30612)

  #30740 merged Jun 25, 2024

• docs: remove reference to features-disabled=default (#30612)

  #30739 merged Jun 25, 2024

• Check if OSGI metadata can be removed entirely

  #30666 merged Jun 25, 2024

• Replace `js-sha256` dependency with `@noble/hashes` in Keycloak JS

  #30667 merged Jun 25, 2024

• Backport to fix username display in the users dropdown on create/edit…

  #30737 merged Jun 25, 2024

• added label to option

  #30649 merged Jun 25, 2024

• docs: remove reference to features-disabled=default

  #30612 merged Jun 25, 2024

• Upgrade bc-fips to 1.0.2.5

  #30700 merged Jun 25, 2024

• Fix usage of management port in the documentation

  #30732 merged Jun 25, 2024

• Fixed username display in the users dropdown on create/edit user policy

  #30701 merged Jun 25, 2024

• Translations update from Hosted Weblate

  #30633 merged Jun 25, 2024

• Fix typo in importExport.adoc

  #30731 merged Jun 25, 2024

• Broken external links

  #30718 merged Jun 25, 2024

• Bump react-router-dom from 6.23.1 to 6.24.0

  #30723 merged Jun 25, 2024

• Bump @testing-library/dom from 10.1.0 to 10.2.0

  #30721 merged Jun 25, 2024

• Bump @playwright/test from 1.44.1 to 1.45.0

  #30722 merged Jun 25, 2024

• Bump typescript-eslint from 7.13.1 to 7.14.1

  #30724 merged Jun 25, 2024

• Bump mocha from 10.4.0 to 10.5.0

  #30725 merged Jun 25, 2024

• Remove Edge from supported web drivers

  #30423 merged Jun 24, 2024

• Backport to add missing help messages on tokens tab

  #30691 merged Jun 24, 2024

• Backport to add missing help messages on tokens tab

  #30690 merged Jun 24, 2024

• Remove Safari from supported web drivers

  #30424 merged Jun 24, 2024

• Remove Appium from supported web drivers

  #30483 merged Jun 24, 2024

• Added missing help text on tokens tab

  #30686 merged Jun 24, 2024

• Bump @types/node from 20.14.7 to 20.14.8

  #30675 merged Jun 24, 2024

• Bump @types/mocha from 10.0.6 to 10.0.7

  #30676 merged Jun 24, 2024

• Backport fixed tooltip message in LdapMapperDetails

  #30562 merged Jun 24, 2024

• Removed jakarta transformation modules from saml adapters

  #30651 merged Jun 24, 2024

• VC issuance in Authz Code flow with considering scope parameter

  #30361 merged Jun 24, 2024

• made realm the namespace so we can change the bundle

  #30239 merged Jun 24, 2024

• fix(operator): Use the new image to actually perform a database migration

  #30450 merged Jun 21, 2024

• Fix Keycloak.v2 login theme

  #30656 merged Jun 21, 2024

• Fix usage of management port in the documentation

  #30653 merged Jun 21, 2024

• fix select dropdown value

  #30435 merged Jun 21, 2024

• Use a default Java version from root POM

  #29927 merged Jun 21, 2024

• Implement a basic PoC of an injectable WebDriver

  #30378 merged Jun 21, 2024

• Explicitly configure publication for NPM packages

  #30289 merged Jun 21, 2024

• small fix for library mode

  #30645 merged Jun 21, 2024

• added missing consent text

  #30493 merged Jun 21, 2024

• Flow steps back when changing locale or refreshing page on 'Try anoth…

  #30644 merged Jun 21, 2024

• Add briefRepresentation query parameter to getUsersInRole endpoint

  #30622 merged Jun 21, 2024

• Revoked token cache expiration fix (24.0)

  #30583 merged Jun 21, 2024

• client-jwt authentication fails on Token Introspection Endpoint

  #30600 merged Jun 21, 2024

• Removing SAML adapters (zip) distribution

  #30605 merged Jun 21, 2024

• Bump @types/node from 20.14.6 to 20.14.7

  #30638 merged Jun 21, 2024

• Make sure not possible to import jakarta classes in admin-client-jee

  #30624 merged Jun 21, 2024

• Bump typescript from 5.4.5 to 5.5.2

  #30640 merged Jun 21, 2024

• Bump @octokit/rest from 20.1.1 to 21.0.0

  #30639 merged Jun 21, 2024

• Bump monaco-editor from 0.49.0 to 0.50.0

  #30637 merged Jun 21, 2024

• Bump @types/uuid from 9.0.8 to 10.0.0

  #30636 merged Jun 21, 2024

• Bump reactflow from 11.11.3 to 11.11.4

  #30635 merged Jun 21, 2024

• Don't check docs in upstream as this is a release branch

  #30620 merged Jun 21, 2024

• Don't check docs in upstream as this is a release branch

  #30626 merged Jun 21, 2024

• Cleanup dependencies of keycloak-client-registration-api to not have …

  #30630 merged Jun 20, 2024

• Adding an alias to organization and exposing orgs to templates

  #30314 merged Jun 20, 2024

• Fix invalid parameter for Spanish translation (for Keycloak 25 patch release)

