Keycloak 26: All the New Features of the Latest Version

  1. The New version of Keycloak
  2. Key Innovations Introduced in Version 26
  3. Steps for Updating to Keycloak v26
  4. Keycloak and the Experimental Innovations in Version 26

The New Version of Keycloak

Keycloak has released a new version of its open-source platform for managing authentication and authorization. This update brings innovative features aimed at enhancing corporate authentication security while maintaining full compatibility with previous versions.

One of the standout features in this release is the persistent-user-session, enabled by default. This functionality stores user sessions directly in the database, ensuring that active sessions are preserved during migrations, platform restarts, or updates. By automatically saving sessions in the default database, users experience a smoother, more reliable authentication process.

Key Innovations Introduced in Version 26

Keycloak v26 introduces several new capabilities, enhancing performance, versatility, and usability for various business scenarios.
The main new features include:

  1. Support for Multi-Site Environments:
    Keycloak v26 optimizes support for distributed deployments, improving session and configuration management in multi-site environments.Key improvements include:
    • More effective synchronization between nodes in multi-site environments, thanks to persistent user sessions.
    • Configuration Ease: Multi-site configurations in the new version of Keycloak require fewer customizations, making deployment simpler.
    • Performance Improvement: Platform optimization enables greater scalability, allowing support for a global user base.
  2. Introduction of OpenTelemetry: This enables activity tracking, improving monitoring and observability of platform operations.
  3. DPoP (Demonstration of Proof of Possession) Improvements: This mechanism is designed to prevent access token theft, improving efficiency and offering enhanced security, especially in API interactions.
  4. Support for Organizations: These can now be managed directly from the platform through a hierarchical structure, to group users, roles, and resources.
  5. Support for Multiple Social Broker Instances: Keycloak v26 allows for the simultaneous configuration of multiple social authentication providers, simplifying the management of logins via different social networks and improving the user experience, making it smoother.

From a design perspective, a completely redesigned login theme has been introduced, featuring a modern and intuitive interface.
Additionally, the client libraries have been updated with dedicated release cycles, to offer greater compatibility and reliability in integrations with external applications.

Ready-Made Templates
Get more details

Visit the Yookey website to discover the available offers.

Contact us !

Steps for Updating to Keycloak v26

The update to Keycloak v26 requires a series of structured steps to ensure optimal and smooth installation.To ensure a smooth upgrade process, follow these steps:

  • Backup and Preparation:
    Perform a full system backup, including databases, configurations, and custom files, to avoid data loss during the update.
  • Server Update:
    Download the v26 files from the official website and replace the previous version’s files. Follow the official documentation for detailed installation steps.
  • Client Adapter Update:
    Verify that all client adapters are updated to the v26-compatible version to maintain functionality for connected applications.
  • Configuration and Customization Compatibility:
    Check that existing configurations align with the new features, such as persistent sessions. Update or adapt customizations as needed to ensure system stability.

Keycloak and the Experimental Innovations in Version 26

Version 26 also introduces experimental functionalities that showcase the platform’s potential future capabilities. 
Keycloak v26 supports issuing verifiable credentials, digital credentials issued by trusted authorities that can be independently verified without direct communication with the issuer. These credentials can include:

  • Personal identities;
  • Roles and permissions;
  • Professional qualifications;
  • Other data relevant to authentication and authorization.

This feature aligns Keycloak with emerging trends in decentralized digital identities, offering innovative solutions for online security and privacy.

By integrating these advanced technologies, Keycloak demonstrates a commitment to staying ahead in the rapidly evolving identity management landscape.