Deploying to main from @ 57a20b88d624829c073b8c302e3d04cb451cc384 🚀

ahus1 · ahus1 · commit a6bc7a3a4f2d · 2026-03-20T05:29:30.000Z
diff --git a/nightly/observability/health.html b/nightly/observability/health.html
@@ -146,11 +146,15 @@ <h2 id="_keycloak_health_check_endpoints"><a class="anchor" href="#_keycloak_hea
 </div>
 </div>
 <div class="listingblock">
-<div class="title">Successful response for endpoints with information on the database connection:</div>
+<div class="title">Successful response for endpoints with additional per-check information:</div>
 <div class="content">
 <pre class="highlight"><code class="language-json" data-lang="json">{
     "status": "UP",
     "checks": [
+        {
+            "name": "Keycloak Initialized",
+            "status": "UP"
+        },
         {
             "name": "Graceful Shutdown",
             "status": "UP"
@@ -308,6 +312,11 @@ <h2 id="_available_checks"><a class="anchor" href="#_available_checks"></a>Avail
 <td class="tableblock halign-left valign-top"><p class="tableblock">Will start to return "DOWN" once the pre-shutdown phase started.</p></td>
 <td class="tableblock halign-left valign-top"><p class="tableblock">No</p></td>
 </tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock">Keycloak Initialized</p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">Returns the status of the server initialization.</p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">No</p></td>
+</tr>
 </tbody>
 </table>
 <div class="paragraph">
diff --git a/nightly/server/all-config.html b/nightly/server/all-config.html
@@ -913,6 +913,27 @@ <h2 id="category-database"><a class="anchor" href="#category-database"></a>Datab
 </tr>
 <tr>
 <td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
+<p><span class="options-key"><code>db-connect-timeout</code></span></p>
+</div>
+<div class="paragraph">
+<p><span class="options-description">Sets the JDBC driver connection timeout and login timeout.</span></p>
+</div>
+<div id="option-extended-database-db-connect-timeout" class="openblock options-extended">
+<div class="content">
+<div class="paragraph">
+<p><span class="options-description-extended">May be an ISO 8601 duration value, an integer number of seconds, or an integer followed by one of [ms, h, m, s, d].</span></p>
+</div>
+<div class="paragraph">
+<p><strong>CLI:</strong> <code>--db-connect-timeout</code><br>
+<strong>Env:</strong> <code>KC_DB_CONNECT_TIMEOUT</code></p>
+</div>
+</div>
+</div></div></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><em>String</em></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>10s</code></p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
 <p><span class="options-key"><code>db-debug-jpql</code></span></p>
 </div>
 <div class="paragraph">
@@ -5537,6 +5558,48 @@ <h2 id="category-openapi"><a class="anchor" href="#category-openapi"></a>OpenAPI
 </div>
 </div>
 <div class="sect1">
+<h2 id="category-server"><a class="anchor" href="#category-server"></a>Server configuration</h2>
+<div class="sectionbody">
+<table class="tableblock frame-all grid-all stretch options">
+<colgroup>
+<col style="width: 75%;">
+<col style="width: 12.5%;">
+<col style="width: 12.5%;">
+</colgroup>
+<thead>
+<tr>
+<th class="tableblock halign-left valign-top"></th>
+<th class="tableblock halign-left valign-top"><em>Type</em> or Values</th>
+<th class="tableblock halign-left valign-top">Default</th>
+</tr>
+</thead>
+<tbody>
+<tr>
+<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
+<p><span class="options-key"><code>server-async-bootstrap</code></span></p>
+</div>
+<div class="paragraph">
