-
Notifications
You must be signed in to change notification settings - Fork 7.4k
Insights: keycloak/keycloak
Overview
Could not load contribution data
Please try again later
262 Pull requests merged by 49 people
-
[OID4VCI] Move realm attributes to clientScope and protocol-mappers
#39768 merged
Jul 10, 2025 -
Remove /etc/system-fips file before executing fips-mode-setup (26.2)
#41063 merged
Jul 10, 2025 -
fix: restricting lookup of existing resources to current owner
#40985 merged
Jul 10, 2025 -
Remove /etc/system-fips file before executing fips-mode-setup (26.3)
#41056 merged
Jul 10, 2025 -
Improve logging for client sessions load
#41040 merged
Jul 10, 2025 -
Remove /etc/system-fips file before executing fips-mode-setup
#41039 merged
Jul 10, 2025 -
Run clustering compatibility tests on release/x.y branches
#40991 merged
Jul 9, 2025 -
Make UPDATE_EMAIL a supported feature
#40273 merged
Jul 9, 2025 -
Generate a UUID to be the JTI instead of reusing the nonce.
#40007 merged
Jul 9, 2025 -
Fix NPE when accessing group concurrently
#41020 merged
Jul 9, 2025 -
Fix NPE when accessing group concurrently
#41021 merged
Jul 9, 2025 -
[OID4VCI] : Update Credential Issuer Metadata Model for OID4VCI Draft-15
#40749 merged
Jul 9, 2025 -
BUGFIX: session limit exceeded for both client & realm
#38017 merged
Jul 9, 2025 -
Changing default passwordless webauthn policy to follow recommended values in the documentation
#40820 merged
Jul 9, 2025 -
Set client in the session context for logout token encode
#41004 merged
Jul 9, 2025 -
Do not add steps if feature disabled in default flows
#40964 merged
Jul 9, 2025 -
Bump @types/node from 24.0.10 to 24.0.12 in /js
#41016 merged
Jul 9, 2025 -
Fix NPE when accessing group concurrently
#40940 merged
Jul 8, 2025 -
[OID4VCI]: Add a unique notification_id generation to OID4VCIssuerEndpoint used in CredentialResponse.
#40229 merged
Jul 8, 2025 -
Rework floating promises to avoid concurrency side effects
#40740 merged
Jul 8, 2025 -
Bump vite from 7.0.0 to 7.0.2 in /js
#40953 merged
Jul 8, 2025 -
Bump i18next from 25.3.0 to 25.3.1 in /js
#40950 merged
Jul 8, 2025 -
Bump rollup from 4.44.1 to 4.44.2 in /js
#40951 merged
Jul 8, 2025 -
Bump react-hook-form from 7.59.0 to 7.60.0 in /js
#40952 merged
Jul 8, 2025 -
Bump typescript-eslint from 8.35.1 to 8.36.0 in /js
#40986 merged
Jul 8, 2025 -
Bump vite-plugin-checker from 0.9.3 to 0.10.0 in /js
#40987 merged
Jul 8, 2025 -
Make passkeys feature dependent on web_authn
#40976 merged
Jul 8, 2025 -
Update MAINTAINERS.md
#40800 merged
Jul 8, 2025 -
39546/remove kubernetes stack workarounds 26.2
#40972 merged
Jul 8, 2025 -
Translations update from Hosted Weblate
#40979 merged
Jul 8, 2025 -
Update documentation when no rolling update is performed
#40974 merged
Jul 8, 2025 -
LDAP group mapper skips configured filter and imports all groups with…
#40982 merged
Jul 7, 2025 -
Run clustering compatibility tests on release/x.y branches
#40971 merged
Jul 7, 2025 -
UserSession Offline removed from DB if not in cache
#40831 merged
Jul 7, 2025 -
Fix typo in consent scope
#40787 merged
Jul 7, 2025 -
fix: streamlining the client scope update
#40808 merged
Jul 7, 2025 -
Update documentation when no rolling update is performed
#40963 merged
Jul 7, 2025 -
fix: correcting to use the X-Forwarded-Proto header
#40905 merged
Jul 7, 2025 -
fix: correcting spi-theme options
#40968 merged
Jul 7, 2025 -
fix: reducing memory footprint for cached entries
#40807 merged
Jul 7, 2025 -
Use MgmtPermissionsV2 by default
#40835 merged
Jul 7, 2025 -
fix: correcting spi-theme options
#40966 merged
Jul 7, 2025 -
[OID4VCI] Remove interval property from Credential Offer
#40412 merged
Jul 7, 2025 -
[OID4VCI] Always Return Array for Credential Responses
#40409 merged
Jul 7, 2025 -
Provide CLI Parameters for jgroups.* options
#40690 merged
Jul 7, 2025 -
Fix NPE when client is not set in context during token encoding
#40936 merged
Jul 7, 2025 -
fix: detecting when we can set the serviceName (#40894)
#40943 merged
Jul 6, 2025 -
Automatically connect to a writer instance of PostgreSQL
#40384 merged
Jul 4, 2025 -
More secure call of Facebook debug token
#40927 merged
Jul 4, 2025 -
Check cluster is correctly formed in ClusteredKeycloakServer
#40859 merged
Jul 4, 2025 -
fix: detecting when we can set the serviceName
#40894 merged
Jul 4, 2025 -
Fix: Inconsistent Results between /users and /users/count Endpoints
#40265 merged
Jul 3, 2025 -
Remove myself from the Dutch language maintainers
#40893 merged
Jul 3, 2025 -
Added new searchByAttributes function to UsersResource with the exact parameter
#40168 merged
Jul 3, 2025 -
Allow host:port syntax for --debug in kc.sh
#39924 merged
Jul 3, 2025 -
[26.3] Upgrade to Infinispan 15.0.16.Final
#40869 merged
Jul 3, 2025 -
[26.2] Upgrade to Infinispan 15.0.16.Final
#40871 merged
Jul 3, 2025 -
Verification of external OIDC token by introspection-endpoint. Adding…
#40856 merged
Jul 3, 2025 -
[26.3.x] Unable to configure TLS reloading in Keycloak version 26.2.0 or later
#40881 merged
Jul 3, 2025 -
Translations update from Hosted Weblate
#40801 merged
Jul 2, 2025 -
Only include new fields for key generation if not useFile (26.3)
#40868 merged
Jul 2, 2025 -
Upgrade to Infinispan 15.0.16.Final
#40852 merged
Jul 2, 2025 -
fix: map just logging env wildcards to . (#40834)
#40865 merged
Jul 2, 2025 -
[26.3.x] Mark options for additional datasources as preview
#40840 merged
Jul 2, 2025 -
Only include new fields for key generation if not useFile
#40863 merged
Jul 2, 2025 -
Bump @eslint/js from 9.30.0 to 9.30.1 in /js
#40848 merged
Jul 2, 2025 -
Bump eslint from 9.30.0 to 9.30.1 in /js
#40847 merged
Jul 2, 2025 -
Bump @faker-js/faker from 9.8.0 to 9.9.0 in /js
#40846 merged
Jul 2, 2025 -
Bump @types/node from 24.0.8 to 24.0.10 in /js
#40845 merged
Jul 2, 2025 -
Bump typescript-eslint from 8.35.0 to 8.35.1 in /js
#40816 merged
Jul 2, 2025 -
Mark options for additional datasources as preview
#40839 merged
Jul 2, 2025 -
consolidating profile logic and moving reaug related logic
#38514 merged
Jul 2, 2025 -
fix: map just logging env wildcards to .
#40834 merged
Jul 2, 2025 -
Bump i18next from 25.2.1 to 25.3.0 in /js
#40815 merged
Jul 1, 2025 -
Bump @types/dagre from 0.7.52 to 0.7.53 in /js
#40814 merged
Jul 1, 2025 -
Bump @types/node from 24.0.4 to 24.0.8 in /js
#40813 merged
Jul 1, 2025 -
Bump tar-fs from 3.0.10 to 3.1.0 in /js
#40812 merged
Jul 1, 2025 -
Bump @playwright/test from 1.53.1 to 1.53.2 in /js
#40810 merged
Jul 1, 2025 -
Bump eslint from 9.29.0 to 9.30.0 in /js
#40780 merged
Jul 1, 2025 -
[26.2.x] Unable to configure TLS reloading in Keycloak version 26.2.0 or later
#40819 merged
Jul 1, 2025 -
test: Provide test cases for datasources ENV vars handling
#40760 merged
Jul 1, 2025 -
Verification of external GitHub token via "check token" endpoint
#40742 merged
Jul 1, 2025 -
Use POST binding for logout when REDIRECT url is not set and forced POST (26.2)
#40824 merged
Jul 1, 2025 -
Improve javadoc for admin-client methods with injecting own resteasyC…
#40803 merged
Jul 1, 2025 -
Updating upgrading guide about changes in user-profile-commons.ftl template
#40828 merged
Jul 1, 2025 -
Add missing artifact descriptions to allow Maven Portal Publisher Validation pass.
