mirror of
https://github.com/fiodarsazanavets/aspire-13-examples.git
synced 2026-06-20 12:23:14 +00:00
fiodarsazanavets
2121 lines
74 KiB
JSON
2121 lines
74 KiB
JSON
{
|
|
"id": "e3a46e00-f700-4eaa-b1d3-6aad1045be73",
|
|
"realm": "OnlineShop",
|
|
"displayName": "",
|
|
"displayNameHtml": "",
|
|
"notBefore": 0,
|
|
"defaultSignatureAlgorithm": "RS256",
|
|
"revokeRefreshToken": false,
|
|
"refreshTokenMaxReuse": 0,
|
|
"accessTokenLifespan": 300,
|
|
"accessTokenLifespanForImplicitFlow": 900,
|
|
"ssoSessionIdleTimeout": 1800,
|
|
"ssoSessionMaxLifespan": 36000,
|
|
"ssoSessionIdleTimeoutRememberMe": 0,
|
|
"ssoSessionMaxLifespanRememberMe": 0,
|
|
"offlineSessionIdleTimeout": 2592000,
|
|
"offlineSessionMaxLifespanEnabled": false,
|
|
"offlineSessionMaxLifespan": 5184000,
|
|
"clientSessionIdleTimeout": 0,
|
|
"clientSessionMaxLifespan": 0,
|
|
"clientOfflineSessionIdleTimeout": 0,
|
|
"clientOfflineSessionMaxLifespan": 0,
|
|
"accessCodeLifespan": 60,
|
|
"accessCodeLifespanUserAction": 300,
|
|
"accessCodeLifespanLogin": 1800,
|
|
"actionTokenGeneratedByAdminLifespan": 43200,
|
|
"actionTokenGeneratedByUserLifespan": 300,
|
|
"oauth2DeviceCodeLifespan": 600,
|
|
"oauth2DevicePollingInterval": 5,
|
|
"enabled": true,
|
|
"sslRequired": "external",
|
|
"registrationAllowed": true,
|
|
"registrationEmailAsUsername": true,
|
|
"rememberMe": false,
|
|
"verifyEmail": false,
|
|
"loginWithEmailAllowed": true,
|
|
"duplicateEmailsAllowed": false,
|
|
"resetPasswordAllowed": false,
|
|
"editUsernameAllowed": false,
|
|
"bruteForceProtected": false,
|
|
"permanentLockout": false,
|
|
"maxFailureWaitSeconds": 900,
|
|
"minimumQuickLoginWaitSeconds": 60,
|
|
"waitIncrementSeconds": 60,
|
|
"quickLoginCheckMilliSeconds": 1000,
|
|
"maxDeltaTimeSeconds": 43200,
|
|
"failureFactor": 30,
|
|
"roles": {
|
|
"realm": [
|
|
{
|
|
"id": "fbab7668-d3db-44d7-9c41-f54ef80d1f60",
|
|
"name": "uma_authorization",
|
|
"description": "${role_uma_authorization}",
|
|
"composite": false,
|
|
"clientRole": false,
|
|
"containerId": "e3a46e00-f700-4eaa-b1d3-6aad1045be73",
|
|
"attributes": {}
|
|
},
|
|
{
|
|
"id": "843ea8cf-34fa-4e7d-a28a-181252a553aa",
|
|
"name": "offline_access",
|
|
"description": "${role_offline-access}",
|
|
"composite": false,
|
|
"clientRole": false,
|
|
"containerId": "e3a46e00-f700-4eaa-b1d3-6aad1045be73",
|
|
"attributes": {}
|
|
},
|
|
{
|
|
"id": "b2fa8449-be5e-4cde-8771-74e028be70ea",
|
|
"name": "default-roles-onlineshop",
|
|
"description": "${role_default-roles}",
|
|
"composite": true,
|
|
"composites": {
|
|
"realm": [ "offline_access", "uma_authorization" ],
|
|
"client": {
|
|
"account": [ "view-profile", "manage-account" ]
|
|
}
|
|
},
|
|
"clientRole": false,
|
|
"containerId": "e3a46e00-f700-4eaa-b1d3-6aad1045be73",
|
|
"attributes": {}
|
|
}
|
|
],
|
|
"client": {
|
|
"webapp": [
|
|
{
|
|
"id": "7139816d-84aa-427a-b7ca-b020e9b8b6e5",
|
|
"name": "uma_protection",
|
|
"composite": false,
|
|
"clientRole": true,
|
|
"containerId": "cc5ff175-d0b3-4759-8b01-49e60dfa9269",
|
|
"attributes": {}
|
|
}
|
|
],
|
|
"realm-management": [
|
|
{
|
|
"id": "8175000f-6ed7-4854-8d33-0aefdb634d37",
|
|
"name": "manage-users",
|
|
"description": "${role_manage-users}",
|
|
"composite": false,
|
|
"clientRole": true,
|
|
"containerId": "348d0c1d-6d87-4975-b5b1-d3f7ca245cd0",
|
|
"attributes": {}
|
|
},
|
|
{
|
|
"id": "18ef8a22-f1d4-43e2-aea8-56e464fdcbc1",
|
|
"name": "view-users",
|
|
"description": "${role_view-users}",
|
|
"composite": true,
|
|
"composites": {
|
|
"client": {
|
|
"realm-management": [ "query-groups", "query-users" ]
|
|
}
|
|
},
|
|
"clientRole": true,
|
|
"containerId": "348d0c1d-6d87-4975-b5b1-d3f7ca245cd0",
|
|
"attributes": {}
|
|
},
|
|
{
|
|
"id": "34eeeecc-6e38-4fa7-9b9a-5396984beb70",
|
|
"name": "create-client",
|
|
"description": "${role_create-client}",
|
|
"composite": false,
|
|
"clientRole": true,
|
|
"containerId": "348d0c1d-6d87-4975-b5b1-d3f7ca245cd0",
|
|
"attributes": {}
|
|
},
|
|
{
|
|
"id": "1b982c51-ce1d-458a-8f87-dc473dee86c8",
|
|
"name": "query-clients",
|
|
"description": "${role_query-clients}",
|
|
"composite": false,
|
|
"clientRole": true,
|
|
"containerId": "348d0c1d-6d87-4975-b5b1-d3f7ca245cd0",
|
|
"attributes": {}
|
|
},
|
|
{
|
|
"id": "740a92df-796f-4b13-80f1-5d8ddc1234fa",
|
|
"name": "view-realm",
|
|
"description": "${role_view-realm}",
|
|
"composite": false,
|
|
"clientRole": true,
|
|
"containerId": "348d0c1d-6d87-4975-b5b1-d3f7ca245cd0",
|
|
"attributes": {}
|
|
},
|
|
{
|
|
"id": "000b2e2a-4eb2-4d43-b759-1aae49784d41",
|
|
"name": "query-realms",
|
|
"description": "${role_query-realms}",
|
|
"composite": false,
|
|
"clientRole": true,
|
|
"containerId": "348d0c1d-6d87-4975-b5b1-d3f7ca245cd0",
|
|
"attributes": {}
|
|
},
|
|
{
|
|
"id": "daa9c3f8-37b1-4e75-a0b6-714fbc255e7a",
|
|
"name": "view-events",
|
|
"description": "${role_view-events}",
|
|
"composite": false,
|
|
"clientRole": true,
|
|
"containerId": "348d0c1d-6d87-4975-b5b1-d3f7ca245cd0",
|
|
"attributes": {}
|
|
},
|
|
{
|
|
"id": "f3ca11fc-8037-495a-be86-6b0edde4158a",
|
|
"name": "query-users",
|
|
"description": "${role_query-users}",
|
|
"composite": false,
|
|
"clientRole": true,
|
|
"containerId": "348d0c1d-6d87-4975-b5b1-d3f7ca245cd0",
|
|
"attributes": {}
|
|
},
|
|
{
|
|
"id": "4af47186-68b1-4629-8189-ccf2893a5986",
|
|
"name": "manage-clients",
|
|
"description": "${role_manage-clients}",
|
|
"composite": false,
|
|
"clientRole": true,
|
|
"containerId": "348d0c1d-6d87-4975-b5b1-d3f7ca245cd0",
|
|
"attributes": {}
|
|
},
|
|
{
|
|
"id": "30eaf565-6c5e-4173-bed9-66bd676838c5",
|
|
"name": "manage-authorization",
|
|
"description": "${role_manage-authorization}",
|
|
"composite": false,
|
|
"clientRole": true,
|
|
"containerId": "348d0c1d-6d87-4975-b5b1-d3f7ca245cd0",
|
|
"attributes": {}
|
|
},
|
|
{
|
|
"id": "74c174ee-9aad-442a-9497-76aec3ab0c4f",
|
|
"name": "manage-realm",
|
|
"description": "${role_manage-realm}",
|
|
"composite": false,
|
|
"clientRole": true,
|
|
"containerId": "348d0c1d-6d87-4975-b5b1-d3f7ca245cd0",
|
|
"attributes": {}
|
|
},
|
|
{
|
|
"id": "a16beadc-0c9c-4cbe-a31b-a6b33f8a74c0",
|
|
"name": "view-identity-providers",
|
|
"description": "${role_view-identity-providers}",
|
|
"composite": false,
|
|
"clientRole": true,
|
|
"containerId": "348d0c1d-6d87-4975-b5b1-d3f7ca245cd0",
|
|
"attributes": {}
|
|
},
|
|
{
|
|
"id": "1dc381e7-0e24-44d7-92e4-d8edc8892ba3",
|
|
"name": "manage-events",
|
|
"description": "${role_manage-events}",
|
|
"composite": false,
|
|
"clientRole": true,
|
|
"containerId": "348d0c1d-6d87-4975-b5b1-d3f7ca245cd0",
|
|
"attributes": {}
|
|
},
|
|
{
|
|
"id": "7389a745-41fe-4c87-bbd8-b6751e41cb0d",
|
|
"name": "manage-identity-providers",
|
|
"description": "${role_manage-identity-providers}",
|
|
"composite": false,
|
|
"clientRole": true,
|
|
"containerId": "348d0c1d-6d87-4975-b5b1-d3f7ca245cd0",
|
|
"attributes": {}
|
|
},
|
|
{
|
|
"id": "dfcb55ac-6048-4633-8390-76a92dc01ff8",
|
|
"name": "view-authorization",
|
|
"description": "${role_view-authorization}",
|
|
"composite": false,
|
|
"clientRole": true,
|
|
"containerId": "348d0c1d-6d87-4975-b5b1-d3f7ca245cd0",
|
|
"attributes": {}
|
|
},
|
|
{
|
|
"id": "1a7f77d3-ad95-402b-a13a-e99290b120cc",
|
|
"name": "impersonation",
|
|
"description": "${role_impersonation}",
|
|
"composite": false,
|
|
"clientRole": true,
|
|
"containerId": "348d0c1d-6d87-4975-b5b1-d3f7ca245cd0",
|
|
"attributes": {}
|
|
},
|
|
{
|
|
"id": "86f91729-f0a4-474a-828a-783acaa70ee6",
|
|
"name": "query-groups",
|
|
"description": "${role_query-groups}",
|
|
"composite": false,
|
|
"clientRole": true,
|
|
"containerId": "348d0c1d-6d87-4975-b5b1-d3f7ca245cd0",
|
|
"attributes": {}
|
|
},
|
|
{
|
|
"id": "7e77d988-3a49-4f94-b770-36717a3a67a0",
|
|
"name": "realm-admin",
|
|
"description": "${role_realm-admin}",
|
|
"composite": true,
|
|
"composites": {
|
|
"client": {
|
|
"realm-management": [ "manage-users", "view-users", "query-clients", "create-client", "view-realm", "query-realms", "view-events", "query-users", "manage-clients", "manage-authorization", "manage-realm", "view-identity-providers", "manage-events", "manage-identity-providers", "view-authorization", "impersonation", "view-clients", "query-groups" ]
|
|
}
|
|
},
|
|
"clientRole": true,
|
|
"containerId": "348d0c1d-6d87-4975-b5b1-d3f7ca245cd0",
|
|
"attributes": {}
|
|
},
|
|
{
|
|
"id": "447bd792-fbfa-4a8d-bbfb-9c8c4fa55bbe",
|
|
"name": "view-clients",
|
|
"description": "${role_view-clients}",
|
|
"composite": true,
|
|
