I see.

I suppose the fewer keycloak features an application uses the smaller is the exposure to incompatibilities and braking. For example if only the OpenID Connect/Oauth authentication is used and keycloak Admin REST api is avoided chances is that an upgrade won't brake things.

Is this the case or an explicit version check prevents an adapter from working at all in case an incompatibility is detected ?

On Wed, Mar 9, 2016 at 4:40 PM, Stian Thorgersen <sthorger@redhat.com> wrote:

To make sure everything works as expected you should upgrade both server and adapters at the same time. I understand this is not always convenient and we are planning to reduce this restriction in the future.

On 9 March 2016 at 15:30, Orestis Tsakiridis <orestis.tsakiridis@telestax.com> wrote:
Hello!

Is it possible to secure applications using old adapters (say 1.6.1) with a keycloak server of more recent version (say 1.9.0) ?

The question boils down to what is the proper upgrade policy in a keycloak secured system with many applications provided by different customers. If an application with an old adapter does not work with a newer keycloak server then it seems all (both keycloak and applications) should be upgraded in a single step.

_______________________________________________
keycloak-user mailing list
keycloak-user@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user