#40822 merged
Jul 1, 2025 -
fix: reducing memory footprint for cached entries
#40806 merged
Jun 30, 2025 -
fix: reducing memory footprint
#40804 merged
Jun 30, 2025 -
Updating upgrading guide about changes in user-profile-commons.ftl template
#40794 merged
Jun 30, 2025 -
Add Xata to ADOPTERS.md
#40802 merged
Jun 30, 2025 -
Unable to configure TLS reloading in Keycloak version 26.2.0 or later
#40790 merged
Jun 30, 2025 -
[26.2.x] Update docs regarding to use statefulset and not a deployment
#40797 merged
Jun 30, 2025 -
fix: adding logic to isolate realm migration processing
#39377 merged
Jun 30, 2025 -
update docs regarding to use statefulset and not a deployment
#40759 merged
Jun 30, 2025 -
Bump rollup from 4.44.0 to 4.44.1 in /js
#40746 merged
Jun 30, 2025 -
Bump @eslint/js from 9.29.0 to 9.30.0 in /js
#40778 merged
Jun 30, 2025 -
Bump react-hook-form from 7.58.1 to 7.59.0 in /js
#40779 merged
Jun 30, 2025 -
Bump prettier from 3.6.0 to 3.6.2 in /js
#40781 merged
Jun 30, 2025 -
Use POST binding for logout when REDIRECT url is not set and forced POST
#40757 merged
Jun 30, 2025 -
Added missing translations for greek translation in the login page
#40664 merged
Jun 29, 2025 -
Translations update from Hosted Weblate
#40774 merged
Jun 29, 2025 -
Adjusted the comparisons for PersistentClientSessionEntity
#40737 merged
Jun 28, 2025 -
Translations update from Hosted Weblate
#40771 merged
Jun 28, 2025 -
make abstract class AbstractUserRoleMappingMapper public
#40766 merged
Jun 28, 2025 -
Do not show update email link if the email attribute is not writable
#40721 merged
Jun 28, 2025 -
fix: switching to the registry addon for olm testing (#40334) (#40349)
#40769 merged
Jun 28, 2025 -
Disable email verification when email manually changed by idp review
#40750 merged
Jun 27, 2025 -
Fixing how translatable fields are set and ignoring formatting for root user attributes
#40724 merged
Jun 27, 2025 -
Documentation changes for Passkeys
#40728 merged
Jun 27, 2025 -
Translations update from Hosted Weblate
#40745 merged
Jun 27, 2025 -
Move section in the upgrading guide
#40735 merged
Jun 27, 2025 -
Support all i18n keys for messages_ru.properties
#40417 merged
Jun 27, 2025 -
Bump @eslint/compat from 1.3.0 to 1.3.1 in /js
#40727 merged
Jun 26, 2025 -
Bump eslint-plugin-prettier from 5.5.0 to 5.5.1 in /js
#40725 merged
Jun 26, 2025 -
Windows fixes for 26.0 branch (26.0)
#40743 merged
Jun 26, 2025 -
Make rolling-updates-v2 preview feature
#40732 merged
Jun 26, 2025 -
Access Token IDs have less than 128 bits of entropy
#40287 merged
Jun 26, 2025 -
Set a unique fragment key to please React
#40599 merged
Jun 26, 2025 -
Disable email verification when email manually changed by idp review (26.2)
#40733 merged
Jun 26, 2025 -
Verification of external facebook token via "debug token" endpoint
#40720 merged
Jun 26, 2025 -
[Test framework] ImpersonationTest migration
#39324 merged
Jun 26, 2025 -
Translations update from Hosted Weblate
#40642 merged
Jun 26, 2025 -
Adjusted the comparisons
#40676 merged
Jun 26, 2025 -
fix: refinements for ipv6 only testing
#40723 merged
Jun 26, 2025 -
Resolve resources with same URI if the permission request is based on URI matching
#40698 merged
Jun 26, 2025 -
Integrate passkeys with the organization authenticator
#40714 merged
Jun 26, 2025 -
Allow passkeys login when user has no password credential
#40719 merged
Jun 26, 2025 -
Forward LOGIN_HINT of authentication session with identity-provider-r…
#36943 merged
Jun 26, 2025 -
shows what patching logic should look like
#40450 merged
Jun 25, 2025 -
Missing Quarkus flag for Syslog counting framing
#40621 merged
Jun 25, 2025 -
fix: refining breaking behavior
#40697 merged
Jun 25, 2025 -
quarkus-next: update Quarkus snapshots url
#40716 merged
Jun 25, 2025 -
Bump vite from 6.3.5 to 7.0.0 in /js
#40700 merged
Jun 25, 2025 -
Bump @types/node from 24.0.3 to 24.0.4 in /js
#40699 merged
Jun 25, 2025 -
Bump mocha from 11.7.0 to 11.7.1 in /js
#40701 merged
Jun 25, 2025 -
Revert changes from #40497
#40715 merged
Jun 25, 2025 -
Create clustering test cases for OIDC flows
#40623 merged
Jun 25, 2025 -
Bump rollup from 4.43.0 to 4.44.0 in /js
#40627 merged
Jun 25, 2025 -
Bump react-hook-form from 7.57.0 to 7.58.1 in /js
#40570 merged
Jun 25, 2025 -
Update javadoc of java admin-client for Keycloak 26.3
#40710 merged
Jun 25, 2025 -
[26.2.x] Use updated PostgresDatabase from Liquibase 4.32.0
#40686 merged
Jun 25, 2025 -
Integrate passkeys with separate username and password forms
#40371 merged
Jun 25, 2025 -
Disable email verification when email manually changed by idp review.
#40520 merged
Jun 25, 2025 -
Bump eslint-plugin-prettier from 5.4.1 to 5.5.0 in /js
#40569 merged
Jun 24, 2025 -
Bump prettier from 3.5.3 to 3.6.0 in /js
#40673 merged
Jun 24, 2025 -
Bump typescript-eslint from 8.34.1 to 8.35.0 in /js
#40672 merged
Jun 24, 2025 -
Bump @playwright/test from 1.53.0 to 1.53.1 in /js
#40608 merged
Jun 24, 2025 -
Bump mocha from 11.6.0 to 11.7.0 in /js
#40607 merged
Jun 24, 2025 -
Bump @dagrejs/dagre from 1.1.4 to 1.1.5 in /js
#40571 merged
Jun 24, 2025 -
Bump vitest from 3.2.3 to 3.2.4 in /js
#40568 merged
Jun 24, 2025 -
Deprecate the original Passkeys Conditional UI Authenticator
#40674 merged
Jun 24, 2025 -
Use updated PostgresDatabase from Liquibase 4.32.0
#40530 merged
Jun 24, 2025 -
fix: correcting additional legacy scope usage
#40644 merged
Jun 24, 2025 -
Issue with Handling Negative Values in Certain Fields of Brute Force Detection
#40538 merged
Jun 24, 2025 -
Fix: Removed conditional check preventing use of custom attribute names
#40653 merged
Jun 24, 2025 -
Fix and enable account-ui tests
#40671 merged
Jun 24, 2025 -
Bump @types/node from 24.0.1 to 24.0.3 in /js
#40540 merged
Jun 23, 2025 -
Bump typescript-eslint from 8.34.0 to 8.34.1 in /js
#40541 merged
Jun 23, 2025 -
Bump tar-fs from 3.0.9 to 3.0.10 in /js
#40539 merged
Jun 23, 2025 -
Bump eslint from 9.28.0 to 9.29.0 in /js
#40504 merged
Jun 23, 2025 -
Bump @eslint/js from 9.28.0 to 9.29.0 in /js
#40503 merged
Jun 23, 2025 -
Bump lint-staged from 16.1.0 to 16.1.2 in /js
#40502 merged
Jun 23, 2025 -
Bump react-i18next from 15.5.2 to 15.5.3 in /js
#40467 merged
Jun 23, 2025 -
[26.2] Cache configuration backports
#40636 merged
Jun 20, 2025 -
Update documentation about volatile sessions
#40640 merged
Jun 20, 2025 -
Clarify OpenShift instructions
#40488 merged
Jun 20, 2025 -
[docs] fix spelling error Update hostname.adoc
#40638 merged
Jun 20, 2025 -
Translations update from Hosted Weblate
#40626 merged
Jun 20, 2025 -
Use offline time calculations when transient created from offline
#40624 merged
Jun 20, 2025 -
Applying escaping of theme contents
#40597 merged
Jun 19, 2025 -
Use offline time calculations when transient created from offline
#40615 merged
Jun 19, 2025 -
Allowing all maintainers to approve UI changes
#40612 merged
Jun 19, 2025 -
Copy restored maven repo to home folder in Windows
#40595 merged
Jun 19, 2025 -
[26.2.x] Additional Quarkus devtools dependencies in distribution
#40610 merged
Jun 19, 2025 -
Additional Quarkus devtools dependencies in distribution
#40458 merged
Jun 19, 2025 -
Making DefaultLazyLoader thread safe
#40532 merged
Jun 18, 2025 -
Allowing all maintainers to approve UI changes
#40577 merged
Jun 18, 2025 -
[26.2.x] Make UPDATE_TIME unique for MIGRATION_MODEL table
#40590 merged
Jun 18, 2025 -
Make UPDATE_TIME unique for MIGRATION_MODEL table
#40098 merged
Jun 18, 2025 -
Bump @rollup/plugin-commonjs from 28.0.3 to 28.0.6 in /js
#40572 merged
Jun 18, 2025 -
Extend upgrading guide for OTP device has a unique label
#40482 merged
Jun 18, 2025 -
Change to useRealm all the policies tabs
#40286 merged
Jun 18, 2025 -
Parse long issue reference variant from body
#40575 merged
Jun 18, 2025 -
Removing the Windows optimization as it is currently unstable
#40588 merged
Jun 18, 2025 -
Removing the Windows optimization as it is currently unstable
#40584 merged
Jun 18, 2025 -
chore(i18n): Update Polish lang in email and account theme
#40581 merged
Jun 18, 2025 -
Preserve query parameters when redirecting requests
#40490 merged
Jun 18, 2025 -
Reworking the release notes for the upcoming release
#40549 merged
Jun 18, 2025 -
chore(i18n): Sync Polish translation with English
#40567 merged
Jun 18, 2025 -
fix: prevent multiple init when dependsOn is used
#40550 merged
Jun 18, 2025 -
docs(caching): clarified wording for the jgroups fd port offset
#40565 merged
Jun 18, 2025 -
Mark user as disabled if reaching max login failures and permanent lockout is enabled
#40560 merged
Jun 18, 2025 -
Clarify FIPS instructions
#40562 merged
Jun 18, 2025 -
Translations update from Hosted Weblate
#40536 merged
Jun 18, 2025 -
Invalidate user cache entries when email or username are different from storage
#40256 merged
Jun 17, 2025 -
Update command for linking Maven repository on Windows
#40554 merged
Jun 17, 2025 -
Fix message format parsing when linking accounts
#40492 merged
Jun 17, 2025 -
Use computer language for createTimeout integer value
#40544 merged
Jun 17, 2025 -
Fix markdown output by adding closing brackets
#40367 merged
Jun 17, 2025 -
Parse long issue reference variant from body
#40366 merged
Jun 17, 2025 -
Upgrade webauth4j to current release 0.29.3
#40522 merged
Jun 17, 2025 -
add labels and annotations to service (httpSpec)
#39925 merged
Jun 17, 2025 -
fix: prevent multiple init when dependsOn is used
#40537 merged
Jun 17, 2025 -
Disabling persistent sessions affects also offline session cache
#40484 merged
Jun 17, 2025 -
Clarify FIPS instructions
#40534 merged
Jun 17, 2025 -
Update command for linking Maven repository on Windows
#40529 merged
Jun 17, 2025 -
Translations update from Hosted Weblate
#40449 merged
Jun 16, 2025 -
Bump github/codeql-action from 3.28.19 to 3.29.0
#40432 merged
Jun 16, 2025 -
Avoid calling the underlying user storage multiple times when lazily loading model attributes
#40418 merged
Jun 16, 2025 -
Add
briefRepresentation
to get organizations from user#40435 merged
Jun 16, 2025 -
kyrgyz language support
#40473 merged
Jun 16, 2025 -
Load new locale before showing the alert
#40495 merged
Jun 16, 2025 -
Update flows.adoc
#40491 merged
Jun 16, 2025 -
fix: removing lifecylce in initContainers
#40455 merged
Jun 16, 2025 -
39429/OfflineSessionPersistenceTest testPersistenceMultipleNodesClientSessionsAtRandomNode
#40459 merged
Jun 16, 2025 -
fix(i18n): add missing comma before 'a' in Polish password reset message
#40471 merged
Jun 13, 2025 -
Fix link to client-registration in docs
#40486 merged
Jun 13, 2025 -
Fix link to client-registration in docs
#40462 merged
Jun 13, 2025 -
Add clustering tests to new test framework
#40283 merged
Jun 13, 2025 -
support setting periodSeconds and failureThreashold in the Keyclock CR
#40117 merged
Jun 13, 2025 -
fix: adding a -- separator for spi options
#40005 merged
Jun 13, 2025 -
longer retries to increase stability
#40378 merged
Jun 13, 2025 -
fix: adding a mapping directly from an env property to a wildcard
#39602 merged
Jun 13, 2025 -
Bump rollup from 4.42.0 to 4.43.0 in /js
#40429 merged
Jun 12, 2025 -
Bump @vitejs/plugin-react-swc from 3.10.1 to 3.10.2 in /js
#40392 merged
Jun 12, 2025 -
Highlight all types of features in the admin console
#40425 merged
Jun 12, 2025 -
Bump @playwright/test from 1.52.0 to 1.53.0 in /js
#40393 merged
Jun 12, 2025 -
Bump @eslint/compat from 1.2.9 to 1.3.0 in /js
#40430 merged
Jun 12, 2025 -
Bump @types/node from 24.0.0 to 24.0.1 in /js
#40431 merged
Jun 12, 2025 -
Remove duplicate definition of WebAuthnErrorPage in AbstractWebAuthnAccountTest
#40452 merged
Jun 12, 2025 -
Implemented validation to ensure each OTP device has a unique label
#38657 merged
Jun 12, 2025 -
Add templates for release notes and migration guide
#40442 merged
Jun 12, 2025 -
Add link to OIDC discovery specification to the docs.