"composites": {
|
|
"client": {
|
|
"realm-management": [ "query-clients" ]
|
|
}
|
|
},
|
|
"clientRole": true,
|
|
"containerId": "348d0c1d-6d87-4975-b5b1-d3f7ca245cd0",
|
|
"attributes": {}
|
|
}
|
|
],
|
|
"security-admin-console": [],
|
|
"admin-cli": [],
|
|
"account-console": [],
|
|
"broker": [
|
|
{
|
|
"id": "4976b16a-a2e9-4738-b2dc-0e7a28679300",
|
|
"name": "read-token",
|
|
"description": "${role_read-token}",
|
|
"composite": false,
|
|
"clientRole": true,
|
|
"containerId": "1790c30e-7010-4d4f-bc3b-181a65868873",
|
|
"attributes": {}
|
|
}
|
|
],
|
|
"account": [
|
|
{
|
|
"id": "e39429fa-1cec-4595-908d-e0c53e9f9c6c",
|
|
"name": "view-applications",
|
|
"description": "${role_view-applications}",
|
|
"composite": false,
|
|
"clientRole": true,
|
|
"containerId": "82385f82-f986-49fe-a512-5a8ea45f09ee",
|
|
"attributes": {}
|
|
},
|
|
{
|
|
"id": "61c7e1eb-6fe7-4cf5-9538-4975f4c0321c",
|
|
"name": "delete-account",
|
|
"description": "${role_delete-account}",
|
|
"composite": false,
|
|
"clientRole": true,
|
|
"containerId": "82385f82-f986-49fe-a512-5a8ea45f09ee",
|
|
"attributes": {}
|
|
},
|
|
{
|
|
"id": "d3d3938b-9c19-4261-9105-c77426dcf984",
|
|
"name": "view-consent",
|
|
"description": "${role_view-consent}",
|
|
"composite": false,
|
|
"clientRole": true,
|
|
"containerId": "82385f82-f986-49fe-a512-5a8ea45f09ee",
|
|
"attributes": {}
|
|
},
|
|
{
|
|
"id": "de1829b1-0c28-4ef2-b6d6-59d412086da6",
|
|
"name": "manage-account-links",
|
|
"description": "${role_manage-account-links}",
|
|
"composite": false,
|
|
"clientRole": true,
|
|
"containerId": "82385f82-f986-49fe-a512-5a8ea45f09ee",
|
|
"attributes": {}
|
|
},
|
|
{
|
|
"id": "9a4e43f4-28fe-4182-a916-8b0270dbd5c6",
|
|
"name": "manage-consent",
|
|
"description": "${role_manage-consent}",
|
|
"composite": true,
|
|
"composites": {
|
|
"client": {
|
|
"account": [ "view-consent" ]
|
|
}
|
|
},
|
|
"clientRole": true,
|
|
"containerId": "82385f82-f986-49fe-a512-5a8ea45f09ee",
|
|
"attributes": {}
|
|
},
|
|
{
|
|
"id": "7d24e973-1015-4b85-9246-aaa0fc8ef71e",
|
|
"name": "view-profile",
|
|
"description": "${role_view-profile}",
|
|
"composite": false,
|
|
"clientRole": true,
|
|
"containerId": "82385f82-f986-49fe-a512-5a8ea45f09ee",
|
|
"attributes": {}
|
|
},
|
|
{
|
|
"id": "8f10d2cc-ccdf-41f0-b5f2-2c1226b2e182",
|
|
"name": "view-groups",
|
|
"description": "${role_view-groups}",
|
|
"composite": false,
|
|
"clientRole": true,
|
|
"containerId": "82385f82-f986-49fe-a512-5a8ea45f09ee",
|
|
"attributes": {}
|
|
},
|
|
{
|
|
"id": "4497bf44-3add-482d-b081-ce0c8e2c4d55",
|
|
"name": "manage-account",
|
|
"description": "${role_manage-account}",
|
|
"composite": true,
|
|
"composites": {
|
|
"client": {
|
|
"account": [ "manage-account-links" ]
|
|
}
|
|
},
|
|
"clientRole": true,
|
|
"containerId": "82385f82-f986-49fe-a512-5a8ea45f09ee",
|
|
"attributes": {}
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"groups": [],
|
|
"defaultRole": {
|
|
"id": "b2fa8449-be5e-4cde-8771-74e028be70ea",
|
|
"name": "default-roles-onlineshop",
|
|
"description": "${role_default-roles}",
|
|
"composite": true,
|
|
"clientRole": false,
|
|
"containerId": "e3a46e00-f700-4eaa-b1d3-6aad1045be73"
|
|
},
|
|
"requiredCredentials": [ "password" ],
|
|
"otpPolicyType": "totp",
|
|
"otpPolicyAlgorithm": "HmacSHA1",
|
|
"otpPolicyInitialCounter": 0,
|
|
"otpPolicyDigits": 6,
|
|
"otpPolicyLookAheadWindow": 1,
|
|
"otpPolicyPeriod": 30,
|
|
"otpPolicyCodeReusable": false,
|
|
"otpSupportedApplications": [ "totpAppFreeOTPName", "totpAppGoogleName", "totpAppMicrosoftAuthenticatorName" ],
|
|
"localizationTexts": {},
|
|
"webAuthnPolicyRpEntityName": "keycloak",
|
|
"webAuthnPolicySignatureAlgorithms": [ "ES256" ],
|
|
"webAuthnPolicyRpId": "",
|
|
"webAuthnPolicyAttestationConveyancePreference": "not specified",
|
|
"webAuthnPolicyAuthenticatorAttachment": "not specified",
|
|
"webAuthnPolicyRequireResidentKey": "not specified",
|
|
"webAuthnPolicyUserVerificationRequirement": "not specified",
|
|
"webAuthnPolicyCreateTimeout": 0,
|
|
"webAuthnPolicyAvoidSameAuthenticatorRegister": false,
|
|
"webAuthnPolicyAcceptableAaguids": [],
|
|
"webAuthnPolicyExtraOrigins": [],
|
|
"webAuthnPolicyPasswordlessRpEntityName": "keycloak",
|
|
"webAuthnPolicyPasswordlessSignatureAlgorithms": [ "ES256" ],
|
|
"webAuthnPolicyPasswordlessRpId": "",
|
|
"webAuthnPolicyPasswordlessAttestationConveyancePreference": "not specified",
|
|
"webAuthnPolicyPasswordlessAuthenticatorAttachment": "not specified",
|
|
"webAuthnPolicyPasswordlessRequireResidentKey": "not specified",
|
|
"webAuthnPolicyPasswordlessUserVerificationRequirement": "not specified",
|
|
"webAuthnPolicyPasswordlessCreateTimeout": 0,
|
|
"webAuthnPolicyPasswordlessAvoidSameAuthenticatorRegister": false,
|
|
"webAuthnPolicyPasswordlessAcceptableAaguids": [],
|
|
"webAuthnPolicyPasswordlessExtraOrigins": [],
|
|
"users": [
|
|
{
|
|
"id": "dacfbd28-991c-43d8-bd9a-36e73095fd73",
|
|
"createdTimestamp": 1705700546001,
|
|
"username": "service-account-webapp",
|
|
"enabled": true,
|
|
"totp": false,
|
|
"emailVerified": false,
|
|
"serviceAccountClientId": "webapp",
|
|
"credentials": [],
|
|
"disableableCredentialTypes": [],
|
|
"requiredActions": [],
|
|
"realmRoles": [ "default-roles-onlineshop" ],
|
|
"clientRoles": {
|
|
"webapp": [ "uma_protection" ]
|
|
},
|
|
"notBefore": 0,
|
|
"groups": []
|
|
},
|
|
{
|
|
"id": "179dc1ef-e1ea-4488-95d8-25966c51dbe7",
|
|
"createdTimestamp": 1706043756945,
|
|
"username": "test@example.com",
|
|
"enabled": true,
|
|
"totp": false,
|
|
"emailVerified": true,
|
|
"firstName": "Test",
|
|
"lastName": "User",
|
|
"email": "test@example.com",
|
|
"credentials": [
|
|
{
|
|
"id": "b3303049-ca64-4b2e-8e54-f8ba68cb1dd3",
|
|
"type": "password",
|
|
"userLabel": "My password",
|
|
"createdDate": 1706043767385,
|
|
"secretData": "{\"value\":\"yiJD8l5ry2Cod9AUvrkku/W/dYpJrRP3e7AYKw+zFpE=\",\"salt\":\"EJ6jMyRlQOGqUmWDq493qw==\",\"additionalParameters\":{}}",
|
|
"credentialData": "{\"hashIterations\":27500,\"algorithm\":\"pbkdf2-sha256\",\"additionalParameters\":{}}"
|
|
}
|
|
],
|
|
"disableableCredentialTypes": [],
|
|
"requiredActions": [],
|
|
"realmRoles": [ "default-roles-onlineshop" ],
|
|
"notBefore": 0,
|
|
"groups": []
|
|
}
|
|
],
|
|
"scopeMappings": [
|
|
{
|
|
"clientScope": "offline_access",
|
|
"roles": [ "offline_access" ]
|
|
}
|
|
],
|
|
"clientScopeMappings": {
|
|
"account": [
|
|
{
|
|
"client": "account-console",
|
|
"roles": [ "manage-account", "view-groups" ]
|
|
}
|
|
]
|
|
},
|
|
"clients": [
|
|
{
|
|
"id": "82385f82-f986-49fe-a512-5a8ea45f09ee",
|
|
"clientId": "account",
|
|
"name": "${client_account}",
|
|
"rootUrl": "${authBaseUrl}",
|
|
"baseUrl": "/realms/onlineshop/account/",
|
|
"surrogateAuthRequired": false,
|
|
"enabled": true,
|
|
"alwaysDisplayInConsole": false,
|
|
"clientAuthenticatorType": "client-secret",
|
|
"redirectUris": [ "/realms/onlineshop/account/*" ],
|
|
"webOrigins": [],
|
|
"notBefore": 0,
|
|
"bearerOnly": false,
|
|
"consentRequired": false,
|
|
"standardFlowEnabled": true,
|
|
"implicitFlowEnabled": false,
|
|
"directAccessGrantsEnabled": false,
|
|
"serviceAccountsEnabled": false,
|
|
"publicClient": true,
|
|
"frontchannelLogout": false,
|
|
"protocol": "openid-connect",
|
|
"attributes": {
|
|
"post.logout.redirect.uris": "+"
|
|
},
|
|
"authenticationFlowBindingOverrides": {},
|
|
"fullScopeAllowed": false,
|
|
"nodeReRegistrationTimeout": 0,
|
|
"defaultClientScopes": [ "web-origins", "acr", "profile", "roles", "email" ],
|
|
"optionalClientScopes": [ "address", "phone", "offline_access", "microprofile-jwt" ]
|
|
},
|
|
{
|
|
"id": "d84cf061-eeeb-4675-b0d0-5cd609bc44c6",
|
|
"clientId": "account-console",
|
|
"name": "${client_account-console}",
|
|
"rootUrl": "${authBaseUrl}",
|
|
"baseUrl": "/realms/onlineshop/account/",
|
|
"surrogateAuthRequired": false,
|
|
"enabled": true,
|
|
"alwaysDisplayInConsole": false,
|
|
"clientAuthenticatorType": "client-secret",
|
|
"redirectUris": [ "/realms/onlineshop/account/*" ],
|
|
"webOrigins": [],
|
|
"notBefore": 0,
|
|
"bearerOnly": false,
|
|
"consentRequired": false,
|
|
"standardFlowEnabled": true,
|
|
"implicitFlowEnabled": false,
|
|
"directAccessGrantsEnabled": false,
|
|
"serviceAccountsEnabled": false,
|
|
"publicClient": true,
|
|
"frontchannelLogout": false,
|
|
"protocol": "openid-connect",
|
|
"attributes": {
|
|
"post.logout.redirect.uris": "+",
|
|
"pkce.code.challenge.method": "S256"
|
|
},
|
|
"authenticationFlowBindingOverrides": {},
|
|
"fullScopeAllowed": false,