  #30628 merged Jun 20, 2024

• Remove AUTO_SERVER H2 default JDBC property

  #30561 merged Jun 20, 2024

• Remove AUTO_SERVER H2 default JDBC property

  #30560 merged Jun 20, 2024

• Support unmanaged attributes for service accounts and make sure they are only managed through the admin api

  #30578 merged Jun 20, 2024

• use clientId instead of id to save client

  #30523 merged Jun 20, 2024

• Fix invalid parameter '{3h}' to '{3}' for spanish translation

  #30593 merged Jun 20, 2024

24 Pull requests opened by 17 people

• Backport small fix to npm package (#30365)

  #30646 opened Jun 21, 2024

• don't show if there is a displayName set

  #30647 opened Jun 21, 2024

• changed `X` to link to organization

  #30648 opened Jun 21, 2024

• reset form instead of adding to it

  #30650 opened Jun 21, 2024

• also translate the message

  #30654 opened Jun 21, 2024

• removed use of alpine.js due to tests

  #30659 opened Jun 21, 2024

• Use regular CREATE TABLE instead of CREATE TEMPORARY

  #30669 opened Jun 22, 2024

• This fix allows the LDAP connection pool parameters - maxsize, prefsize, initsize - to be configured using JVM arguments.

  #30679 opened Jun 24, 2024

• Issue 30525

  #30692 opened Jun 24, 2024

• Avoid race condition when using initial-access-token

  #30698 opened Jun 24, 2024

• Prevent removing flow that used by client flow overrides

  #30708 opened Jun 24, 2024

• Show full error details in admin and account consoles

  #30710 opened Jun 24, 2024

• draft of operator bootstrap admin handling

  #30711 opened Jun 24, 2024

• Add event for ClientScope created

  #30715 opened Jun 24, 2024

• Map groups to UserRepresentation

  #30736 opened Jun 25, 2024

• Allow requests from local IPv6 addresses

  #30751 opened Jun 25, 2024

• Fallback to no override flow when missing in client override

  #30766 opened Jun 25, 2024

• Display disabled information from user in group assignment

  #30784 opened Jun 26, 2024

• Backport to add support for service accounts when fetch roles is enabled

  #30786 opened Jun 26, 2024

• Add support for managing SSH keys from Keycloak account console

  #30793 opened Jun 26, 2024

• Use the Keycloak server URL for common resources (#30823)

  #30826 opened Jun 26, 2024

• Allow FGA with view-clients to see client roles

  #30834 opened Jun 26, 2024

• Incorrect order when instantiate ClientRemovedEvent

  #30841 opened Jun 26, 2024

• Conditionally show Client Offline Session Max

  #30854 opened Jun 27, 2024

88 Issues closed by 28 people

• Use correct scope within maven-plugin

  #30542 closed Jun 27, 2024

• Add Count Users by Role Name

  #30850 closed Jun 27, 2024

• Add Group Support Mapper for User Attributes

  #30851 closed Jun 27, 2024

• Support More Complex Expression in `UserResource.searchByAttributes`

  #30849 closed Jun 27, 2024

• Users.searchByEmail result does not include realmRoles

  #30852 closed Jun 27, 2024

• Some groups not displayed in realm admin console (fine grained permissions)

  #28209 closed Jun 27, 2024

• Groups not listed properly with "Fine grained permission" enabled

  #28270 closed Jun 27, 2024

• Print keycloak's server response when using keycloak-admin-client

  #30829 closed Jun 26, 2024

• Improve CLOMonitor Score + consider a public meeting to help grow community

  #30833 closed Jun 26, 2024

• Error [ERR_REQUIRE_ESM]

  #30836 closed Jun 26, 2024

• Importing realms with existing organizations

  #30824 closed Jun 26, 2024

• Remove chrome-install dependency from GH actions, and Chrome and Firefox webdriver system property from CI worflow.

  #30408 closed Jun 26, 2024

• "Client Offline Session Max" no longer available

  #30521 closed Jun 26, 2024

• New operator failing on health checks

  #30355 closed Jun 26, 2024

• Account UI resources try to load from admin path instead of frontend path

  #30541 closed Jun 26, 2024

• Cannot explicitly disable KERBEROS feature

  #30730 closed Jun 26, 2024

• Remove of Multivalued Attribute due to - Adding translations when a new attribute is created

  #30712 closed Jun 26, 2024

• Rename "Realm name" field to "Realm ID" field in realm creation screen

  #23496 closed Jun 26, 2024

• Do not inherit 'https-client-auth' property for the management interface

  #30094 closed Jun 26, 2024

• Keycloak does not sign SAML logout responses

  #30680 closed Jun 26, 2024

• The `start` command should automatically re-build when previous run was `start-dev`

  #30460 closed Jun 26, 2024

• Can we cleanup SAML adapters more?