#40443 merged
Jun 12, 2025 -
Add tests for webauthn configuration AvoidSameAuthenticatorRegister
#40437 merged
Jun 12, 2025 -
Remove obsolete information from the Keycloak deployment
#40415 merged
Jun 12, 2025 -
Re-sort the release notes and upgrading guide
#40424 merged
Jun 12, 2025 -
Documentation changes for the 2FA additions
#40411 merged
Jun 12, 2025 -
Translations update from Hosted Weblate
#40433 merged
Jun 12, 2025 -
Bump vitest from 3.2.2 to 3.2.3 in /js
#40359 merged
Jun 11, 2025 -
Update links to OAuth 2.1 draft spec and change link from BCP to RFC9700
#40421 merged
Jun 11, 2025 -
[26.2] MigrationModel duplicate entry
#40404 merged
Jun 11, 2025 -
fix: enabling property mapping during validation
#40103 merged
Jun 11, 2025 -
Set window size instead of maximize because it fails in chrome 137 (26.2)
#40416 merged
Jun 11, 2025 -
Validate client scopes registration policy configuration
#40254 merged
Jun 11, 2025 -
Translations update from Hosted Weblate
#40331 merged
Jun 11, 2025 -
Remove obsolete information from the Keycloak deployment
#40376 merged
Jun 11, 2025 -
Set window size instead of maximize because it fails in chrome 137
#40410 merged
Jun 11, 2025 -
Bump manusa/actions-setup-minikube from 2.13.1 to 2.14.0
#39346 merged
Jun 11, 2025 -
Redirect requests from outdated theme version to the current theme version
#39725 merged
Jun 11, 2025 -
MigrationModel duplicate entry
#39994 merged
Jun 11, 2025 -
fix: being more flexible with the minikube ip
#40379 merged
Jun 11, 2025 -
Fix missing background color for dropdown panels in keycloak.v2 theme
#40382 merged
Jun 11, 2025 -
Bump @types/node from 22.15.26 to 24.0.0 in /js
#40394 merged
Jun 11, 2025 -
Bump simple-git from 3.27.0 to 3.28.0 in /js
#40338 merged
Jun 10, 2025 -
Bump rollup from 4.41.1 to 4.42.0 in /js
#40337 merged
Jun 10, 2025 -
Bump eslint-plugin-prettier from 5.4.0 to 5.4.1 in /js
#40123 merged
Jun 10, 2025 -
Password modification time attribute as an operational and read-only attribute
#40280 merged
Jun 10, 2025 -
Pin Snyk action to latest commit hash
#40381 merged
Jun 10, 2025
61 Pull requests opened by 35 people
-
use user and client from form when on the events section (#35098)
#40389 opened
Jun 10, 2025 -
Fix invalid OpenAPI specifications
#40401 opened
Jun 11, 2025 -
Ease implementation of custom AccountConsole extensions (#40464)
#40465 opened
Jun 12, 2025 -
initial version of Modal Client select
#40475 opened
Jun 13, 2025 -
Fix for "Account UI ignores identity provider display order"
#40493 opened
Jun 14, 2025 -
Make organization `domains` optional
#40508 opened
Jun 16, 2025 -
Manage Organization Invites
#40526 opened
Jun 16, 2025 -
removed unreachable corsResponse calls
#40552 opened
Jun 17, 2025 -
Add test related to creating group with sample attributes
#40558 opened
Jun 17, 2025 -
Manage Organization Roles
#40586 opened
Jun 18, 2025 -
set auto-mount service account token to false in keycloak pods
#40605 opened
Jun 18, 2025 -
Allow editing the protocol mapper name
#40618 opened
Jun 19, 2025 -
Show required fields when configuring protocol mappers
#40620 opened
Jun 19, 2025 -
fix(organizations): display unlinked idp on unknown user matching email domain
#40651 opened
Jun 21, 2025 -
added a non-null check to check whether the to be exported realm exists
#40655 opened
Jun 22, 2025 -
Fixed the IDs comparison logic
#40667 opened
Jun 23, 2025 -
Removed redundant null checks
#40679 opened
Jun 24, 2025 -
Replace keySet with entrySet.
#40685 opened
Jun 24, 2025 -
Fix wrong dependent registering in Registry
#40691 opened
Jun 24, 2025 -
[OID4VCI]: Add support for parsing and understanding authorization_details at the Token Endpoint
#40751 opened
Jun 27, 2025 -
Implement a new impersonation flow that uses action tokens
#40767 opened
Jun 27, 2025 -
Fallback to display text consent scopes
#40789 opened
Jun 30, 2025 -
Improve realm search by name (#40793)
#40795 opened
Jun 30, 2025 -
Bump github/codeql-action from 3.29.0 to 3.29.2
#40811 opened
Jul 1, 2025 -
Adjust comment for Property mapper transformation
#40829 opened
Jul 1, 2025 -
Upgrade to the Quarkus 3.24.2 version
#40867 opened
Jul 2, 2025 -
task: better document property mapping
#40873 opened
Jul 2, 2025 -
implementing json patch
#40904 opened
Jul 3, 2025 -
fix: further refining logic and docs around import/export
#40906 opened
Jul 3, 2025 -
Bump react-i18next from 15.5.3 to 15.6.0 in /js
#40909 opened
Jul 4, 2025 -
Add Selective Consent for clients
#40922 opened
Jul 4, 2025 -
Allow configure encryption details for SAML clients
#40937 opened
Jul 4, 2025 -
Remove FGAP:v1 from external-internal token exchange
#40938 opened
Jul 4, 2025 -
Change error to 400 for unknown user
#40939 opened
Jul 4, 2025 -
Update Traditional Chinese locale to latest version
#40941 opened
Jul 5, 2025 -
Bump aquasecurity/trivy-action from 0.31.0 to 0.32.0
#40949 opened
Jul 7, 2025 -
Forward isMemberOf call to the next delegate if the group is not mana…
#40969 opened
Jul 7, 2025 -
Remove workaround for handling Syslog counting framing
#40989 opened
Jul 8, 2025 -
Improve handling of enum types for Keycloak options
#40994 opened
Jul 8, 2025 -
Fix #40995 avoid ModelException: At least one condition should be pr…
#40996 opened
Jul 8, 2025 -
Default jdbc-ping cluster setup for distributed caches fails in Oracle
#40999 opened
Jul 8, 2025 -
[OID4VCI] Add support for credential_response_encryption in credential request
#41001 opened
Jul 8, 2025 -
fix: using defaults when mapFrom is null
#41005 opened
Jul 8, 2025 -
Custom user profile providers should use the factory ID
#41012 opened
Jul 8, 2025 -
Adding a config to the UPDATE_EMAIL action to force users to verify email
#41013 opened
Jul 8, 2025 -
Bump chai from 5.2.0 to 5.2.1 in /js
#41015 opened
Jul 9, 2025 -
Translations update from Hosted Weblate
#41017 opened
Jul 9, 2025 -
Expose tokens expiresIn in KeycloakAdminClient
#41024 opened
Jul 9, 2025 -
Wildcard mappers should be implicitly handled and value propagated
#41026 opened
Jul 9, 2025 -
Allow Features to declare that they support Rolling upgrades
#41027 opened
Jul 9, 2025 -
Mark user session for removal when the user bound to cannot be resolved
#41042 opened
Jul 9, 2025 -
Update email feature only enabled if the required action is enabled at the realm
#41046 opened
Jul 9, 2025 -
Bump i18next from 25.3.1 to 25.3.2 in /js
#41047 opened
Jul 10, 2025 -
Increase timeout when publishing to Maven Central
#41051 opened
Jul 10, 2025 -
saml-idp: Draft support for extended SAML identity provider configuration in Admin Console
#41053 opened
Jul 10, 2025 -
Add option 'Requires short state parameter' to OIDC IDP
#41059 opened
Jul 10, 2025 -
[26.2] Improve logging for client sessions load
#41066 opened
Jul 10, 2025 -
[26.3] Improve logging for client sessions load
#41067 opened
Jul 10, 2025 -
Add pagination to user idp links.