|
|
"nodeReRegistrationTimeout": 0,
|
|
"protocolMappers": [
|
|
{
|
|
"id": "6abcbb09-2122-4bbb-91f4-4c61c8abff65",
|
|
"name": "audience resolve",
|
|
"protocol": "openid-connect",
|
|
"protocolMapper": "oidc-audience-resolve-mapper",
|
|
"consentRequired": false,
|
|
"config": {}
|
|
}
|
|
],
|
|
"defaultClientScopes": [ "web-origins", "acr", "profile", "roles", "email" ],
|
|
"optionalClientScopes": [ "address", "phone", "offline_access", "microprofile-jwt" ]
|
|
},
|
|
{
|
|
"id": "f63db859-cf66-42f4-9ce0-1d40ca5c922c",
|
|
"clientId": "admin-cli",
|
|
"name": "${client_admin-cli}",
|
|
"surrogateAuthRequired": false,
|
|
"enabled": true,
|
|
"alwaysDisplayInConsole": false,
|
|
"clientAuthenticatorType": "client-secret",
|
|
"redirectUris": [],
|
|
"webOrigins": [],
|
|
"notBefore": 0,
|
|
"bearerOnly": false,
|
|
"consentRequired": false,
|
|
"standardFlowEnabled": false,
|
|
"implicitFlowEnabled": false,
|
|
"directAccessGrantsEnabled": true,
|
|
"serviceAccountsEnabled": false,
|
|
"publicClient": true,
|
|
"frontchannelLogout": false,
|
|
"protocol": "openid-connect",
|
|
"attributes": {
|
|
"post.logout.redirect.uris": "+"
|
|
},
|
|
"authenticationFlowBindingOverrides": {},
|
|
"fullScopeAllowed": false,
|
|
"nodeReRegistrationTimeout": 0,
|
|
"defaultClientScopes": [ "web-origins", "acr", "profile", "roles", "email" ],
|
|
"optionalClientScopes": [ "address", "phone", "offline_access", "microprofile-jwt" ]
|
|
},
|
|
{
|
|
"id": "1790c30e-7010-4d4f-bc3b-181a65868873",
|
|
"clientId": "broker",
|
|
"name": "${client_broker}",
|
|
"surrogateAuthRequired": false,
|
|
"enabled": true,
|
|
"alwaysDisplayInConsole": false,
|
|
"clientAuthenticatorType": "client-secret",
|
|
"redirectUris": [],
|
|
"webOrigins": [],
|
|
"notBefore": 0,
|
|
"bearerOnly": true,
|
|
"consentRequired": false,
|
|
"standardFlowEnabled": true,
|
|
"implicitFlowEnabled": false,
|
|
"directAccessGrantsEnabled": false,
|
|
"serviceAccountsEnabled": false,
|
|
"publicClient": false,
|
|
"frontchannelLogout": false,
|
|
"protocol": "openid-connect",
|
|
"attributes": {
|
|
"post.logout.redirect.uris": "+"
|
|
},
|
|
"authenticationFlowBindingOverrides": {},
|
|
"fullScopeAllowed": false,
|
|
"nodeReRegistrationTimeout": 0,
|
|
"defaultClientScopes": [ "web-origins", "acr", "profile", "roles", "email" ],
|
|
"optionalClientScopes": [ "address", "phone", "offline_access", "microprofile-jwt" ]
|
|
},
|
|
{
|
|
"id": "348d0c1d-6d87-4975-b5b1-d3f7ca245cd0",
|
|
"clientId": "realm-management",
|
|
"name": "${client_realm-management}",
|
|
"surrogateAuthRequired": false,
|
|
"enabled": true,
|
|
"alwaysDisplayInConsole": false,
|
|
"clientAuthenticatorType": "client-secret",
|
|
"redirectUris": [],
|
|
"webOrigins": [],
|
|
"notBefore": 0,
|
|
"bearerOnly": true,
|
|
"consentRequired": false,
|
|
"standardFlowEnabled": true,
|
|
"implicitFlowEnabled": false,
|
|
"directAccessGrantsEnabled": false,
|
|
"serviceAccountsEnabled": false,
|
|
"publicClient": false,
|
|
"frontchannelLogout": false,
|
|
"protocol": "openid-connect",
|
|
"attributes": {
|
|
"post.logout.redirect.uris": "+"
|
|
},
|
|
"authenticationFlowBindingOverrides": {},
|
|
"fullScopeAllowed": false,
|
|
"nodeReRegistrationTimeout": 0,
|
|
"defaultClientScopes": [ "web-origins", "acr", "profile", "roles", "email" ],
|
|
"optionalClientScopes": [ "address", "phone", "offline_access", "microprofile-jwt" ]
|
|
},
|
|
{
|
|
"id": "e6a9aea6-f8d4-40f6-a832-6537fce8791e",
|
|
"clientId": "security-admin-console",
|
|
"name": "${client_security-admin-console}",
|
|
"rootUrl": "${authAdminUrl}",
|
|
"baseUrl": "/admin/onlineshop/console/",
|
|
"surrogateAuthRequired": false,
|
|
"enabled": true,
|
|
"alwaysDisplayInConsole": false,
|
|
"clientAuthenticatorType": "client-secret",
|
|
"redirectUris": [ "/admin/onlineshop/console/*" ],
|
|
"webOrigins": [ "+" ],
|
|
"notBefore": 0,
|
|
"bearerOnly": false,
|
|
"consentRequired": false,
|
|
"standardFlowEnabled": true,
|
|
"implicitFlowEnabled": false,
|
|
"directAccessGrantsEnabled": false,
|
|
"serviceAccountsEnabled": false,
|
|
"publicClient": true,
|
|
"frontchannelLogout": false,
|
|
"protocol": "openid-connect",
|
|
"attributes": {
|
|
"post.logout.redirect.uris": "+",
|
|
"pkce.code.challenge.method": "S256"
|
|
},
|
|
"authenticationFlowBindingOverrides": {},
|
|
"fullScopeAllowed": false,
|
|
"nodeReRegistrationTimeout": 0,
|
|
"protocolMappers": [
|
|
{
|
|
"id": "ad67051f-d487-417e-9375-f6563ee86ddf",
|
|
"name": "locale",
|
|
"protocol": "openid-connect",
|
|
"protocolMapper": "oidc-usermodel-attribute-mapper",
|
|
"consentRequired": false,
|
|
"config": {
|
|
"introspection.token.claim": "true",
|
|
"userinfo.token.claim": "true",
|
|
"user.attribute": "locale",
|
|
"id.token.claim": "true",
|
|
"access.token.claim": "true",
|
|
"claim.name": "locale",
|
|
"jsonType.label": "String"
|
|
}
|
|
}
|
|
],
|
|
"defaultClientScopes": [ "web-origins", "acr", "profile", "roles", "email" ],
|
|
"optionalClientScopes": [ "address", "phone", "offline_access", "microprofile-jwt" ]
|
|
},
|
|
{
|
|
"id": "cc5ff175-d0b3-4759-8b01-49e60dfa9269",
|
|
"clientId": "webapp",
|
|
"name": "Online Shop Front-end",
|
|
"description": "The frontend web site of the online shop.",
|
|
"rootUrl": "${WEBAPP_HTTPS}",
|
|
"adminUrl": "${WEBAPP_HTTPS_CONTAINERHOST}",
|
|
"baseUrl": "${WEBAPP_HTTPS}",
|
|
"surrogateAuthRequired": false,
|
|
"enabled": true,
|
|
"alwaysDisplayInConsole": false,
|
|
"clientAuthenticatorType": "client-secret",
|
|
"secret": "${WEBAPP_CLIENT_SECRET}",
|
|
"redirectUris": [ "${WEBAPP_HTTP}/*", "${WEBAPP_HTTPS}/*" ],
|
|
"webOrigins": [ "${WEBAPP_HTTPS}", "${WEBAPP_HTTP}" ],
|
|
"notBefore": 0,
|
|
"bearerOnly": false,
|
|
"consentRequired": false,
|
|
"standardFlowEnabled": true,
|
|
"implicitFlowEnabled": false,
|
|
"directAccessGrantsEnabled": true,
|
|
"serviceAccountsEnabled": true,
|
|
"publicClient": false,
|
|
"frontchannelLogout": true,
|
|
"protocol": "openid-connect",
|
|
"attributes": {
|
|
"oidc.ciba.grant.enabled": "false",
|
|
"client.secret.creation.time": "1705700546",
|
|
"backchannel.logout.session.required": "true",
|
|
"post.logout.redirect.uris": "+",
|
|
"oauth2.device.authorization.grant.enabled": "false",
|
|
"display.on.consent.screen": "false",
|
|
"backchannel.logout.revoke.offline.tokens": "false"
|
|
},
|
|
"authenticationFlowBindingOverrides": {},
|
|
"fullScopeAllowed": true,
|
|
"nodeReRegistrationTimeout": -1,
|
|
"protocolMappers": [
|
|
{
|
|
"id": "46526429-fa70-4518-9512-089a9830f179",
|
|
"name": "Client Host",
|
|
"protocol": "openid-connect",
|
|
"protocolMapper": "oidc-usersessionmodel-note-mapper",
|
|
"consentRequired": false,
|
|
"config": {
|
|
"user.session.note": "clientHost",
|
|
"introspection.token.claim": "true",
|
|
"userinfo.token.claim": "true",
|
|
"id.token.claim": "true",
|
|
"access.token.claim": "true",
|
|
"claim.name": "clientHost",
|
|
"jsonType.label": "String"
|
|
}
|
|
},
|
|
{
|
|
"id": "9eee2065-3d31-4621-be61-b83f05f2c113",
|
|
"name": "Client ID",
|
|
"protocol": "openid-connect",
|
|
"protocolMapper": "oidc-usersessionmodel-note-mapper",
|
|
"consentRequired": false,
|
|
"config": {
|
|
"user.session.note": "client_id",
|
|
"introspection.token.claim": "true",
|
|
"userinfo.token.claim": "true",
|
|
"id.token.claim": "true",
|
|
"access.token.claim": "true",
|
|
"claim.name": "client_id",
|
|
"jsonType.label": "String"
|
|
}
|
|
},
|
|
{
|
|
"id": "4951c816-a177-4193-b714-585b0bb23ab5",
|
|
"name": "Client IP Address",
|
|
"protocol": "openid-connect",
|
|
"protocolMapper": "oidc-usersessionmodel-note-mapper",
|
|
"consentRequired": false,
|
|
"config": {
|
|
"user.session.note": "clientAddress",
|
|
"introspection.token.claim": "true",
|
|
"userinfo.token.claim": "true",
|
|
"id.token.claim": "true",
|
|
"access.token.claim": "true",
|
|
"claim.name": "clientAddress",
|
|
"jsonType.label": "String"
|
|
}
|
|
}
|
|
],
|
|
"defaultClientScopes": [ "web-origins", "acr", "profile", "roles", "email" ],
|
|
"optionalClientScopes": [ "address", "phone", "offline_access", "microprofile-jwt" ]
|
|
}
|
|
],
|
|
"clientScopes": [
|
|
{
|
|
"id": "4d6f4264-5a7e-4d41-894c-6b721f14fd1f",
|
|
"name": "address",
|
|
"description": "OpenID Connect built-in scope: address",
|
|
"protocol": "openid-connect",
|
|
"attributes": {
|
|
"include.in.token.scope": "true",
|
|
"display.on.consent.screen": "true",
|
|
"consent.screen.text": "${addressScopeConsentText}"
|
|
},
|
|
"protocolMappers": [
|
|
{
|
|
"id": "c5d42bda-8b7c-4da7-9ef7-e27b8c5078c6",
|
|
