Hi. Does anyone know if the new saml-security-profile is applied to new and existing SAML clients by default as the name suggests, or do we need to explicitly assign the profile to the clients and if so how.
I tested creating a new SAML client on my v25 keycloak server using settings that I expected to be blocked and to my surprise was able to save the client.
Apologies in advance if I’ve missed the documentation on this.