UNCLASSIFIED - NO CUI

Skip to content

Update to v21.1.2

Marcus Montgomery requested to merge update-to-v21.1.2 into main

General MR

Summary

Keycloak update to 21.1.2

There is a change in Keycloak v21.1.2 regarding ridirects when an application client is using non http(s) custom schemes. From the release notes:

"Changes in validating schemes for valid redirect URIs: If an application client is using non http(s) custom schemes, from now on the validation requires that a valid redirect pattern explicitly allows that scheme. Example patterns for allowing custom scheme are custom:/test, custom:/test/* or custom:*. For security reasons a general pattern like * does not cover them anymore."

#114 (closed)

Linked Issue

big-bang/product/plugins/keycloak-p1-auth-plugin#36 (closed)

Upgrade Notices

N/A

Edited by Chris Harden

Merge request reports