"name": "address",
|
|
"protocol": "openid-connect",
|
|
"protocolMapper": "oidc-address-mapper",
|
|
"consentRequired": false,
|
|
"config": {
|
|
"user.attribute.formatted": "formatted",
|
|
"user.attribute.country": "country",
|
|
"introspection.token.claim": "true",
|
|
"user.attribute.postal_code": "postal_code",
|
|
"userinfo.token.claim": "true",
|
|
"user.attribute.street": "street",
|
|
"id.token.claim": "true",
|
|
"user.attribute.region": "region",
|
|
"access.token.claim": "true",
|
|
"user.attribute.locality": "locality"
|
|
}
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"id": "bbb1ecc5-64ba-4013-a020-49b0a9059bb2",
|
|
"name": "acr",
|
|
"description": "OpenID Connect scope for add acr (authentication context class reference) to the token",
|
|
"protocol": "openid-connect",
|
|
"attributes": {
|
|
"include.in.token.scope": "false",
|
|
"display.on.consent.screen": "false"
|
|
},
|
|
"protocolMappers": [
|
|
{
|
|
"id": "1230fed0-b7d3-4868-b286-cd25b8158c83",
|
|
"name": "acr loa level",
|
|
"protocol": "openid-connect",
|
|
"protocolMapper": "oidc-acr-mapper",
|
|
"consentRequired": false,
|
|
"config": {
|
|
"id.token.claim": "true",
|
|
"introspection.token.claim": "true",
|
|
"access.token.claim": "true",
|
|
"userinfo.token.claim": "true"
|
|
}
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"id": "5ad804f6-d175-4b97-81dd-b9091071b9e4",
|
|
"name": "phone",
|
|
"description": "OpenID Connect built-in scope: phone",
|
|
"protocol": "openid-connect",
|
|
"attributes": {
|
|
"include.in.token.scope": "true",
|
|
"display.on.consent.screen": "true",
|
|
"consent.screen.text": "${phoneScopeConsentText}"
|
|
},
|
|
"protocolMappers": [
|
|
{
|
|
"id": "f28975dc-48c3-463f-aa6a-e999945d4566",
|
|
"name": "phone number verified",
|
|
"protocol": "openid-connect",
|
|
"protocolMapper": "oidc-usermodel-attribute-mapper",
|
|
"consentRequired": false,
|
|
"config": {
|
|
"introspection.token.claim": "true",
|
|
"userinfo.token.claim": "true",
|
|
"user.attribute": "phoneNumberVerified",
|
|
"id.token.claim": "true",
|
|
"access.token.claim": "true",
|
|
"claim.name": "phone_number_verified",
|
|
"jsonType.label": "boolean"
|
|
}
|
|
},
|
|
{
|
|
"id": "d50e7819-b86f-4a84-a8d2-262898f2d672",
|
|
"name": "phone number",
|
|
"protocol": "openid-connect",
|
|
"protocolMapper": "oidc-usermodel-attribute-mapper",
|
|
"consentRequired": false,
|
|
"config": {
|
|
"introspection.token.claim": "true",
|
|
"userinfo.token.claim": "true",
|
|
"user.attribute": "phoneNumber",
|
|
"id.token.claim": "true",
|
|
"access.token.claim": "true",
|
|
"claim.name": "phone_number",
|
|
"jsonType.label": "String"
|
|
}
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"id": "c217f089-d24b-44b0-98b6-6303245f8522",
|
|
"name": "microprofile-jwt",
|
|
"description": "Microprofile - JWT built-in scope",
|
|
"protocol": "openid-connect",
|
|
"attributes": {
|
|
"include.in.token.scope": "true",
|
|
"display.on.consent.screen": "false"
|
|
},
|
|
"protocolMappers": [
|
|
{
|
|
"id": "d89fa246-7ba8-45f8-b939-c6d7356a5023",
|
|
"name": "groups",
|
|
"protocol": "openid-connect",
|
|
"protocolMapper": "oidc-usermodel-realm-role-mapper",
|
|
"consentRequired": false,
|
|
"config": {
|
|
"introspection.token.claim": "true",
|
|
"multivalued": "true",
|
|
"userinfo.token.claim": "true",
|
|
"user.attribute": "foo",
|
|
"id.token.claim": "true",
|
|
"access.token.claim": "true",
|
|
"claim.name": "groups",
|
|
"jsonType.label": "String"
|
|
}
|
|
},
|
|
{
|
|
"id": "2954c68d-8cc5-47bb-a9ef-d333dfcf3c77",
|
|
"name": "upn",
|
|
"protocol": "openid-connect",
|
|
"protocolMapper": "oidc-usermodel-attribute-mapper",
|
|
"consentRequired": false,
|
|
"config": {
|
|
"introspection.token.claim": "true",
|
|
"userinfo.token.claim": "true",
|
|
"user.attribute": "username",
|
|
"id.token.claim": "true",
|
|
"access.token.claim": "true",
|
|
"claim.name": "upn",
|
|
"jsonType.label": "String"
|
|
}
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"id": "184dd52a-5636-41fe-85fa-af2da1f7f6b7",
|
|
"name": "offline_access",
|
|
"description": "OpenID Connect built-in scope: offline_access",
|
|
"protocol": "openid-connect",
|
|
"attributes": {
|
|
"consent.screen.text": "${offlineAccessScopeConsentText}",
|
|
"display.on.consent.screen": "true"
|
|
}
|
|
},
|
|
{
|
|
"id": "59aa61dd-72ff-4704-9325-11f6ba53851f",
|
|
"name": "profile",
|
|
"description": "OpenID Connect built-in scope: profile",
|
|
"protocol": "openid-connect",
|
|
"attributes": {
|
|
"include.in.token.scope": "true",
|
|
"display.on.consent.screen": "true",
|
|
"consent.screen.text": "${profileScopeConsentText}"
|
|
},
|
|
"protocolMappers": [
|
|
{
|
|
"id": "fad20c96-7d8a-463a-8f6a-727773944804",
|
|
"name": "website",
|
|
"protocol": "openid-connect",
|
|
"protocolMapper": "oidc-usermodel-attribute-mapper",
|
|
"consentRequired": false,
|
|
"config": {
|
|
"introspection.token.claim": "true",
|
|
"userinfo.token.claim": "true",
|
|
"user.attribute": "website",
|
|
"id.token.claim": "true",
|
|
"access.token.claim": "true",
|
|
"claim.name": "website",
|
|
"jsonType.label": "String"
|
|
}
|
|
},
|
|
{
|
|
"id": "c03a7a4c-b782-46ae-a8ec-9b91025d839d",
|
|
"name": "picture",
|
|
"protocol": "openid-connect",
|
|
"protocolMapper": "oidc-usermodel-attribute-mapper",
|
|
"consentRequired": false,
|
|
"config": {
|
|
"introspection.token.claim": "true",
|
|
"userinfo.token.claim": "true",
|
|
"user.attribute": "picture",
|
|
"id.token.claim": "true",
|
|
"access.token.claim": "true",
|
|
"claim.name": "picture",
|
|
"jsonType.label": "String"
|
|
}
|
|
},
|
|
{
|
|
"id": "a0d80a57-d8fa-43ee-82de-767206df9d6b",
|
|
"name": "full name",
|
|
"protocol": "openid-connect",
|
|
"protocolMapper": "oidc-full-name-mapper",
|
|
"consentRequired": false,
|
|
"config": {
|
|
"id.token.claim": "true",
|
|
"introspection.token.claim": "true",
|
|
"access.token.claim": "true",
|
|
"userinfo.token.claim": "true"
|
|
}
|
|
},
|
|
{
|
|
"id": "3fd24bf3-12c3-4cf7-9d94-28062fd680d9",
|
|
"name": "family name",
|
|
"protocol": "openid-connect",
|
|
"protocolMapper": "oidc-usermodel-attribute-mapper",
|
|
"consentRequired": false,
|
|
"config": {
|
|
"introspection.token.claim": "true",
|
|
"userinfo.token.claim": "true",
|
|
"user.attribute": "lastName",
|
|
"id.token.claim": "true",
|
|
"access.token.claim": "true",
|
|
"claim.name": "family_name",
|
|
"jsonType.label": "String"
|
|
}
|
|
},
|
|
{
|
|
"id": "a19b2bf4-72bb-4f1a-bebb-527e31e9b8b5",
|
|
"name": "given name",
|
|
"protocol": "openid-connect",
|
|
"protocolMapper": "oidc-usermodel-attribute-mapper",
|
|
"consentRequired": false,
|
|
"config": {
|
|
"introspection.token.claim": "true",
|
|
"userinfo.token.claim": "true",
|
|
"user.attribute": "firstName",
|
|
"id.token.claim": "true",
|
|
"access.token.claim": "true",
|
|
"claim.name": "given_name",
|
|
"jsonType.label": "String"
|
|
}
|
|
},
|
|
{
|
|
"id": "bf4408ed-ce03-4f80-9692-d60ef65273c3",
|
|
"name": "locale",
|
|
"protocol": "openid-connect",
|
|
"protocolMapper": "oidc-usermodel-attribute-mapper",
|
|
"consentRequired": false,
|
|
"config": {
|
|
"introspection.token.claim": "true",
|
|
"userinfo.token.claim": "true",
|
|
"user.attribute": "locale",
|
|
"id.token.claim": "true",
|
|
"access.token.claim": "true",
|
|
"claim.name": "locale",
|
|
"jsonType.label": "String"
|
|
}
|
|
},
|
|
{
|
|
"id": "8889c81d-8b9b-4a2d-8a1b-d1c6c10e8c84",
|
|
"name": "updated at",
|
|
"protocol": "openid-connect",
|
|
"protocolMapper": "oidc-usermodel-attribute-mapper",
|
|
"consentRequired": false,
|
|
"config": {
|
|
"introspection.token.claim": "true",
|
|
"userinfo.token.claim": "true",
|
|
"user.attribute": "updatedAt",
|
|
"id.token.claim": "true",
|
|
"access.token.claim": "true",
|
|
"claim.name": "updated_at",
|
|
"jsonType.label": "long"
|
|
}
|
|
},
|
|
{
|
|
"id": "fb83d607-738b-41d6-9c8f-d08071d11464",
|
|
"name": "zoneinfo",
|
|
"protocol": "openid-connect",
|
|
"protocolMapper": "oidc-usermodel-attribute-mapper",
|
|
"consentRequired": false,
|
|
"config": {
|
|
"introspection.token.claim": "true",
|
|
"userinfo.token.claim": "true",
|
|
"user.attribute": "zoneinfo",
|
|
"id.token.claim": "true",
|
|
"access.token.claim": "true",
|
|
"claim.name": "zoneinfo",
|
|
"jsonType.label": "String"
|
|
}
|
|
},
|
|
{
|
|
"id": "3df5bab8-69b4-44f6-befb-d4001916ddd4",
|
|
"name": "nickname",
|
|
"protocol": "openid-connect",
|
|
"protocolMapper": "oidc-usermodel-attribute-mapper",
|
|
"consentRequired": false,
|
|
"config": {
|
|
"introspection.token.claim": "true",
|
|
