1843 lines
67 KiB
JSON
1843 lines
67 KiB
JSON
{
|
|
"id" : "oidc",
|
|
"realm" : "oidc",
|
|
"notBefore" : 0,
|
|
"defaultSignatureAlgorithm" : "RS256",
|
|
"revokeRefreshToken" : false,
|
|
"refreshTokenMaxReuse" : 0,
|
|
"accessTokenLifespan" : 300,
|
|
"accessTokenLifespanForImplicitFlow" : 900,
|
|
"ssoSessionIdleTimeout" : 1800,
|
|
"ssoSessionMaxLifespan" : 36000,
|
|
"ssoSessionIdleTimeoutRememberMe" : 0,
|
|
"ssoSessionMaxLifespanRememberMe" : 0,
|
|
"offlineSessionIdleTimeout" : 2592000,
|
|
"offlineSessionMaxLifespanEnabled" : false,
|
|
"offlineSessionMaxLifespan" : 5184000,
|
|
"clientSessionIdleTimeout" : 0,
|
|
"clientSessionMaxLifespan" : 0,
|
|
"clientOfflineSessionIdleTimeout" : 0,
|
|
"clientOfflineSessionMaxLifespan" : 0,
|
|
"accessCodeLifespan" : 60,
|
|
"accessCodeLifespanUserAction" : 300,
|
|
"accessCodeLifespanLogin" : 1800,
|
|
"actionTokenGeneratedByAdminLifespan" : 43200,
|
|
"actionTokenGeneratedByUserLifespan" : 300,
|
|
"oauth2DeviceCodeLifespan" : 600,
|
|
"oauth2DevicePollingInterval" : 5,
|
|
"enabled" : true,
|
|
"sslRequired" : "external",
|
|
"registrationAllowed" : false,
|
|
"registrationEmailAsUsername" : false,
|
|
"rememberMe" : false,
|
|
"verifyEmail" : false,
|
|
"loginWithEmailAllowed" : true,
|
|
"duplicateEmailsAllowed" : false,
|
|
"resetPasswordAllowed" : false,
|
|
"editUsernameAllowed" : false,
|
|
"bruteForceProtected" : false,
|
|
"permanentLockout" : false,
|
|
"maxFailureWaitSeconds" : 900,
|
|
"minimumQuickLoginWaitSeconds" : 60,
|
|
"waitIncrementSeconds" : 60,
|
|
"quickLoginCheckMilliSeconds" : 1000,
|
|
"maxDeltaTimeSeconds" : 43200,
|
|
"failureFactor" : 30,
|
|
"roles" : {
|
|
"realm" : [ {
|
|
"id" : "d29e3b7c-bb0b-4878-9fc0-602221dc7c19",
|
|
"name" : "offline_access",
|
|
"description" : "${role_offline-access}",
|
|
"composite" : false,
|
|
"clientRole" : false,
|
|
"containerId" : "oidc",
|
|
"attributes" : { }
|
|
}, {
|
|
"id" : "c8004dc4-ece5-4248-b473-41e9ac256b1f",
|
|
"name" : "default-roles-oidc",
|
|
"description" : "${role_default-roles}",
|
|
"composite" : true,
|
|
"composites" : {
|
|
"realm" : [ "offline_access", "uma_authorization" ],
|
|
"client" : {
|
|
"account" : [ "manage-account", "view-profile" ]
|
|
}
|
|
},
|
|
"clientRole" : false,
|
|
"containerId" : "oidc",
|
|
"attributes" : { }
|
|
}, {
|
|
"id" : "ba01101b-41db-4850-96b6-31e382bdf9ad",
|
|
"name" : "uma_authorization",
|
|
"description" : "${role_uma_authorization}",
|
|
"composite" : false,
|
|
"clientRole" : false,
|
|
"containerId" : "oidc",
|
|
"attributes" : { }
|
|
} ],
|
|
"client" : {
|
|
"realm-management" : [ {
|
|
"id" : "5e6915b5-2167-4284-97f6-1caef7957dbc",
|
|
"name" : "view-realm",
|
|
"description" : "${role_view-realm}",
|
|
"composite" : false,
|
|
"clientRole" : true,
|
|
"containerId" : "0fb05364-7501-4828-9405-fc18bc7dba2d",
|
|
"attributes" : { }
|
|
}, {
|
|
"id" : "0e621226-a8d5-4e6d-be7c-cd7282c9ddfe",
|
|
"name" : "manage-clients",
