Closed
Description
Before reporting an issue
- I have read and understood the above terms for submitting issues, and I understand that my issue may be closed without action if I do not follow them.
Area
account/ui
Describe the bug
Pages that are visually hidden with the isVisible feature flag may not be there in the sidebar navigation, but they are still accessible when typing the url in the browser.
Version
26.1.4
Regression
- The issue is a regression
Expected behavior
The paths to the pages that are not enabled should not be accessible at all.
Actual behavior
The paths to the pages that are not enabled are still accessible.
How to Reproduce?
- Start a plain keycloak server.
- Navigate to the account UI.
- Try a "hidden" path by typing it in the url bar in your browser (e.g.
http://localhost:8080/realms/master/account/resourcesorhttp://localhost:8080/realms/master/account/account-security/linked-accounts)
Anything else?
No response