  #29922 closed Jun 26, 2024

• Token-Exchange no longer supporting scope parameter in Keycloak versions 24+

  #30704 closed Jun 26, 2024

• Cannot conditionally create user in First login flow

  #30503 closed Jun 26, 2024

• Update MS SQL DB Driver Version in non-Docker Keycloak

  #11813 closed Jun 26, 2024

• NPE on External OIDC to Internal Token Exchange when Transient Users feature is enabled

  #28241 closed Jun 26, 2024

• Failed to evaluate permissions when fetchRoles is enabled on role policies

  #30444 closed Jun 25, 2024

• Double form submit in Admin UI possible leading to error mesages

  #20371 closed Jun 25, 2024

• "Session not bound to a realm" when updating User in `KeycloakModelUtils.runJobInTransaction`

  #30664 closed Jun 25, 2024

• Keycloak 24 identity broker ignores custom callback endpoints

  #30309 closed Jun 25, 2024

• Check if OSGI metadata can be removed entirely

  #29104 closed Jun 25, 2024

• update or replace base64-js and js-sha256

  #15769 closed Jun 25, 2024

• Keycloak Helm 21.4.4 not running successfully behind `path: /keycloak` in `values.yaml`

  #30693 closed Jun 25, 2024

• Cross-origin realm requests?

  #30713 closed Jun 25, 2024

• 401 Unauthorized response for loadUserProfile() in js-adapter after upgrade from 11.0.2

  #9204 closed Jun 25, 2024

• After migrating from 24 to 25, the signature algorithms names do not display in drop down menu

  #30552 closed Jun 25, 2024

• Keycloak 25.0.0 does not import client secrets on initial startup

  #30543 closed Jun 25, 2024

• bug: disabling all default features no longer works

  #29761 closed Jun 25, 2024

• Automatic update of bcfips versions in the docs

  #27884 closed Jun 25, 2024

• Upgrade to bc-fips 1.0.2.5

  #26568 closed Jun 25, 2024

• User policy -> select user shows user id instead of user name.

  #30662 closed Jun 25, 2024

• Broken external links

  #30717 closed Jun 25, 2024

• Client my-client has browser flow override, but this flow does not exist

  #20193 closed Jun 25, 2024

• Admin UI stuck in loading screen when changing proxy settings to forwarded header

  #29734 closed Jun 24, 2024

• Integration test suite - remove Selenium browser dependencies: Opera, Safari, IE, Edge and Appium

  #29921 closed Jun 24, 2024

• CVE-2024-30171 - org.bouncycastle:bctls-fips

  #30340 closed Jun 24, 2024

• Invalid redirect URI error when trying to allow redirect URI with random query parameter

  #30695 closed Jun 24, 2024

• Stabilize WebAuthn tests

  #27164 closed Jun 24, 2024

• Unstable WebAuthn tests with Firefox in GHA

  #20777 closed Jun 24, 2024

• ConcurrentModificationException in HashMap.compute() via RealmAdapter.getComponentsStream() while creating users concurrently via kcadm.sh

  #30627 closed Jun 24, 2024

• Admin console dev mode broken for non-master realms

  #30660 closed Jun 24, 2024

• Missing help text on tokens tab

  #28489 closed Jun 24, 2024

• Want resource URIs data in token api in Keycloak using User Access Token

  #30674 closed Jun 24, 2024

• Unable to Start keycloak-24.0.5 in DEV Mode With Openjdk 17.0.11

  #30249 closed Jun 24, 2024

• Customising Management interface path fails

  #30665 closed Jun 24, 2024

• Possibly memory leak during client token introspection

  #30285 closed Jun 24, 2024

• Move the SAML adapter to jakarta and remove old javax integration

  #30556 closed Jun 24, 2024

• VC issuance in Authz Code flow with considering “scope” parameter

  #29725 closed Jun 24, 2024

• User Profile attributes/groups in Admin UI are not translated using Localization for non-master realm when signed in the master realm

  #29566 closed Jun 24, 2024

• CVE-2024-29857 - org.bouncycastle:bc-fips

  #30341 closed Jun 24, 2024

• When we create a roll, the previous page does not go and we have to do it manually.

