Keycloak version 26.6: new features and improvements
Keycloak 26.6 release: new features and updates
Keycloak has released new version 26.6 of its open-source platform dedicated to authentication and authorization management.
This update introduces several advanced features designed to further strengthen the security of access processes in enterprise environments, while ensuring operational continuity and full compatibility with previous versions.
JWT Authorization Grant
Based on the RFC 7523 standard, this feature is now fully operational and optimized to handle token exchange between external and internal domains. The system allows clients to present externally signed JWT assertions to obtain OAuth 2.0 access tokens directly from Keycloak.
The result is a leaner, more secure integration between heterogeneous ecosystems, based on standardized token issuance protocols.
Ready-Made Templates
Are you looking for an IAM system?Visit the Yookey website to explore the available solutions.
Federated Client Authentication
This feature, now officially supported, marks the end of complex “client secret” management. Instead of manually generating and rotating keys for each application, clients can authenticate by leveraging a trust relationship with existing external issuers.
- Benefits: A significant reduction in administrative overhead.
- Compatibility: Extended support for assertions from external OpenID Connect providers and full integration with Kubernetes Service Accounts.
Keycloak 26.6 Orchestration and Workflows
Keycloak is evolving towards Identity Governance and Administration (IGA) by introducing official support for Workflows. Through YAML configuration files, administrators can now automate the entire lifecycle of users and clients. The execution engine, further enhanced in this release with new predefined steps, enables complex operations based on:
- real-time system events
- custom conditional logic
- time-based scheduling (scheduling)
Zero-downtime patch releases
This feature, now officially supported and enabled by default, is a cornerstone for business continuity. It allows patches and updates (within the same major.minor version) to be applied through a rolling strategy, completely eliminating downtime or interruptions for end users. Those using the Keycloak Operator can fully automate the process simply by setting the update mode to “Auto”.
To explore all the details of the new Keycloak version, please refer to the official release.
Yookey: the IAM solution based on Keycloak
Yookey is an Identity and Access Management (IAM) platform based on Keycloak, providing robust and secure management of digital identities and access control to resources and services.
The solution simplifies and secures user onboarding and offboarding processes by leveraging Single Sign-On (SSO) integration and advanced access management automation, while also applying multi-factor authentication (MFA) mechanisms to strengthen security from the very first login.
The entire identity lifecycle is tracked, monitored, and documented in a structured way, supporting compliance with regulatory requirements such as NIS2 and ISO 27001.
Parla direttamente con il nostro team per ulteriori informazioni.
