Keycloak 11.0.0 released

Wednesday, July 22 2020

To download the release go to Keycloak downloads.

Highlights

LDAPv3 password modify operation

Support for LDAPv3 password modify operation was added. Also the ability in the admin console to request metadata from the configured LDAP server to see if it supports LDAPv3 password modify operation.

Thanks to cachescrubber

Namespace support for LDAP group mapper

Namespace support for LDAP group mapper allows you to map groups from LDAP under specified branch (namespace) of the Keycloak groups tree. Previously groups from LDAP were always added as the top level groups in Keycloak.

Thanks to Torsten Juergeleit

Upgrade to WildFly 20

Keycloak server was upgraded to use WildFly 20.0.1.Final under the covers. For more details, please take a look at Upgrading Guide.

Other improvements

  • Support for client offline session lifespan. Thanks to Yoshiyuki Tabata

  • Czech translation. Thanks to Jakub Knejzlík

  • Possibility to fetch additional fields from the Facebook identity provider. Thanks to Bartosz Siemieńczuk

  • Support for AES 192 and AES 256 algorithms used for signed and encrypted ID tokens. Thanks to Takashi Norimatsu

  • Ability to specify signature algorithm in Signed JWT Client Authentication. Thanks to Takashi Norimatsu

All resolved issues

The full list of resolved issues are available in JIRA

Upgrading

Before you upgrade remember to backup your database and check the upgrade guide for anything that may have changed.