#41068 opened
Jul 10, 2025 -
Remove /etc/system-fips file before executing fips-mode-setup (26.0)
#41069 opened
Jul 10, 2025
226 Issues closed by 28 people
-
Group permission denies to view user
#40965 closed
Jul 10, 2025 -
[OID4VCI] Return vc-credential-scopes in AccessToken-scope
#39530 closed
Jul 10, 2025 -
[OID4VCI] Adjust ClientScope validation to ClientScope attributes
#39529 closed
Jul 10, 2025 -
[OID4VCI] Update the claims structure in credential issuer metadata across credential format profiles
#39289 closed
Jul 10, 2025 -
[OID4VCI] Deprecate support for retrieving credential by `format` or `claims` at the Credential Endpoint
#39282 closed
Jul 10, 2025 -
[OID4VCI] use credential_configuration_id on credential-request if scope was used
#39309 closed
Jul 10, 2025 -
[OID4VCI] Move vc-attributes from realm to ClientScopes
#39528 closed
Jul 10, 2025 -
[Operator] UpdateTest.testImageChange throws TimeoutException
#40932 closed
Jul 10, 2025 -
Improve logging for client sessions load
#41034 closed
Jul 10, 2025 -
Apache Reverse Proxy Setup
#41062 closed
Jul 10, 2025 -
[Keycloak CI] - Quarkus IT - MetricsDistTest
#40888 closed
Jul 10, 2025 -
FIPS errors in CI
#41038 closed
Jul 10, 2025 -
Console incorrectly refers to MAC algorithms as "Signature algorithm"
#38664 closed
Jul 10, 2025 -
FIPS-enabled container Kerberos authentication fails because of user salt length requirements
#38840 closed
Jul 10, 2025 -
Keycloak call taking more than 30 Sec
#40703 closed
Jul 9, 2025 -
Make UPDATE_EMAIL a supported feature
#40227 closed
Jul 9, 2025 -
Action Tokens Copy Nonce Into JTI
#40160 closed
Jul 9, 2025 -
Keycloak 26.3.0 Performance Degradation (Installed with Operator)
#40946 closed
Jul 9, 2025 -
[OID4VCI] Clean up and update the Credential Issuer Metadata model
#39290 closed
Jul 9, 2025 -
User session limit exceeded for both realm and client removes the wrong session
#38016 closed
Jul 9, 2025 -
Changing default passwordless webauthn policy to follow recommended values in the documentation
#40792 closed
Jul 9, 2025 -
Backchannel logout token with an unexpected signature algorithm key
#40984 closed
Jul 9, 2025 -
Keycloak 26.3.0 Regression: Failed to login if web-authn is disabled
#40954 closed
Jul 9, 2025 -
User serach with first/last name from keycklock consol with multiple words in giving no record
#38736 closed
Jul 9, 2025 -
NPE during loading user groups with concurrent deletion
#40368 closed
Jul 8, 2025 -
Avoid floating promises in UI code
#40739 closed
Jul 8, 2025 -
Memory leak when updating LDAP federated user (join groups / update attributes)
#38477 closed
Jul 8, 2025 -
Make passkeys feature dependent on web_authn
#40975 closed
Jul 8, 2025 -
Run clustering compatibility tests on release/x.y branches
#40970 closed
Jul 7, 2025 -
UserSession Offline removed from DB if not in cache
#40754 closed
Jul 7, 2025 -
Typo in Consent Scope Representation
#40786 closed
Jul 7, 2025 -
Optimize createClients on realm import
#40805 closed
Jul 7, 2025 -
Update limitations of the preview feature rolling updates for patch releases
#40962 closed
Jul 7, 2025 -
Proxy detection needs tweaked for insecure context warning
#40903 closed
Jul 7, 2025 -
REST Admin API - ClientsResource response with 200 OK even needed roles are missing
#40192 closed
Jul 7, 2025 -
Run tests as part of Keycloak CI in main but make sure a failure does not block PR merging
#39966 closed
Jul 7, 2025 -
Improve ec2 transport stack documentation
#39226 closed
Jul 7, 2025 -
Docs: server_development/topics/themes.adoc
#40930 closed
Jul 7, 2025 -
[OID4VCI] Remove reference to an interval property in Credential Offer payloads
#39294 closed
Jul 7, 2025 -
Provide CLI Parameters for jgroups.* options
#40481 closed
Jul 7, 2025 -
NPE thrown when encoding a token without having a client set in the session
#40935 closed
Jul 7, 2025 -
SearchQueryUtils.getFields(searchQuery) does not allow \ in query
#37281 closed
Jul 7, 2025 -
OrganizationProvider.getMembersCount ignores federated members
#38474 closed
Jul 7, 2025 -
null username for federated records
#38495 closed
Jul 7, 2025 -
Migrating from keycloak 15 to keycloak 20.0.1
#16074 closed
Jul 7, 2025 -
Quarkus profile behaviour changed between v25 and v26
#40925 closed
Jul 5, 2025 -
KC should connect to a writer instance of PostgreSQL automatically
#40383 closed
Jul 4, 2025 -
Session Lost on Page Refresh in SPA For Keycloak v26.1.0
#40854 closed
Jul 4, 2025 -
More secure call of Facebook debug token
#40926 closed
Jul 4, 2025 -
Check cluster is correctly formed in ClusteredKeycloakServer
#40858 closed
Jul 4, 2025 -
Keycloak Operator 26.3.0 fails to update to 26.3.0
#40890 closed
Jul 4, 2025 -
Consistent behaviour for User API getUsers and count
#38556 closed
Jul 3, 2025 -
Exact match in users/count
#29295 closed
Jul 3, 2025 -
Users searchAttributes broken for empty value
#39609 closed
Jul 3, 2025 -
`--debug` does not work with docker container version of Keycloak
#38924 closed
Jul 3, 2025 -
Consider creating `ExternalToInternalTokenExchangeTest` for external to internal token exchange v2
#40198 closed
Jul 3, 2025 -
Verification of external OIDC token by introspection-endpoint
#40167 closed
Jul 3, 2025 -
Upgrade to Infinispan 15.0.16.Final
#40851 closed
Jul 2, 2025 -
Size and validation options in SAML import
#40860 closed
Jul 2, 2025 -
keycloak apache2 setup on Oracle Linux
#40836 closed
Jul 2, 2025 -
Reverse proxy setup cookie issue
#40861 closed
Jul 2, 2025 -
Mark options for additional datasources as preview
#40838 closed
Jul 2, 2025 -
Consolidate profile logic
#38581 closed
Jul 2, 2025 -
Change database wildcards to default to - instead of .
#40833 closed
Jul 2, 2025 -
Organization Identity-First Login authenticator missing localization
#38412 closed
Jul 2, 2025 -
Verification of external github token by github "check token" endpoint
#40164 closed
Jul 1, 2025 -
Improve javadoc for admin-client methods with injecting own resteasyClient
#40231 closed
Jul 1, 2025 -
Client Service Account User doesn't have direct or inherited attributes mapped in access token
#40102 closed
Jul 1, 2025 -
Breaking template change: Unknown `locale` input field added to user-profile registration page
#39562 closed
Jul 1, 2025 -
Appdev Realm broken
#40355 closed
Jul 1, 2025 -
PassKey + Jackson version confict
#40397 closed
Jul 1, 2025 -
Importing a realm takes more than 1 minute when multiple others exist.
#35932 closed
Jun 30, 2025 -
FacadeClassLoader failing on quarkus-next workflow
#40516 closed
Jun 30, 2025 -
Unable to configure TLS reloading in Keycloak version 26.2.0 or later
#40713 closed
Jun 30, 2025 -
Improve migration performance
#38649 closed
Jun 30, 2025 -
Migration progress missing
#33978 closed
Jun 30, 2025 -
Emphasize using StatefulSet instead of Deployment
#40090 closed
Jun 30, 2025 -
Support synchronization of OpenLDAP groups with the same cn but different parent OUs
#40738 closed
Jun 30, 2025 -
Front logout channel broken in 26.2.5 for saml
#40637 closed
Jun 30, 2025 -
Can't impersonate a user cross-realm?
#38184 closed
Jun 30, 2025 -
Deadlocks on table OFFLINE_USER_SESSION / OFFLINE_CLIENT_SESSION with Keycloak 26.1.3
#37864 closed
Jun 30, 2025 -
Translation key missing from Greek translations.
#40632 closed
Jun 29, 2025 -
Make abstract class AbstractUserRoleMappingMapper public
#40765 closed
Jun 28, 2025 -
Hide update email link in account console when email is read-only in user profile
#39669 closed
Jun 28, 2025 -
使用 Keycloak Operator 26.2.5 创建 CR ,自动创建的 NGINX ingress 服务名问题
#40476 closed
Jun 27, 2025 -
Creating a user profile attribute "displayName" does not work as expected.
#40497 closed
Jun 27, 2025 -
Documentation for passkeys for 26.3.0
#40705 closed
Jun 27, 2025 -
Support all i18n keys for messages_ru.properties
#40336 closed
Jun 27, 2025 -
Upgrade command rolling updates for patch releases / step 2: preview
#38883 closed
Jun 26, 2025 -
Access Token IDs have less than 128 bits of entropy
#38663 closed
Jun 26, 2025 -
Account console reports duplicate keys in development mode
#40598 closed
Jun 26, 2025 -
SAML client Encryption keys: Import Java keystore returns Invalid keystore format
#40499 closed
Jun 26, 2025 -
Verification of external facebook token by facebook "debug token" endpoint
#40163 closed
Jun 26, 2025 -
Cannot register passkey as first 2FA credential.
#39770 closed
Jun 26, 2025 -
Potential copy-paste issue in PersistentClientSessionEntity.java
#40663 closed
Jun 26, 2025 -
Support IPv6 only environments
#21277 closed
Jun 26, 2025 -
Multiple resources that match same URI with different scope cause inconsistent authorization response
#40695 closed
Jun 26, 2025 -
Passkeys conditional UI: integration with the organization authenticator
#40022 closed
Jun 26, 2025 -
Allow passkeys login when user has no password credential
#40717 closed
Jun 26, 2025 -
"identity-provider-redirector" does not forward LOGIN_HINT of authentication session
#36396 closed
Jun 26, 2025 -
Missing Quarkus flag for syslog logging
#39893 closed
Jun 25, 2025 -
quarkus-next: update Quarkus snapshots url
#40694 closed
Jun 25, 2025 -
Existing Organization Mapper in default Client Scope not in JWT in 26.2.5
#40670 closed
Jun 25, 2025 -
Create test cases for admin UI
#39968 closed
Jun 25, 2025 -
Create test cases for OIDC flows
#39965 closed
Jun 25, 2025 -
Admin Console stuck in Loading following Kubernetes example
#40113 closed
Jun 25, 2025 -
Update javadoc of java admin-client for Keycloak 26.3
#40709 closed
Jun 25, 2025 -
Static Resources return 404 due to divergent startup hashes in Multi-Pod Deployment
#40678 closed
Jun 25, 2025 -
Passkeys conditional UI: integration with independent username and password form
#40021 closed
Jun 25, 2025 -
Review Profile makes users prone to phishing attacks
#40446 closed
Jun 25, 2025 -
Token exchange. Internal -> External fails(not_linked) even though account is linked
#37193 closed
Jun 25, 2025 -
Keycloak shows Attribute instead of username on Login Form
#37937 closed
Jun 25, 2025 -
Deprecate or remove the current conditionalUI authenticator
#40033 closed
Jun 24, 2025 -
Bootstrap admin account does not work
#40688 closed
Jun 24, 2025 -
Liquibase update failed from KC 26.1 to KC 26.2 with PostgreSQL JDBC driver 42.7.5
#39917 closed
Jun 24, 2025 -
Issue with Handling Negative Values in Certain Fields of Brute Force Detection
#40353 closed
Jun 24, 2025 -
JGroups channel not starting in dns-ping stack even after configuring KC_CACHE_STACK as kubernetes
