v5.5.0

What's Changed

• chore(deps): bump github.com/golang-jwt/jwt/v5 from 5.2.3 to 5.3.0 by @dependabot[bot] in #1269
• chore(deps): bump golang.org/x/net from 0.42.0 to 0.43.0 by @dependabot[bot] in #1271
• chore(deps): bump goreleaser/goreleaser-action from 6.3.0 to 6.4.0 in /.github/workflows by @dependabot[bot] in #1275
• chore(deps): bump actions/checkout from 4 to 5 in /.github/workflows by @dependabot[bot] in #1276
• chore(deps): bump org.jetbrains.kotlin.jvm from 2.2.0 to 2.2.10 in /custom-user-federation-example by @dependabot[bot] in #1278
• chore(deps): bump gradle/actions from 4.4.1 to 4.4.2 in /.github/workflows by @dependabot[bot] in #1272
• Update gradle version to 9.0.0 by @sschu in #1291
• chore(deps): bump com.gradleup.shadow from 8.3.8 to 9.1.0 in /custom-user-federation-example by @dependabot[bot] in #1288
• Update to KC 26.3.3 by @sschu in #1292
• chore: added documentation of standard_token_exchange_enabled and allow_refresh_token_in_standard_token_exchange by @eicki in #1296
• Document client roles in default roles by @ingokuba in #1295
• chore(deps): bump actions/github-script from 7 to 8 in /.github/workflows by @dependabot[bot] in #1303
• chore(deps): bump actions/setup-go from 5 to 6 in /.github/workflows by @dependabot[bot] in #1302
• feat: add admin url variable to separate authn and admin api urls (forked and added reviewer suggestions) by @au-ee in #1305
• feat: update go toolchain to 1.24.4 by @LaughDonor in #1307
• provider/github: init OIDC provider for GitHub by @RaitoBezarius in #1281
• docs: add keycloak built-in required actions docs by @Download in #1308
• chore(deps): bump org.jetbrains.kotlin.jvm from 2.2.10 to 2.2.20 in /custom-user-federation-example by @dependabot[bot] in #1313
• chore(deps): bump gradle/actions from 4.4.2 to 4.4.3 in /.github/workflows by @dependabot[bot] in #1311
• Update to KC 26.3.4 by @thomasdarimont in #1316
• Add support for mtls client cert auth by @thomasdarimont in #1317
• Fix path for realm_localization documentation by @ingokuba in #1314
• feat: Add support for authentication with provided Keycloak Access Token (#1319) by @thomasdarimont in #1320
• chore: Update terraform version in CI to 1.13.3 by @thomasdarimont in #1321
• Update golang to 1.24, golang.org/x/net to v.0.44.0 and terraform-plu… by @sschu in #1322
• Add OAUTH authentication option to SMTP servers by @lucymcphail in #1293
• chore(deps): bump com.gradleup.shadow from 9.1.0 to 9.2.2 in /custom-user-federation-example by @dependabot[bot] in #1330
• fix: Add missing standard_flow_enabled to OIDC client examples (#1325) by @thomasdarimont in #1326
• chore(deps): bump gradle/actions from 4.4.3 to 5.0.0 in /.github/workflows by @dependabot[bot] in #1336
• Update KC 26.3.5 and KC 26.4.0 by @thomasdarimont in #1340
• fix: handles arrays and maps in client policy conditions (#1256) by @remcojansen in #1338
• [issue-1328] Add support for sub mapper by @ethan-k in #1323
• chore(deps): bump github/codeql-action from 3 to 4 in /.github/workflows by @dependabot[bot] in #1348
• chore(deps): bump golang.org/x/net from 0.44.0 to 0.46.0 by @dependabot[bot] in #1347
• Update to version 5.5.0 by @sschu in #1349

New Contributors

• @eicki made their first contribution in #1296
• @ingokuba made their first contribution in #1295
• @au-ee made their first contribution in #1305
• @LaughDonor made their first contribution in #1307
• @RaitoBezarius made their first contribution in #1281
• @Download made their first contribution in #1308
• @lucymcphail made their first contribution in #1293
• @remcojansen made their first contribution in #1338
• @ethan-k made their first contribution in #1323

