fidzu : JBoss

The talks and speakers have now been announced for Keycloak's Identity Summit. Save your spot today! 📍 - taking place in Amsterdam on August 28th, 2025! This year's edition of the Keycloak Identity Summit promises more content, more connections, and even more opportunities to engage with the people shaping the future of identity and access management. TALK HIGHLIGHTS Our talks highlight the broad spectrum of the Keycloak ecosystem: How to run it with confidence and securely, how extend it, and how to apply it in existing and new scenarios. See below for a short-list of topics we cover: * Human and Workload Identities: Bridging the Gap with Keycloak * AI Meets Identity: Managing Keycloak with Natural Language via MCP * Observability in Keycloak: Where Does It Hurt? * The Event Sorcerer with the Keycloak: The Battle against Dynamic Configuration * Protectors of the Realm: Breaking and Fixing Keycloak Configurations A GREAT PLACE TO NETWORK Networking lunch Our extended lunch break is designed to help you meet fellow attendees, swap ideas, and build meaningful professional connections in a relaxed setting. Meet the maintainers We will have a panel discussion with the maintainers. Ask your questions live and get a response from the experts! Business drinks Stick around after the last session for informal networking over drinks. Want to sponsor this year's Business Drink? Get in touch with us-we'd love to partner with you! GET YOUR TICKET AND JOIN US! Whether you're a developer, architect, security specialist, or product owner, KEYCONF25 is your opportunity to gain knowledge, grow your network, and contribute to the future of the Keycloak community. 📅 August 28th, 2025 📍 Amsterdam, Netherlands Tickets are now available at - secure your spot! WANT TO GET INVOLVED? Let's continue building a stronger, smarter IAM community-together. We can't wait to see you in Amsterdam!