|
|
"description" : "${role_manage-clients}",
|
|
"composite" : false,
|
|
"clientRole" : true,
|
|
"containerId" : "0fb05364-7501-4828-9405-fc18bc7dba2d",
|
|
"attributes" : { }
|
|
}, {
|
|
"id" : "4f795fac-c90c-4b3d-bd23-fb69a070f834",
|
|
"name" : "view-clients",
|
|
"description" : "${role_view-clients}",
|
|
"composite" : true,
|
|
"composites" : {
|
|
"client" : {
|
|
"realm-management" : [ "query-clients" ]
|
|
}
|
|
},
|
|
"clientRole" : true,
|
|
"containerId" : "0fb05364-7501-4828-9405-fc18bc7dba2d",
|
|
"attributes" : { }
|
|
}, {
|
|
"id" : "61be3b06-aee2-4466-b26d-bb3ddd4a68f3",
|
|
"name" : "manage-realm",
|
|
"description" : "${role_manage-realm}",
|
|
"composite" : false,
|
|
"clientRole" : true,
|
|
"containerId" : "0fb05364-7501-4828-9405-fc18bc7dba2d",
|
|
"attributes" : { }
|
|
}, {
|
|
"id" : "dcd9e428-b3dc-48f4-b36c-0bfef980df11",
|
|
"name" : "query-users",
|
|
"description" : "${role_query-users}",
|
|
"composite" : false,
|
|
"clientRole" : true,
|
|
"containerId" : "0fb05364-7501-4828-9405-fc18bc7dba2d",
|
|
"attributes" : { }
|
|
}, {
|
|
"id" : "b6eda241-26ed-4ce8-a5d7-d715d46c36d0",
|
|
"name" : "manage-identity-providers",
|
|
"description" : "${role_manage-identity-providers}",
|
|
"composite" : false,
|
|
"clientRole" : true,
|
|
"containerId" : "0fb05364-7501-4828-9405-fc18bc7dba2d",
|
|
"attributes" : { }
|
|
}, {
|
|
"id" : "0c384087-c4c7-47b5-981a-857d190bdd9b",
|
|
"name" : "manage-authorization",
|
|
"description" : "${role_manage-authorization}",
|
|
"composite" : false,
|
|
"clientRole" : true,
|
|
"containerId" : "0fb05364-7501-4828-9405-fc18bc7dba2d",
|
|
"attributes" : { }
|
|
}, {
|
|
"id" : "06b9752e-d113-48df-a96c-afc548b6c14d",
|
|
"name" : "create-client",
|
|
"description" : "${role_create-client}",
|
|
"composite" : false,
|
|
"clientRole" : true,
|
|
"containerId" : "0fb05364-7501-4828-9405-fc18bc7dba2d",
|
|
"attributes" : { }
|
|
}, {
|
|
"id" : "35d7539e-e019-455d-99a5-4c23448b50aa",
|
|
"name" : "query-realms",
|
|
"description" : "${role_query-realms}",
|
|
"composite" : false,
|
|
"clientRole" : true,
|
|
"containerId" : "0fb05364-7501-4828-9405-fc18bc7dba2d",
|
|
"attributes" : { }
|
|
}, {
|
|
"id" : "b8bfd15b-aab9-4a2e-9898-92e9f955ace4",
|
|
"name" : "query-groups",
|
|
"description" : "${role_query-groups}",
|
|
"composite" : false,
|
|
"clientRole" : true,
|
|
"containerId" : "0fb05364-7501-4828-9405-fc18bc7dba2d",
|
|
"attributes" : { }
|
|
}, {
|
|
"id" : "e4dfcc62-0c3e-4d50-9f66-ea3cb7df6e42",
|
|
"name" : "view-events",
|
|
"description" : "${role_view-events}",
|
|
"composite" : false,
|
|
"clientRole" : true,
|
|
"containerId" : "0fb05364-7501-4828-9405-fc18bc7dba2d",
|
|
"attributes" : { }
|
|
}, {
|
|
"id" : "cbfe8a8a-f735-480c-ae5f-b194de999331",
|
|
"name" : "query-clients",
|
|
"description" : "${role_query-clients}",
|
|
"composite" : false,
|
|
"clientRole" : true,
|
|
"containerId" : "0fb05364-7501-4828-9405-fc18bc7dba2d",
