Wednesday, July 22 2020
To download the release go to Keycloak downloads.
Support for LDAPv3 password modify operation was added. Also the ability in the admin console to request metadata from the configured LDAP server to see if it supports LDAPv3 password modify operation.
Thanks to cachescrubber
Namespace support for LDAP group mapper allows you to map groups from LDAP under specified branch (namespace) of the Keycloak groups tree. Previously groups from LDAP were always added as the top level groups in Keycloak.
Thanks to Torsten Juergeleit
Keycloak server was upgraded to use WildFly 20.0.1.Final under the covers. For more details, please take a look at Upgrading Guide.
JSESSIONID cookie is necessary for correct behavior of the Keycloak SAML adapter.
Usage of a different value is causing resetting of the container’s session with each request to Keycloak, when
the SAML POST binging is used. Refer to the following steps for
Tomcat to keep the correct behavior. Notice, that this
workaround should be working also with the previous versions of the adapter.
Support for client offline session lifespan. Thanks to Yoshiyuki Tabata
Czech translation. Thanks to Jakub Knejzlík
Possibility to fetch additional fields from the Facebook identity provider. Thanks to Bartosz Siemieńczuk
Support for AES 192 and AES 256 algorithms used for signed and encrypted ID tokens. Thanks to Takashi Norimatsu
Ability to specify signature algorithm in Signed JWT Client Authentication. Thanks to Takashi Norimatsu
The full list of resolved issues are available in JIRA
Before you upgrade remember to backup your database and check the upgrade guide for anything that may have changed.