27 Jun 2025 12:00am GMT

The agent revolution just took a massive leap forward! Following the recent landmark that Google has donated the Agent2Agent (A2A) protocol to the Linux Foundation, we're thrilled to announce the launch of the , created by the WildFly and Quarkus teams in close collaboration, and now contributed to the official A2A project. A NEW ERA UNDER LINUX FOUNDATION STEWARDSHIP The protocol's transition to the Linux Foundation represents more than just a change of governance: it's a commitment to vendor-neutral, community-driven innovation. Similar how WildFly and Quarkus both recently joined the CommonHaus foundation. This ensures that A2A, as a critical interoperability standard, remains open and accessible to all. With more than 100 companies now supporting the protocol, we're witnessing the formation of what industry leaders are calling "an open, interoperable Internet of Agents." With the A2A Java SDK now part of this movement, enterprise developers can participate in this open agent ecosystem from day one. WHY JAVA SDK MATTERS Here's where things get exciting from a technical perspective: true polyglot agent ecosystems. The agent landscape has been fragmented, with Python dominating AI/ML workflows, JavaScript powering web-based agents, and Java serving as the backbone of enterprise backend systems. Siloed development across language ecosystems has held back the true potential of agentic applications. Our Java SDK shatters these barriers by implementing the A2A protocol specification natively in Java, enabling: * Enterprise-grade agent integration with existing Java infrastructure * Seamless interoperability between Java agents and those written in Python, JavaScript, or any A2A-compatible language with well-tested enterprise capabilities (including observability, security… ) And you know what? Writing agents in Java is now as easy as writing 1. A CLASS THAT CREATES AN A2A AGENT CARD import io.a2a.spec.AgentCapabilities; import io.a2a.spec.AgentCard; import io.a2a.spec.AgentSkill; import io.a2a.spec.PublicAgentCard; ... @ApplicationScoped public class WeatherAgentCardProducer { @Produces @PublicAgentCard public AgentCard agentCard() { return new AgentCard.Builder() .name("Weather Agent") .description("Helps with weather") .url("http://localhost:10001") .version("1.0.0") .capabilities(new AgentCapabilities.Builder() .streaming(true) .pushNotifications(false) .stateTransitionHistory(false) .build()) .defaultInputModes(Collections.singletonList("text")) .defaultOutputModes(Collections.singletonList("text")) .skills(Collections.singletonList(new AgentSkill.Builder() .id("weather_search") .name("Search weather") .description("Helps with weather in city, or states") .tags(Collections.singletonList("weather")) .examples(List.of("weather in LA, CA")) .build())) .build(); } } 2. A CLASS THAT CREATES AN A2A AGENT EXECUTOR import io.a2a.server.agentexecution.AgentExecutor; import io.a2a.server.agentexecution.RequestContext; import io.a2a.server.events.EventQueue; import io.a2a.server.tasks.TaskUpdater; import io.a2a.spec.JSONRPCError; import io.a2a.spec.Message; import io.a2a.spec.Part; import io.a2a.spec.Task; import io.a2a.spec.TaskNotCancelableError; import io.a2a.spec.TaskState; import io.a2a.spec.TextPart; ... @ApplicationScoped public class WeatherAgentExecutorProducer { @Inject WeatherAgent weatherAgent; @Produces public AgentExecutor agentExecutor() { return new WeatherAgentExecutor(weatherAgent); } private static class WeatherAgentExecutor implements AgentExecutor { private final WeatherAgent weatherAgent; public WeatherAgentExecutor(WeatherAgent weatherAgent) { this.weatherAgent = weatherAgent; } @Override public void execute(RequestContext context, EventQueue eventQueue) throws JSONRPCError { TaskUpdater updater = new TaskUpdater(context, eventQueue); // mark the task as submitted and start working on it if (context.getTask() == null) { updater.submit(); } updater.startWork(); // extract the text from the message String userMessage = extractTextFromMessage(context.getMessage()); // call the weather agent with the user's message String response = weatherAgent.chat(userMessage); // create the response part TextPart responsePart = new TextPart(response, null); List> parts = List.of(responsePart); // add the response as an artifact and complete the task updater.addArtifact(parts, null, null, null); updater.complete(); } @Override public void cancel(RequestContext context, EventQueue eventQueue) throws JSONRPCError { Task task = context.getTask(); if (task.getStatus().state() == TaskState.CANCELED) { // task already cancelled throw new TaskNotCancelableError(); } if (task.getStatus().state() == TaskState.COMPLETED) { // task already completed throw new TaskNotCancelableError(); } // cancel the task TaskUpdater updater = new TaskUpdater(context, eventQueue); updater.cancel(); } private String extractTextFromMessage(Message message) { StringBuilder textBuilder = new StringBuilder(); if (message.getParts() != null) { for (Part part : message.getParts()) { if (part instanceof TextPart textPart) { textBuilder.append(textPart.getText()); } } } return textBuilder.toString(); } } } Pretty straightforward, right? The SDK provides all the necessary components to create agent cards, handle agent execution, and manage communication between agents. Note: In future some of this boiler plate code we expect will be simplified by Quarkus and other frameworks using the A2A Java SDK. And when it comes to client-side development, it's even easier. The SDK includes a simple A2A client that allows you to interact with A2A agents using the A2A protocol. This client abstracts away the complexities of the protocol, making it easy to send messages, receive responses, and manage agent interactions. Creating an A2A client in Java is as simple as: 1. CREATE AN A2A CLIENT // Create an A2AClient (the URL specified is the server agent's URL, be sure to replace it with the actual URL of the A2A server you want to connect to) A2AClient client = new A2AClient("http://localhost:1234"); 2. SEND A MESSAGE TO THE A2A SERVER AGENT // Send a text message to the A2A server agent Message message = A2A.toUserMessage("tell me a joke"); // the message ID will be automatically generated for you MessageSendParams params = new MessageSendParams.Builder() .message(message) .build(); SendMessageResponse response = client.sendMessage(params); Note that A2A#toUserMessage will automatically generate a message ID for you when creating the Message if you don't specify it. You can also explicitly specify a message ID like this: Message message = A2A.toUserMessage("tell me a joke", "message-1234"); // messageId is message-1234 And the SDK also provides a convenient way to handle task management, allowing you to create, get the current state, and cancel tasks with ease. This is especially useful for managing long-running operations or coordinating complex workflows between multiple agents. You can find more details about task management and many other features in the repository's. You just want more code? Are you interested to see interoperability in action? Explore our which demonstrates how Python and Java agents collaborate seamlessly. See this picture for a bird-eye overview, and checkout the code for more insights TECHNICAL EXCELLENCE: THE MUTINY-ZERO ADVANTAGE And if you need your agent to be reactive, don't worry about the dependencies you are adding, because the Java SDK leverages mutiny-zero as its reactive foundation, a decision that reflects our commitment to framework-agnostic excellence. is a minimal API for creating reactive streams-compliant publishers that weighs less than 50K and have zero external dependencies beyond the Reactive Streams API. This architecture delivers several compelling advantages: * No Vendor Lock-in: No specific technology commitments for your agents. * Lightweight Performance: Faster startups, reduced resource consumption. * Maximum Compatibility: Seamless integration with existing Java reactive ecosystems. * Future-Proof Design: Ready for Java's modern Flow APIs, backward compatible. This reactive foundation ensures your Java agents can handle high-throughput, low-latency agent-to-agent communications while remaining lightweight and composable. COMMUNITY-DRIVEN INNOVATION What started as an external contribution has now become an official part of the A2A project repository, showcasing how the ecosystem can rapidly evolve through diverse contributions. This is precisely the kind of collaborative development that will accelerate A2A adoption and innovation. Ready to dive in? Here's your roadmap: 1. Explore the SDK: Visit to examine the implementation 2. Study Real Examples: Check out the to see interoperability in action 3. Join the Community: Connect with fellow developers in the A2A ecosystem 4. Start Building: Begin prototyping your first multi-language agent team THE BIGGER PICTURE: COLLABORATIVE INTELLIGENCE The A2A protocol aims to break down the silos that currently limit the potential of AI infuse applications by providing a common language for AI agents to discover each other's capabilities, securely exchange information, and coordinate complex tasks. With Java now joining Python and JavaScript in the A2A ecosystem, we're building towards a future where intelligence is truly collaborative, where the most sophisticated AI systems are assembled from specialized agents, each optimized for specific tasks but unified through standardized communication protocols. This Java SDK launch is just the beginning. The A2A project under Linux Foundation stewardship is positioned for rapid expansion, with additional language implementations, enhanced security features, and enterprise-grade tooling on the horizon. Your contributions matter. Whether you're fixing bugs, adding features, creating examples, or building integrations with other frameworks - every commithelps build this collaborative future. The agent revolution is here, and with the A2A Java SDK, the entire Java ecosystem can participate. Let's build something amazing together! 🚀