+<p><span class="options-description">If true, endpoints are opened while the bootstrap runs in the background.</span></p>
+</div>
+<div id="option-extended-server-server-async-bootstrap" class="openblock options-extended">
+<div class="content">
+<div class="paragraph">
+<p><span class="options-description-extended">If false, endpoints are opened after bootstrap completes, ensuring the server is ready to handle requests.</span></p>
+</div>
+<div class="paragraph">
+<p><strong>CLI:</strong> <code>--server-async-bootstrap</code><br>
+<strong>Env:</strong> <code>KC_SERVER_ASYNC_BOOTSTRAP</code></p>
+</div>
+</div>
+</div></div></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>true</code>, <code>false</code></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>true</code></p></td>
+</tr>
+</tbody>
+</table>
+</div>
+</div>
+<div class="sect1">
 <h2 id="category-bootstrap_admin"><a class="anchor" href="#category-bootstrap_admin"></a>Bootstrap Admin</h2>
 <div class="sectionbody">
 <table class="tableblock frame-all grid-all stretch options">
diff --git a/nightly/server/configuration-production.html b/nightly/server/configuration-production.html
@@ -191,6 +191,30 @@ <h2 id="_limit_the_number_of_queued_requests"><a class="anchor" href="#_limit_th
 </div>
 </div>
 <div class="sect1">
+<h2 id="_server_bootstrap_behavior"><a class="anchor" href="#_server_bootstrap_behavior"></a>Server bootstrap behavior</h2>
+<div class="sectionbody">
+<div class="paragraph">
+<p>Server initialization, such as database migrations, may take a significant amount of time to complete.
+By default, Keycloak opens its HTTP(S) and Management endpoints while initialization is still in progress in the background.
+This allows the startup and liveness probes to report UP early, preventing orchestrators like Kubernetes from killing the container during a long-running migration, while the readiness probe reports DOWN until initialization completes.</p>
+</div>
+<div class="paragraph">
+<p>If you run Keycloak behind a proxy or load balancer, configure an HTTP health check with the path <code>/health/ready</code> to ensure traffic is routed only to instances that have completed initialization.</p>
+</div>
+<div class="paragraph">
+<p>If an HTTP health check is not possible, or you prefer the server to accept connections only after initialization completes, start Keycloak with the following option:</p>
+</div>
+<div class="listingblock">
+<div class="content">
+<pre class="highlight"><code class="language-bash" data-lang="bash">bin/kc.[sh|bat] start --server-async-bootstrap=false</code></pre>
+</div>
+</div>
+<div class="paragraph">
+<p>With this setting, Keycloak opens its endpoints only after the bootstrap is complete and the server is ready to handle requests.</p>
+</div>
+</div>
+</div>
+<div class="sect1">
 <h2 id="_production_grade_database"><a class="anchor" href="#_production_grade_database"></a>Production grade database</h2>
 <div class="sectionbody">
 <div class="paragraph">
diff --git a/nightly/server/db.html b/nightly/server/db.html
@@ -556,140 +556,20 @@ <h3 id="_configuring_unicode_support_for_a_microsoft_sql_server_database"><a cla
 </div>
 </div>
 <div class="sect1">
-<h2 id="_automatic_database_connection_timeout"><a class="anchor" href="#_automatic_database_connection_timeout"></a>Automatic database connection timeout</h2>
+<h2 id="_database_connection_and_login_timeout"><a class="anchor" href="#_database_connection_and_login_timeout"></a>Database connection and login timeout</h2>
 <div class="sectionbody">
 <div class="paragraph">
 <p>When Keycloak connects to the database, network problems can occur, especially during failovers or switchovers.
