Keycloak 21.1.2 released
June 28 2023
This post is more than one year old. The contents within the blog is likely to be out of date.
To download the release go to Keycloak downloads.
Release notes
Changes in validating schemes for valid redirect URIs
If an application client is using non http(s) custom schemes, from now on the validation requires that a valid redirect pattern explicitly allows that scheme. Example patterns for allowing custom scheme are custom:/test, custom:/test/* or custom:*. For security reasons a general pattern like * does not cover them anymore.
Upgrading
Before upgrading refer to the migration guide for a complete list of changes.
All resolved issues
Enhancements
- #20613 Avoid using user property mapper when resolving root user attributes keycloak
Bugs
- #17165 Issue with "User-Initiated Action Lifespan" keycloak admin/ui
- #19080 Vulnerable packages and or dependencies found in keycloak 21.0.1 quarkus distribution keycloak dist/quarkus
- #19286 CVE-2022-1471 keycloak dependencies
- #19491 Cannot set initial password for new users when using a custom UserFederation keycloak
- #19689 SAML Encryption: Missing Support for http://www.w3.org/2009/xmlenc11#rsa-oaep keycloak saml
- #19835 Keycloak issues on edge and after chrome upgarde to 112 (with experimental features) keycloak oidc
- #19865 Enabling Dynamic Scope missing in UI keycloak admin/ui
- #19879 Incorrect function is used in 'keycloak-admin-client' library in getToken function keycloak adapter/javascript
- #19883 Saving client admin-cli in master realm gives a javascript error keycloak admin/ui
- #19966 Paginating on the group tree view doesn't work keycloak admin/ui
- #19974 Dropdown options on Documentation pointing to 21.1 endpoint instead of latest and throwing 404 when clicking on it. keycloak docs
- #19981 Keycloak 21.1.1: Paging and filtering not working in "Assign roles" popup for Groups keycloak admin/ui
- #19999 Keycloak 21.1.1: filter on Sessions gets stuck keycloak admin/ui
- #20032 Processing of env variable references in config file broken keycloak dist/quarkus
- #20068 LDAP Mapper Action Menu Error keycloak admin/ui
- #20087 Event-Type: "User info request error" does not work keycloak admin/ui
- #20096 Create new user UI: username is not marked with an asterisk keycloak admin/ui
- #20140 role filter has no effect on roles list keycloak admin/ui
- #20143 required fields don't show errors when user profile is enabled keycloak account/ui
- #20258 OTP devices are not shown in the admin UI keycloak admin/ui
- #20307 Test `InternationalizationTest` fails in CI keycloak testsuite
- #20370 Deleting a client scope in the Admin UI should redirect to the list of ClientScopes keycloak admin/ui
- #20379 SAML Protocol Mapper's NameIDFormat is null keycloak admin/ui
- #20515 Headers is not defined keycloak admin/client-js
- #20663 Fix for certificate revalidation keycloak