v0.6.1
Agent Stack version 0.6.1
This release brings centralized authentication via Keycloak, support for unmanaged A2A agents, connector management in the SDK and CLI, statically configurable model providers, and numerous UI and deployment improvements.
Major Changes
Keycloak as Central OIDC Provider
Authentication has been completely rearchitected around Keycloak as the single OpenID Connect provider. User identity and role management now lives in Keycloak rather than the application's internal database. The deployment includes automated Keycloak provisioning with pre-configured realms, clients, and roles. A custom branded Keycloak theme with dark mode support ships out of the box, along with an SSO-only variant for environments using exclusively external identity providers. For organizations with existing identity infrastructure, external OIDC providers (Auth0, Okta, etc.) can be configured as an alternative to the bundled Keycloak, with flexible role claim mapping.
Unmanaged A2A Agents
You can now register A2A agents that are already running and managed externally. Instead of providing a Docker image, you can point Agent Stack to a running agent's URL. The agentstack add CLI command now accepts both Docker image references and direct agent URLs. For Docker-based agents without the expected metadata label, Agent Stack will automatically deploy a temporary probe to retrieve the agent card from the running container.