#40372 closed
Jun 24, 2025 -
keycloak-core:26.1.5 references SystemPropertiesJsonParserFactory but keycloak-util is no longer published
#40682 closed
Jun 24, 2025 -
keycloak-core 26.1.5 has stale internal references of SystemPropertiesJsonParserFactory
#40681 closed
Jun 24, 2025 -
Account UI goBack link doesn't render when referrer query string is set
#40303 closed
Jun 24, 2025 -
Group name input allows XSS via script tags in Keycloak 26.2.4
#40350 closed
Jun 24, 2025 -
Disconnection issue when using O365 as IDP and multiple microsoft accounts
#39952 closed
Jun 24, 2025 -
Account UI e2e tests do not run in CI
#40498 closed
Jun 24, 2025 -
Reading secret from file vault not working
#40652 closed
Jun 23, 2025 -
Keycloak returns incorrect `acr` claim value after `CONFIGURE_TOTP` execution
#40391 closed
Jun 23, 2025 -
Can't implement custom TokenExchangeProvider
#40264 closed
Jun 23, 2025 -
Unrecognized field "adminPermissionsClient"
#39414 closed
Jun 23, 2025 -
NPE when no subject_issuer is used for token exchange
#34869 closed
Jun 23, 2025 -
Admin-ui seems to be missing `url`
#40650 closed
Jun 21, 2025 -
Nightly build shows outdated information on the Keycloak website
#40542 closed
Jun 21, 2025 -
Update code ownership for UI code
#40576 closed
Jun 21, 2025 -
Configuring category-specific log levels dont work
#40648 closed
Jun 21, 2025 -
Update documentation about volatile sessions
#40639 closed
Jun 20, 2025 -
Clarify OpenShift v4 Identity Provider instructions
#40487 closed
Jun 20, 2025 -
[docs] fix spelling error in hostname.adoc
#40641 closed
Jun 20, 2025 -
"Keycloak Authorization Not Enforced in External Applications (Salesforce, O365, Workday)"
#40614 closed
Jun 20, 2025 -
kc.sh import not working
#40295 closed
Jun 20, 2025 -
Google token exchange not working since not able to fetch user info for id token
#38147 closed
Jun 20, 2025 -
UI Customization missing footer example
#40596 closed
Jun 19, 2025 -
Negative expiration for token exchange using an offline session
#40611 closed
Jun 19, 2025 -
Copy restored maven repo to home folder in Windows
#40593 closed
Jun 19, 2025 -
Custom TrustStore is not loaded correctly by Keycloak
#40527 closed
Jun 19, 2025 -
Quarkus devtools dependencies in 26.2.x
#39227 closed
Jun 19, 2025 -
DefaultLazyLoader is not thread safe, but is used in a shared instance of CachedRealm
#40531 closed
Jun 18, 2025 -
Make UPDATE_TIME unique for MIGRATION_MODEL table
#40088 closed
Jun 18, 2025 -
Extend upgrading guide for OTP device has a unique label
#40445 closed
Jun 18, 2025 -
Webauthn policy data resets to previous state after binding flow
#40284 closed
Jun 18, 2025 -
Disable Windows C/D drive optimization
#40583 closed
Jun 18, 2025 -
Add missing translations in email and account theme for Polish lang
#40579 closed
Jun 18, 2025 -
When redirecting old resource versions, keep query parameters
#40489 closed
Jun 18, 2025 -
Rewrite release notes to market the new features
#40547 closed
Jun 18, 2025 -
Crash when specifying an incorrect LDAP DN
#39875 closed
Jun 18, 2025 -
Synchronization of Polish language in login template
#40566 closed
Jun 18, 2025 -
Add clarifying language around jgroups failure detection ports
#40564 closed
Jun 18, 2025 -
Brute force detection permanent lockout flag not shown for users auto-unlocked after temporary lockout
#40159 closed
Jun 18, 2025 -
Federated user IDs are not correctly evicted from cache
#40085 closed
Jun 17, 2025 -
Account v1 Applications page get error
#40545 closed
Jun 17, 2025 -
Some requests to admin/ui fail with status 500
#40249 closed
Jun 17, 2025 -
Docs: upgrading/topics/changes/changes-26_0_0.adoc
#39932 closed
Jun 17, 2025 -
Federation unlink failure message contains double single quotes
#40479 closed
Jun 17, 2025 -
USER_SESSION_NOT_FOUND during token validation with valid access token
#39958 closed
Jun 17, 2025 -
"Confidential Client" Client Policy Improperly Defined
#40170 closed
Jun 17, 2025 -
Labeler fails to set version of parent issue
#40365 closed
Jun 17, 2025 -
Upgrade webauthn4j to a newer version
#40023 closed
Jun 17, 2025 -
Allow Keycloak operator to parameterize the Service annotations and labels
#23283 closed
Jun 17, 2025 -
Multiple QuarkusJpaUpdaterProvider calls during boot
#40408 closed
Jun 17, 2025 -
Missing adjustment about offline session caches for volatile sessions
#40483 closed
Jun 17, 2025 -
Clarify FIPS instructions
#40533 closed
Jun 17, 2025 -
Symbolic link creation fails on Windows CI
#40543 closed
Jun 17, 2025 -
Theme SPI config values do not resolve correctly
#40535 closed
Jun 16, 2025 -
`UserStorageManager.getUserById` called multiple times on `POST /realms/{realm}/protocol/{protocol}/token`
#40213 closed
Jun 16, 2025 -
Unable to retrieve `attributes` with organization get members endpoint
#40438 closed
Jun 16, 2025 -
Snyk "latest release branch" confused by extra release branches
#39626 closed
Jun 16, 2025 -
Self-service option to reset OTP only
#40513 closed
Jun 16, 2025 -
add (ky )kyrgyz language support
#40448 closed
Jun 16, 2025 -
On change of language, confirmation is shown in old language
#40494 closed
Jun 16, 2025 -
Authentication flows documentation should match new GUI
#40514 closed
Jun 16, 2025 -
Default to num_owners=2 when the persistent-user-sessions feature is disabled
#40472 closed
Jun 16, 2025 -
Realm default-settings overridding manipulated values
#40506 closed
Jun 16, 2025 -
Upgrade from 24.0.5 to higer version failes with ERROR: rel ation "org" already exists
#34499 closed
Jun 16, 2025 -
Missing AuthenticationFlowException handling in registration endpoint
#37738 closed
Jun 16, 2025 -
The Polish translation is missing a comma
#40485 closed
Jun 13, 2025 -
Link to dynamic client registration section is broken in docs
#40444 closed
Jun 13, 2025 -
Create a POC of running 2 containers in the new testsuite
#39962 closed
Jun 13, 2025 -
Configurable probes in the Operator
#21995 closed
Jun 13, 2025 -
While adding User Attribute Mapper configuration is displayed repeatedly multiple times
#40468 closed
Jun 13, 2025 -
Enhance mapping from env variables to wildcards
#38259 closed
Jun 13, 2025 -
ClearExpiredUserSessions task ignores client-specific idle timeout value
#39829 closed
Jun 12, 2025 -
Missing highlighting of deprecated and disabled-by-default features
#40423 closed
Jun 12, 2025 -
Compilation error in AbstractWebAuthnAccountTest
#40451 closed
Jun 12, 2025 -
Add webauthn and recovery-codes to the default authentication flows
#39998 closed
Jun 12, 2025 -
Name for OTP device should be unique
#38465 closed
Jun 12, 2025 -
Add templates for release notes and migration guide
#40441 closed
Jun 12, 2025 -
Add link to OIDC Discovery Spec in the documentation of the certs endpoint
#40440 closed
Jun 12, 2025 -
Passkey "Avoid same authenticator registration" doesn't work
#27945 closed
Jun 12, 2025 -
Resort release notes for KC 26.3
#40422 closed
Jun 12, 2025 -
Update documentation
#40001 closed
Jun 12, 2025 -
Error when requesting token inspection for a access token requested by a offline token
#39599 closed
Jun 11, 2025 -
Update links specs in OIDC guide
#40419 closed
Jun 11, 2025 -
PropertyMapper validation should run with PropertyMappingInterceptor enabled
#40095 closed
Jun 11, 2025 -
/admin/realms/{realm}/groups endpoint is slow in v26.2.4 with around 15k groups
#40242 closed
Jun 11, 2025 -
Client Registration with fake scope
#40187 closed
Jun 11, 2025 -
Create a POC of running 2 containers in Arquillian testsuite
#39963 closed
Jun 11, 2025 -
Could not update user profile settings with newly defined role
#40259 closed
Jun 11, 2025 -
Outdated information in HA Keycloak deployment
#40375 closed
Jun 11, 2025 -
Failing WebAuthn IT (chrome) / WebAuthnSigningInTest.passwordlessWebAuthnTest
#40402 closed
Jun 11, 2025 -
Redirect request from wrong version to the right version
#39723 closed
Jun 11, 2025 -
MigrationModel duplicate entry on Recreate Upgrade in Cluster with 2+ nodes
#39866 closed
Jun 11, 2025 -
Transparent filter panel in Admin > Events > Search events form
#40135 closed
Jun 11, 2025 -
Allow private IP address as host in dev deployments
#40356 closed
Jun 11, 2025 -
Query when searching exact attribute values does not use index. Result: slow search.
#37607 closed
Jun 11, 2025 -
Error creating user in Windows Active Directory over LDAP
#40096 closed
Jun 10, 2025 -
LDAP: error code 19 - pwdChangedTime: no user modification allowed
#40270 closed
Jun 10, 2025 -
Pin Snyk action to latest commit hash
#40380 closed
Jun 10, 2025
183 Issues opened by 100 people
-
Show KC version info in footer of all web UI pages
#41077 opened
Jul 10, 2025 -
Navigating group breadcrumb is not reflected in group navigation tree/browser
#41076 opened
Jul 10, 2025 -
Admin Console: Creating a child group reverts tree navigation to root
#41075 opened
Jul 10, 2025 -
Import client sessions into Infinispan concurrently
#41074 opened
Jul 10, 2025 -
`Extend to children` for group policy does not work correctly with FGAP
#41073 opened
Jul 10, 2025 -
In (realm) role details, add tab "Assigned to groups"
#41072 opened
Jul 10, 2025 -
Admin Console: Assign attribute/property or perform action on multiple, filtered list items
#41071 opened
Jul 10, 2025 -
Admin Console: Add to all lists features like sorting, attribute/property columns management & filtering
#41070 opened
Jul 10, 2025 -
Built-in Webhook Support for Keycloak Events
#41065 opened
Jul 10, 2025 -
Reduce the time it takes to migrate tests to the new framework
#41064 opened
Jul 10, 2025 -
DOC: Partial import/export insufficiently documented
#41061 opened
Jul 10, 2025 -
Some executions don't show up in the execution menu
#41060 opened
Jul 10, 2025 -
Enhance migration utility
#41058 opened
Jul 10, 2025 -
Add native hCaptcha support as an alternative to reCAPTCHA
#41057 opened
Jul 10, 2025 -
Backport the release related fixes to Keycloak main
#41052 opened
Jul 10, 2025 -
502 Error from Keycloak
#41050 opened
Jul 10, 2025 -
Lack of coordination in database creation in 26.3.0 causes deployment failures
#41048 opened
Jul 10, 2025 -
Update email feature only enabled if the required action is enabled at the realm
#41045 opened
Jul 9, 2025 -
Federated users incorrectly listed on first load due to uninitialized userProfileProvidersEnabled
#41044 opened
Jul 9, 2025 -
Able to create a client without entering Client ID
#41041 opened
Jul 9, 2025 -
WebAuthN Setup: OperationError: A request is already pending.