|
|
"attributes" : { }
|
|
}, {
|
|
"id" : "a7932c23-cde1-4cca-937a-4400ef8c02ab",
|
|
"name" : "impersonation",
|
|
"description" : "${role_impersonation}",
|
|
"composite" : false,
|
|
"clientRole" : true,
|
|
"containerId" : "0fb05364-7501-4828-9405-fc18bc7dba2d",
|
|
"attributes" : { }
|
|
}, {
|
|
"id" : "51da0c35-11ca-4760-b39e-729fd0861e42",
|
|
"name" : "view-identity-providers",
|
|
"description" : "${role_view-identity-providers}",
|
|
"composite" : false,
|
|
"clientRole" : true,
|
|
"containerId" : "0fb05364-7501-4828-9405-fc18bc7dba2d",
|
|
"attributes" : { }
|
|
}, {
|
|
"id" : "764e710b-633f-43f5-a81d-6069ada4b79a",
|
|
"name" : "view-users",
|
|
"description" : "${role_view-users}",
|
|
"composite" : true,
|
|
"composites" : {
|
|
"client" : {
|
|
"realm-management" : [ "query-groups", "query-users" ]
|
|
}
|
|
},
|
|
"clientRole" : true,
|
|
"containerId" : "0fb05364-7501-4828-9405-fc18bc7dba2d",
|
|
"attributes" : { }
|
|
}, {
|
|
"id" : "b2208b7d-3379-4916-9d35-9cd374656dd3",
|
|
"name" : "realm-admin",
|
|
"description" : "${role_realm-admin}",
|
|
"composite" : true,
|
|
"composites" : {
|
|
"client" : {
|
|
"realm-management" : [ "view-realm", "manage-clients", "view-clients", "manage-realm", "query-users", "manage-identity-providers", "manage-authorization", "create-client", "query-realms", "query-groups", "view-events", "query-clients", "impersonation", "view-identity-providers", "view-users", "manage-events", "view-authorization", "manage-users" ]
|
|
}
|
|
},
|
|
"clientRole" : true,
|
|
"containerId" : "0fb05364-7501-4828-9405-fc18bc7dba2d",
|
|
"attributes" : { }
|
|
}, {
|
|
"id" : "64fadb8e-32fb-4d94-ba47-55b5b900fb13",
|
|
"name" : "manage-events",
|
|
"description" : "${role_manage-events}",
|
|
"composite" : false,
|
|
"clientRole" : true,
|
|
"containerId" : "0fb05364-7501-4828-9405-fc18bc7dba2d",
|
|
"attributes" : { }
|
|
}, {
|
|
"id" : "daebd597-a7e0-49f0-b45f-b46128cc3502",
|
|
"name" : "manage-users",
|
|
"description" : "${role_manage-users}",
|
|
"composite" : false,
|
|
"clientRole" : true,
|
|
"containerId" : "0fb05364-7501-4828-9405-fc18bc7dba2d",
|
|
"attributes" : { }
|
|
}, {
|
|
"id" : "822d2377-a510-4461-b7fb-0c2adda29970",
|
|
"name" : "view-authorization",
|
|
"description" : "${role_view-authorization}",
|
|
"composite" : false,
|
|
"clientRole" : true,
|
|
"containerId" : "0fb05364-7501-4828-9405-fc18bc7dba2d",
|
|
"attributes" : { }
|
|
} ],
|
|
"tacker" : [ ],
|
|
"security-admin-console" : [ ],
|
|
"admin-cli" : [ ],
|
|
"account-console" : [ ],
|
|
"broker" : [ {
|
|
"id" : "aebe87b8-1527-4ceb-8449-a5fd7ab2aff9",
|
|
"name" : "read-token",
|
|
"description" : "${role_read-token}",
|
|
"composite" : false,
|
|
"clientRole" : true,
|
|
"containerId" : "8eeffcdb-a820-4421-bd2b-b5fcb4cc5c4e",
|
|
"attributes" : { }
|
|
} ],
|
|
"account" : [ {
|
|
"id" : "79c015b8-da1a-413c-b578-4f7b98563e0c",
|
|
"name" : "manage-account",
|
|
"description" : "${role_manage-account}",