27 Jun 2025 12:00am GMT

We're excited to announce the release of WildFly 37.0.0.Beta1! This beta release, available for download from , includes new features and several enhancements, alongside numerous component upgrades. KEY HIGHLIGHTS IN THIS BETA RELEASE: NEW FEATURES: * Artemis commit-interval attribute for scaledown: WildFly 37 Beta 1 exposes the Artemis commit-interval attribute for scaledown. * The /core-service=platform-mbean resources have been evolved to expose new platform MXBeans, attributes and operations. ENHANCEMENTS: * The tasks-jsf quickstart now uses Glow. * GPG detached signatures are now included with uploads at release time. The following commands demonstrate how to verify the GPG signature of the WildFly distribution: $ gpg --keyserver keyserver.ubuntu.com --recv-keys E85C11F6 $ gpg --verify wildfly-37.0.0.Beta1-src.tar.gz.asc wildfly-37.0.0.Beta1-src.tar.gz gpg: Signature made Wed 25 Jun 2025 14:33:44 BST gpg: using EDDSA key 245404A11575A55D6A41107E2D52D4ACE85C11F6 gpg: Good signature from "Darran Andrew Lofthouse " [unknown] gpg: aka "Darran Andrew Lofthouse " [unknown] gpg: WARNING: This key is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner. Primary key fingerprint: 2454 04A1 1575 A55D 6A41 107E 2D52 D4AC E85C 11F6 Contributors to WildFly publish their GPG keys on the , which includes the fingerprint to aid verification. COMPONENT UPGRADES: This release includes a significant number of component upgrades, ensuring WildFly remains current with the latest technologies and provides improved performance and security. Some notable upgrades include: * Vert.x to 4.5.15. * Hibernate ORM to 6.6.18.Final (and 7.0.2.Final for WildFly Preview). * Micrometer to 1.15.0. * EclipseLink to 4.0.6. * SmallRye Fault Tolerance to 6.9.1. * Apache Santuario XML Security for Java to 3.0.6. * JBoss Universe Producers to 1.3.14. * JBoss Metadata to 16.1.0.Final. * Netty to 4.1.122.Final. * Velocity Engine to 2.4.1. * WildFly Clustering to 7.0.5.Final. * Infinispan to 15.2.4.Final. * JGroups to 5.4. * Apache Artemis to 2.41.0. * WildFly Core to 29.0.0.Beta6. * HAL to 3.7.12.Final. * Byteman to 4.0.25. * JBossWS-CXF to 7.3.3.Final. * Narayana to 7.2.2.Final. * zstd-jni to 1.5.7-3. * WildFly Licenses Plugin to 2.4.2.Final. * FasterXML Jackson to 2.18.4. * SmallRye Common to 2.12.0. * Hibernate Search to 8.0.0.Final (in WildFly preview). * Weld to 5.1.6.Final and 6.0.3.Final. * Hibernate Validator to 9.0.1.Final (in WildFly preview). * Expressly to 6.0.0 (in WildFly preview). * Apache CXF to 4.0.8. * Commons-Beanutils to 1.11.0, which resolves CVE-2025-48734. * WildFly Channel Maven Plugin to 1.0.25. * WildFly HTTP Client to 2.1.1.Final. * Narayana LRA to 1.0.1.Final. * Arquillian BOM to 1.9.5.Final. * Arquillian Testcontainers to 1.0.0.Alpha4. * Caffeine to 3.2.1. * Apache Kafka to 3.9.1. * SmallRye OpenAPI to 4.0.11. * Nimbus Jose JWT to 10.3. * Artemis WildFly Integration to 2.0.4.Final. * MVC Krazo integration to 2.0.0.Final. * OWASP Dependency Check Plugin to 12.1.3. For a complete list of bug fixes, tasks, sub-tasks, and other changes, please refer to the . We encourage the community to test this beta release and provide feedback to help us stabilize WildFly 37.