  #30563 closed Jun 24, 2024

• calling users.update({...}) talks to the wrong url

  #30661 closed Jun 21, 2024

• LDAP Group Mapper throws exception when admin event logging is enabled

  #29947 closed Jun 21, 2024

• Migration stuck if versions incompatible

  #30449 closed Jun 21, 2024

• CVE-2024-5203 - Cross-Site Request Forgery (CSRF) in org.keycloak:keycloak-services

  #30390 closed Jun 21, 2024

• Default server port is used instead of the management interface port in the guide about running Keycloak in a container

  #30652 closed Jun 21, 2024

• If docs/building.md is serious about the Java version requirement, set it as `<maven.compiler.*>` to not allow lower ones

  #30275 closed Jun 21, 2024

• Testsuite PoC - Basic injection of Selenium WebDriver

  #30376 closed Jun 21, 2024

• Built-in scopes are not translated in the account console "applications" tab

  #30425 closed Jun 21, 2024

• Flow steps back when changing locale or refreshing page on "Try another way page"

  #30520 closed Jun 21, 2024

• GET users endpoint is making lots of requests to the database

  #29480 closed Jun 21, 2024

• invalid signature key on standard flow callback with response_mode=query.jwt

  #30642 closed Jun 21, 2024

• client-jwt authentication fails on Token Introspection Endpoint

  #30599 closed Jun 21, 2024

• Remove the distribution zip sub-projects for SAML

  #30555 closed Jun 21, 2024

• Make sure not possible to import jakarta classes in admin-client-jee

  #30623 closed Jun 21, 2024

• External link check fails on KC22/KC24 release branch

  #30619 closed Jun 21, 2024

• CVE-2024-5967 - Unprotected Transport of Credentials in org.keycloak:keycloak-core

  #30594 closed Jun 21, 2024

• CVE-2024-5967 - Unprotected Transport of Credentials in org.keycloak:keycloak-ldap-federation

  #30595 closed Jun 21, 2024

• Auth fetch failed

  #30587 closed Jun 20, 2024

• keycloak admin: username field with edit option missing when NO english as supported language added.

  #30019 closed Jun 20, 2024

• Cleanup dependencies of keycloak-client-registration-api to not have dependency on server

  #30629 closed Jun 20, 2024

• Add an alias to organization

  #30312 closed Jun 20, 2024

• Expose organization to theme templates

  #30313 closed Jun 20, 2024

• Testsuite PoC - JUnit5 Test Suite Framework

  #30036 closed Jun 20, 2024

• Client Roles are not shown when clientId property is set

  #30436 closed Jun 20, 2024

• Dependency cleanup related issues

  #21356 closed Jun 20, 2024

• Invalid character in spanish translation file for Identity Provider Link Template

  #30591 closed Jun 20, 2024

• The "update-email" feature updates the email in the user profile, but users can still log in with the old email

  #29962 closed Jun 20, 2024

79 Issues opened by 41 people

• Keycloak 25.0.0 in Docker using --proxy-headers=xforwarded: Failed to parse a port from "forwarded"-type headers

  #30853 opened Jun 27, 2024

• Version 22.0.4 of the component_config table contains insecure private keys, secrets, certificates, and other information

  #30846 opened Jun 27, 2024

• Incorrect order when instantiate ClientRemovedEvent

  #30840 opened Jun 26, 2024

• Cannot find requested client with clientId

  #30837 opened Jun 26, 2024

• Organization API not available from OpenAPI documentation

  #30832 opened Jun 26, 2024

• Registering user fails using LDAP Federation

  #30831 opened Jun 26, 2024

• Add basic smoke tests for Admin and Account consoles when running behind a proxy

  #30828 opened Jun 26, 2024

• Testing connection to ldap on the settings page does not work in 25.0.1

  #30821 opened Jun 26, 2024

• Nightly builds of keycloak-client repository

  #30819 opened Jun 26, 2024

• Backwards compatibility of keycloak-admin-client

  #30818 opened Jun 26, 2024

• Setup GH actions for the testing of pull requests and nightly builds

  #30817 opened Jun 26, 2024

• Docs: server_development/topics/themes.adoc

  #30816 opened Jun 26, 2024

• Documentation for the client-libraries

  #30815 opened Jun 26, 2024

• Move SAML adapter from keycloak to keycloak-client repository

  #30809 opened Jun 26, 2024

• Sync OIDC client registration from keycloak repository

  #30808 opened Jun 26, 2024

• Sync or move policy-enforcer from keycloak repository to keycloak-client repository

  #30807 opened Jun 26, 2024

• Testing of keycloak-authz-client in keycloak-client repository

  #30806 opened Jun 26, 2024

• Sync keycloak-authz-client from keycloak repository

  #30805 opened Jun 26, 2024

• Testing of the admin-client modules in keycloak-client repository

  #30804 opened Jun 26, 2024

• Being able to release the artifacts from keycloak-client repository

  #30803 opened Jun 26, 2024

• Sync keycloak-admin-client and keycloak-admin-client-jee from keycloak repository

  #30800 opened Jun 26, 2024

• Mechanism to sync Java classes from keycloak to keycloak-client

  #30799 opened Jun 26, 2024

• Move some server related logic from info representation classes to server codebase

