SIG Breakout Session: 2025-04-16 20th Meeting

SIG Breakout Session: 2025-04-16 - Date: Wed 16 April 2025 - Time: 12:00 - 13:00 UTC in 1 hour ## Agenda Agenda Items to discuss https://hackmd.io/@keycloak-oauth-sig ## Attendees - Francis Pouatcha - Takashi Norimatsu - Rodrick Awambeng - Motouom Victoire - Vinod Anandan - Pascal Knüppel - Thomas Darimont - Ingrid Kamga - Stefan Wiedemann - Forkim Akwichek - Assah Bismark - Dmitry Telegin - Ogen Bertrand ## Notes Notes by Topic ### General ### Keycloack 26.2 - OID4VCI Scope based approach draft 13 - Roling updates - JWT Client Authentication bug also fixed in 26.2 - Fine grained access permission ### OID4VCI - Keycloak version 26.2 release including scope based approach. - OID4VCI - [ID2 Draft 15](https://openid.net/specs/openid-4-verifiable-credential-issuance-1_0-ID2.html) - Tickets being prepared by adorsys team ### Transaction Token, SPIFEE for Workload Identity - Dmry working on routine issues ### OAuth 2.0 for First-Party Applications (FiPA) - Discussion: https://github.com/keycloak/keycloak/discussions/38796 ### Shared Signals Framework (SSF) - No update on 04/16 - Created a quarkus-based slide-car app outside keycloak, and now investigating better way: Valkey https://valkey.io/topics/streams-intro/ - Update in https://github.com/keycloak/keycloak/discussions/14217#discussioncomment-12850637 ### OpenID Federation 1.0 - No update on 04/16 bucchi submitted the article to Medium: https://bucchi.medium.com/building-trust-with-openid-federation-trust-chain-on-keycloak-f8ac021add3a Which draft version? -> Implementer's Draft 4 (draft 36) (https://openid.net/specs/openid-federation-1_0-ID4.html) ### Token Exchange - 26.2 released with limited support and fine-graind admin permission ### Demonstrating Proof-of-Possession (DPoP) https://github.com/keycloak/keycloak/issues/22311 - 4 issues are open. No progress in this week (Takashi) - Pascal will check if DPoP nonce is supported and create a issue if none (https://datatracker.ietf.org/doc/html/rfc9449#name-authorization-server-provid) ### Passkeys https://github.com/keycloak/keycloak/issues/23656 3 issues are open. It seems that there is no progress in this week (Takashi). ### Other Topics #### Keyconf25 - Survey started: https://forms.office.com/Pages/ResponsePage.aspx?id=hFQsXiLlnUeRylFdbgziKBgok6UO9mxHnShifZvG4ehUMVVNS1lRQlpJNTFSM0tHRU5QS0RPSlI2Ry4u - Decision to do one day, as Budget for a two day conference is out of reach. - Comment published to CNCF Chat. - Backbase interested in a booth! #### Keycloak COn Japan - https://events.linuxfoundation.org/keycloakcon-japan/ - Submissions in English or Japanese. CFP Link: https://sessionize.com/keyconf-2025-japan/ ## Recording https://us06web.zoom.us/rec/share/eMiJ5mn1i0Jjuw2GvnSRkVf6ghok3faNX_4bnesvdqslLG7ldRfYD4kWwpNFbI-s._9rWl07I0RfMMorz