Full Changelog: v5.4.0...v5.5.0

v5.4.0

What's Changed

• chore(deps): bump golang.org/x/net from 0.41.0 to 0.42.0 by @dependabot[bot] in #1247
• Add RSA_SHAxxx_MGF1 signature algorithms to SAML identity provider config by @yrd in #1199
• Add import instructions & example for client_scope by @ajoga in #1248
• docs: add example to keycloak_custom_identity_provider_mapper docs about how use the group mapper by @KyriosGN0 in #1251
• Fix/1246 group names with slash dont work by @sschu in #1252
• docs: Add mention of keycloak_authentication_bindings to realm authentication settings by @thomasdarimont in #1255
• Add support for fetchRoles in keycloak_openid_client_role_policy resource by @elshirak in #1241
• Support signed jwt client auth type by @tuankiettruong in #1250
• Update to KC26.3.2 (#1259) by @thomasdarimont in #1260
• Rename realm_client_policy_profile_profile.md by @mawenge in #1249
• chore(deps): bump github.com/golang-jwt/jwt/v5 from 5.2.2 to 5.2.3 by @dependabot[bot] in #1261
• Update to version 5.4 by @sschu in #1263

New Contributors

• @yrd made their first contribution in #1199
• @ajoga made their first contribution in #1248
• @elshirak made their first contribution in #1241
• @mawenge made their first contribution in #1249

Full Changelog: v5.3.0...v5.4.0

v5.3.0

What's Changed

• chore(deps): bump dario.cat/mergo from 1.0.1 to 1.0.2 by @dependabot[bot] in #1196
• chore(deps): bump golang.org/x/net from 0.39.0 to 0.40.0 by @dependabot[bot] in #1197
• chore(deps): bump org.jetbrains.kotlin.jvm from 2.1.20 to 2.1.21 in /custom-user-federation-example by @dependabot[bot] in #1203
• chore(deps): bump github.com/hashicorp/terraform-plugin-sdk/v2 from 2.36.1 to 2.37.0 by @dependabot[bot] in #1202
• chore(deps): bump gradle/actions from 4.3.1 to 4.4.0 in /.github/workflows by @dependabot[bot] in #1204
• Add support for ephemeral/write-only arguments for keycloak_oidc_identity_provider & keycloak_openid_client by @refucktor in #1190
• Update to KC26.2.5 by @sschu in #1214
• Docs: Updated Markdown to format correctly by @bubbletroubles in #1201
• chore(deps): bump golang.org/x/net from 0.40.0 to 0.41.0 by @dependabot[bot] in #1216
• chore(deps): bump github.com/cloudflare/circl from 1.6.0 to 1.6.1 by @dependabot[bot] in #1219
• Add support for Standard Token Exchange configuration in OpenID Clients by @sventorben in #1189
• chore(deps): bump gradle/actions from 4.4.0 to 4.4.1 in /.github/workflows by @dependabot[bot] in #1220
• feat(protocol-mapper): add "add to token introspection" flag for realm role protocol mapper by @maxjoehnk in #947
• Add support for disableTypeClaimCheck by @ybasket in #1181
• optimize resolving ParentId property with group-by-path API by @kherock in #1225
• Feat: support organization feature by @tuankiettruong in #1209
• feat: Enable importing user by username by @viniciusd in #1113
• Use the ID from the user imported via username by @viniciusd in #1228
• chore(deps): bump org.jetbrains.kotlin.jvm from 2.1.21 to 2.2.0 in /custom-user-federation-example by @dependabot[bot] in #1231
• chore(deps): bump com.gradleup.shadow from 8.3.6 to 8.3.7 in /custom-user-federation-example by @dependabot[bot] in #1230
• Removed feature override so KC_FEATURES environment variable is used … by @sschu in #1232
• expose EnableStandardTokenExchange and allow refresh token in standard token exchange in keycloak_openid_client by @KyriosGN0 in #1229
• feat: Add new resources for realm client policy profiles by @laureat-natzka in #1138
• chore(deps): bump github.com/hashicorp/go-retryablehttp from 0.7.7 to 0.7.8 by @dependabot[bot] in #1224
• Openid client secret rotation by @laureat-natzka in #1234
• chore(deps): bump com.gradleup.shadow from 8.3.7 to 8.3.8 in /custom-user-federation-example by @dependabot[bot] in #1237
• 1235 update for KC26.3.0 by @sschu in #1236
• feat: support role IDs in default role resource by @horus in #764
• 1242 update to KC26.3.1 by @sschu in #1243
• Update to version 5.3 by @sschu in #1244