  #30798 opened Jun 26, 2024

• Add suffix to keycloak-admin-client artifacts in keycloak repository

  #30796 opened Jun 26, 2024

• Initiate create events if ClientScopes are created

  #30795 opened Jun 26, 2024

• Filtering by Client ID in the "User Client Role" mapper does not work anymore

  #30794 opened Jun 26, 2024

• Failures on Social Login Tests

  #30792 opened Jun 26, 2024

• Add support for managing SSH keys from Keycloak account console

  #30791 opened Jun 26, 2024

• Move keycloak client libs into separate repository

  #30787 opened Jun 26, 2024

• UMA 2.0 RPT introspection does not provide the "permission" field

  #30781 opened Jun 26, 2024

• UMA 2.0 RPT introspection does not accept PAT

  #30780 opened Jun 26, 2024

• UMA 2.0 RPT Request should be authenticated using the client credentials (not the RqP's OIDC access token)

  #30779 opened Jun 26, 2024

• Invalid UMA 2.0 claim_token_format value for ID token in the documentation

  #30778 opened Jun 26, 2024

• Upgrading to version 25 stop respecting config and prevents start

  #30777 opened Jun 26, 2024

• Rendering of granted client scopes in User Consents view broken in Admin UI

  #30772 opened Jun 25, 2024

• Make sure organization checks on users only happen when the user is a member of an organization

  #30769 opened Jun 25, 2024

• fallback to the no override flow when the flow is missing in client override

  #30765 opened Jun 25, 2024

• Protobuf deserialization has a default of an empty String

  #30761 opened Jun 25, 2024

• Weborigins for SAML clients

  #30759 opened Jun 25, 2024

• Docs: server_admin/topics/login-settings/acr-to-loa-mapping.adoc

  #30758 opened Jun 25, 2024

• Can not import another template that is outside current directory

  #30752 opened Jun 25, 2024

• Support for members joining multiple organizations

  #30747 opened Jun 25, 2024

• Allow auto-redirect existing users federated from organization broker when using the username

  #30746 opened Jun 25, 2024

• Only enforce email domain when they are set to a broker when the user is federated for the very first time

  #30745 opened Jun 25, 2024

• If the user is federated before the broker is associated with an organization this user is not a managed user

  #30744 opened Jun 25, 2024

• Make sure users created through a registration link are managed members

  #30743 opened Jun 25, 2024

• Keycloak with quarkus: Response has already been written

  #30738 opened Jun 25, 2024

• Logs are getting written to keycloak.log.1 instead of keycloak.log file

  #30728 opened Jun 25, 2024

• prevent removing the flow when used by client flow overrides

  #30707 opened Jun 24, 2024

• Internal error occurs for the removed flow which override by the client

  #30706 opened Jun 24, 2024

• Full details of errors not shown in admin and account console

  #30705 opened Jun 24, 2024

• Recovery codes missing from account console

  #30703 opened Jun 24, 2024

• Recovery codes documentation missing

  #30702 opened Jun 24, 2024

• Newly created roles cant be selected to assign to a user

  #30697 opened Jun 24, 2024

• Authorization using decision response_mode giving incorrect data

  #30694 opened Jun 24, 2024

• FGA Requirements Draft

  #30685 opened Jun 24, 2024

• Commit proto.lock files to branch on release

  #30684 opened Jun 24, 2024

• Infinite loader on the admin console for non-admin users

  #30683 opened Jun 24, 2024

• Group assignment: Display disabled information from user

  #30682 opened Jun 24, 2024

• Groups: Move users & roles to other groups with multi select

  #30681 opened Jun 24, 2024

• Require SSL mode "External requests" does not work with IPv6 local addresses

  #30678 opened Jun 24, 2024

• LDAP connection pool params(maxsize, initsize, prefsize) picked up from backend ComponentModel and are not visible in Keycloak admin console

  #30677 opened Jun 24, 2024

• Sending Mail via SMTP fails, because of "Caused by: jakarta.mail.MessagingException: 501 Syntax: HELO <hostname>"

  #30673 opened Jun 23, 2024

• m.filter is not a function

  #30670 opened Jun 22, 2024

• A theme called `custom` is displayed as `Custom Attribute...` in the admin console

  #30663 opened Jun 21, 2024

• Remove or deprecate old KEYCLOAK admin properties

  #30658 opened Jun 21, 2024

• Flaky test: org.keycloak.testsuite.broker.KcSamlBrokerTest#testPostBrokerLoginFlowWithOTP_bruteForceEnabled

  #30641 opened Jun 21, 2024

• Redundant REST requests when rendering the Groups Admin UI

  #30634 opened Jun 20, 2024

• JSON error when browsing through sessions

  #30632 opened Jun 20, 2024

• Upgrade to 25 throws: Statement violates GTID consistency

  #30631 opened Jun 20, 2024

• Testsuite PoC - Support for functional tests with access to KeycloakSession and providers

  #30617 opened Jun 20, 2024

• Testsuite PoC - Add database suppliers

  #30616 opened Jun 20, 2024

• token exchange: exchange-sequence fails with Client session for client 'client-exchanger' not present in user session

  #30614 opened Jun 20, 2024

• Testsuite PoC - Injection framework should support multiple instances configured differently

  #30613 opened Jun 20, 2024

• Testsuite PoC - Injection framework should pass class type to suppliers

  #30611 opened Jun 20, 2024

• Testsuite PoC - Support configurable lifecycle for injected entities

  #30610 opened Jun 20, 2024

• Testsuite PoC - Ability to select supplier for a given type

  #30609 opened Jun 20, 2024

• Testsuite PoC - Configuration when running tests

  #30608 opened Jun 20, 2024

• Network response was not OK.

