26.3.4

🐛 Bug Fixes

• #35825: Per client session idle time was incorrectly capped by realm level client idle timeout.
• #40374: Resolved frequent duplicate key value errors violating unique constraint "constraint_offl_us_ses_pk2" during authentication.
• #40463: Fixed issue where login to Account Console produced two consecutive LOGIN events.
• #40857: Addressed vulnerability where unbounded login_hint Parameter could corrupt KC_RESTART Cookie and break the login flow.
• #41427: Fixed token exchange failure when client session is expired during parallel execution.
• #41801: Resolved database creation coordination issues observed during deployment in version 26.3.0.
• #41942: Fixed uncaught server error (org.keycloak.models.ModelException: Database operation failed) during LDAP Group synchronization.
• #42012: Ensured client session timestamp is correctly updated in the database when running multiple nodes.
• #42046: Fixed security issue where KeycloakRealmImport placeholder replacement allowed access to sensitive environment variables.
• #42158: Corrected bug in configuration via keycloak.conf.
• #42164: Fixed broken links in Keycloak CI documentation.
• #42178: Resolved issue where integer validation errors were not displayed for user profile fields.
• #42182: Fixed issue where validation errors for required actions did not show translated messages in the admin UI.
• #42270: Corrected missing double-dash in the events documentation.
• #42339: Fixed issue where the openid scope was incorrectly added to the allowed client scopes list.
• #42369: Added missing client session offline settings on the realm level in the admin UI.