26 Jun 2025 12:00am GMT

Today, we released Quarkus 3.24. It comes with major version upgrades to major components and a brand new feature: the Dev Assistant. * - Introduce the Assistant * - Upgrade to Hibernate ORM 7.0 * - Upgrade to Hibernate Validator 9.0 * - Upgrade to Kafka Client 4.0 * - Add OIDC Health Check UPDATE To update to Quarkus 3.24, we recommend updating to the latest version of the Quarkus CLI and run: quarkus update Note that quarkus update can update your applications from any version of Quarkus (including 2.x) to Quarkus 3.24. For more information about the adjustments you need to make to your applications, please refer to the . WHAT'S NEW? DEV ASSISTANT We all love Quarkus' Dev UI and Quarkus 3.24 paves the way for major improvements to the Dev UI through a brand new feature: the Dev Assistant. The Assistant is a new extension point to provide features assisting you in your daily coding: * Generate clients from your OpenAPI specification * Generate additional test data * … sky is the limit! The Assistant can offer features that are backed by AI, but isn't limited to it. We have been cooking an extension leveraging the Assistant feature for a while: . You can already add it to your projects. But don't see it as the end of things: you can develop your own Assistant features in your extensions. HIBERNATE ORM Hibernate ORM was updated to 7.0. This is a major version and it comes with new features and significant changes that are presented in more details in a . Please also have a look to the dedicated section of our . Hibernate ORM 7.0 is an implementation of Jakarta Persistence 3.2. HIBERNATE VALIDATOR Hibernate Validator was updated to 9.0. Hibernate Validator 9.0 is an implementation of Jakarta Validation 3.1. KAFKA CLIENT The Kafka Client has been updated to 4.0. OIDC HEALTH CHECK Quarkus 3.24 offers a health check for OIDC that allows to check your Quarkus application is able to connect to your OIDC server. PLATFORM COMPONENT UPGRADES CAMEL QUARKUS Camel Quarkus has been upgraded to 3.24.0. FULL CHANGELOG You can get the full changelog of , , and on GitHub. CONTRIBUTORS The Quarkus community is growing and has now . Many many thanks to each and everyone of them. In particular for the 3.24 release, thanks to Alexandre Dutra, Alexey Loubyansky, appiepollo14, Ashish Ranjan, Bill Burke, Bruno Baptista, Clement Escoffier, David M. Lloyd, Davide D'Alto, Erik Mattheis, Foivos Zakkak, Fouad Almalki, gbourant, George Gastaldi, Georgios Andrianakis, Guillaume Smet, Holly Cummins, Inaki Villar, João Lopes, Julien Ponge, Katia Aresti, Kevin Wooten, Ladislav Thon, Lars, Lukas Schmitt, Marc Nuri, Marco Belladelli, marko-bekhta, Martin Bartoš, Martin Kouba, Martin Panzer, Matej Novotny, melloware, Michael Edgar, Michal Maléř, Michal Vavřík, Nicholas Hassan, nort3x, Ozan Gunalp, patriot1burke, Peter Palaga, Phillip Krüger, Robert Stupp, Roberto Cortez, Rostislav Svoboda, Sebastian Vogl, Sergey Beryozkin, Stefan Schmöller, Steve Hawkins, Stuart Douglas, Stéphane Épardaud, Teymur Babayev, Tim van der Lippe, Vincent Potucek, Volodymyr, xstefank, Yahya Berbeche, and Yoann Rodière. COME JOIN US We value your feedback a lot so please report bugs, ask for improvements… Let's build something great together! If you are a Quarkus user or just curious, don't be shy and join our welcoming community: * provide feedback on ; * craft some code and ; * discuss with us on and on the ; * ask your questions on .

25 Jun 2025 12:00am GMT

INTRODUCTION Hibernate ORM is improving at a very fast speed, and so is its integration with Quarkus, as great database access is a key part of the Quarkus experience. The latest Quarkus 3.24 release upgrades Hibernate to version 7, a major upgrade that implies some breaking changes, and thus will require paying attention to the when upgrading. Developers working on Hibernate and Quarkus are constantly collaborating, so here's a quick peek at what happened over the past few months and at what Quarkus users might expect in the future. LICENSE AND GOVERNANCE UPDATES Both Quarkus and Hibernate are now projects of the , a non-profit organization dedicated to creating a collaborative environment for open-source libraries. Since the upgrade to Hibernate 7, Quarkus and all Hibernate libraries now share the same open-source license: the . HIBERNATE ORM 7.0 UPDATES The new version of Hibernate brings better performance and , some of which improve the developer experience, such as to efficiently fetch entities in batches. SUPPORT FOR JAKARTA DATA is a simpler way to write data-accessing applications, and it's been supported in Quarkus since . We suggest giving it a try, as it enables a very quick and easy implementation of the DAO/repository patterns, without any boilerplate code and in a type-safe manner. To get started, simply include the jakarta.data:jakarta.data-api dependency with the latest version of Quarkus, i.e.: jakarta.data jakarta.data-api Here's an example of how a simple repository can be written: @Repository public interface Library { @Find Optional byIsbn(String isbn); @Query(""" select b.isbn, b.title, listagg(a.name, ' & ') from Book b join b.authors a group by b order by b.isbn """) List

25 Jun 2025 12:00am GMT

24 Jun 2025 12:00am GMT

We released Quarkus 3.23.4, the third (we skipped 3.23.1) maintenance release for our 3.23 release train. UPDATE To update to Quarkus 3.23, we recommend updating to the latest version of the Quarkus CLI and run: quarkus update Note that quarkus update can update your applications from any version of Quarkus (including 2.x) to Quarkus 3.23. For more information about the adjustments you need to make to your applications, please refer to the . FULL CHANGELOG You can get the full changelog of on GitHub. COME JOIN US We value your feedback a lot so please report bugs, ask for improvements… Let's build something great together! If you are a Quarkus user or just curious, don't be shy and join our welcoming community: * provide feedback on ; * craft some code and ; * discuss with us on and on the ; * ask your questions on .