#41037 opened
Jul 9, 2025 -
Skip update email required action if email attriute is not writable
#41035 opened
Jul 9, 2025 -
Policy implementation in OpenId Federation
#41033 opened
Jul 9, 2025 -
Unused value in JpaUserFederatedStorageProvider. SAST
#41032 opened
Jul 9, 2025 -
[OID4VCI] Determine algorithms for credential_response_encryption
#41031 opened
Jul 9, 2025 -
DOC: 'Running Keycloak in a Container' inconsistent
#41029 opened
Jul 9, 2025 -
Can't send e-mails to international e-mail addresses: bad UTF-8 syntax
#41023 opened
Jul 9, 2025 -
Allow Features to declare that they support Rolling upgrades
#41022 opened
Jul 9, 2025 -
Validate session session timeout and lifetime settings on edit
#41019 opened
Jul 9, 2025 -
Flaky test: org.keycloak.testsuite.cluster.ClientInvalidationClusterTest#crudWithFailover
#41018 opened
Jul 9, 2025 -
Operator auto update hash
#41014 opened
Jul 8, 2025 -
Legacy format of build-time spi options
#41010 opened
Jul 8, 2025 -
Missing signing with passkeys feature when FORCED_REAUTHENTICATION = true
#41008 opened
Jul 8, 2025 -
Including OTLP headers for authorization
#41007 opened
Jul 8, 2025 -
Micrometer to OpenTelemetry bridge for metrics
#41006 opened
Jul 8, 2025 -
Possibility to list only requested configuration options for CLI help
#41003 opened
Jul 8, 2025 -
Liquibase in Kubernetes with separate Job
#41002 opened
Jul 8, 2025 -
Wildcard mappers should be implicitly handled and value propagated
#40997 opened
Jul 8, 2025 -
LDAP / ModelException: At least one condition should be provided to OR query
#40995 opened
Jul 8, 2025 -
Improve handling of enum types for Keycloak options
#40993 opened
Jul 8, 2025 -
Fallback to English translations for unknown locale despite German being the realm default
#40990 opened
Jul 8, 2025 -
Passkeys Enhancements
#40988 opened
Jul 8, 2025 -
Can't update security-admin-console via admin UI with volatile sessions
#40980 opened
Jul 7, 2025 -
Loglevel recorded from build phase
#40977 opened
Jul 7, 2025 -
Remove deprecated method ConsentScopeRepresentation.getDisplayTest
#40973 opened
Jul 7, 2025 -
Create mixed cluster tests with state-transfter for OIDC flows
#40960 opened
Jul 7, 2025 -
Update "Enabling and disabling features" documentation
#40959 opened
Jul 7, 2025 -
TiDB friendly MySQL Liquibase migration statements please
#40947 opened
Jul 6, 2025 -
Unclear documentation for setting management server as http when main server is https
#40945 opened
Jul 6, 2025 -
[Possible issue] Error 403 while attempting to add role to new realm
#40944 opened
Jul 5, 2025 -
Liquibase driver broken in KC 26.3.0
#40934 opened
Jul 4, 2025 -
Allow configure encryption details for SAML clients
#40933 opened
Jul 4, 2025 -
Duplicates in unmanaged attributes
#40929 opened
Jul 4, 2025 -
Compliant with RFC8414, return server metadata at /.well-known/oauth-authorization-server/realms/{realm}
#40923 opened
Jul 4, 2025 -
Using organization uuid instead of group uuid in FGAP should fail
#40921 opened
Jul 4, 2025 -
OpenID Federation OP with Automatic Registration
#40920 opened
Jul 4, 2025 -
Verification of external token: twitter
#40919 opened
Jul 4, 2025 -
Verification of external token: stackoverflow
#40918 opened
Jul 4, 2025 -
Verification of external token: paypal
#40917 opened
Jul 4, 2025 -
Verification of external token: openshift4
#40916 opened
Jul 4, 2025 -
Verification of external token: microsoft
#40915 opened
Jul 4, 2025 -
Verification of external token: linkedin
#40914 opened
Jul 4, 2025 -
Verification of external token: gitlab
#40913 opened
Jul 4, 2025 -
Verification of external token: bitbucket
#40912 opened
Jul 4, 2025 -
Checking if client is allowed to exchange given subject_token issued by the IDP
#40911 opened
Jul 4, 2025 -
Changed username on brokered system results in foreign key constraint violation
#40907 opened
Jul 3, 2025 -
More fully document operator upgrade scenarios, in particular with custom images
#40902 opened
Jul 3, 2025 -
Correct ten-year-old "autheticatorFlow" misspelling
#40901 opened
Jul 3, 2025 -
Doublecheck event details during external-internal token exchange
#40900 opened
Jul 3, 2025 -
Issuing the internal token during external-internal token exchange
#40897 opened
Jul 3, 2025 -
Avoid creating user session during external-internal token exchange
#40896 opened
Jul 3, 2025 -
Make sure user is not created during external-internal token exchange
#40895 opened
Jul 3, 2025 -
shibmd:Scope in realm's SAML idp metadata
#40892 opened
Jul 3, 2025 -
Fresh sessions created from action token handlers don't include state
#40886 opened
Jul 3, 2025 -
Utilise --cache-embedded-network-bind-address in the Operator
#40884 opened
Jul 3, 2025 -
Improve memory footprint of single file realm import
#40875 opened
Jul 2, 2025 -
Update code and documentation for import of a new realm
#40874 opened
Jul 2, 2025 -
Better document property mapping
#40872 opened
Jul 2, 2025 -
Keycloak 500 internal server error
#40866 opened
Jul 2, 2025 -
Unbounded login_hint Parameter Can Corrupt KC_RESTART Cookie and Break Login Flow
#40857 opened
Jul 2, 2025 -
External-internal token exchange independent from FGAP v1
#40855 opened
Jul 2, 2025 -
Dereference after null check
#40853 opened
Jul 2, 2025 -
REST API - /identity-provider/instances - offers no attribute "displayOrder"
#40842 opened
Jul 1, 2025 -
Action Token Key
#40841 opened
Jul 1, 2025 -
Cannot register passkey as first 2FA credential. (Continuation)
#40837 opened
Jul 1, 2025 -
Improvements to how the IDP is identified from the external `subject_token`
#40832 opened
Jul 1, 2025 -
Dereference of null in PersistentAuthenticatedClientSessionAdapter. SAST
#40826 opened
Jul 1, 2025 -
Back port changes from release/26.3 branch related to Maven Central Publish Portal validation
#40825 opened
Jul 1, 2025 -
referrerUrl in account-ui escapes query parameters incorrectly
#40821 opened
Jul 1, 2025 -
Identity provider links list is limited to 100 entries for a user in the admin UI
#40818 opened
Jul 1, 2025 -
Provide a way to add custom labels to Realm Import job of Keycloak operator
#40799 opened
Jun 30, 2025 -
Review remaining considerations around whether import needs to be performed with the cluster shutdown
#40798 opened
Jun 30, 2025 -
Realm search in Manage-Realms view should also include display-name
#40793 opened
Jun 30, 2025 -
Custom scope display name not shown in Account UI
#40788 opened
Jun 30, 2025 -
Default jdbc-ping cluster setup for distributed caches fails in Oracle
#40784 opened
Jun 30, 2025 -
Flaky test: org.keycloak.testsuite.cluster.RealmInvalidationClusterTest#crudWithFailover
#40782 opened
Jun 30, 2025 -
User got error in Keycloak 22.x "We are sorry... Login timeout. Please sign in again"
#40775 opened
Jun 29, 2025 -
Support IdP Login Option in WebAuthn Passwordless Authenticator Page
#40770 opened
Jun 28, 2025 -
Change naming for disabling additional datasource
#40761 opened
Jun 27, 2025 -
Wrong dependency registering in the testsuite
#40756 opened
Jun 27, 2025 -
Resource leak: FileInputStream in Util.readProperties(File) is never closed .SAST
#40753 opened
Jun 27, 2025 -
explicit registration with Trust Chain in a OpenID Federation OP
#40748 opened
Jun 27, 2025 -
Misconfigured Reset Credentials Flow allows immediate passwordless access
#40744 opened
Jun 26, 2025 -
CVE-2025-49574 - Exposure of Resource to Wrong Sphere vulnerability in io.vertx:vertx-core
#40736 opened
Jun 26, 2025 -
Help needed to access SSO within Keycloak
#40731 opened
Jun 26, 2025 -
Authorization -> Evaluate: always returns "No search results"
#40712 opened
Jun 25, 2025 -
Mention SHA1 is deprecated in the documentation
#40706 opened
Jun 25, 2025 -
Internal to external token exchange
#40704 opened
Jun 25, 2025 -
Remove the current conditionalUI authenticator
#40696 opened
Jun 24, 2025 -
Concurrent requests to /admin/realms/{}/users/{} can return a user as disabled.
#40689 opened
Jun 24, 2025 -
Remove workaround for PostgreSQL and Liquibase
#40687 opened
Jun 24, 2025 -
Keycloak JS CI - Admin UI - Firefox e2e tests failure
#40684 opened
Jun 24, 2025 -
Remove workaround for handling Syslog counting framing
#40683 opened
Jun 24, 2025 -
Inconsistency between UserModel.isMemberOf and RoleUtils.isMember (with LDAP involved)
#40680 opened
Jun 24, 2025 -
Redundant null checks - operator new. SAST
#40677 opened
Jun 24, 2025 -
Support synchronization of LDAP groups with the same cn but different parent OUs
#40675 opened
Jun 24, 2025 -
Incorrect types of collection arguments in CustomLockService. SAST
#40666 opened
Jun 23, 2025 -
KeycloakServerConfigBuilder - add -D property values into the startup
#40665 opened
Jun 23, 2025 -
Resources leak. SAST
#40660 opened
Jun 23, 2025 -
Possible Dereference of Null. SAST
#40659 opened
Jun 23, 2025 -
Organizations Authenticator : public IDP not displayed when user not existing and matching domain
#40649 opened
Jun 21, 2025 -
Hide client secret from clients admin API
#40646 opened
Jun 20, 2025 -
Use localtest.me instead of nip.io
#40645 opened
Jun 20, 2025 -
Choose User step in the Reset Password flow is not allowing to change the user
#40643 opened
Jun 20, 2025 -
Unusable (Dead) local storage. SAST
#40635 opened
Jun 20, 2025 -
Provide a docker image with krb-workstation installed
#40634 opened
Jun 20, 2025 -
Revoke previous action tokens for forgot password action
#40631 opened
Jun 20, 2025 -
Double check when working with multithreading. SAST
#40630 opened
Jun 20, 2025 -
Signs of fall-through behavior. SAST
#40629 opened
Jun 20, 2025 -
When editing protocol mappers, shows required properties
#40619 opened
Jun 19, 2025 -
Make protocol mapper name editable
#40617 opened
Jun 19, 2025 -
Issue: Unable to Restrict Client Login by Role — All Users Can Authenticate
#40616 opened
Jun 19, 2025 -
Fetch error occurs on "Associated roles" tab for admin role
#40613 opened
Jun 19, 2025 -
Exact searches should be the default when querying user by attributes in LDAP
#40609 opened
Jun 19, 2025 -
Account UI reports "Something went wrong" if user doesn't have permissions to view applications
#40603 opened
Jun 18, 2025 -
Account UI reports "Something went wrong" when opening an unknown path
#40602 opened
Jun 18, 2025 -
Customization of the Account UI via `content.json` is missing in the docs
#40600 opened
Jun 18, 2025 -
Upgrade to the Quarkus 3.24.2 version
#40592 opened
Jun 18, 2025 -
Upgrade to the next Quarkus 3.20.x patch release
#40591 opened
Jun 18, 2025 -
Missing Security Headers in Keycloak Server
#40589 opened
Jun 18, 2025 -
Manage Organization Roles
#40585 opened
Jun 18, 2025 -
Redundant null-checks in PolicyAdapter. SAST
#40578 opened
Jun 18, 2025 -
Unable to guarantee stable LDAP sync period in clustered environment
#40563 opened
Jun 17, 2025 -
User attributes should not be editable for user that does not have manage-users role
#40559 opened
Jun 17, 2025 -
Uploading JSON import in UI causes extreme lag or entirely unresponsive page since 26.1
#40557 opened
Jun 17, 2025 -
An error is displayed whenever you try to duplicate a group.
#40556 opened
Jun 17, 2025 -
[OAuth2.0 - Dynamic Client Registration] Add support for Software Statements
#40555 opened
Jun 17, 2025 -
Upgrade org.postgresql:postgresql to version 42.7.7 to address CVE-2025-49146
#40553 opened
Jun 17, 2025 -
Unreachable Code In IdentityBrokerService
#40548 opened
Jun 17, 2025 -
ENTITY_STATEMENT as TokenCategory for EntityStatement entity in Openid Federation and configuration
#40546 opened
Jun 17, 2025 -
26.2.5 Version missing on npmjs site for keycloak-js
#40523 opened
Jun 16, 2025 -
Edit identity provider: alias lost its greyed out design
#40521 opened
Jun 16, 2025 -
Selecting a federation using federationLink when creating a user
#40519 opened
Jun 16, 2025 -
keycloak26 import users
#40518 opened
Jun 16, 2025 -
Support for different key uses by authentication protocol
#40515 opened
Jun 16, 2025 -
OpenID Federation RP with explicit registration
#40512 opened
Jun 16, 2025 -
OpenID Federation OP with explicit registration
#40511 opened
Jun 16, 2025 -
Organization flow do not redirect when credentials exist
#40510 opened
Jun 16, 2025 -
OpenID Federation implementation
#40509 opened
Jun 16, 2025 -
keycloak/keycloak terraform openid audience protocol mapper -- error.