  #30604 opened Jun 20, 2024

105 Unresolved conversations

Sometimes conversations happen on old items that aren’t yet closed. Here is a list of all the Issues and Pull Requests with unresolved conversations.

• Flaky test: org.keycloak.testsuite.oauth.TokenIntrospectionTest#testUnsupportedToken

  #30111 commented on Jun 27, 2024 • 232 new comments

• Flaky test: org.keycloak.testsuite.organization.exportimport.OrganizationExportTest#testExport

  #30598 commented on Jun 27, 2024 • 104 new comments

• Flaky test: org.keycloak.testsuite.broker.KcOidcBrokerTest#testPostBrokerLoginFlowWithOTP_bruteForceEnabled

  #30188 commented on Jun 26, 2024 • 44 new comments

• Filtering organization groups when managing or processing groups

  #30590 commented on Jun 26, 2024 • 16 new comments

• fix: adds affinity and other scheduling to the operator

  #29977 commented on Jun 26, 2024 • 7 new comments

• Switch login theme to keycloak v2

  #30319 commented on Jun 21, 2024 • 6 new comments

• Patch KC proposal for issue 30453 : always set the event type in resetCredentialsGET method

  #30455 commented on Jun 21, 2024 • 5 new comments

• Keycloak Organizations

  #30180 commented on Jun 25, 2024 • 4 new comments

• Keycloak Organizations as a supported feature

  #30229 commented on Jun 25, 2024 • 4 new comments

• startup, welcome, and cli handling of bootstrap-admin user

  #30054 commented on Jun 27, 2024 • 4 new comments

• add index for user_id and type on event_entity

  #26999 commented on Jun 26, 2024 • 4 new comments

• Build of 24.0.4 fails on NFS when deleting lib/quarkus

  #29758 commented on Jun 26, 2024 • 3 new comments

• Added suffix to keycloak-admin-client artifacts in keycloak repository

  #30588 commented on Jun 27, 2024 • 3 new comments

• Document how to specify CPU and memory limits/requests for the Operator

  #27432 commented on Jun 24, 2024 • 3 new comments

• Flaky test: org.keycloak.testsuite.oidc.AuthenticationMethodReferenceTest#testAmrPastMaxAge

  #26117 commented on Jun 21, 2024 • 3 new comments

• All user attributes readonly in admin ui and admin API after setting edit mode of one user federation to READ_ONLY

  #30476 commented on Jun 25, 2024 • 3 new comments

• Fix scope policy evaluation for client to client token exchange (#26435)

  #26617 commented on Jun 25, 2024 • 2 new comments

• Handle proxy related env vars in the Operator

  #30165 commented on Jun 25, 2024 • 2 new comments

• Certificates do not conform to algorithm constraints

  #30164 commented on Jun 21, 2024 • 2 new comments

• Remove effective roles filtering to avoid inconsistency

  #28099 commented on Jun 21, 2024 • 2 new comments

• Flaky test: org.keycloak.testsuite.x509.X509BrowserCRLTest#loginSuccessWithCRLSignedWithIntermediateCA3FromTruststore

  #25204 commented on Jun 25, 2024 • 2 new comments

• Ensure consent is granted before token-exchange

  #26908 commented on Jun 26, 2024 • 2 new comments

• OIDC: Backchannel logout not being called when using Sign out all Session in Keycloak

  #27342 commented on Jun 24, 2024 • 2 new comments

• Attempting to launch Keycloak under a certian URL route with Nginx results in "Timeout when waiting for 3rd party check iframe message"

  #29843 commented on Jun 25, 2024 • 2 new comments

• Refresh not possible after `SSO Session Idle` timeout, even with constant refreshes

  #30452 commented on Jun 21, 2024 • 2 new comments

• Protect the disabling of the main keycloak account

  #30267 commented on Jun 24, 2024 • 2 new comments

• Disable Infinispan build step if infinispan connection provider is disabled (#26081)

  #26422 commented on Jun 24, 2024 • 2 new comments

• private AuthzClient.createPatSupplier

  #29986 commented on Jun 26, 2024 • 2 new comments

• Password history policy - add time based policy

  #30215 commented on Jun 26, 2024 • 2 new comments

• "User Profile" attributes not available for Users Attribute search and Attribute selection, if no view or manage realm realm-management role added