New Contributors

• @refucktor made their first contribution in #1190
• @bubbletroubles made their first contribution in #1201
• @sventorben made their first contribution in #1189
• @maxjoehnk made their first contribution in #947
• @ybasket made their first contribution in #1181
• @tuankiettruong made their first contribution in #1209
• @viniciusd made their first contribution in #1113
• @KyriosGN0 made their first contribution in #1229
• @horus made their first contribution in #764

Full Changelog: v5.2.0...v5.3.0

v5.2.0

What's Changed

• Feature/423 add hardcoded attribute mapper by @angeloxx in #950
• 1091 fixed provider crash with initial_login set to false by @sschu in #1097
• 1100 run ci on release branches by @sschu in #1101
• 1099 fix multi-valued user attributes cannot be enabled by @sschu in #1106
• doc: fix token exchange doc urls by @emouty in #1105
• Adds support for the ExcludeIssuerFromAuthResponse option on OpenIdClient by @sebght in #934
• feat: Add option to configure always_display_in_console for clients by @mchittka in #1114
• Feature/keycloak_required_action config values by @laureat-natzka in #996
• feat: add all supported alogithms for rsa-enc keystore by @tboerger in #1092
• feat: add consent required flag on saml clients by @frpicard in #1130
• fix: fix the wrong error return value by @drawdrop in #1134
• 1093 added support for KC26.1.0 by @sschu in #1094
• fix: Render json null to indicate an empty value of type KeycloakSliceHashDelimited (#1142). by @thomasdarimont in #1144
• feat: add openid_client_authorization_client_scope_policy resource by @fitbeard in #1128
• chore(deps): bump golang.org/x/net from 0.33.0 to 0.36.0 by @dependabot in #1145
• feat: add realm translation resource by @jonathandavies-CS in #1123
• 1146 removed vulnerable github action tj-actions/changed-files by @sschu in #1147
• 1149 update to KC26.1.4 by @sschu in #1150
• Fixed SHA commit values for non-GH GH actions by @sschu in #1151
• Create dependabot.yml by @sschu in #1152
• chore(deps): bump com.gradleup.shadow from 8.3.0 to 8.3.6 in /custom-user-federation-example by @dependabot in #1157
• Feature/update go 1.23 by @sschu in #1158
• chore(deps): bump org.jetbrains.kotlin.jvm from 2.0.20 to 2.1.10 in /custom-user-federation-example by @dependabot in #1156
• chore(deps): bump org.jetbrains.kotlin.jvm from 2.1.10 to 2.1.20 in /custom-user-federation-example by @dependabot in #1160
• fix: reuse TCP Connection by @Filirom1 in #1163
• Retry on timeout, when server doesn't respond by @Filirom1 in #1161
• chore(deps): bump crazy-max/ghaction-import-gpg from 6.2.0 to 6.3.0 in /.github/workflows by @dependabot in #1168
• chore(deps): bump gradle/actions from 4.3.0 to 4.3.1 in /.github/workflows by @dependabot in #1167
• chore(deps): bump golang.org/x/net from 0.37.0 to 0.38.0 by @dependabot in #1165
• chore(deps): bump goreleaser/goreleaser-action from 6.2.1 to 6.3.0 in /.github/workflows by @dependabot in #1166
• Increase MaxIdleConnsPerHost in http.Transport by @Filirom1 in #1169
• Add tests for saml aggregate attributes by @robson90 in #1171
• fix: Typo in realm_keys.md by @simonregn in #1174
• Allow the alias of Google IdP to be set by @irby in #1177
• chore(deps): bump golang.org/x/net from 0.38.0 to 0.39.0 by @dependabot in #1183
• feat: add identity provider hardcoded group mapper by @gkfabs in #886
• feat: Support extra_origins in web_authn_policy and web_authn_passwordless_policy by @thomasdarimont in #1173
• Update to version 5.2 by @sschu in #1185