19 Jun 2025 12:00am GMT

19 Jun 2025 12:00am GMT

Hi, Further to the earlier post about Narayana in a foundation (https://jbossts.blogspot.com/2025/03/request-for-input-narayana-in-foundation.html) I am pleased to share here that the Narayana project has successfully transferred to Commonhaus Foundation (as part of a move with WildFly - please see the WildFly announcement here https://www.wildfly.org/news/2025/04/30/WildFly-Commonhaus/). You can find us now listed at: https://www.commonhaus.org/. Please feel free to reach out on Zulip to chat about this: https://narayana.zulipchat.com/ Congratulations to the project on this new home! Tom

18 Jun 2025 3:42pm GMT

Quarkus MCP Server is blazing a trail as the first Java MCP server with Streamable HTTP support-unlocking new possibilities for developers. Read more about in the blog post "Quarkus MCP Server: The First Java Server SDK to Support Streamable HTTP!" by Max Rydahl Andersen. Learn how Quarkus MCP Client can use access tokens to access secure MCP servers in Sergey Beryozkin's blog post "Use Quarkus MCP client to access secure MCP HTTP servers". Leverage ChatGPT and existing Maven skills, to rapidly develop and deploy a new API with Quarkus. Ease the learning curve and achieving quick validation on Heroku. See how in "How To Introduce a New API Quickly Using Quarkus and ChatGPT" by John Vester. Explore LLM guardrails, why they matter, and how you can effectively implement them to ensure safe and trustworthy AI interactions in "Ensuring Safe and Reliable AI Interactions with LLM Guardrails" by Brian Vermeer. Learn about Prasbanth's first experience to see how the Java ecosystem is adapting to the world of cloud-native applications - and how that experience left him motivated to continue this journey in "From Traditional Java to Cloud-Native with Quarkus: My First Boston Java Users Meetup Experience". You will also see the latest Quarkus Insights episodes, top tweets/discussions and upcoming Quarkus attended events. Check out ! Want to get newsletters in your inbox? using the on page form.

12 Jun 2025 12:00am GMT

Last year's KubeCon India was a great success, and Keycloak will be part of this year's edition in Hyderabad on August 7-8. A lot of people use Keycloak and develop extensions in for Keycloak in India, so we are thrilled to connect with the community. Connect with me in to have your contributions or projects mentioned in the talk! TALKS AT KUBECON The schedule of KubeCon + CloudNativeCon India 2025 has been released, see below talks about Keycloak: * Wednesday August 6, 2025 11:37 IST Alexander Schwartz, Red Hat * Wednesday August 6, 2025 12:10 IST Alexander Schwartz & Rishabh Singh, Red Hat PROJECT PAVILLION The Keycloak project table in the Project Pavillion is the place to meet the Keycloak maintainers, contributors and the larger community. We will be there in the afternoons, while other projects will be there during the mornings. See below for the location and the times. Wednesday, August 6: 3:10 pm - 7:15 pm Thursday, August 7: 1:25 pm - 3:50 pm SEE YOU THERE! We're preparing for KubeCon India 2025 and can't wait to connect with our community. Mark your calendars and join us. Let me know in to have your contributions or projects mentioned in the talk! See you in Hyderabad!

12 Jun 2025 12:00am GMT

We released Quarkus 3.23.3, the second (we skipped 3.23.1) maintenance release for our 3.23 release train. UPDATE To update to Quarkus 3.23, we recommend updating to the latest version of the Quarkus CLI and run: quarkus update Note that quarkus update can update your applications from any version of Quarkus (including 2.x) to Quarkus 3.23. For more information about the adjustments you need to make to your applications, please refer to the . FULL CHANGELOG You can get the full changelog of on GitHub. COME JOIN US We value your feedback a lot so please report bugs, ask for improvements… Let's build something great together! If you are a Quarkus user or just curious, don't be shy and join our welcoming community: * provide feedback on ; * craft some code and ; * discuss with us on and on the ; * ask your questions on .