|
|
"composite" : true,
|
|
"composites" : {
|
|
"client" : {
|
|
"account" : [ "manage-account-links" ]
|
|
}
|
|
},
|
|
"clientRole" : true,
|
|
"containerId" : "c6caf897-fcba-4ad7-a3d2-f2fcc434ca60",
|
|
"attributes" : { }
|
|
}, {
|
|
"id" : "9d276431-9f99-4728-8ef1-e9570d6252d4",
|
|
"name" : "view-profile",
|
|
"description" : "${role_view-profile}",
|
|
"composite" : false,
|
|
"clientRole" : true,
|
|
"containerId" : "c6caf897-fcba-4ad7-a3d2-f2fcc434ca60",
|
|
"attributes" : { }
|
|
}, {
|
|
"id" : "d633767b-3def-4ce4-ad15-629bbc26e973",
|
|
"name" : "delete-account",
|
|
"description" : "${role_delete-account}",
|
|
"composite" : false,
|
|
"clientRole" : true,
|
|
"containerId" : "c6caf897-fcba-4ad7-a3d2-f2fcc434ca60",
|
|
"attributes" : { }
|
|
}, {
|
|
"id" : "e14adaa7-ff7b-417b-bacd-52d4f909fb74",
|
|
"name" : "manage-consent",
|
|
"description" : "${role_manage-consent}",
|
|
"composite" : true,
|
|
"composites" : {
|
|
"client" : {
|
|
"account" : [ "view-consent" ]
|
|
}
|
|
},
|
|
"clientRole" : true,
|
|
"containerId" : "c6caf897-fcba-4ad7-a3d2-f2fcc434ca60",
|
|
"attributes" : { }
|
|
}, {
|
|
"id" : "29921186-d4e5-4811-a780-e0d0fa9c91ff",
|
|
"name" : "view-applications",
|
|
"description" : "${role_view-applications}",
|
|
"composite" : false,
|
|
"clientRole" : true,
|
|
"containerId" : "c6caf897-fcba-4ad7-a3d2-f2fcc434ca60",
|
|
"attributes" : { }
|
|
}, {
|
|
"id" : "6bcd592c-9afd-45df-aedf-ba6fc67310d3",
|
|
"name" : "manage-account-links",
|
|
"description" : "${role_manage-account-links}",
|
|
"composite" : false,
|
|
"clientRole" : true,
|
|
"containerId" : "c6caf897-fcba-4ad7-a3d2-f2fcc434ca60",
|
|
"attributes" : { }
|
|
}, {
|
|
"id" : "86e47647-8cd8-4835-bb17-ecd0934db4ed",
|
|
"name" : "view-consent",
|
|
"description" : "${role_view-consent}",
|
|
"composite" : false,
|
|
"clientRole" : true,
|
|
"containerId" : "c6caf897-fcba-4ad7-a3d2-f2fcc434ca60",
|
|
"attributes" : { }
|
|
} ]
|
|
}
|
|
},
|
|
"groups" : [ ],
|
|
"defaultRole" : {
|
|
"id" : "c8004dc4-ece5-4248-b473-41e9ac256b1f",
|
|
"name" : "default-roles-oidc",
|
|
"description" : "${role_default-roles}",
|
|
"composite" : true,
|
|
"clientRole" : false,
|
|
"containerId" : "oidc"
|
|
},
|
|
"requiredCredentials" : [ "password" ],
|
|
"otpPolicyType" : "totp",
|
|
"otpPolicyAlgorithm" : "HmacSHA1",
|
|
"otpPolicyInitialCounter" : 0,
|
|
"otpPolicyDigits" : 6,
|
|
"otpPolicyLookAheadWindow" : 1,
|
|
"otpPolicyPeriod" : 30,
|
|
"otpSupportedApplications" : [ "FreeOTP", "Google Authenticator" ],
|
|
"webAuthnPolicyRpEntityName" : "keycloak",
|
|
"webAuthnPolicySignatureAlgorithms" : [ "ES256" ],
|
|
"webAuthnPolicyRpId" : "",
|
|
"webAuthnPolicyAttestationConveyancePreference" : "not specified",
|
|
"webAuthnPolicyAuthenticatorAttachment" : "not specified",
|
|
"webAuthnPolicyRequireResidentKey" : "not specified",
|
|
"webAuthnPolicyUserVerificationRequirement" : "not specified",
|
|