  #27536 commented on Jun 26, 2024 • 2 new comments

• Flaky test: org.keycloak.testsuite.admin.concurrency.ConcurrencyTest#createClient

  #29290 commented on Jun 24, 2024 • 2 new comments

• fix: admin cli client should set the content when performing a merge

  #30539 commented on Jun 27, 2024 • 2 new comments

• Client roles won't open (Forbidden) with Fine Grained Permission (without view-clients realm-management role)

  #28633 commented on Jun 26, 2024 • 2 new comments

• Keycloak does not work with Docker read_only: true

  #11286 commented on Jun 25, 2024 • 1 new comment

• Trusted Device two factor authenticator

  #8742 commented on Jun 25, 2024 • 1 new comment

• [PLACEHOLDER] Add realms/users/clients CRDs

  #13566 commented on Jun 20, 2024 • 1 new comment

• Provide Content Security Policy to prevent embedding of iframes on unauhorized origins

  #29782 commented on Jun 25, 2024 • 1 new comment

• Regression in "Groups" label / title localization

  #27472 commented on Jun 25, 2024 • 1 new comment

• Flaky test: org.keycloak.testsuite.x509.X509BrowserCRLTest#loginFailedWithIntermediateRevocationListFromFile

  #25674 commented on Jun 25, 2024 • 1 new comment

• Review Content Security Policy (CSP)

  #16277 commented on Jun 25, 2024 • 1 new comment

• [KEYCLOAK-17418] Should role attributes be made available as user attributes?

  #10002 commented on Jun 25, 2024 • 1 new comment

• Step-up authentication for SAML clients

  #10155 commented on Jun 25, 2024 • 1 new comment

• User Session Count Limiter bypassed when user has actions

  #16663 commented on Jun 26, 2024 • 1 new comment

• Use current flow instead of browser to get highest LoA from prev auth

  #19310 commented on Jun 21, 2024 • 1 new comment

• Implement forced password change for LDAP federated user (password policy control)

  #15253 commented on Jun 26, 2024 • 1 new comment

• Add conditional http request header to close #14604

  #14605 commented on Jun 21, 2024 • 1 new comment

• Flaky test: org.keycloak.testsuite.forms.RecoveryAuthnCodesAuthenticatorTest#test03AuthenticateRecoveryAuthnCodes

  #26176 commented on Jun 26, 2024 • 1 new comment

• Returning a token for a master admin account does not scale when there are many realms

  #26883 commented on Jun 26, 2024 • 1 new comment

• Server crash when using kc.sh with -Dkeycloak.profile=experimental

  #30454 commented on Jun 20, 2024 • 1 new comment

• Extend JS Policy Evaluation with subset of KeycloakSession

  #29651 commented on Jun 20, 2024 • 1 new comment

• changed to use adminUrl instead

  #30441 commented on Jun 25, 2024 • 1 new comment

• Renew web session on password update to improve security posture

  #20957 commented on Jun 20, 2024 • 1 new comment

• Add configuration to allow only one active password reset link at a time

  #21348 commented on Jun 20, 2024 • 1 new comment

• Flaky test: org.keycloak.testsuite.x509.X509BrowserLoginTest#loginWithRevalidateCertEnabledCertIsTrusted

  #25444 commented on Jun 20, 2024 • 1 new comment

• Added protection on disabling admin master of realm.

  #30279 commented on Jun 24, 2024 • 1 new comment

• make admin-ui build as a library

  #30268 commented on Jun 21, 2024 • 1 new comment

• Implement DPoP for all grantTypes

  #29967 commented on Jun 21, 2024 • 1 new comment

• Keycloak Randomly Crashing in Docker Swarm with SocketTimeoutException and Blocked Threads in Infinispan Operations

  #30585 commented on Jun 21, 2024 • 1 new comment

• Add information about token expiry to events

  #28312 commented on Jun 26, 2024 • 1 new comment

• Event type not set in reset-credential flow under some conditions resulting in an error page

  #30453 commented on Jun 21, 2024 • 1 new comment

• Authentication Flow Condition : request attributes

  #30573 commented on Jun 21, 2024 • 1 new comment

• Authentication Flow Condition : evaluate ACR before authentication

  #30572 commented on Jun 21, 2024 • 1 new comment

• User profile validation pattern error-message not rendered from messages_en.properties

  #29098 commented on Jun 21, 2024 • 1 new comment

• Encrypt network communication in JGroups follow-up

  #26311 commented on Jun 21, 2024 • 1 new comment

• [UI] group selection does not update attribute tab

  #30550 commented on Jun 21, 2024 • 1 new comment

• External IDP tokens are not refreshed automatically

  #14644 commented on Jun 21, 2024 • 1 new comment

• Delete group in LDAP when LDAP_ONLY is selected

  #29099 commented on Jun 21, 2024 • 1 new comment

• TrustedHostClientRegistrationPolicyTest#testGithubDomain failing in clean checkout

  #29271 commented on Jun 24, 2024 • 1 new comment

• Refresh periodic syncs when changing the LDAP connection settings

  #27554 commented on Jun 24, 2024 • 1 new comment

• Use of insecure crypto in keycloak should require voluntary flag enablement.