"userinfo.token.claim": "true",
|
|
"user.attribute": "nickname",
|
|
"id.token.claim": "true",
|
|
"access.token.claim": "true",
|
|
"claim.name": "nickname",
|
|
"jsonType.label": "String"
|
|
}
|
|
},
|
|
{
|
|
"id": "5ae11355-d1be-44cd-b2d8-2537a1e5e984",
|
|
"name": "profile",
|
|
"protocol": "openid-connect",
|
|
"protocolMapper": "oidc-usermodel-attribute-mapper",
|
|
"consentRequired": false,
|
|
"config": {
|
|
"introspection.token.claim": "true",
|
|
"userinfo.token.claim": "true",
|
|
"user.attribute": "profile",
|
|
"id.token.claim": "true",
|
|
"access.token.claim": "true",
|
|
"claim.name": "profile",
|
|
"jsonType.label": "String"
|
|
}
|
|
},
|
|
{
|
|
"id": "ae4e1524-c240-4772-a91d-72de9f0b82ed",
|
|
"name": "middle name",
|
|
"protocol": "openid-connect",
|
|
"protocolMapper": "oidc-usermodel-attribute-mapper",
|
|
"consentRequired": false,
|
|
"config": {
|
|
"introspection.token.claim": "true",
|
|
"userinfo.token.claim": "true",
|
|
"user.attribute": "middleName",
|
|
"id.token.claim": "true",
|
|
"access.token.claim": "true",
|
|
"claim.name": "middle_name",
|
|
"jsonType.label": "String"
|
|
}
|
|
},
|
|
{
|
|
"id": "a186371f-41c6-4ee5-9865-b33d4ec4d6ae",
|
|
"name": "birthdate",
|
|
"protocol": "openid-connect",
|
|
"protocolMapper": "oidc-usermodel-attribute-mapper",
|
|
"consentRequired": false,
|
|
"config": {
|
|
"introspection.token.claim": "true",
|
|
"userinfo.token.claim": "true",
|
|
"user.attribute": "birthdate",
|
|
"id.token.claim": "true",
|
|
"access.token.claim": "true",
|
|
"claim.name": "birthdate",
|
|
"jsonType.label": "String"
|
|
}
|
|
},
|
|
{
|
|
"id": "9680ed4a-bd76-45ea-975f-b4823f4ea8ea",
|
|
"name": "gender",
|
|
"protocol": "openid-connect",
|
|
"protocolMapper": "oidc-usermodel-attribute-mapper",
|
|
"consentRequired": false,
|
|
"config": {
|
|
"introspection.token.claim": "true",
|
|
"userinfo.token.claim": "true",
|
|
"user.attribute": "gender",
|
|
"id.token.claim": "true",
|
|
"access.token.claim": "true",
|
|
"claim.name": "gender",
|
|
"jsonType.label": "String"
|
|
}
|
|
},
|
|
{
|
|
"id": "8d6bc914-cece-48aa-a526-a81ed35fcc31",
|
|
"name": "username",
|
|
"protocol": "openid-connect",
|
|
"protocolMapper": "oidc-usermodel-attribute-mapper",
|
|
"consentRequired": false,
|
|
"config": {
|
|
"introspection.token.claim": "true",
|
|
"userinfo.token.claim": "true",
|
|
"user.attribute": "username",
|
|
"id.token.claim": "true",
|
|
"access.token.claim": "true",
|
|
"claim.name": "preferred_username",
|
|
"jsonType.label": "String"
|
|
}
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"id": "fef101d5-9102-43b8-9637-305a855b71f0",
|
|
"name": "roles",
|
|
"description": "OpenID Connect scope for add user roles to the access token",
|
|
"protocol": "openid-connect",
|
|
"attributes": {
|
|
"include.in.token.scope": "false",
|
|
"display.on.consent.screen": "true",
|
|
"consent.screen.text": "${rolesScopeConsentText}"
|
|
},
|
|
"protocolMappers": [
|
|
{
|
|
"id": "8f8a54b6-84d9-40ca-9c07-7ce88984fc94",
|
|
"name": "client roles",
|
|
"protocol": "openid-connect",
|
|
"protocolMapper": "oidc-usermodel-client-role-mapper",
|
|
"consentRequired": false,
|
|
"config": {
|
|
"introspection.token.claim": "true",
|
|
"multivalued": "true",
|
|
"user.attribute": "foo",
|
|
"access.token.claim": "true",
|
|
"claim.name": "resource_access.${client_id}.roles",
|
|
"jsonType.label": "String"
|
|
}
|
|
},
|
|
{
|
|
"id": "56f89059-4148-4da4-93b9-1bbc6ac46582",
|
|
"name": "realm roles",
|
|
"protocol": "openid-connect",
|
|
"protocolMapper": "oidc-usermodel-realm-role-mapper",
|
|
"consentRequired": false,
|
|
"config": {
|
|
"introspection.token.claim": "true",
|
|
"multivalued": "true",
|
|
"user.attribute": "foo",
|
|
"access.token.claim": "true",
|
|
"claim.name": "realm_access.roles",
|
|
"jsonType.label": "String"
|
|
}
|
|
},
|
|
{
|
|
"id": "f7236b18-36b1-4399-9c97-ddf91eba416c",
|
|
"name": "audience resolve",
|
|
"protocol": "openid-connect",
|
|
"protocolMapper": "oidc-audience-resolve-mapper",
|
|
"consentRequired": false,
|
|
"config": {
|
|
"introspection.token.claim": "true",
|
|
"access.token.claim": "true"
|
|
}
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"id": "0a990de4-2a3e-4f1e-99d4-bcb537a3f075",
|
|
"name": "role_list",
|
|
"description": "SAML role list",
|
|
"protocol": "saml",
|
|
"attributes": {
|
|
"consent.screen.text": "${samlRoleListScopeConsentText}",
|
|
"display.on.consent.screen": "true"
|
|
},
|
|
"protocolMappers": [
|
|
{
|
|
"id": "349bab94-cc2b-4eb7-ac79-feff39fedb23",
|
|
"name": "role list",
|
|
"protocol": "saml",
|
|
"protocolMapper": "saml-role-list-mapper",
|
|
"consentRequired": false,
|
|
"config": {
|
|
"single": "false",
|
|
"attribute.nameformat": "Basic",
|
|
"attribute.name": "Role"
|
|
}
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"id": "b2b378a9-9281-425e-a999-8dd83c13c2a3",
|
|
"name": "web-origins",
|
|
"description": "OpenID Connect scope for add allowed web origins to the access token",
|
|
"protocol": "openid-connect",
|
|
"attributes": {
|
|
"include.in.token.scope": "false",
|
|
"display.on.consent.screen": "false",
|
|
"consent.screen.text": ""
|
|
},
|
|
"protocolMappers": [
|
|
{
|
|
"id": "b415ee06-6f2b-445e-b199-4d2a2922517f",
|
|
"name": "allowed web origins",
|
|
"protocol": "openid-connect",
|
|
"protocolMapper": "oidc-allowed-origins-mapper",
|
|
"consentRequired": false,
|
|
"config": {
|
|
"introspection.token.claim": "true",
|
|
"access.token.claim": "true"
|
|
}
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"id": "1a2dc2f6-541a-4193-98e4-e5fade1d5aa1",
|
|
"name": "email",
|
|
"description": "OpenID Connect built-in scope: email",
|
|
"protocol": "openid-connect",
|
|
"attributes": {
|
|
"include.in.token.scope": "true",
|
|
"display.on.consent.screen": "true",
|
|
"consent.screen.text": "${emailScopeConsentText}"
|
|
},
|
|
"protocolMappers": [
|
|
{
|
|
"id": "55dca1fe-9de3-424e-9436-0b14f467278a",
|
|
"name": "email verified",
|
|
"protocol": "openid-connect",
|
|
"protocolMapper": "oidc-usermodel-property-mapper",
|
|
"consentRequired": false,
|
|
"config": {
|
|
"introspection.token.claim": "true",
|
|
"userinfo.token.claim": "true",
|
|
"user.attribute": "emailVerified",
|
|
"id.token.claim": "true",
|
|
"access.token.claim": "true",
|
|
"claim.name": "email_verified",
|
|
"jsonType.label": "boolean"
|
|
}
|
|
},
|
|
{
|
|
"id": "33d86ba4-b262-4ce2-a799-46295ad42e4b",
|
|
"name": "email",
|
|
"protocol": "openid-connect",
|
|
"protocolMapper": "oidc-usermodel-attribute-mapper",
|
|
"consentRequired": false,
|
|
"config": {
|
|
"introspection.token.claim": "true",
|
|
"userinfo.token.claim": "true",
|
|
"user.attribute": "email",
|
|
"id.token.claim": "true",
|
|
"access.token.claim": "true",
|
|
"claim.name": "email",
|
|
"jsonType.label": "String"
|
|
}
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"defaultDefaultClientScopes": [ "role_list", "profile", "email", "roles", "web-origins", "acr" ],
|
|
"defaultOptionalClientScopes": [ "offline_access", "address", "phone", "microprofile-jwt" ],
|
|
"browserSecurityHeaders": {
|
|
"contentSecurityPolicyReportOnly": "",
|
|
"xContentTypeOptions": "nosniff",
|
|
"referrerPolicy": "no-referrer",
|
|
"xRobotsTag": "none",
|
|
"xFrameOptions": "SAMEORIGIN",
|
|
"contentSecurityPolicy": "frame-src 'self'; frame-ancestors 'self'; object-src 'none';",
|
|
"xXSSProtection": "1; mode=block",
|
|
"strictTransportSecurity": "max-age=31536000; includeSubDomains"
|
|
},
|
|
"smtpServer": {},
|
|
"eventsEnabled": false,
|
|
"eventsListeners": [ "jboss-logging" ],
|
|
"enabledEventTypes": [],
|
|
"adminEventsEnabled": false,
|
|
"adminEventsDetailsEnabled": false,
|
|
"identityProviders": [],
|
|
"identityProviderMappers": [],
|
|
"components": {
|
|
"org.keycloak.services.clientregistration.policy.ClientRegistrationPolicy": [
|
|
{
|
|
"id": "d76d70d8-c946-40ef-bc18-3ca80ea8b781",
|
|
"name": "Allowed Protocol Mapper Types",
|
|
"providerId": "allowed-protocol-mappers",
|
|
"subType": "authenticated",
|
|
"subComponents": {},
|
|
"config": {
|
|
"allowed-protocol-mapper-types": [ "oidc-sha256-pairwise-sub-mapper", "saml-role-list-mapper", "oidc-usermodel-attribute-mapper", "oidc-usermodel-property-mapper", "saml-user-attribute-mapper", "saml-user-property-mapper", "oidc-address-mapper", "oidc-full-name-mapper" ]
|
|
}
|
|
},
|
|
{
|
|
"id": "401f7a9a-dd5e-488c-b0a5-54c57eda7c20",
|
|
"name": "Max Clients Limit",
|
|
"providerId": "max-clients",
|
|
"subType": "anonymous",
|
|
"subComponents": {},
|
|
"config": {
