Jump To Close Expand all Collapse all Table of contents Upgrading Guide Making open source more inclusive 1. Upgrading Red Hat Single Sign-On Expand section "1. Upgrading Red Hat Single Sign-On" Collapse section "1. Upgrading Red Hat Single Sign-On" 1.1. About upgrades Expand section "1.1. About upgrades" Collapse section "1.1. About upgrades" 1.1.1. Major upgrades 1.1.2. Minor updates 1.1.3. Micro updates 1.2. Migrating Keycloak to RH-SSO 2. Release-specific changes Expand section "2. Release-specific changes" Collapse section "2. Release-specific changes" 2.1. RH SSO 7.6 Expand section "2.1. RH SSO 7.6" Collapse section "2.1. RH SSO 7.6" 2.1.1. Step-up authentication 2.1.2. OpenID Connect Logout 2.1.3. Removal of the upload-scripts feature 2.1.4. Account console Patternfly upgrade 2.1.5. Client Policies Migration : client-scopes 2.1.6. Liquibase upgraded to version 4.6.2 2.1.7. Deprecated features in the Red Hat Single Sign-On Operator 2.1.8. Critical bug fix in the Red Hat Single Sign-On Operator 2.1.9. Changes to probes when using the Red Hat Single Sign-On Operator 7.6.2 2.1.10. Changes to probes when using the Red Hat Single Sign-On Operator 7.6.5 2.2. RH SSO 7.5 Expand section "2.2. RH SSO 7.5" Collapse section "2.2. RH SSO 7.5" 2.2.1. Upgrade to EAP 7.4 Expand section "2.2.1. Upgrade to EAP 7.4" Collapse section "2.2.1. Upgrade to EAP 7.4" 2.2.1.1. Dependency updates 2.2.1.2. Configuration changes 2.2.1.3. SmallRye manual changes 2.2.1.4. Cross-Datacenter replication changes 2.2.2. UserModel Migration 2.2.3. Upgrade to PatternFly 4 2.2.4. New API for Instagram IdP 2.2.5. Valid Request URIs for SSRF protection 2.2.6. Read-only user attributes 2.2.7. No user session needed after Docker authentication 2.2.8. Client Credentials Grant without default refresh token 2.2.9. Non-standard token introspection endpoint removed 2.2.10. LDAP no-import fix 2.3. RH SSO 7.4 Expand section "2.3. RH SSO 7.4" Collapse section "2.3. RH SSO 7.4" 2.3.1. Upgrade to EAP 7.3 Expand section "2.3.1. Upgrade to EAP 7.3" Collapse section "2.3.1. Upgrade to EAP 7.3" 2.3.1.1. Dependency updates 2.3.1.2. Configuration changes 2.3.1.3. Cross-Datacenter replication changes 2.3.2. Authentication flows changes Expand section "2.3.2. Authentication flows changes" Collapse section "2.3.2. Authentication flows changes" 2.3.2.1. REQUIRED and ALTERNATIVE executions not supported at same authentication flow 2.3.2.2. OPTIONAL execution requirement removed 2.3.2.3. SPI Changes 2.3.2.4. Freemarker template changes 2.3.3. Duplicated top level groups 2.3.4. User credentials changes 2.3.5. New optional client scope 2.3.6. Improved handling of user locale 2.3.7. Legacy promise in JavaScript adapter 2.3.8. Deploying Scripts to the Server 2.3.9. Client Credentials in the JavaScript adapter 2.3.10. New Default Hostname provider 2.3.11. Deprecated or removed features Expand section "2.3.11. Deprecated or removed features" Collapse section "2.3.11. Deprecated or removed features" 2.3.11.1. Deprecated methods in token representation Java classes 2.3.11.2. Uploading scripts 2.3.12. Authorization Services Drools Policy 2.4. RH-SSO 7.3 Expand section "2.4. RH-SSO 7.3" Collapse section "2.4. RH-SSO 7.3" 2.4.1. Changes to authorization services 2.4.2. Client Templates changed to Client Scopes 2.4.3. New default client scopes Expand section "2.4.3. New default client scopes" Collapse section "2.4.3. New default client scopes" 2.4.3.1. Protocol mapper SPI addition 2.4.3.2. Audience resolving 2.4.4. Upgrade to EAP 7.2 2.4.5. Hostname configuration 2.4.6. JavaScript adapter promise 2.4.7. Microsoft Identity Provider updated to use the Microsoft Graph API 2.4.8. Google Identity Provider updated to use Google Sign-in authentication system 