We've just released Keycloak 3.4.0.CR1.
To download the release go to the Keycloak homepage.
The token exchange service allows clients to exchange tokens for different tokens. There's quite a few options available so check out the docs for more details.
Fine-grained permissions for admin endpoints
By leveraging our authorization services we've made it possible to control permissions in the admin endpoints almost exactly how you want. For more details check the docs.
A lot more work has gone into this release around cross DC support. Docs are still not ready and there's still some minor polish left. This will come soon.
Upgraded to WildFly 11 Final
We've upgraded the underlying container to WildFly 11 Final.
Support MySQL and PostgreSQL in main Keycloak Docker image
We used to have separate Docker images for MySQL and PostgreSQL, but now we have one that supports them all.
Our docs used to be built and hosted on GitBook. We've recently moved to using pure AsciiDoctor to build the docs. The main reason behind this move was to closer align with how we build documentation for the productized version of Keycloak (RH-SSO).
- Script based protocol mapper for OIDC - thanks to thomasdarimont
- Blacklisted password policy- thanks to thomasdarimont
- Login with PayPal - thanks to petlys
- Almost 200 - we almost resolved 200 issues for this one (197!)
The full list of resolved issues is available in JIRA.
Before you upgrade remember to backup your database and check the upgrade guide for anything that may have changed. Release candidates are not recommended in production and we do not support upgrading from release candidates.