11 Jun 2025 12:00am GMT

We released Quarkus 3.23.2, the first (we skipped 3.23.1) maintenance release for our 3.23 release train. UPDATE To update to Quarkus 3.23, we recommend updating to the latest version of the Quarkus CLI and run: quarkus update Note that quarkus update can update your applications from any version of Quarkus (including 2.x) to Quarkus 3.23. For more information about the adjustments you need to make to your applications, please refer to the . FULL CHANGELOG You can get the full changelog of and on GitHub. COME JOIN US We value your feedback a lot so please report bugs, ask for improvements… Let's build something great together! If you are a Quarkus user or just curious, don't be shy and join our welcoming community: * provide feedback on ; * craft some code and ; * discuss with us on and on the ; * ask your questions on .

05 Jun 2025 12:00am GMT

Today, we released Quarkus 3.23. 3.23 comes with a lot of small improvements and some bugfixes together with a couple of new features: * - Enable named data sources for Hibernate Reactive * - OIDC: Add bearer token step up authentication UPDATE To update to Quarkus 3.23, we recommend updating to the latest version of the Quarkus CLI and run: quarkus update Note that quarkus update can update your applications from any version of Quarkus (including 2.x) to Quarkus 3.23. For more information about the adjustments you need to make to your applications, please refer to the . WHAT'S NEW? NAMED DATA SOURCES FOR HIBERNATE REACTIVE With 3.22, we started the journey of bringing the Hibernate Reactive extension up to par with the Hibernate ORM one. In 3.23, it's now possible to point Hibernate Reactive to a named datasource. The next step will be to have support for multiple named persistence units for Hibernate Reactive and hopefully it will arrive in 3.24. OIDC BEARER STEP UP AUTHENTICATION Quarkus 3.23 introduces support for the OAuth 2.0 Step Up Authentication Challenge Protocol. You can learn more about it in the of the OIDC Bearer token authentication guide. PLATFORM COMPONENT UPGRADES QUARKUS CXF Quarkus CXF 3.23 was released and is now available in . Check the and release notes for more information about what is new in these releases. CAMEL QUARKUS Camel Quarkus has been upgraded to 3.23.0. FULL CHANGELOG You can get the full changelog of and on GitHub. CONTRIBUTORS The Quarkus community is growing and has now . Many many thanks to each and everyone of them. In particular for the 3.23 release, thanks to Aditya Thakur, Alexandre Dutra, Alexey Loubyansky, Andrii Denysenko, Andy Damevin, appiepollo14, ayagmar, Bruno Baptista, Clement Escoffier, Fedor Dudinsky, Foivos Zakkak, Fouad Almalki, George Gastaldi, Georgios Andrianakis, Guillaume Smet, Holly Cummins, iedo, Ladislav Thon, Luca Molteni, luca-bassoricci, Lucien Brule, Magnus Gustafsson, Marc Nuri, mariofusco, marko-bekhta, Martin Bartoš, Martin Kouba, Martin Panzer, Matej Novotny, Matheus Cruz, Max Rydahl Andersen, melloware, Michael Edgar, Michal Vavřík, Michiel Dockx, Mikhail Polivakha, Olivier V, Ozan Gunalp, Peter Palaga, Phillip Krüger, Robert Stupp, Roberto Cortez, Rolfe Dlugy-Hegwer, Rostislav Svoboda, Sebastian Vogl, Sergey Beryozkin, Severin Gehwolf, shjones, Steve Hawkins, Stuart Douglas, Tamas Cservenak, and Yoann Rodière. COME JOIN US We value your feedback a lot so please report bugs, ask for improvements… Let's build something great together! If you are a Quarkus user or just curious, don't be shy and join our welcoming community: * provide feedback on ; * craft some code and ; * discuss with us on and on the ; * ask your questions on .

