Václav Muzikář
Václav Muzikář
@abstractj Thank you for looking into it! I'm [trying](https://github.com/quarkusio/quarkus/pull/40188#issuecomment-2104202601) to check the possibility of backporting the BC version bump to Quarkus 3.8 (and 3.2).
@NilsEngelbach I understand you concerns. That said, I'm not sure I'd consider this a bug or broken behaviour. It's simply unsupported use case due to security reasons. @rmartinc WDYT?
jFTR, created a [tracker](https://issues.redhat.com/browse/QUARKUS-4432) at Quarkus side.
> The hostname check at the refresh token endpoint does not provide additional security, because the signature check should be enough. @mposolda @rmartinc Do you have any input on this?
CC @keycloak/cloud-native
# Superseded by the proposal in the Issue description. --- Based on some further discussions, created a summarized design proposal. It's focused on UX, implementation details are deliberately omitted at...
@GreySpike Thank you for the input! > If the bootstrap admin is generated on start up, with well known credentials, but only if there is no other admin, is there...
Created a final(-ish) design proposal and updated the issue description with it. Feel free to review @keycloak/cloud-native @keycloak/maintainers @keycloak/maintainers-external.
Resolving this as all tasks are done now and only follow-ups remain.
Related to: #9781