#40480 opened
Jun 13, 2025 -
'UPDATE_PASSWORD_ERROR' event not recorded on failed OTP setup
#40478 opened
Jun 13, 2025 -
Consistent Handling of User Attributes in Query Methods
#40470 opened
Jun 13, 2025 -
Display the time of the last use of a credential for a user
#40466 opened
Jun 12, 2025 -
Improve extensibility of custom AccountConsole endpoint handling
#40464 opened
Jun 12, 2025 -
Login to Account Console produces two consecutive LOGIN events
#40463 opened
Jun 12, 2025 -
Account UI ignores identity provider display order
#40461 opened
Jun 12, 2025 -
keycloak-admin-client: authenticationManagement.getRequiredActions should allowed passing realm parameter
#40453 opened
Jun 12, 2025 -
Ability to disable creation of default resource, policy and permission for new clients
#40447 opened
Jun 12, 2025 -
Identity provider with FORCE sync mode does not detect email deletion
#40434 opened
Jun 12, 2025 -
Can't update authentication flow
#40420 opened
Jun 11, 2025 -
Create ServiceMonitor via KC Operator
#40406 opened
Jun 11, 2025 -
Produce 'Logout' event in event listener provider when 'SSO Session Max' is reached
#40403 opened
Jun 11, 2025 -
Invalid OpenAPI spec for Admin REST
#40400 opened
Jun 11, 2025 -
ModelDuplicateException on next login after deleting an account and back-channel logout
#40398 opened
Jun 11, 2025 -
Write documentation for additional datasources
#40388 opened
Jun 10, 2025 -
Improve management of additional datasources
#40387 opened
Jun 10, 2025
176 Unresolved conversations
Sometimes conversations happen on old items that aren’t yet closed. Here is a list of all the Issues and Pull Requests with unresolved conversations.
-
Adds a KeycloakMdcLogFilter and MdcDefinitionSpi.
#39815 commented on
Jul 3, 2025 • 37 new comments -
Make bootstrap admins temporary conditionally
#40309 commented on
Jun 18, 2025 • 16 new comments -
Move UserTest.java to the new testsuite
#39805 commented on
Jun 24, 2025 • 10 new comments -
[OID4VCI] Limiting Client capabilities to OpenID Connect or OpenID4VCI
#39385 commented on
Jul 10, 2025 • 6 new comments -
Move PartialImportTest.java to the new testsuite
#40279 commented on
Jul 10, 2025 • 5 new comments -
Migrate FineGrainAdminUnitTest.java to the new testsuite
#40269 commented on
Jul 10, 2025 • 4 new comments -
Move UserStorageRestTest.java to the new testsuite
#40285 commented on
Jul 10, 2025 • 3 new comments -
Move IllegalAdminUpgradeTest.java to the new testsuite
#40282 commented on
Jul 10, 2025 • 3 new comments -
[Test framework] ConcurrencyTest migration
#37982 commented on
Jul 10, 2025 • 2 new comments -
Username to be displayed instead of user id with clickable link
#39640 commented on
Jun 23, 2025 • 1 new comment -
Add Swagger UI capability when running in dev mode + OpenAPI YAML/JSON
#39834 commented on
Jul 9, 2025 • 1 new comment -
Managing members from LDAP
#37401 commented on
Jul 7, 2025 • 0 new comments -
SCIM support
#13484 commented on
Jul 5, 2025 • 0 new comments -
External to internal token exchange
#38335 commented on
Jul 4, 2025 • 0 new comments -
"linked-accounts" endpoint displays all Identity providers
#19732 commented on
Jul 3, 2025 • 0 new comments -
Vert.x thread slow / stuck
#40225 commented on
Jul 3, 2025 • 0 new comments -
Set `automountServiceAccountToken: false` on Keycloak pods
#38843 commented on
Jul 3, 2025 • 0 new comments -
processGrantRequest taking upwards of 8s to run
#38780 commented on
Jul 3, 2025 • 0 new comments -
Add link to clients in UsedBy hint for auth-flows listing in admin ui
#40211 commented on
Jul 2, 2025 • 0 new comments -
Test migration utility
#37283 commented on
Jun 28, 2025 • 0 new comments -
Trusted Host don't set CORS headers in OIDC Client Registration
#39629 commented on
Jul 7, 2025 • 0 new comments -
Update docs how to verify that a cluster has formed
#40296 commented on
Jul 7, 2025 • 0 new comments -
Make forwarding of acr_values configurable for IdPs
#39813 commented on
Jul 7, 2025 • 0 new comments -
User enumeration prevention
#29346 commented on
Jul 8, 2025 • 0 new comments -
Run unit tests as part of Java Distribution IT
#16039 commented on
Jul 8, 2025 • 0 new comments -
Enforce commits to be linked to issues
#33340 commented on
Jul 8, 2025 • 0 new comments -
Enable unit tests for Java Distribution testing
#33510 commented on
Jul 8, 2025 • 0 new comments -
Compatibility profiles
#35650 commented on
Jul 8, 2025 • 0 new comments -
Enable branding without code changes
#34244 commented on
Jul 8, 2025 • 0 new comments -
Improve WebAuthn tests documentation
#10696 commented on
Jul 8, 2025 • 0 new comments -
Wrap-up Weblate translations for Keycloak 26.3 release
#40324 commented on
Jul 8, 2025 • 0 new comments -
Issues related to reset credentials flow
#39447 commented on
Jun 30, 2025 • 0 new comments -
The `Redirect URI` field on the broker settings it not based on the front-end URL set to the realm but to the master realm
#38826 commented on
Jun 30, 2025 • 0 new comments -
Manage-membership is not sufficient to add a user to a group
#38889 commented on
Jun 30, 2025 • 0 new comments -
Update MariaDB connector to 3.5.3
#39634 commented on
Jun 30, 2025 • 0 new comments -
Deprecate or remove SHA1 support
#32897 commented on
Jun 30, 2025 • 0 new comments -
Passkeys get not saved on Android devices
#32816 commented on
Jun 30, 2025 • 0 new comments -
Add mutable AuthnContextClassRef for SAML adapter
#22677 commented on
Jun 30, 2025 • 0 new comments -
Hide realm from endpoints, JWT issuer, URLs advertised in the well-known endpoint etc.
#12122 commented on
Jul 1, 2025 • 0 new comments -
Memory leak with v26.0.2 ?
#34397 commented on
Jul 1, 2025 • 0 new comments -
Organizations are not present in JSON realm export
#39334 commented on
Jul 1, 2025 • 0 new comments -
Analyse the impact of the `podTemplate` field removal
#40184 commented on
Jul 1, 2025 • 0 new comments -
Keycloak Organizations
#30180 commented on
Jul 1, 2025 • 0 new comments -
IdP redirect fails when user belongs to multiple organizations with organization:* scope
#39864 commented on
Jul 1, 2025 • 0 new comments -
Client-initiated account linking fails when user already has a federated identity
#35059 commented on
Jul 1, 2025 • 0 new comments -
Expand operator caching spec
#30217 commented on
Jul 1, 2025 • 0 new comments -
External IDP tokens are not refreshed automatically for OAuth2 & OIDC IDPs when retrieving the external token
#14644 commented on
Jul 2, 2025 • 0 new comments -
Defects Identified by Static Analysis
#40087 commented on
Jul 2, 2025 • 0 new comments -
[PERF] Property mappers initialization
#33955 commented on
Jul 2, 2025 • 0 new comments -
[PERF] Parse default ISPN configuration in the build time
#24246 commented on
Jul 2, 2025 • 0 new comments -
Add ability to inspect generated SAML response for SAML Clients
#30396 commented on
Jul 9, 2025 • 0 new comments -
Add FAPI 2.0 + DPoP security profile as default profile of client policies
#35443 commented on
Jun 26, 2025 • 0 new comments -
Add support for RFC 8707 OAuth2 Resource Indicators (#14355)
#35711 commented on
Jun 27, 2025 • 0 new comments -
Fixed alternative flow execution
#36082 commented on
Jun 13, 2025 • 0 new comments -
Add permissive mode for client policy
#38525 commented on
Jul 1, 2025 • 0 new comments -
fix: WebAuthNPasswordless authenticator is incorrectly sorted after all other authenticators in alternative flows
#39081 commented on
Jul 10, 2025 • 0 new comments -
Fix: Make ReadOnly non-editable when set to TRUE
#39171 commented on
Jun 25, 2025 • 0 new comments -
Add support for looking up client secrets via Vault SPI
#39650 commented on
Jun 11, 2025 • 0 new comments -
OpenTelemetry Tracing: Visualize JGroups communication
#39659 commented on
Jun 12, 2025 • 0 new comments -
Add IdP configuration to disable forwarding of the acr_values parameter
#39814 commented on
Jul 9, 2025 • 0 new comments -
Implemented OIDC Prefixed User Attribute Mapper
#39930 commented on
Jul 6, 2025 • 0 new comments -
Resolve home organization when requesting the scope for all organizations
#39977 commented on
Jul 10, 2025 • 0 new comments -
fix: adding mechanisms for an http health check
#40044 commented on
Jul 8, 2025 • 0 new comments -
feat: More flexible TOTP QR codes (#40091)
#40092 commented on
Jun 10, 2025 • 0 new comments -
make account use the ErrorBoundary
#40141 commented on
Jun 16, 2025 • 0 new comments -
Migrate IdentityProviderTest.java to the new testsuite
#40193 commented on
Jun 25, 2025 • 0 new comments -
Add generic update methods for builders
#40312 commented on
Jul 2, 2025 • 0 new comments -
MgmtPermissions.hasOneAdminRole causes NPE for token exchange request
#40348 commented on
Jun 12, 2025 • 0 new comments -
Pass IDP config values to themes
#40373 commented on
Jun 12, 2025 • 0 new comments -
Flaky test: org.keycloak.testsuite.cluster.PermissionTicketInvalidationClusterTest#crudWithFailover
#39854 commented on
Jul 8, 2025 • 0 new comments -
Picture of the token-exchange flow in the documentation
#39881 commented on
Jul 8, 2025 • 0 new comments -
Organization with Identity Provider allowing login with password
#39033 commented on
Jul 9, 2025 • 0 new comments -
Better handling of Rolling configuration updates
#38862 commented on
Jul 9, 2025 • 0 new comments -
Passkeys support
#23656 commented on
Jul 9, 2025 • 0 new comments -
[OID4VCI] Implementing support for OID4VCI ID2 Draft 15
#39273 commented on
Jul 9, 2025 • 0 new comments -
Refresh token issuer check configurable
#26017 commented on
Jul 9, 2025 • 0 new comments -
Improve operator user experience with customized operand images
#34637 commented on
Jul 9, 2025 • 0 new comments -
when it fails to export realm with docker container
#33800 commented on
Jul 9, 2025 • 0 new comments -
Make Update Email a supported feature
#39722 commented on
Jul 9, 2025 • 0 new comments -
Review and update the documentation regarding the UPDATE EMAIL feature
#40226 commented on
Jul 9, 2025 • 0 new comments -
Full avatar support
#33718 commented on
Jul 10, 2025 • 0 new comments -
Integrate support for Windows Integrated Security
#35589 commented on
Jul 10, 2025 • 0 new comments -
Allow ampersands in first and last names in the PersonNameProhibitedCharactersValidator class
#37059 commented on
Jul 10, 2025 • 0 new comments -
[keycloak-js] loginHint not working on "keycloak.login(options)"
#12864 commented on
Jul 10, 2025 • 0 new comments -
Brute force detection for client credentials (confidential clients)
#30077 commented on
Jul 10, 2025 • 0 new comments -
Mass User Actions and Default List Size
#17738 commented on
Jul 10, 2025 • 0 new comments -
hide scopes from scopes_supported in discovery endpoint
#10409 commented on
Jun 25, 2025 • 0 new comments -
Adding client_id as prefix in client roles mapper
#25156 commented on
Jul 6, 2025 • 0 new comments -
Add serviceaccount option on keycloak CR
#28728 commented on
Jun 12, 2025 • 0 new comments -
Improve multivalued tooltip for organization membership mapper
#34164 commented on
Jun 12, 2025 • 0 new comments -
Display transport media for WebAuthn authenticators in Account console
#10063 commented on
Jun 12, 2025 • 0 new comments -
[UX Review] Optimize the number box in the Time-policy creation page of client Authorization
#17758 commented on
Jun 12, 2025 • 0 new comments -
Remove unnecessary conditions from code
#17770 commented on
Jun 12, 2025 • 0 new comments -
Caught errors should have the correct type associated with them
#17771 commented on
Jun 12, 2025 • 0 new comments -
[UX Review] Optimize the initial page of Keys in OIDC client
#17762 commented on
Jun 12, 2025 • 0 new comments -
Replace `use-react-router-breadcrumbs` with React Router's implementation
#19309 commented on
Jun 12, 2025 • 0 new comments -
Execute action email link - direct to the action itself
#25719 commented on
Jun 12, 2025 • 0 new comments -
Use browser router instead of hash router for admin ui
#32979 commented on
Jun 12, 2025 • 0 new comments -
Organizations: Assign Identity Provider to more than one organization.