"webAuthnPolicyCreateTimeout" : 0,
|
|
"webAuthnPolicyAvoidSameAuthenticatorRegister" : false,
|
|
"webAuthnPolicyAcceptableAaguids" : [ ],
|
|
"webAuthnPolicyPasswordlessRpEntityName" : "keycloak",
|
|
"webAuthnPolicyPasswordlessSignatureAlgorithms" : [ "ES256" ],
|
|
"webAuthnPolicyPasswordlessRpId" : "",
|
|
"webAuthnPolicyPasswordlessAttestationConveyancePreference" : "not specified",
|
|
"webAuthnPolicyPasswordlessAuthenticatorAttachment" : "not specified",
|
|
"webAuthnPolicyPasswordlessRequireResidentKey" : "not specified",
|
|
"webAuthnPolicyPasswordlessUserVerificationRequirement" : "not specified",
|
|
"webAuthnPolicyPasswordlessCreateTimeout" : 0,
|
|
"webAuthnPolicyPasswordlessAvoidSameAuthenticatorRegister" : false,
|
|
"webAuthnPolicyPasswordlessAcceptableAaguids" : [ ],
|
|
"users" : [ {
|
|
"id" : "96e52328-6129-47d0-9989-6edbad9428ea",
|
|
"createdTimestamp" : 1662446980799,
|
|
"username" : "end-user",
|
|
"enabled" : true,
|
|
"totp" : false,
|
|
"emailVerified" : false,
|
|
"attributes" : {
|
|
"name" : [ "end-user" ]
|
|
},
|
|
"credentials" : [ {
|
|
"id" : "2c2c0639-f9f9-45d9-98e7-aa33bf100776",
|
|
"type" : "password",
|
|
"createdDate" : 1662447010297,
|
|
"secretData" : "{\"value\":\"lDs6tZFb4mn65os+ULX1TUCtm3DIwK2HOl6iKG1MsEblVSfKOnHFBesdCKs8cbusOZAdy74DtvU66h1vP/wWDA==\",\"salt\":\"tpJLit4pFSdQshHBdZVpBA==\",\"additionalParameters\":{}}",
|
|
"credentialData" : "{\"hashIterations\":27500,\"algorithm\":\"pbkdf2-sha256\",\"additionalParameters\":{}}"
|
|
} ],
|
|
"disableableCredentialTypes" : [ ],
|
|
"requiredActions" : [ ],
|
|
"realmRoles" : [ "default-roles-oidc" ],
|
|
"notBefore" : 0,
|
|
"groups" : [ ]
|
|
} ],
|
|
"scopeMappings" : [ {
|
|
"clientScope" : "offline_access",
|
|
"roles" : [ "offline_access" ]
|
|
} ],
|
|
"clientScopeMappings" : {
|
|
"account" : [ {
|
|
"client" : "account-console",
|
|
"roles" : [ "manage-account" ]
|
|
} ]
|
|
},
|
|
"clients" : [ {
|
|
"id" : "c6caf897-fcba-4ad7-a3d2-f2fcc434ca60",
|
|
"clientId" : "account",
|
|
"name" : "${client_account}",
|
|
"rootUrl" : "${authBaseUrl}",
|
|
"baseUrl" : "/realms/oidc/account/",
|
|
"surrogateAuthRequired" : false,
|
|
"enabled" : true,
|
|
"alwaysDisplayInConsole" : false,
|
|
"clientAuthenticatorType" : "client-secret",
|
|
"redirectUris" : [ "/realms/oidc/account/*" ],
|
|
"webOrigins" : [ ],
|
|
"notBefore" : 0,
|
|
"bearerOnly" : false,
|
|
"consentRequired" : false,
|
|
"standardFlowEnabled" : true,
|
|
"implicitFlowEnabled" : false,
|
|
"directAccessGrantsEnabled" : false,
|
|
"serviceAccountsEnabled" : false,
|
|
"publicClient" : true,
|
|
"frontchannelLogout" : false,
|
|
"protocol" : "openid-connect",
|
|
"attributes" : { },
|
|
"authenticationFlowBindingOverrides" : { },
|
|
"fullScopeAllowed" : false,
|
|
"nodeReRegistrationTimeout" : 0,
|
|
"defaultClientScopes" : [ "web-origins", "acr", "roles", "profile", "email" ],
|
|
"optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ]
|
|
}, {
|