New Contributors

• @angeloxx made their first contribution in #950
• @emouty made their first contribution in #1105
• @sebght made their first contribution in #934
• @mchittka made their first contribution in #1114
• @laureat-natzka made their first contribution in #996
• @tboerger made their first contribution in #1092
• @frpicard made their first contribution in #1130
• @drawdrop made their first contribution in #1134
• @fitbeard made their first contribution in #1128
• @jonathandavies-CS made their first contribution in #1123
• @simonregn made their first contribution in #1174
• @irby made their first contribution in #1177
• @gkfabs made their first contribution in #886

Full Changelog: v5.1.0...v5.2.0

v5.1.1

What's Changed

• 1100 run ci on release branches by @sschu in #1102
• 1091 fixed provider crash with initial_login set to false by @sschu in #1103
• 1099 fix multi-valued user attributes cannot be enabled by @sschu in #1107
• Update to version 5.1.1 by @sschu in #1109

Full Changelog: v5.1.0...v5.1.1

v5.1.0

What's Changed

• chore: Remove temporary note from readme.md by @thomasdarimont in #1068
• Ignore changes on markdown files in pipeline triggers by @sschu in #1070
• fix: allow definition of multivalued user profile attributes by @thomasdarimont in #1071
• chore: fixed deprecation warning in release pipeline by @sschu in #1072
• Updated KC26 version to KC26.0.8 by @sschu in #1075
• Add aggregate attributes flag to keycloak_saml_user_attribute_protocol_mapper by @robson90 in #1080
• 1073 add organization setting to realm by @sschu in #1076
• refactor: speed up audience mapper validation by @sybereal in #961
• feat: allow configuration of display_name for oidc identity providers by @bnjns in #1033
• Configure default and optional client scopes per realm via dedicated resources by @pboehm in #1079
• 1067 Add first broker login flow to authentication flow bindings by @sschu in #1084
• Update to version 5.0.1 by @sschu in #1087
• Update to version 5.1.0 by @sschu in #1088

New Contributors

• @robson90 made their first contribution in #1080
• @sybereal made their first contribution in #961
• @bnjns made their first contribution in #1033
• @pboehm made their first contribution in #1079

Full Changelog: v5.0.0...v5.1.0

v5.0.0

What's Changed

• feat: add support for keycloak version up to current (26.0.7) by @sschum in #1028
• chore: update golang.org/x/net and golang.org/x/crypto by @AbrohamLincoln in #1034
• Update index.md: The default client timeout is 15 seconds by @giner in #1018
• Small readme fixed and version updates by @sschu in #1035
• Fix user & userprofile tests by @denniskniep in #1042
• feat:(roles): Importable role by rolename by @denniskniep in #1043
• feat(user): Importable user by username by @denniskniep in #1041
• feat(authFlow): added optional priority by @denniskniep in #1040
• Update expired certificates by @sschu in #1045
• Fixed examples and user-federation-example by @denniskniep in #1039
• feat: Recognise the 'apple' provider ID in attribute importer mapper by @greed42 in #1036
• Updated example to KC26.0.7 by @sschu in #1046
• Add support for remote debugging by @thomasdarimont in #1048
• Updated dependencies by @sschu in #1051
• Code cleanups by @thomasdarimont in #1050
• Prevent force replacing resources when import value in state is nil by @kherock in #1054
• fix: Revise Keycloak environment handling (#1061) by @thomasdarimont in #1062
• fix: Revise Keycloak debugging configuration (#1059) by @thomasdarimont in #1060
• chore: Ignore local scratch dir by @thomasdarimont in #1063
• Add attribute_force_default to ldap_user_attribute_mapper by @Vincevrp in #1057
• chore: remove KC21.1.2 from ci by @sschu in #1065

New Contributors

• @sschum made their first contribution in #1028
• @giner made their first contribution in #1018
• @denniskniep made their first contribution in #1042
• @greed42 made their first contribution in #1036
• @Vincevrp made their first contribution in #1057

Full Changelog: v4.5.0...v5.0.0

v4.5.0

Update release.yml

Signed-off-by: Stian Thorgersen <[email protected]>

v4.4.0

Release Notes

v4.3.1

Release Notes