|
|
"max-clients": [ "200" ]
|
|
}
|
|
},
|
|
{
|
|
"id": "a4f879fb-d9dc-44ff-b1c9-4d8348661e0f",
|
|
"name": "Allowed Protocol Mapper Types",
|
|
"providerId": "allowed-protocol-mappers",
|
|
"subType": "anonymous",
|
|
"subComponents": {},
|
|
"config": {
|
|
"allowed-protocol-mapper-types": [ "oidc-sha256-pairwise-sub-mapper", "oidc-address-mapper", "oidc-usermodel-property-mapper", "oidc-usermodel-attribute-mapper", "saml-role-list-mapper", "saml-user-property-mapper", "oidc-full-name-mapper", "saml-user-attribute-mapper" ]
|
|
}
|
|
},
|
|
{
|
|
"id": "ab7c9148-c423-4d14-bbba-855f66b42f0b",
|
|
"name": "Allowed Client Scopes",
|
|
"providerId": "allowed-client-templates",
|
|
"subType": "authenticated",
|
|
"subComponents": {},
|
|
"config": {
|
|
"allow-default-scopes": [ "true" ]
|
|
}
|
|
},
|
|
{
|
|
"id": "ab28a974-5033-4cfb-afc5-4d97eaa77d60",
|
|
"name": "Consent Required",
|
|
"providerId": "consent-required",
|
|
"subType": "anonymous",
|
|
"subComponents": {},
|
|
"config": {}
|
|
},
|
|
{
|
|
"id": "c9ef1ede-c8c2-4e8e-b642-9c9e845e2934",
|
|
"name": "Full Scope Disabled",
|
|
"providerId": "scope",
|
|
"subType": "anonymous",
|
|
"subComponents": {},
|
|
"config": {}
|
|
},
|
|
{
|
|
"id": "09209618-692e-4096-95a2-4a05fbe1e9b7",
|
|
"name": "Trusted Hosts",
|
|
"providerId": "trusted-hosts",
|
|
"subType": "anonymous",
|
|
"subComponents": {},
|
|
"config": {
|
|
"host-sending-registration-request-must-match": [ "true" ],
|
|
"client-uris-must-match": [ "true" ]
|
|
}
|
|
},
|
|
{
|
|
"id": "926a494c-2953-4438-ad8d-317e8bf3295a",
|
|
"name": "Allowed Client Scopes",
|
|
"providerId": "allowed-client-templates",
|
|
"subType": "anonymous",
|
|
"subComponents": {},
|
|
"config": {
|
|
"allow-default-scopes": [ "true" ]
|
|
}
|
|
}
|
|
],
|
|
"org.keycloak.keys.KeyProvider": [
|
|
{
|
|
"id": "333de0f6-bb1c-4238-a1dd-e43b65a09581",
|
|
"name": "hmac-generated",
|
|
"providerId": "hmac-generated",
|
|
"subComponents": {},
|
|
"config": {
|
|
"kid": [ "ec612b91-0743-4a46-ae8c-33eac6d2789e" ],
|
|
"secret": [ "nFxwBormOnVZmZD-ke6celfilCz3_8FH2aJjkAcrjD2Mf2bCToWHfw9UotBDSVAvzFSe48xsFQPcH0RhJuXy5Q" ],
|
|
"priority": [ "100" ],
|
|
"algorithm": [ "HS256" ]
|
|
}
|
|
},
|
|
{
|
|
"id": "8885abef-6d08-4b9a-86b1-58700debad31",
|
|
"name": "aes-generated",
|
|
"providerId": "aes-generated",
|
|
"subComponents": {},
|
|
"config": {
|
|
"kid": [ "212a094b-5982-4d80-abc1-3ab1c01c9e7a" ],
|
|
"secret": [ "-lwEU7xr0Fwvf98NT2hpIw" ],
|
|
"priority": [ "100" ]
|
|
}
|
|
},
|
|
{
|
|
"id": "b7928cd4-b13c-4f0b-a074-bee92efdc238",
|
|
"name": "rsa-enc-generated",
|
|
"providerId": "rsa-enc-generated",
|
|
"subComponents": {},
|
|
"config": {
|
|
"privateKey": [ "MIIEpAIBAAKCAQEA2PKapA1XrBh4GY3LMzGRJUeLzna0K11I5/3MIOnTnkXW2LLOXdn2GnM1rahPmB4/YRHPoOelbKaD5RPu1gpFy7HWpayy6539cjVMB3vG6mAC/nESXB6TIoLe7rbOILSCvmOef/FwkenCco2xEsLTW5XzCgJUE83TtEa3mq9+1ZNNinDXI67UaovaJpdHt08i2RS8fs/5mzVUZTSppUbI4j/SW4cF9iho3RvwTjpMZhUS3tLZYWBiluPdIRTy/Ktg697rzdJ5N0CtM/kEnTM84CxiD6HMMkRRDROI+R9HbkOB4W51Z9oie/IVZiRIyTZFNAE/ZRBuYxx3O+13QYP1UQIDAQABAoIBAAF2JO+M/XW11n1JlMBcCZ/IKxtxdkZCgx64+XqRSLEsxEVCcxxzvvIvq4FnfF3IemHThmQNm3Ivbv0IlNfRSuYT5R/JmYz3zADMdh4oyc7DZdHD/j0roY8edZUDG0FiJe1Va3huLnV1Ly+pX7OCJ31a9b+wA1P803vH7C25F/AlYjeJpMnJ1w3lUGe0DKx30ktmP0ydCsp68Fyizw8o8wjHZwDvbMQhAS2vCVFSMub/4vKTxt96DSb2ePqRtnaCVhjjkdLs/SgUSuIcDDV8fhcH7uViR2zpGIS2wTTObWoYwSwDd/tINkdIvTzq3zvVfYi61Wjrkvrq0BhHW8/5aykCgYEA85BPInjB3Ve//snq5exzuZSNmQuUOuT4QojDGbd5A4SwkM2V+PgB0SD4hgts3tJcTVWJSJb/w4K0vwyZrN08n9CB2NfQw+VRVgtAHlyQPVSSdP+7j3bbZPgaMHKb5o/xP70Ahiz4gNHv/vdNB+Hfd/J7r8JHi2hyOSvFtkr19/0CgYEA5AZjnmIUxoUZ9gZNpjQZ4b8j3tHW6HKNwmEg2eB2ZGZLQDLyrGsBA8QhrLxFCSZBEKWRyONav4qwdL35Xu1ki6GAB/JYowP5zKI9NWGSI3taL49c7OTbMTGEjdXfvC3zlqTIZICj1+GppiSOr4ix6dSWld3wFW4saOsSiWUroOUCgYEAiKCL859fyKU/u1JTJVUleZXedFqtdPgaV2BWaSelh5a4YRIiLb4ZbtGa976S/M9uHad80i56HJdGguEzl2enaVLSc+xkXG9X1/eJqT5tXyoA2gbWlNysp5ARSNoRoB1gzEtebuXtJH4frZvWJzTKYYOxZF+MOKSHZpCqYN7d6ZUCgYAxjJXfF88N6GRgyrPa1t186Y0A4TZC4omdYH/D+Huhi3z0oV2MS+A3kkoDABI8T7y5wlCwh37zuk5nv9RNZWaA1QI+N9I88iM47VRBokcgQLCzPwLhU0WyJeF49K2edZnF9V66QB3aTmYP/UeoKxsGBbUHMef2sC8kSViI1JwrZQKBgQCNc4OuZXq6AFe4q2QAnQh4hNW1hOqDD+q4PB2SJw8JKJINUVwa9JnuheTPuItAdfbdlJzMUKNk39UF/XIBX8+vcvqMdjsHqPlsSpPWGiGn6OvPWohi2Jfmubr1/+o1Y373e4dSRXTsLROQDI0fPe5DeJjQ32J4+LxPg6PMJxQCGg==" ],
|
|
"keyUse": [ "ENC" ],
|
|
"certificate": [ "MIICmTCCAYECBgGNI6tPDDANBgkqhkiG9w0BAQsFADAQMQ4wDAYDVQQDDAVlU2hvcDAeFw0yNDAxMTkyMTM5MDVaFw0zNDAxMTkyMTQwNDVaMBAxDjAMBgNVBAMMBWVTaG9wMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2PKapA1XrBh4GY3LMzGRJUeLzna0K11I5/3MIOnTnkXW2LLOXdn2GnM1rahPmB4/YRHPoOelbKaD5RPu1gpFy7HWpayy6539cjVMB3vG6mAC/nESXB6TIoLe7rbOILSCvmOef/FwkenCco2xEsLTW5XzCgJUE83TtEa3mq9+1ZNNinDXI67UaovaJpdHt08i2RS8fs/5mzVUZTSppUbI4j/SW4cF9iho3RvwTjpMZhUS3tLZYWBiluPdIRTy/Ktg697rzdJ5N0CtM/kEnTM84CxiD6HMMkRRDROI+R9HbkOB4W51Z9oie/IVZiRIyTZFNAE/ZRBuYxx3O+13QYP1UQIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQCeVmd/il38EX5zz7Us6PMhiXyFH+I2XioSgK5SQH8CRCq5F7SAJS3qexIE4gbK/gBLneSiEu9fnkalrpJQcEo3QYzMdoLdcoAWcvCg4imskhzb01iLzbUlDF3ozZtI/1tGrkm5WGdKBz36cfcV43mUinifblBALXQgjwdC2r5JModo5ZYcHOJwikJERJYTZXkKgBTYc4otwtNl+mlqGuGerDc7jWIowQ7tEMT5U7eG+MgdCx1+laCIAgPKet8/ybZf/n/tYDet4DGGuCxzYyGyiuxwgLvU697isZkoEBFNODvxz97fVAkgNvO+8j8HvWY4PZ+Kcd1Ssk3TRyC5DNwh" ],
|
|
"priority": [ "100" ],
|
|
"algorithm": [ "RSA-OAEP" ]
|
|
}
|
|
},
|
|
{
|
|
"id": "52e8f54c-3d85-4ab5-8e9b-c9b231f724dc",
|
|
"name": "rsa-generated",
|
|
"providerId": "rsa-generated",
|
|
"subComponents": {},
|
|
"config": {
|
|
"privateKey": [ "MIIEpAIBAAKCAQEAxedua4Y0OZp7ioKJlP/YRrz6Ynv+WJGHcf5n1G7g/rOZoHNIUvz5f3QV+p7+4uXLIwSMvVGmWEuGeo9TVa6kJZP1k1zTVigwa6Fimh1pUnMkYkAAV7nMGpbYDWqP0+6rwYEm7U8TE4YIWa6jYOmoG9n3s42PpMc0EXldI3dCFLkcjmQjPn2lUZIt6TZ7zC8opJKBywIqPWHI3hu3lri/5cPyaloyXBW0c8ydSd3dzhxM8D8EOWaOfTZ/PslVlOsFzJGgTKhB8uw+qP++hIvdIZfsS2texmO37n1O+6LU2DfKKeb8jqkGwWjqGAZywgq2Mg1qtLXEjjKboxUC2dJbewIDAQABAoIBABM7j4aRj0e91J28W+SIDJurR+YESM6QrgoNAEgr0l/OUnK+YVv3S8PwIyatBvZEAL7RdV/8rF7OUC5e+WlNRJSGUYpVrhAkbbg4Ad4aV570o6eMsrvTyZsX570+CuY8vqJai87qLV9rWiplB2mmq3ixcRoY+sm3tj6wfbWxpFFhFClp6KApXxissXv6jEOaq4MMzbUli44TtCxDAP0nwvijjm/lofQjPbTJkSNZVnz3lr/qAC1XTD+J+2Rf4VxDLCeowYsSClP0DafZGHXcQagRZuUmAOCoszc5BT2DkMWu7IZRC/iROmZMrrnJzqAAgNd0yz0Sd74M9DHTD17LVFkCgYEA713g6Cn+sF6HSqcWvj7A5MF6fJg9/4Msfg3FOkdp7T3TG3+uEHrE6Z5vuShcmJxFibaW4buIp2jXwkn5bciLZph3H/epZlto6w/Sh7Y/url+zvNE9UQOqEZkS5RLu9WEea9e/0liOIC+Sj8w0ymIpwiDD+6vbTKp7fEvFEEwS7UCgYEA06f36hW9+MQahF8u9ud4MEiIVYJhvfnJKJG/YzeQGA5gN0kL9mYSIpPLWWHWaME11Z06pAaCeerW9pTGq9zAZNj8WN4oFN6aIfY8wc0Fxd2Lbgh8/Y9KvHTrnWiDgFdSjrC7Gv1wz3o41Qu9XpGCToK/Q1hs9zswe0JtlM6gaG8CgYBw6tRiMQ1Ynf8slE4CSRAt2aeyhw8YLgUbIdvcdjveEsA3xK+UTpX9ryP9MLEdvPqA0IW0zwbUEn1VxhfIVkaMi3gGuIpNIuoHmVszciH2L/NGJTRuj0Bq2WoOzVI8tajczoH949xV00XxOIYL1xgD09wf8/UFilTnTlNrNqVV0QKBgQCXK2jOMCk2/BlUYgdRIZGeKq/1IuJcpYMfDrn7SzwHcn0V/34jxlM9jwG2HULeHuEsaNfxPxUBrtFJ3IjpRwnC/Zd+gW1vOm4rw4sxgBWXdNyZAkcDcsyWPYvrKTKC/9tfPqrkZA+moEznHTNrz9GZ8ZhZqVZqXkQKRS+vEMVQ0QKBgQDYWW8fqW9fTdx5hvZNktNxcawwmR0+/AMMf06qH25W/kLtuMGasGCqtp/4uHTR7XX2Pqkp0sHYwbvP2LG4Ac4dUEGTKtfnB5C2yyBKd0CPI+oij51U5JS2Lg773FpbAJ8AuGo7YV/Jq24HdUmiu7i7GyVwofqHxz6tYOUCn8dlUA==" ],
|
|
"keyUse": [ "SIG" ],
|
|
"certificate": [ "MIICmTCCAYECBgGNI6tOdDANBgkqhkiG9w0BAQsFADAQMQ4wDAYDVQQDDAVlU2hvcDAeFw0yNDAxMTkyMTM5MDVaFw0zNDAxMTkyMTQwNDVaMBAxDjAMBgNVBAMMBWVTaG9wMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxedua4Y0OZp7ioKJlP/YRrz6Ynv+WJGHcf5n1G7g/rOZoHNIUvz5f3QV+p7+4uXLIwSMvVGmWEuGeo9TVa6kJZP1k1zTVigwa6Fimh1pUnMkYkAAV7nMGpbYDWqP0+6rwYEm7U8TE4YIWa6jYOmoG9n3s42PpMc0EXldI3dCFLkcjmQjPn2lUZIt6TZ7zC8opJKBywIqPWHI3hu3lri/5cPyaloyXBW0c8ydSd3dzhxM8D8EOWaOfTZ/PslVlOsFzJGgTKhB8uw+qP++hIvdIZfsS2texmO37n1O+6LU2DfKKeb8jqkGwWjqGAZywgq2Mg1qtLXEjjKboxUC2dJbewIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQBwhFqzlIdo0Cwro0Ax0dJlSmaL3DpVsg28FPTyJohA/63mv1S/J7FjRdxJavc0qIFZiDAaNorQF1JlzJFioW2XJpK8vHzlaYsKXnX6Q2B8V1IlRLHsoWRGrDi5WdxQniETyIRI1jaSq3vqe5kaiNo8YeWD3MkLSa29aIDqmGAV5pr/Pg8NApBptDLQ1wT9ZjvLzZ8Qby0Q91gSyEvzqzMAaRcjMh95dAUljkpP7axBABQl83jIf6EWh2mW4vfvCkLCjUIaAZDD+iA04rO433yrRvZI2Hh1BBuZi/ISLPkgesGm4jj2xbhKNY1yfCgwy8grcBjhB5kFYVbe1DvLcIJI" ],
|
|
"priority": [ "100" ]
|
|
}
|
|
}
|
|
]
|
|
},
|
|
"internationalizationEnabled": false,
|
|
"supportedLocales": [],
|
|
"authenticationFlows": [
|
|
{
|
|
"id": "e96cceac-cf11-4d11-9e88-0aec7405aa8e",
|
|
"alias": "Account verification options",
|
|
"description": "Method with which to verity the existing account",
|
|
"providerId": "basic-flow",
|
|
"topLevel": false,
|
|
"builtIn": true,
|
|
"authenticationExecutions": [
|
|
{
|
|