|
"id" : "a65c4a54-9002-43a9-a9c1-8c766d79d691",
|
|
"clientId" : "account-console",
|
|
"name" : "${client_account-console}",
|
|
"rootUrl" : "${authBaseUrl}",
|
|
"baseUrl" : "/realms/oidc/account/",
|
|
"surrogateAuthRequired" : false,
|
|
"enabled" : true,
|
|
"alwaysDisplayInConsole" : false,
|
|
"clientAuthenticatorType" : "client-secret",
|
|
"redirectUris" : [ "/realms/oidc/account/*" ],
|
|
"webOrigins" : [ ],
|
|
"notBefore" : 0,
|
|
"bearerOnly" : false,
|
|
"consentRequired" : false,
|
|
"standardFlowEnabled" : true,
|
|
"implicitFlowEnabled" : false,
|
|
"directAccessGrantsEnabled" : false,
|
|
"serviceAccountsEnabled" : false,
|
|
"publicClient" : true,
|
|
"frontchannelLogout" : false,
|
|
"protocol" : "openid-connect",
|
|
"attributes" : {
|
|
"pkce.code.challenge.method" : "S256"
|
|
},
|
|
"authenticationFlowBindingOverrides" : { },
|
|
"fullScopeAllowed" : false,
|
|
"nodeReRegistrationTimeout" : 0,
|
|
"protocolMappers" : [ {
|
|
"id" : "16a817a5-14af-4608-98b5-cadc70cd0f18",
|
|
"name" : "audience resolve",
|
|
"protocol" : "openid-connect",
|
|
"protocolMapper" : "oidc-audience-resolve-mapper",
|
|
"consentRequired" : false,
|
|
"config" : { }
|
|
} ],
|
|
"defaultClientScopes" : [ "web-origins", "acr", "roles", "profile", "email" ],
|
|
"optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ]
|
|
}, {
|
|
"id" : "24e0d76a-e390-4beb-9dca-59f20bcd86b9",
|
|
"clientId" : "admin-cli",
|
|
"name" : "${client_admin-cli}",
|
|
"surrogateAuthRequired" : false,
|
|
"enabled" : true,
|
|
"alwaysDisplayInConsole" : false,
|
|
"clientAuthenticatorType" : "client-secret",
|
|
"redirectUris" : [ ],
|
|
"webOrigins" : [ ],
|
|
"notBefore" : 0,
|
|
"bearerOnly" : false,
|
|
"consentRequired" : false,
|
|
"standardFlowEnabled" : false,
|
|
"implicitFlowEnabled" : false,
|
|
"directAccessGrantsEnabled" : true,
|
|
"serviceAccountsEnabled" : false,
|
|
"publicClient" : true,
|
|
"frontchannelLogout" : false,
|
|
"protocol" : "openid-connect",
|
|
"attributes" : { },
|
|
"authenticationFlowBindingOverrides" : { },
|
|
"fullScopeAllowed" : false,
|
|
"nodeReRegistrationTimeout" : 0,
|
|
"defaultClientScopes" : [ "web-origins", "acr", "roles", "profile", "email" ],
|
|
"optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ]
|
|
}, {
|
|
"id" : "8eeffcdb-a820-4421-bd2b-b5fcb4cc5c4e",
|
|
"clientId" : "broker",
|
|
"name" : "${client_broker}",
|
|
"surrogateAuthRequired" : false,
|
|
"enabled" : true,
|
|
"alwaysDisplayInConsole" : false,
|
|
"clientAuthenticatorType" : "client-secret",
|
|
"redirectUris" : [ ],
|
|
"webOrigins" : [ ],
|
|
"notBefore" : 0,
|
|
"bearerOnly" : true,
|
|
"consentRequired" : false,
|
|
"standardFlowEnabled" : true,
|
|
"implicitFlowEnabled" : false,
|
|
"directAccessGrantsEnabled" : false,
|
|
"serviceAccountsEnabled" : false,
|
|
"publicClient" : false,
|
|
"frontchannelLogout" : false,
|
|
"protocol" : "openid-connect",
|
|
"attributes" : { },
|
|
