SIG Breakout Session: 2025-04-30 - Date: Wed 30 April 2025 - Time: 12:00 - 13:00 UTC in 1 hour ## Agenda Agenda Items to discuss https://hackmd.io/@keycloak-oauth-sig ## Attendees - Francis Pouatcha - Stefan Wiedemann - Vinod Anandan ## Notes Notes by Topic ## Keycloack Release #### Update 04/30 - New patch release of keycloak 26.2.2 #### Update 04/16 - OID4VCI Scope based approach draft 13 - Roling updates - JWT Client Authentication bug also fixed in 26.2 - Fine grained access permission ## OID4VCI #### Update 04/30 - New PR https://github.com/keycloak/keycloak/pull/39148 - 2nd Review needed! - Pascal might have a look next week. - New Epic: https://github.com/keycloak/keycloak/issues/39273 - Adorsys Team and Pascal will take on the ticket. - New Discussion: https://github.com/keycloak/keycloak/discussions/39265 - Feature supported by Pascal and Ingrid - Francis will review and give his opinion. #### Update 04/16 - Keycloak version 26.2 release including scope based approach. - OID4VCI - [ID2 Draft 15](https://openid.net/specs/openid-4-verifiable-credential-issuance-1_0-ID2.html) - Tickets being prepared by adorsys team - new Issue: https://github.com/keycloak/keycloak/issues/39130 - Rodrick working on the PR - Pascal found some errors in the documentation - Please for Issues. - We want to start working with the OID4VCI of keycloak. - For any encoutered issue, please create ticket and synchronizewith adorsys team. ## Transaction Token, SPIFEE for Workload Identity #### Update 04/30 - No Update #### Update 04/16 - Dmry working on routine issues ## OAuth 2.0 for First-Party Applications (FiPA) #### Update 04/30 - Feedback urgently needed: https://github.com/keycloak/keycloak/discussions/38796 #### Update 04/16 - Discussion: https://github.com/keycloak/keycloak/discussions/38796 - Ingrid waiting for feedback from the community to send the pull request. ## Shared Signals Framework (SSF) #### Update 04/30 - No Update #### Update 04/09 - Created a quarkus-based slide-car app outside keycloak, and now investigating better way: Valkey https://valkey.io/topics/streams-intro/ - Update in https://github.com/keycloak/keycloak/discussions/14217#discussioncomment-12850637 ## OpenID Federation 1.0 #### Update 04/30 - No Update #### Update 04/16 - Hitachi side does not have a plan for working it as for now. ## Token Exchange #### Update 04/30 - No Update #### Update 04/16 - 26.2 released with limited support and fine-graind admin permission ## Demonstrating Proof-of-Possession (DPoP) #### Update 04/30 - No Update #### Update 04/16 Epic Issue: [ISSUE-22311](https://github.com/keycloak/keycloak/issues/22311) - 4 issues are open. No progress in this week (Takashi) - Pascal will check if DPoP nonce is supported and create a issue if none (https://datatracker.ietf.org/doc/html/rfc9449#name-authorization-server-provid) -> created [ISSUE-39042](https://github.com/keycloak/keycloak/issues/39042) - Takashi is working for [ISSUE-33942](https://github.com/keycloak/keycloak/issues/33942) - New issue from Pasca: https://github.com/keycloak/keycloak/issues/39042 - Will be added by Takashi as an optional task to the EPIC issue. ## Passkeys #### Update 04/30 - No Update #### Update 04/16 Epic Issue: [ISSUE-23656](https://github.com/keycloak/keycloak/issues/23656) - 3 issues are open. It seems that there is no progress in this week. ## Transient User Feature #### Update 04/30 - Pascal hoping for comment from Thomas or Stian - Vinod can request for an ad hoc meeting with Stian for this. #### Update 04/16 https://github.com/keycloak/keycloak/discussions/26637#discussioncomment-12499668 - Needed for eID authentication. As eID data of are not allowed to be stored in a persistent store. - Feature makes sure that the User object is not persistet. But according Stian comment, session is stored anyway. But Governikus implement with short lived sessions. - Previous behavior of volatile sessions will still exists and can be used to preserve the functionality of transient users. - Discussion will continue in the ticket. ## Keyconf25 #### Update 04/30 - CFP Open #### Update 04/09 - Survey started: https://forms.office.com/Pages/ResponsePage.aspx?id=hFQsXiLlnUeRylFdbgziKBgok6UO9mxHnShifZvG4ehUMVVNS1lRQlpJNTFSM0tHRU5QS0RPSlI2Ry4u - Decision to do one day, as Budget for a two day conference is out of reach. - Comment published to CNCF Chat. - Backbase interested in a booth! - CFP - https://forms.office.com/pages/responsepage.aspx?id=hFQsXiLlnUeRylFdbgziKBgok6UO9mxHnShifZvG4ehUNTdQTU5PQkVPOEpDMlQ5QUJTVFdRSDdQTy4u&route=shorturl ## KeycloakCon Japan #### Update 04/30 - No Update #### Update 04/16 - https://events.linuxfoundation.org/keycloakcon-japan/ - Submissions in English or Japanese. CFP Link: https://sessionize.com/keyconf-2025-japan/ - CFP Closed - Looking for sponsors. - https://events.linuxfoundation.org/keycloakcon-japan/sponsor/ The lowest level is $3,000, and your logo is shown. ## Recording https://us06web.zoom.us/rec/share/nPu3_IxxdLRdg9o2tGqn5F1nnOknCRwiwMXYImBy1P3pYg3ro6A2hBYHcmcS--ou.VMMcl8bhg7QCb02X