  #29690 commented on Jun 25, 2024 • 1 new comment

• Automatically disable dormant users.

  #11800 commented on Jun 24, 2024 • 1 new comment

• Mass User Actions and Default List Size

  #17738 commented on Jun 24, 2024 • 1 new comment

• Removal of X-XSS-Protection header

  #21728 commented on Jun 24, 2024 • 1 new comment

• realm import: error if ldap groupmapper has a group path set

  #10730 commented on Jun 24, 2024 • 1 new comment

• Flaky test: org.keycloak.testsuite.model.user.UserModelTest#testAddRemoveUsersInTheSameGroupConcurrent

  #30264 commented on Jun 27, 2024 • 0 new comments

• Add default CPU limit/request for the operator

  #30601 commented on Jun 20, 2024 • 0 new comments

• Add ECDH-ES JWE Algorithm Provider

  #23928 commented on Jun 25, 2024 • 0 new comments

• Add generated ECDH key provider

  #23598 commented on Jun 24, 2024 • 0 new comments

• Fix deprecations in common module (#22209)

  #22210 commented on Jun 25, 2024 • 0 new comments

• Testsuite PoC - Distribution server supplier

  #29702 commented on Jun 20, 2024 • 0 new comments

• Testsuite PoC - Injectable page objects

  #30097 commented on Jun 20, 2024 • 0 new comments

• Testsuite PoC - Add Chrome web driver supplier

  #30377 commented on Jun 20, 2024 • 0 new comments

• Document admin bootstrapping and recovery

  #30011 commented on Jun 20, 2024 • 0 new comments

• Warnings for temporary admin user and service account

  #30009 commented on Jun 20, 2024 • 0 new comments

• Potential race condition via initial-access-token count limit bypass

  #27294 commented on Jun 20, 2024 • 0 new comments

• Linked organization in identity provider page is confusing

  #30567 commented on Jun 20, 2024 • 0 new comments

• CVE-2024-5203 - Cross-Site Request Forgery (CSRF) in org.keycloak:keycloak-server-spi-private

  #30389 commented on Jun 21, 2024 • 0 new comments

• Check for 999.0.0 in MIGRATION_MODEL breaks Keycloak instances without documented workaround

  #30364 commented on Jun 21, 2024 • 0 new comments

• Infinispan Timeouts with 24.0.5 when logging into Admin Console

  #30260 commented on Jun 21, 2024 • 0 new comments

• Docs: server_development/topics/admin-rest-api.adoc

  #30255 commented on Jun 21, 2024 • 0 new comments

• KC operator HA via having > 1 pod

  #30005 commented on Jun 21, 2024 • 0 new comments

• MULTIVALUED_LIST_TYPE not working for client mappers

  #26794 commented on Jun 21, 2024 • 0 new comments

• Localization prevents update of user-profile attributes

  #30582 commented on Jun 21, 2024 • 0 new comments

• Switch login theme to keycloak.v2: Stabilize testsuite after the switch

  #29009 commented on Jun 21, 2024 • 0 new comments

• Enhanced Bootstrapping and Recovering Admin Access

  #9829 commented on Jun 21, 2024 • 0 new comments

• Scalability of Identity Providers

  #30084 commented on Jun 21, 2024 • 0 new comments

• "Failed to replace entity" with external Infinispan cluster when upgrading to `24.0.5`

  #30451 commented on Jun 24, 2024 • 0 new comments

• Keycloak in docker network returns a 500 when requesting open id configuration within docker network

  #15794 commented on Jun 25, 2024 • 0 new comments

• Enhancements to logging config

  #10618 commented on Jun 25, 2024 • 0 new comments

• "Invalid Username" when "Email as Username" is used and the email contains special characters

  #25339 commented on Jun 25, 2024 • 0 new comments

• Scalability of Groups

  #30085 commented on Jun 25, 2024 • 0 new comments

• Check if preview feature "Recovery codes" can be supported by default

  #16740 commented on Jun 26, 2024 • 0 new comments

• Identity-first login flow should be followed by asking for the user credentials rather than allowing providing the username again

  #30339 commented on Jun 26, 2024 • 0 new comments

• New Admin UI does not send e-mails if account-client is disabled

  #17857 commented on Jun 26, 2024 • 0 new comments

• Flaky test: org.keycloak.testsuite.model.user.UserModelTest#testAddRemoveUserConcurrent

  #30236 commented on Jun 27, 2024 • 0 new comments