28 May 2025 12:00am GMT

To download the release go to . UPGRADING Before upgrading refer to for a complete list of changes. ALL RESOLVED ISSUES ENHANCEMENTS * Fix Securing Apps links to adapters docs * Email server credentials can be harvested through host/port manipulation admin/api * Fix doc link to FGAP v1 docs * Apply edits to Operators Guide docs * Edit Observability Guide docs * Fix callouts in Operator guide docs * Sessions from Infinispan should be mapped lazily for the Admin UI * Speed up Infinispan list of all sessions be more eagerly remove old client sessions * When logging in, all client sessions are loaded which is slow oidc BUGS * Authorization Code Flow Fails Scope Validation After Credential Definition Migration to Realm Level oid4vc * [quarkus-next] TestEngine with ID 'junit-jupiter' failed to discover tests dist/quarkus * [OID4VCI] Documentation Errors docs * Aggregated policy: Cannot select policies that do not appear in the drop-down list admin/ui * quarkus runtime options are treated as buildtime options dist/quarkus * [26.2.3/26.1.5] Regression: empty ClientList in UI for Custom UserStorageProvider admin/ui * UI does not show user's attributes after reentering the Attributes TAB admin/ui * Refreshed tokens are not persisted for IDP token exchange token-exchange * UI does not show organization's attributes after reentering the Attributes TAB account/ui * Autocomplete in Mapper type of user federation broken admin/ui * Forms IT tests breaks with Chrome 136.0.7103.59 ci * Unable to change the OTP hash algorithm admin/ui * Keycloak not using custom Infinispan config infinispan * Duplicate validation message "Please specify username." shown on login form login/ui * Clicking on the jump links removes the localization of the UI admin/ui * Authorization documentation shows the wrong view authorization-services * Recreate update is not scaling down the statefulset to zero operator * Hibernate LazyInitializationException when deleting client with CompositeRoles core * POST realm API returns 400 on conflict instead of 409 in version 26.2.4 admin/api * Documentation has outdated link to the "latest" branch of quickstarts docs * [KEYCLOAK CI] - AuroraDB IT - Create EC2 runner instance ci

28 May 2025 12:00am GMT

The Token Exchange feature has been available in Keycloak for a long time, but only as a preview feature. With the release of Keycloak 26.2, we're happy to share that Standard Token Exchange is now officially supported and fully compliant with . WHAT IS TOKEN EXCHANGE? 🔄 Token Exchange is a mechanism that allows a client to exchange one token for another. In the context of Keycloak, this means a client can exchange a token originally issued for another client and receive a new token issued specifically for itself. Token Exchange is especially helpful in these scenarios: 🎯 DIFFERENT AUDIENCE When a token was issued for one service but needs to be used to access another, Token Exchange can issue a new token with the appropriate audience. 🔐 SCOPED PERMISSIONS If a client needs to access a service with more limited permissions, it can exchange its token for one with reduced or more specific scopes. WHAT'S NEW? 🆕 * ✅ Official support (no longer a preview feature) * 📘 Compliance with RFC 8693 (OAuth 2.0 Token Exchange) * 🖱️ Simple configuration via the Admin Console (just a switch in client settings) * 🛡️ Integration with Client Policies to enforce custom rules. You can restrict exchanges to specific clients, or deny exchanges based on requested scopes. HOW TO GET STARTED 🚀 If you're using Keycloak 26.2 or later, there's nothing extra to enable. Token Exchange is ready to use, just open the client settings in the admin console and enable the dedicated switch. If you're still using the preview feature of token exchange, check the and the to understand the differences and plan your migration. 📄 For full setup instructions and configuration details, refer to the . WHAT'S NEXT? 🔍 We're continuing to expand Token Exchange support with future enhancements such as: * 🔄 Exchanging tokens issued by external identity providers * 👤 Using token exchange to impersonate users Stay tuned for updates in upcoming releases. -------------------------------------------------------------------------------- We'd love to hear what you think about this feature and how we can improve it. Feedback and contributions from the community are always welcome.

26 May 2025 12:00am GMT