-To improve resilience and ensure faster recovery, Keycloak automatically sets a default connection timeout of 10 seconds for selected database vendors when using the standard JDBC driver.</p>
-</div>
-<div class="paragraph">
-<p>The following table lists the affected vendors, the JDBC driver property used, and the default value applied by Keycloak:</p>
-</div>
-<table class="tableblock frame-all grid-all fit-content">
-<colgroup>
-<col>
-<col>
-<col>
-<col>
-</colgroup>
-<thead>
-<tr>
-<th class="tableblock halign-left valign-top">Database</th>
-<th class="tableblock halign-left valign-top">JDBC driver property</th>
-<th class="tableblock halign-left valign-top">Default value</th>
-<th class="tableblock halign-left valign-top">Unit</th>
-</tr>
-</thead>
-<tbody>
-<tr>
-<td class="tableblock halign-left valign-top"><p class="tableblock">MySQL</p></td>
-<td class="tableblock halign-left valign-top"><p class="tableblock"><code>connectTimeout</code></p></td>
-<td class="tableblock halign-left valign-top"><p class="tableblock"><code>10000</code></p></td>
-<td class="tableblock halign-left valign-top"><p class="tableblock">milliseconds</p></td>
-</tr>
-<tr>
-<td class="tableblock halign-left valign-top"><p class="tableblock">MariaDB</p></td>
-<td class="tableblock halign-left valign-top"><p class="tableblock"><code>connectTimeout</code></p></td>
-<td class="tableblock halign-left valign-top"><p class="tableblock"><code>10000</code></p></td>
-<td class="tableblock halign-left valign-top"><p class="tableblock">milliseconds</p></td>
-</tr>
-<tr>
-<td class="tableblock halign-left valign-top"><p class="tableblock">PostgreSQL</p></td>
-<td class="tableblock halign-left valign-top"><p class="tableblock"><code>connectTimeout</code></p></td>
-<td class="tableblock halign-left valign-top"><p class="tableblock"><code>10</code></p></td>
-<td class="tableblock halign-left valign-top"><p class="tableblock">seconds</p></td>
-</tr>
-<tr>
-<td class="tableblock halign-left valign-top"><p class="tableblock">Oracle Database</p></td>
-<td class="tableblock halign-left valign-top"><p class="tableblock"><code>oracle.net.CONNECT_TIMEOUT</code></p></td>
-<td class="tableblock halign-left valign-top"><p class="tableblock"><code>10000</code></p></td>
-<td class="tableblock halign-left valign-top"><p class="tableblock">milliseconds</p></td>
-</tr>
-<tr>
-<td class="tableblock halign-left valign-top"><p class="tableblock">Microsoft SQL Server</p></td>
-<td class="tableblock halign-left valign-top"><p class="tableblock"><code>loginTimeout</code></p></td>
-<td class="tableblock halign-left valign-top"><p class="tableblock"><code>10</code></p></td>
-<td class="tableblock halign-left valign-top"><p class="tableblock">seconds</p></td>
-</tr>
-</tbody>
-</table>
-<div class="paragraph">
-<p>Keycloak applies these defaults automatically, but only when all of the following conditions are met:</p>
-</div>
-<div class="ulist">
-<ul>
-<li>
-<p>The database vendor is configured via <code>--db</code>.</p>
-</li>
-<li>
-<p>Keycloak is using the standard JDBC driver for that vendor.</p>
-</li>
-<li>
-<p>The timeout property has not already been set explicitly by the user in <code>db-url</code> or <code>db-url-properties</code>.</p>
-</li>
-</ul>
-</div>
-<div class="sect2">
-<h3 id="_overriding_the_default_connection_timeout"><a class="anchor" href="#_overriding_the_default_connection_timeout"></a>Overriding the default connection timeout</h3>
-<div class="paragraph">
-<p>To use a different connection timeout, set the relevant JDBC driver property explicitly via <code>db-url</code> or <code>db-url-properties</code>.</p>
-</div>
-<div class="paragraph">
-<p>For MySQL:</p>
-</div>
-<div class="listingblock">
-<div class="content">
-<pre class="highlight"><code class="language-bash" data-lang="bash">bin/kc.[sh|bat] start --db mysql --db-url-properties='?connectTimeout=30000'</code></pre>