"authenticationFlowBindingOverrides" : { },
|
|
"fullScopeAllowed" : false,
|
|
"nodeReRegistrationTimeout" : 0,
|
|
"defaultClientScopes" : [ "web-origins", "acr", "roles", "profile", "email" ],
|
|
"optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ]
|
|
}, {
|
|
"id" : "0fb05364-7501-4828-9405-fc18bc7dba2d",
|
|
"clientId" : "realm-management",
|
|
"name" : "${client_realm-management}",
|
|
"surrogateAuthRequired" : false,
|
|
"enabled" : true,
|
|
"alwaysDisplayInConsole" : false,
|
|
"clientAuthenticatorType" : "client-secret",
|
|
"redirectUris" : [ ],
|
|
"webOrigins" : [ ],
|
|
"notBefore" : 0,
|
|
"bearerOnly" : true,
|
|
"consentRequired" : false,
|
|
"standardFlowEnabled" : true,
|
|
"implicitFlowEnabled" : false,
|
|
"directAccessGrantsEnabled" : false,
|
|
"serviceAccountsEnabled" : false,
|
|
"publicClient" : false,
|
|
"frontchannelLogout" : false,
|
|
"protocol" : "openid-connect",
|
|
"attributes" : { },
|
|
"authenticationFlowBindingOverrides" : { },
|
|
"fullScopeAllowed" : false,
|
|
"nodeReRegistrationTimeout" : 0,
|
|
"defaultClientScopes" : [ "web-origins", "acr", "roles", "profile", "email" ],
|
|
"optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ]
|
|
}, {
|
|
"id" : "4b902faa-aaf2-44c9-822d-ca91ac319897",
|
|
"clientId" : "security-admin-console",
|
|
"name" : "${client_security-admin-console}",
|
|
"rootUrl" : "${authAdminUrl}",
|
|
"baseUrl" : "/admin/oidc/console/",
|
|
"surrogateAuthRequired" : false,
|
|
"enabled" : true,
|
|
"alwaysDisplayInConsole" : false,
|
|
"clientAuthenticatorType" : "client-secret",
|
|
"redirectUris" : [ "/admin/oidc/console/*" ],
|
|
"webOrigins" : [ "+" ],
|
|
"notBefore" : 0,
|
|
"bearerOnly" : false,
|
|
"consentRequired" : false,
|
|
"standardFlowEnabled" : true,
|
|
"implicitFlowEnabled" : false,
|
|
"directAccessGrantsEnabled" : false,
|
|
"serviceAccountsEnabled" : false,
|
|
"publicClient" : true,
|
|
"frontchannelLogout" : false,
|
|
"protocol" : "openid-connect",
|
|
"attributes" : {
|
|
"pkce.code.challenge.method" : "S256"
|
|
},
|
|
"authenticationFlowBindingOverrides" : { },
|
|
"fullScopeAllowed" : false,
|
|
"nodeReRegistrationTimeout" : 0,
|
|
"protocolMappers" : [ {
|
|
"id" : "a7420c26-961d-4db6-b120-59bc6a55362c",
|
|
"name" : "locale",
|
|
"protocol" : "openid-connect",
|
|
"protocolMapper" : "oidc-usermodel-attribute-mapper",
|
|
"consentRequired" : false,
|
|
"config" : {
|
|
"userinfo.token.claim" : "true",
|
|
"user.attribute" : "locale",
|
|
"id.token.claim" : "true",
|
|
"access.token.claim" : "true",
|
|
"claim.name" : "locale",
|
|
"jsonType.label" : "String"
|
|
}
|
|
} ],
|
|
"defaultClientScopes" : [ "web-origins", "acr", "roles", "profile", "email" ],
|
|
"optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ]
|
|
}, {
|
|
"id" : "7976e190-ad99-464f-b80e-0029f88be0da",
|
|
"clientId" : "tacker",
|
|
"surrogateAuthRequired" : false,
|
|
"enabled" : true,
|
|
"alwaysDisplayInConsole" : false,
|
|
"clientAuthenticatorType" : "client-secret",