2.4.9. LinkedIn Social Broker Updated to Version 2 of LinkedIn APIs 2.5. RH-SSO 7.2 Expand section "2.5. RH-SSO 7.2" Collapse section "2.5. RH-SSO 7.2" 2.5.1. New password hashing algorithms 2.5.2. ID Token requires scope=openid 2.5.3. Microsoft SQL Server requires extra dependency 2.5.4. Added session_state parameter to OpenID Connect Authentication Response 2.5.5. Microsoft Identity Provider updated to use the Microsoft Graph API 2.5.6. Google Identity Provider updated to use Google Sign-in authentication system 2.5.7. LinkedIn Social Broker updated to Version 2 of LinkedIn APIs 2.6. RH-SSO 7.1 Expand section "2.6. RH-SSO 7.1" Collapse section "2.6. RH-SSO 7.1" 2.6.1. Realm keys 2.6.2. Client redirect URI matching 2.6.3. Automatically redirect to Identity Provider 2.6.4. Admin REST API 2.6.5. Server configuration 2.6.6. Key encryption algorithm in SAML assertions 3. Upgrading the Red Hat Single Sign-On server Expand section "3. Upgrading the Red Hat Single Sign-On server" Collapse section "3. Upgrading the Red Hat Single Sign-On server" 3.1. Performing a minor upgrade Expand section "3.1. Performing a minor upgrade" Collapse section "3.1. Performing a minor upgrade" 3.1.1. Preparing for upgrading 3.1.2. Upgrading the Red Hat Single Sign-On server Expand section "3.1.2. Upgrading the Red Hat Single Sign-On server" Collapse section "3.1.2. Upgrading the Red Hat Single Sign-On server" 3.1.2.1. Upgrading the server from a ZIP file 3.1.2.2. Upgrading the server from an RPM 3.1.3. Running the server upgrade script Expand section "3.1.3. Running the server upgrade script" Collapse section "3.1.3. Running the server upgrade script" 3.1.3.1. Running the Standalone Mode upgrade script 3.1.3.2. Running the Standalone-High Availability Mode upgrade script 3.1.3.3. Running the Domain Mode upgrade script 3.1.3.4. Running the Domain-clustered Mode upgrade script 3.1.4. Database migration Expand section "3.1.4. Database migration" Collapse section "3.1.4. Database migration" 3.1.4.1. Automatic relational database migration 3.1.4.2. Manual relational database migration 3.1.5. Theme migration Expand section "3.1.5. Theme migration" Collapse section "3.1.5. Theme migration" 3.1.5.1. Theme changes RH-SSO 7.3 3.1.5.2. Theme changes RH-SSO 7.2 3.1.5.3. Theme changes RH-SSO 7.1 3.1.5.4. Migrating templates 3.1.5.5. Migrating messages 3.1.5.6. Migrating styles 3.2. Performing a micro upgrade Expand section "3.2. Performing a micro upgrade" Collapse section "3.2. Performing a micro upgrade" 3.2.1. ZIP/installer installation patching Expand section "3.2.1. ZIP/installer installation patching" Collapse section "3.2.1. ZIP/installer installation patching" 3.2.1.1. Important notes on ZIP installation patching 3.2.1.2. Applying a patch 3.2.1.3. Rolling back a patch 3.2.1.4. Clearing patch history 3.2.2. Patching an RPM Installation 4. Upgrading Red Hat Single Sign-On adapters Expand section "4. Upgrading Red Hat Single Sign-On adapters" Collapse section "4. Upgrading Red Hat Single Sign-On adapters" 4.1. Compatibility with older adapters 4.2. Upgrading the EAP adapter 4.3. Upgrading the JavaScript adapter 4.4. Upgrading the Node.js adapter Legal Notice Settings Close Language: 日本語 简体中文 한국어 English Language: 日本語 简体中文 한국어 English Format: Multi-page Single-page PDF Format: Multi-page Single-page PDF Language and Page Formatting Options Language: 日本語 简体中文 한국어 English Language: 日本語 简体中文 한국어 English Format: Multi-page Single-page PDF Format: Multi-page Single-page PDF Upgrading Guide Red Hat Single Sign-On 7.6For Use with Red Hat Single Sign-On 7.6Red Hat Customer Content Services Legal NoticeAbstract This book is a guide to upgrading your application from a previous version of Red Hat Single Sign-On 7.6. Next