"authenticator": "idp-email-verification",
|
|
"authenticatorFlow": false,
|
|
"requirement": "ALTERNATIVE",
|
|
"priority": 10,
|
|
"autheticatorFlow": false,
|
|
"userSetupAllowed": false
|
|
},
|
|
{
|
|
"authenticatorFlow": true,
|
|
"requirement": "ALTERNATIVE",
|
|
"priority": 20,
|
|
"autheticatorFlow": true,
|
|
"flowAlias": "Verify Existing Account by Re-authentication",
|
|
"userSetupAllowed": false
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"id": "e283ea4e-cefe-45e0-8063-38a50e8f5ac9",
|
|
"alias": "Browser - Conditional OTP",
|
|
"description": "Flow to determine if the OTP is required for the authentication",
|
|
"providerId": "basic-flow",
|
|
"topLevel": false,
|
|
"builtIn": true,
|
|
"authenticationExecutions": [
|
|
{
|
|
"authenticator": "conditional-user-configured",
|
|
"authenticatorFlow": false,
|
|
"requirement": "REQUIRED",
|
|
"priority": 10,
|
|
"autheticatorFlow": false,
|
|
"userSetupAllowed": false
|
|
},
|
|
{
|
|
"authenticator": "auth-otp-form",
|
|
"authenticatorFlow": false,
|
|
"requirement": "REQUIRED",
|
|
"priority": 20,
|
|
"autheticatorFlow": false,
|
|
"userSetupAllowed": false
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"id": "0effd347-2f02-4f54-bec1-d61640f78411",
|
|
"alias": "Direct Grant - Conditional OTP",
|
|
"description": "Flow to determine if the OTP is required for the authentication",
|
|
"providerId": "basic-flow",
|
|
"topLevel": false,
|
|
"builtIn": true,
|
|
"authenticationExecutions": [
|
|
{
|
|
"authenticator": "conditional-user-configured",
|
|
"authenticatorFlow": false,
|
|
"requirement": "REQUIRED",
|
|
"priority": 10,
|
|
"autheticatorFlow": false,
|
|
"userSetupAllowed": false
|
|
},
|
|
{
|
|
"authenticator": "direct-grant-validate-otp",
|
|
"authenticatorFlow": false,
|
|
"requirement": "REQUIRED",
|
|
"priority": 20,
|
|
"autheticatorFlow": false,
|
|
"userSetupAllowed": false
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"id": "560c1aae-603f-43a2-a282-3b26e34ca7da",
|
|
"alias": "First broker login - Conditional OTP",
|
|
"description": "Flow to determine if the OTP is required for the authentication",
|
|
"providerId": "basic-flow",
|
|
"topLevel": false,
|
|
"builtIn": true,
|
|
"authenticationExecutions": [
|
|
{
|
|
"authenticator": "conditional-user-configured",
|
|
"authenticatorFlow": false,
|
|
"requirement": "REQUIRED",
|
|
"priority": 10,
|
|
"autheticatorFlow": false,
|
|
"userSetupAllowed": false
|
|
},
|
|
{
|
|
"authenticator": "auth-otp-form",
|
|
"authenticatorFlow": false,
|
|
"requirement": "REQUIRED",
|
|
"priority": 20,
|
|
"autheticatorFlow": false,
|
|
"userSetupAllowed": false
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"id": "e89c4fb9-7cb9-4a5e-9ca0-d615e3963a99",
|
|
"alias": "Handle Existing Account",
|
|
"description": "Handle what to do if there is existing account with same email/username like authenticated identity provider",
|
|
"providerId": "basic-flow",
|
|
"topLevel": false,
|
|
"builtIn": true,
|
|
"authenticationExecutions": [
|
|
{
|
|
"authenticator": "idp-confirm-link",
|
|
"authenticatorFlow": false,
|
|
"requirement": "REQUIRED",
|
|
"priority": 10,
|
|
"autheticatorFlow": false,
|
|
"userSetupAllowed": false
|
|
},
|
|
{
|
|
"authenticatorFlow": true,
|
|
"requirement": "REQUIRED",
|
|
"priority": 20,
|
|
"autheticatorFlow": true,
|
|
"flowAlias": "Account verification options",
|
|
"userSetupAllowed": false
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"id": "476f2bb6-dff6-4a7e-ad8f-0aa5672ea776",
|
|
"alias": "Reset - Conditional OTP",
|
|
"description": "Flow to determine if the OTP should be reset or not. Set to REQUIRED to force.",
|
|
"providerId": "basic-flow",
|
|
"topLevel": false,
|
|
"builtIn": true,
|
|
"authenticationExecutions": [
|
|
{
|
|
"authenticator": "conditional-user-configured",
|
|
"authenticatorFlow": false,
|
|
"requirement": "REQUIRED",
|
|
"priority": 10,
|
|
"autheticatorFlow": false,
|
|
"userSetupAllowed": false
|
|
},
|
|
{
|
|
"authenticator": "reset-otp",
|
|
"authenticatorFlow": false,
|
|
"requirement": "REQUIRED",
|
|
"priority": 20,
|
|
"autheticatorFlow": false,
|
|
"userSetupAllowed": false
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"id": "43cfa637-9f21-4fbf-8387-0b0535517820",
|
|
"alias": "User creation or linking",
|
|
"description": "Flow for the existing/non-existing user alternatives",
|
|
"providerId": "basic-flow",
|
|
"topLevel": false,
|
|
"builtIn": true,
|
|
"authenticationExecutions": [
|
|
{
|
|
"authenticatorConfig": "create unique user config",
|
|
"authenticator": "idp-create-user-if-unique",
|
|
"authenticatorFlow": false,
|
|
"requirement": "ALTERNATIVE",
|
|
"priority": 10,
|
|
"autheticatorFlow": false,
|
|
"userSetupAllowed": false
|
|
},
|
|
{
|
|
"authenticatorFlow": true,
|
|
"requirement": "ALTERNATIVE",
|
|
"priority": 20,
|
|
"autheticatorFlow": true,
|
|
"flowAlias": "Handle Existing Account",
|
|
"userSetupAllowed": false
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"id": "2534f882-aff2-4827-ab22-a71800060e1f",
|
|
"alias": "Verify Existing Account by Re-authentication",
|
|
"description": "Reauthentication of existing account",
|
|
"providerId": "basic-flow",
|
|
"topLevel": false,
|
|
"builtIn": true,
|
|
"authenticationExecutions": [
|
|
{
|
|
"authenticator": "idp-username-password-form",
|
|
"authenticatorFlow": false,
|
|
"requirement": "REQUIRED",
|
|
"priority": 10,
|
|
"autheticatorFlow": false,
|
|
"userSetupAllowed": false
|
|
},
|
|
{
|
|
"authenticatorFlow": true,
|
|
"requirement": "CONDITIONAL",
|
|
"priority": 20,
|
|
"autheticatorFlow": true,
|
|
"flowAlias": "First broker login - Conditional OTP",
|
|
"userSetupAllowed": false
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"id": "ed2d0ead-7b18-45c2-a0ab-298b355d02c7",
|
|
"alias": "browser",
|
|
"description": "browser based authentication",
|
|
"providerId": "basic-flow",
|
|
"topLevel": true,
|
|
"builtIn": true,
|
|
"authenticationExecutions": [
|
|
{
|
|
"authenticator": "auth-cookie",
|
|
"authenticatorFlow": false,
|
|
"requirement": "ALTERNATIVE",
|
|
"priority": 10,
|
|
"autheticatorFlow": false,
|
|
"userSetupAllowed": false
|
|
},
|
|
{
|
|
"authenticator": "auth-spnego",
|
|
"authenticatorFlow": false,
|
|
"requirement": "DISABLED",
|
|
"priority": 20,
|
|
"autheticatorFlow": false,
|
|
"userSetupAllowed": false
|
|
},
|
|
{
|
|
"authenticator": "identity-provider-redirector",
|
|
"authenticatorFlow": false,
|
|
"requirement": "ALTERNATIVE",
|
|
"priority": 25,
|
|
"autheticatorFlow": false,
|
|
"userSetupAllowed": false
|
|
},
|
|
{
|
|
"authenticatorFlow": true,
|
|
"requirement": "ALTERNATIVE",
|
|
"priority": 30,
|
|
"autheticatorFlow": true,
|
|
"flowAlias": "forms",
|
|
"userSetupAllowed": false
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"id": "b33f293a-4f51-4d38-ab7f-543ed1dc71bf",
|
|
"alias": "clients",
|
|
"description": "Base authentication for clients",
|
|
"providerId": "client-flow",
|
|
"topLevel": true,
|
|
"builtIn": true,
|
|
"authenticationExecutions": [
|
|
{
|
|
"authenticator": "client-secret",
|
|
"authenticatorFlow": false,
|
|
"requirement": "ALTERNATIVE",
|
|
"priority": 10,
|
|
"autheticatorFlow": false,
|
|
"userSetupAllowed": false
|
|
},
|
|
{
|
|
"authenticator": "client-jwt",
|
|
"authenticatorFlow": false,
|
|
"requirement": "ALTERNATIVE",
|
|
"priority": 20,
|
|
"autheticatorFlow": false,
|
|
"userSetupAllowed": false
|
|
},
|
|
{
|
|
"authenticator": "client-secret-jwt",
|
|
"authenticatorFlow": false,
|
|
"requirement": "ALTERNATIVE",
|
|
"priority": 30,
|
|
"autheticatorFlow": false,
|
|
"userSetupAllowed": false
|
|
},
|
|
{
|
|
"authenticator": "client-x509",
|
|
"authenticatorFlow": false,
|
|
"requirement": "ALTERNATIVE",
|
|
"priority": 40,
|
|
"autheticatorFlow": false,
|
|
"userSetupAllowed": false
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"id": "fe59c24c-7322-4e67-9e82-be0023ab2889",
|
|
"alias": "direct grant",
|
|
"description": "OpenID Connect Resource Owner Grant",
|
|
"providerId": "basic-flow",
|
|
"topLevel": true,
|
|
"builtIn": true,
|
|
"authenticationExecutions": [
|
|
{
|
|
"authenticator": "direct-grant-validate-username",
|
|
"authenticatorFlow": false,
|
|
"requirement": "REQUIRED",
|
|
"priority": 10,
|
|
"autheticatorFlow": false,
|
|
"userSetupAllowed": false
|
|
},
|
|
{
|
|
"authenticator": "direct-grant-validate-password",
|
|
"authenticatorFlow": false,
|
|
"requirement": "REQUIRED",
|
|
"priority": 20,
|
|
"autheticatorFlow": false,
|
|
"userSetupAllowed": false
|
|
},
|
|
{
|
|
"authenticatorFlow": true,