#31705 commented on
Jun 13, 2025 • 0 new comments -
Selecting value in combobox not default listed
#40246 commented on
Jun 13, 2025 • 0 new comments -
[OID4VCI] Return the new `invalid_nonce` error if proofs are invalid because of an invalid nonce
#39292 commented on
Jun 13, 2025 • 0 new comments -
Config option to specify the number of trusted proxies in proxy=edge mode
#13261 commented on
Jun 13, 2025 • 0 new comments -
Quarkus not respecting java.io.tmpdir due to wrong path determination order
#37533 commented on
Jun 13, 2025 • 0 new comments -
Allow the target attribute on <a> in the kcSanitize
#28846 commented on
Jun 16, 2025 • 0 new comments -
Automatically disable dormant users.
#11800 commented on
Jun 16, 2025 • 0 new comments -
Update `authentication_test.spec.ts` to take Organization related authentication steps into account
#33077 commented on
Jun 16, 2025 • 0 new comments -
Custom UI Tab Incorrectly Displayed Under Multiple Tabs
#38078 commented on
Jun 16, 2025 • 0 new comments -
multivaluedHelp text truncated
#39750 commented on
Jun 16, 2025 • 0 new comments -
[DPoP] Implementing DPoP nonce
#39042 commented on
Jun 17, 2025 • 0 new comments -
Keycloak tests framework - Invalid driver parameters with recent Chrome versions
#40289 commented on
Jun 17, 2025 • 0 new comments -
Deprecate the `podTemplate` field
#40185 commented on
Jun 10, 2025 • 0 new comments -
Admin API v2: Blueprint
#39221 commented on
Jun 10, 2025 • 0 new comments -
Allow custom labels on Operator Ingress
#37363 commented on
Jun 10, 2025 • 0 new comments -
Enhanced migration story
#37356 commented on
Jun 10, 2025 • 0 new comments -
DN validation of reverse proxy
#35858 commented on
Jun 10, 2025 • 0 new comments -
Add Client CR MVP
#31300 commented on
Jun 10, 2025 • 0 new comments -
Add basic smoke tests for Admin and Account consoles when running behind a proxy
#30828 commented on
Jun 10, 2025 • 0 new comments -
Harden configuration of default image coordinates when building the Operator
#27733 commented on
Jun 10, 2025 • 0 new comments -
Configurable transaction timeouts with categories
#26889 commented on
Jun 10, 2025 • 0 new comments -
Analyze possible improvements for startup time and after-start memory footprint
#23730 commented on
Jun 10, 2025 • 0 new comments -
Keycloak Installation in disconnected Environments fails
#15562 commented on
Jun 10, 2025 • 0 new comments -
Enhancements to logging config
#10618 commented on
Jun 10, 2025 • 0 new comments -
Support for DB tests with XA enabled
#39192 commented on
Jun 10, 2025 • 0 new comments -
"reset credentials" flow should not work if email is unverified (or set the user's email as verified automatically)
#37410 commented on
Jun 11, 2025 • 0 new comments -
[Login UI] Password Strength Indicator
#23573 commented on
Jun 11, 2025 • 0 new comments -
feat(metrics): add label `application` to metrics generated by `keycloak`
#36280 commented on
Jun 11, 2025 • 0 new comments -
Support for running Keycloak as a Windows Service
#37704 commented on
Jun 11, 2025 • 0 new comments -
Write a guide about starting the server as a systemd service
#10357 commented on
Jun 11, 2025 • 0 new comments -
Binary data stored in UiTabProvider ComponentModel is retrieved as corrupted String
#39557 commented on
Jun 11, 2025 • 0 new comments -
[FGAP] Add map-roles-members scope to group resource type
#38806 commented on
Jun 12, 2025 • 0 new comments -
Built-in authentication flows are not updated for KC 26
#36593 commented on
Jun 12, 2025 • 0 new comments -
Allow JSON logging exception output type
#17410 commented on
Jun 12, 2025 • 0 new comments -
Read secrets from files
#10816 commented on
Jun 24, 2025 • 0 new comments -
[OID4VCI] Return `credential_identifiers` in the Token Response as per the spec and enable later use in the Credential Request
#39279 commented on
Jun 24, 2025 • 0 new comments -
Support for subgroups when evaluating permissions for the parent group
#38696 commented on
Jun 24, 2025 • 0 new comments -
Forbidden message if there are no any required roles in Admin Console
#40255 commented on
Jun 25, 2025 • 0 new comments -
Filter out users based on the permissions when listing users in roles
#40200 commented on
Jun 25, 2025 • 0 new comments -
Add option "Requires short state parameter" to OIDC IDP
#40237 commented on
Jun 25, 2025 • 0 new comments -
Extend validation in admin endpoints
#26731 commented on
Jun 25, 2025 • 0 new comments -
Move to single approach for setting `Robots` specifications: prefer `X-Robots-Tag` header to `<meta>` tags
#34206 commented on
Jun 25, 2025 • 0 new comments -
Add a mapper to manage accountExpires attribute in AD
#36702 commented on
Jun 25, 2025 • 0 new comments -
Align JwtClient authentication with latest OIDC spec updates
#38751 commented on
Jun 25, 2025 • 0 new comments -
Remove log4j 1.x usage
#27932 commented on
Jun 25, 2025 • 0 new comments -
Map iterators usage optimization. SAST
#40064 commented on
Jun 25, 2025 • 0 new comments -
Clone a realm through interface
#24770 commented on
Jun 25, 2025 • 0 new comments -
Allow LDAP redundancy when configuring multiple url's
#31605 commented on
Jun 25, 2025 • 0 new comments -
Gender mismatch in Spanish and Catalan string
#40071 commented on
Jun 26, 2025 • 0 new comments -
Disabling a User Does Not Remove Sessions, and User Deletion Does Not Trigger Logout Requests
#37981 commented on
Jun 26, 2025 • 0 new comments -
Zero-downtime Keycloak patch release upgrades for OpenID Connect interactions
#38881 commented on
Jun 26, 2025 • 0 new comments -
Disable OTP input field after multiple failed attempts
#40266 commented on
Jun 26, 2025 • 0 new comments -
Impersonate does not work with separate admin hostname
#10655 commented on
Jun 27, 2025 • 0 new comments -
Add filter to include/fill MDC with request specific data for json logging
#39812 commented on
Jun 27, 2025 • 0 new comments -
Review Content Security Policy (CSP)
#16277 commented on
Jun 27, 2025 • 0 new comments -
Support wildcard for port in redirect URI
#39880 commented on
Jun 28, 2025 • 0 new comments -
Allow setting the number of owners via a cache option
#10875 commented on
Jun 17, 2025 • 0 new comments -
Add support for `reencrypt` OpenShift Routes to the Operator
#20128 commented on
Jun 17, 2025 • 0 new comments -
No documentation how to clear caches via the Admin UI
#40370 commented on
Jun 17, 2025 • 0 new comments -
When click on the Help text for a profile attribute, HTML is not rendered
#40247 commented on
Jun 17, 2025 • 0 new comments -
Incorrect mapping of NameID in User Template Importer
#40097 commented on
Jun 17, 2025 • 0 new comments -
[Operator] Use TLS secret for Ingress
#34777 commented on
Jun 17, 2025 • 0 new comments -
Random but frequent duplicate key value violates unique constraint \"constraint_offl_us_ses_pk2\" errors
#40374 commented on
Jun 17, 2025 • 0 new comments -
group.spec.ts does not contain example of how to add attributes while creating groups
#16947 commented on
Jun 17, 2025 • 0 new comments -
OIDC Username Template Importer can clear username blocking any further action on user
#40321 commented on
Jun 18, 2025 • 0 new comments -
[OID4VCI] Understand key attestations as additional information to jwt proofs or as per new attestation proof type (for Key binding)
#39287 commented on
Jun 18, 2025 • 0 new comments -
High Availability guides should make distinction between single-site and multi-site deployments
#30095 commented on
Jun 18, 2025 • 0 new comments -
Registration not possible when using multiselect-checkboxes as required field
#40174 commented on
Jun 18, 2025 • 0 new comments -
Groups should be able to have multiple parents
#11752 commented on
Jun 19, 2025 • 0 new comments -
Missing fine-grained ability to grant permission to impersonate member of a specific role
#40277 commented on
Jun 19, 2025 • 0 new comments -
Export fails with an unexpected error if the realm does not exist
#39122 commented on
Jun 19, 2025 • 0 new comments -
Provide default krb5.conf in Docker image or extend migration docs
#32527 commented on
Jun 20, 2025 • 0 new comments -
Allow to map e-mail (as username) with "Username Template Importer" for SAML IDP
#31985 commented on
Jun 20, 2025 • 0 new comments -
Web Crypto API not available in `login-status-iframe.html` when using admin console from insecure context
#37355 commented on
Jun 20, 2025 • 0 new comments -
Admin console "Sessions" screen performance degradation when large number of sessions
#38813 commented on
Jun 23, 2025 • 0 new comments -
Realm session list doesn't show user sessions without a client session
#38747 commented on
Jun 23, 2025 • 0 new comments -
Flaky test: org.keycloak.testsuite.cluster.JGroupsCertificateRotationClusterTest#testCoordinatorHasScheduleTask
#39091 commented on
Jun 23, 2025 • 0 new comments -
LDAP expects fixed attribute pwdchangedtime attribute for last password change
#39837 commented on
Jun 24, 2025 • 0 new comments