-</div>
-</div>
-<div class="paragraph">
-<p>For MariaDB:</p>
-</div>
-<div class="listingblock">
-<div class="content">
-<pre class="highlight"><code class="language-bash" data-lang="bash">bin/kc.[sh|bat] start --db mariadb --db-url-properties='?connectTimeout=30000'</code></pre>
-</div>
-</div>
-<div class="paragraph">
-<p>For Microsoft SQL Server:</p>
-</div>
-<div class="listingblock">
-<div class="content">
-<pre class="highlight"><code class="language-bash" data-lang="bash">bin/kc.[sh|bat] start --db mssql --db-url-properties=';loginTimeout=20'</code></pre>
-</div>
-</div>
-<div class="paragraph">
-<p>For PostgreSQL:</p>
-</div>
-<div class="listingblock">
-<div class="content">
-<pre class="highlight"><code class="language-bash" data-lang="bash">bin/kc.[sh|bat] start --db postgres --db-url-properties='?connectTimeout=30'</code></pre>
-</div>
-</div>
-<div class="admonitionblock note">
-<table>
-<tr>
-<td class="icon">
-<i class="fa icon-note" title="Note"></i>
-</td>
-<td class="content">
-<div class="paragraph">
-<p>When using <code>db-url-properties</code>, prepend the correct delimiter for your vendor&#8217;s JDBC URL format:</p>
-</div>
-<div class="ulist">
-<ul>
-<li>
-<p>PostgreSQL, MySQL, and MariaDB: use <code>?</code> as the first property delimiter, or <code>&amp;</code> for subsequent properties.</p>
-</li>
-<li>
-<p>Microsoft SQL Server: use <code>;</code> as the property delimiter.</p>
-</li>
-</ul>
-</div>
-</td>
-</tr>
-</table>
+To improve failover behavior and startup resilience during network issues, Keycloak sets a default connection timeout of 10s for all supported database vendors when using the standard JDBC driver.</p>
 </div>
+<div class="dlist">
+<dl>
+<dt class="hdlist1"><code>db-connect-timeout</code></dt>
+<dd>
+<p>Sets the JDBC driver connection timeout and login timeout.
+Default: <code>10s</code>.</p>
+</dd>
+</dl>
 </div>
 </div>
 </div>
@@ -1339,6 +1219,27 @@ <h2 id="_relevant_options"><a class="anchor" href="#_relevant_options"></a>Relev
 </tr>
 <tr>
 <td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
+<p><span class="options-key"><code>db-connect-timeout</code></span></p>
+</div>
+<div class="paragraph">
+<p><span class="options-description">Sets the JDBC driver connection timeout and login timeout.</span></p>
+</div>
+<div class="openblock options-extended">
+<div class="content">
+<div class="paragraph">
+<p><span class="options-description-extended">May be an ISO 8601 duration value, an integer number of seconds, or an integer followed by one of [ms, h, m, s, d].</span></p>
+</div>
+<div class="paragraph">
+<p><strong>CLI:</strong> <code>--db-connect-timeout</code><br>
+<strong>Env:</strong> <code>KC_DB_CONNECT_TIMEOUT</code></p>
+</div>
+</div>
+</div></div></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><em>String</em></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><code>10s</code></p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
 <p><span class="options-key"><code>db-debug-jpql</code></span></p>
 </div>
 <div class="paragraph">
diff --git a/translations.html b/translations.html
@@ -600,7 +600,7 @@ <h1>Translations</h1>
                     </a>
                 </td>
             <td style="text-align: right">
-                    <a rel="nofollow" href="https://hosted.weblate.org/translate/keycloak/-/pt_BR/?q=state%3A%3Dtranslated&sort_by=-priority%2Cposition&checksum=">6</a>
+                    &check;
             </td>
         </tr>
         <tr>
@@ -810,7 +810,7 @@ <h1>Translations</h1>
         </tbody>
     </table>
 
-    <p  data-nosnippet>(Statistics updated daily. Last update: 2026-03-19T20:26:50Z)</p>
+    <p  data-nosnippet>(Statistics updated daily. Last update: 2026-03-20T05:26:32Z)</p>
 
 </div>
 