|
|
"requirement": "CONDITIONAL",
|
|
"priority": 30,
|
|
"autheticatorFlow": true,
|
|
"flowAlias": "Direct Grant - Conditional OTP",
|
|
"userSetupAllowed": false
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"id": "9bb58e30-8fa6-4ea0-9065-ce61c02ba00d",
|
|
"alias": "docker auth",
|
|
"description": "Used by Docker clients to authenticate against the IDP",
|
|
"providerId": "basic-flow",
|
|
"topLevel": true,
|
|
"builtIn": true,
|
|
"authenticationExecutions": [
|
|
{
|
|
"authenticator": "docker-http-basic-authenticator",
|
|
"authenticatorFlow": false,
|
|
"requirement": "REQUIRED",
|
|
"priority": 10,
|
|
"autheticatorFlow": false,
|
|
"userSetupAllowed": false
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"id": "42f4d6fb-7a7d-45bc-97be-5a0948d88945",
|
|
"alias": "first broker login",
|
|
"description": "Actions taken after first broker login with identity provider account, which is not yet linked to any Keycloak account",
|
|
"providerId": "basic-flow",
|
|
"topLevel": true,
|
|
"builtIn": true,
|
|
"authenticationExecutions": [
|
|
{
|
|
"authenticatorConfig": "review profile config",
|
|
"authenticator": "idp-review-profile",
|
|
"authenticatorFlow": false,
|
|
"requirement": "REQUIRED",
|
|
"priority": 10,
|
|
"autheticatorFlow": false,
|
|
"userSetupAllowed": false
|
|
},
|
|
{
|
|
"authenticatorFlow": true,
|
|
"requirement": "REQUIRED",
|
|
"priority": 20,
|
|
"autheticatorFlow": true,
|
|
"flowAlias": "User creation or linking",
|
|
"userSetupAllowed": false
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"id": "4d3d0525-0333-43e8-be62-8fec05753aa3",
|
|
"alias": "forms",
|
|
"description": "Username, password, otp and other auth forms.",
|
|
"providerId": "basic-flow",
|
|
"topLevel": false,
|
|
"builtIn": true,
|
|
"authenticationExecutions": [
|
|
{
|
|
"authenticator": "auth-username-password-form",
|
|
"authenticatorFlow": false,
|
|
"requirement": "REQUIRED",
|
|
"priority": 10,
|
|
"autheticatorFlow": false,
|
|
"userSetupAllowed": false
|
|
},
|
|
{
|
|
"authenticatorFlow": true,
|
|
"requirement": "CONDITIONAL",
|
|
"priority": 20,
|
|
"autheticatorFlow": true,
|
|
"flowAlias": "Browser - Conditional OTP",
|
|
"userSetupAllowed": false
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"id": "72715113-db54-4ba0-89c0-85422e552a58",
|
|
"alias": "registration",
|
|
"description": "registration flow",
|
|
"providerId": "basic-flow",
|
|
"topLevel": true,
|
|
"builtIn": true,
|
|
"authenticationExecutions": [
|
|
{
|
|
"authenticator": "registration-page-form",
|
|
"authenticatorFlow": true,
|
|
"requirement": "REQUIRED",
|
|
"priority": 10,
|
|
"autheticatorFlow": true,
|
|
"flowAlias": "registration form",
|
|
"userSetupAllowed": false
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"id": "2777a201-b799-4f0d-8544-759e3aef5454",
|
|
"alias": "registration form",
|
|
"description": "registration form",
|
|
"providerId": "form-flow",
|
|
"topLevel": false,
|
|
"builtIn": true,
|
|
"authenticationExecutions": [
|
|
{
|
|
"authenticator": "registration-user-creation",
|
|
"authenticatorFlow": false,
|
|
"requirement": "REQUIRED",
|
|
"priority": 20,
|
|
"autheticatorFlow": false,
|
|
"userSetupAllowed": false
|
|
},
|
|
{
|
|
"authenticator": "registration-password-action",
|
|
"authenticatorFlow": false,
|
|
"requirement": "REQUIRED",
|
|
"priority": 50,
|
|
"autheticatorFlow": false,
|
|
"userSetupAllowed": false
|
|
},
|
|
{
|
|
"authenticator": "registration-recaptcha-action",
|
|
"authenticatorFlow": false,
|
|
"requirement": "DISABLED",
|
|
"priority": 60,
|
|
"autheticatorFlow": false,
|
|
"userSetupAllowed": false
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"id": "7f527e1a-3f5f-4a39-80b3-ad3fe110db15",
|
|
"alias": "reset credentials",
|
|
"description": "Reset credentials for a user if they forgot their password or something",
|
|
"providerId": "basic-flow",
|
|
"topLevel": true,
|
|
"builtIn": true,
|
|
"authenticationExecutions": [
|
|
{
|
|
"authenticator": "reset-credentials-choose-user",
|
|
"authenticatorFlow": false,
|
|
"requirement": "REQUIRED",
|
|
"priority": 10,
|
|
"autheticatorFlow": false,
|
|
"userSetupAllowed": false
|
|
},
|
|
{
|
|
"authenticator": "reset-credential-email",
|
|
"authenticatorFlow": false,
|
|
"requirement": "REQUIRED",
|
|
"priority": 20,
|
|
"autheticatorFlow": false,
|
|
"userSetupAllowed": false
|
|
},
|
|
{
|
|
"authenticator": "reset-password",
|
|
"authenticatorFlow": false,
|
|
"requirement": "REQUIRED",
|
|
"priority": 30,
|
|
"autheticatorFlow": false,
|
|
"userSetupAllowed": false
|
|
},
|
|
{
|
|
"authenticatorFlow": true,
|
|
"requirement": "CONDITIONAL",
|
|
"priority": 40,
|
|
"autheticatorFlow": true,
|
|
"flowAlias": "Reset - Conditional OTP",
|
|
"userSetupAllowed": false
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"id": "c9a052b6-28c6-4b13-8bc3-12958bbe0a68",
|
|
"alias": "saml ecp",
|
|
"description": "SAML ECP Profile Authentication Flow",
|
|
"providerId": "basic-flow",
|
|
"topLevel": true,
|
|
"builtIn": true,
|
|
"authenticationExecutions": [
|
|
{
|
|
"authenticator": "http-basic-authenticator",
|
|
"authenticatorFlow": false,
|
|
"requirement": "REQUIRED",
|
|
"priority": 10,
|
|
"autheticatorFlow": false,
|
|
"userSetupAllowed": false
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"authenticatorConfig": [
|
|
{
|
|
"id": "b0b50f78-9a3b-4f03-a9bf-07ac56f2ebac",
|
|
"alias": "create unique user config",
|
|
"config": {
|
|
"require.password.update.after.registration": "false"
|
|
}
|
|
},
|
|
{
|
|
"id": "c972ed55-c8f6-426f-965c-1267dc1f68a9",
|
|
"alias": "review profile config",
|
|
"config": {
|
|
"update.profile.on.first.login": "missing"
|
|
}
|
|
}
|
|
],
|
|
"requiredActions": [
|
|
{
|
|
"alias": "CONFIGURE_TOTP",
|
|
"name": "Configure OTP",
|
|
"providerId": "CONFIGURE_TOTP",
|
|
"enabled": true,
|
|
"defaultAction": false,
|
|
"priority": 10,
|
|
"config": {}
|
|
},
|
|
{
|
|
"alias": "TERMS_AND_CONDITIONS",
|
|
"name": "Terms and Conditions",
|
|
"providerId": "TERMS_AND_CONDITIONS",
|
|
"enabled": false,
|
|
"defaultAction": false,
|
|
"priority": 20,
|
|
"config": {}
|
|
},
|
|
{
|
|
"alias": "UPDATE_PASSWORD",
|
|
"name": "Update Password",
|
|
"providerId": "UPDATE_PASSWORD",
|
|
"enabled": true,
|
|
"defaultAction": false,
|
|
"priority": 30,
|
|
"config": {}
|
|
},
|
|
{
|
|
"alias": "UPDATE_PROFILE",
|
|
"name": "Update Profile",
|
|
"providerId": "UPDATE_PROFILE",
|
|
"enabled": true,
|
|
"defaultAction": false,
|
|
"priority": 40,
|
|
"config": {}
|
|
},
|
|
{
|
|
"alias": "VERIFY_EMAIL",
|
|
"name": "Verify Email",
|
|
"providerId": "VERIFY_EMAIL",
|
|
"enabled": true,
|
|
"defaultAction": false,
|
|
"priority": 50,
|
|
"config": {}
|
|
},
|
|
{
|
|
"alias": "delete_account",
|
|
"name": "Delete Account",
|
|
"providerId": "delete_account",
|
|
"enabled": false,
|
|
"defaultAction": false,
|
|
"priority": 60,
|
|
"config": {}
|
|
},
|
|
{
|
|
"alias": "webauthn-register",
|
|
"name": "Webauthn Register",
|
|
"providerId": "webauthn-register",
|
|
"enabled": true,
|
|
"defaultAction": false,
|
|
"priority": 70,
|
|
"config": {}
|
|
},
|
|
{
|
|
"alias": "webauthn-register-passwordless",
|
|
"name": "Webauthn Register Passwordless",
|
|
"providerId": "webauthn-register-passwordless",
|
|
"enabled": true,
|
|
"defaultAction": false,
|
|
"priority": 80,
|
|
"config": {}
|
|
},
|
|
{
|
|
"alias": "update_user_locale",
|
|
"name": "Update User Locale",
|
|
"providerId": "update_user_locale",
|
|
"enabled": true,
|
|
"defaultAction": false,
|
|
"priority": 1000,
|
|
"config": {}
|
|
}
|
|
],
|
|
"browserFlow": "browser",
|
|
"registrationFlow": "registration",
|
|
"directGrantFlow": "direct grant",
|
|
"resetCredentialsFlow": "reset credentials",
|
|
"clientAuthenticationFlow": "clients",
|
|
"dockerAuthenticationFlow": "docker auth",
|
|
"attributes": {
|
|
"cibaBackchannelTokenDeliveryMode": "poll",
|
|
"cibaAuthRequestedUserHint": "login_hint",
|
|
"clientOfflineSessionMaxLifespan": "0",
|
|
"oauth2DevicePollingInterval": "5",
|
|
"clientSessionIdleTimeout": "0",
|
|
"clientOfflineSessionIdleTimeout": "0",
|
|
"cibaInterval": "5",
|
|
"realmReusableOtpCode": "false",
|
|
"cibaExpiresIn": "120",
|
|
"oauth2DeviceCodeLifespan": "600",
|
|
"parRequestUriLifespan": "60",
|
|
"clientSessionMaxLifespan": "0",
|
|
"frontendUrl": "",
|
|
"acr.loa.map": "{}"
|
|
},
|
|
"keycloakVersion": "23.0.4",
|
|
"userManagedAccessAllowed": false,
|
|
"clientProfiles": {
|
|
"profiles": []
|
|
},
|
|
"clientPolicies": {
|
|
"policies": []
|
|
}
|
|
} |