SIG Breakout Session: 2025-04-23 - Date: Wed 23 April 2025 - Time: 12:00 - 13:00 UTC in 1 hour ## Agenda Agenda Items to discuss https://hackmd.io/@keycloak-oauth-sig ## Attendees - Francis Pouatcha - Ogen Bertrand - Ingrid Kamga - Motouom Victoire - Pascal Knüppel - Assah Bismark - Vinod Anandan - Forkim Akwichek - Takashi Norimatsu - Rodrick Awambeng - Stefan Wiedemann ## Notes Notes by Topic ### General ### Keycloack 26.2 - OID4VCI Scope based approach draft 13 - Roling updates - JWT Client Authentication bug also fixed in 26.2 - Fine grained access permission ### OID4VCI - Keycloak version 26.2 release including scope based approach. - OID4VCI - [ID2 Draft 15](https://openid.net/specs/openid-4-verifiable-credential-issuance-1_0-ID2.html) - Tickets being prepared by adorsys team - new Issue: https://github.com/keycloak/keycloak/issues/39130 - Rodrick working on the PR - Pascal found some errors in the documentation - Please for Issues. - We want to start working with the OID4VCI of keycloak. - For any encoutered issue, please create ticket and synchronizewith adorsys team. ### Transaction Token, SPIFEE for Workload Identity - Dmry working on routine issues ### OAuth 2.0 for First-Party Applications (FiPA) - Discussion: https://github.com/keycloak/keycloak/discussions/38796 - Ingrid waiting for feedback from the community to send the pull request. ### Shared Signals Framework (SSF) - No update on 04/16 - Created a quarkus-based slide-car app outside keycloak, and now investigating better way: Valkey https://valkey.io/topics/streams-intro/ - Update in https://github.com/keycloak/keycloak/discussions/14217#discussioncomment-12850637 ### OpenID Federation 1.0 - Hitachi side does not have a plan for working it as for now. ### Token Exchange - 26.2 released with limited support and fine-graind admin permission ### Demonstrating Proof-of-Possession (DPoP) Epic Issue: [ISSUE-22311](https://github.com/keycloak/keycloak/issues/22311) - 4 issues are open. No progress in this week (Takashi) - Pascal will check if DPoP nonce is supported and create a issue if none (https://datatracker.ietf.org/doc/html/rfc9449#name-authorization-server-provid) -> created [ISSUE-39042](https://github.com/keycloak/keycloak/issues/39042) - Takashi is working for [ISSUE-33942](https://github.com/keycloak/keycloak/issues/33942) - New issue from Pasca: https://github.com/keycloak/keycloak/issues/39042 - Will be added by Takashi as an optional task to the EPIC issue. ### Passkeys Epic Issue: [ISSUE-23656](https://github.com/keycloak/keycloak/issues/23656) - 3 issues are open. It seems that there is no progress in this week. ### Other Topics #### Keyconf25 - Survey started: https://forms.office.com/Pages/ResponsePage.aspx?id=hFQsXiLlnUeRylFdbgziKBgok6UO9mxHnShifZvG4ehUMVVNS1lRQlpJNTFSM0tHRU5QS0RPSlI2Ry4u - Decision to do one day, as Budget for a two day conference is out of reach. - Comment published to CNCF Chat. - Backbase interested in a booth! - CFP - https://forms.office.com/pages/responsepage.aspx?id=hFQsXiLlnUeRylFdbgziKBgok6UO9mxHnShifZvG4ehUNTdQTU5PQkVPOEpDMlQ5QUJTVFdRSDdQTy4u&route=shorturl #### KeycloakCon Japan - https://events.linuxfoundation.org/keycloakcon-japan/ - Submissions in English or Japanese. CFP Link: https://sessionize.com/keyconf-2025-japan/ - CFP Closed - Looking for sponsors. - https://events.linuxfoundation.org/keycloakcon-japan/sponsor/ The lowest level is $3,000, and your logo is shown. #### Transient User Feature https://github.com/keycloak/keycloak/discussions/26637#discussioncomment-12499668 - Needed for eID authentication. As eID data of are not allowed to be stored in a persistent store. - Feature makes sure that the User object is not persistet. But according Stian comment, session is stored anyway. But Governikus implement with short lived sessions. - Previous behavior of volatile sessions will still exists and can be used to preserve the functionality of transient users. - Discussion will continue in the ticket. ## Recording https://us06web.zoom.us/rec/share/zJ4LYbzsGeTQIIsBdGcD8VTzAG7EpNfKfLf2037RQLXmSEF7r6cPLUkPaSlFSr-K.9rb_X8QdHk_nAE0F