|
|
"secret" : "K0Zp5dvdOFhZ7W9PVNZn14omW9NmCQvQ",
|
|
"redirectUris" : [ "http://*" ],
|
|
"webOrigins" : [ ],
|
|
"notBefore" : 0,
|
|
"bearerOnly" : false,
|
|
"consentRequired" : false,
|
|
"standardFlowEnabled" : true,
|
|
"implicitFlowEnabled" : false,
|
|
"directAccessGrantsEnabled" : true,
|
|
"serviceAccountsEnabled" : false,
|
|
"publicClient" : false,
|
|
"frontchannelLogout" : false,
|
|
"protocol" : "openid-connect",
|
|
"attributes" : {
|
|
"saml.force.post.binding" : "false",
|
|
"saml.multivalued.roles" : "false",
|
|
"frontchannel.logout.session.required" : "false",
|
|
"oauth2.device.authorization.grant.enabled" : "false",
|
|
"backchannel.logout.revoke.offline.tokens" : "false",
|
|
"saml.server.signature.keyinfo.ext" : "false",
|
|
"use.refresh.tokens" : "true",
|
|
"oidc.ciba.grant.enabled" : "false",
|
|
"backchannel.logout.session.required" : "true",
|
|
"client_credentials.use_refresh_token" : "false",
|
|
"require.pushed.authorization.requests" : "false",
|
|
"saml.client.signature" : "false",
|
|
"saml.allow.ecp.flow" : "false",
|
|
"id.token.as.detached.signature" : "false",
|
|
"saml.assertion.signature" : "false",
|
|
"client.secret.creation.time" : "1662447097",
|
|
"saml.encrypt" : "false",
|
|
"saml.server.signature" : "false",
|
|
"exclude.session.state.from.auth.response" : "false",
|
|
"saml.artifact.binding" : "false",
|
|
"saml_force_name_id_format" : "false",
|
|
"acr.loa.map" : "{}",
|
|
"tls.client.certificate.bound.access.tokens" : "false",
|
|
"saml.authnstatement" : "false",
|
|
"display.on.consent.screen" : "false",
|
|
"token.response.type.bearer.lower-case" : "false",
|
|
"saml.onetimeuse.condition" : "false"
|
|
},
|
|
"authenticationFlowBindingOverrides" : { },
|
|
"fullScopeAllowed" : true,
|
|
"nodeReRegistrationTimeout" : -1,
|
|
"protocolMappers" : [ {
|
|
"id" : "13c47a7d-4671-44cd-bc94-c9635b13601d",
|
|
"name" : "name",
|
|
"protocol" : "openid-connect",
|
|
"protocolMapper" : "oidc-usermodel-attribute-mapper",
|
|
"consentRequired" : false,
|
|
"config" : {
|
|
"userinfo.token.claim" : "true",
|
|
"user.attribute" : "name",
|
|
"id.token.claim" : "true",
|
|
"access.token.claim" : "true",
|
|
"claim.name" : "name",
|
|
"jsonType.label" : "String"
|
|
}
|
|
} ],
|
|
"defaultClientScopes" : [ "web-origins", "acr", "roles", "profile", "email" ],
|
|
"optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ]
|
|
} ],
|
|
"clientScopes" : [ {
|
|
"id" : "613f58b0-b75e-4a0e-aaf6-fbb9c84a1781",
|
|
"name" : "roles",
|
|
"description" : "OpenID Connect scope for add user roles to the access token",
|
|
"protocol" : "openid-connect",
|
|
"attributes" : {
|
|
"include.in.token.scope" : "false",
|
|
"display.on.consent.screen" : "true",
|
|
"consent.screen.text" : "${rolesScopeConsentText}"
|
|
},
|
|
"protocolMappers" : [ {
|
|
"id" : "3744f78b-d435-4cc2-8367-812e24e5f303",
|
|
"name" : "realm roles",
|
|
"protocol" : "openid-connect",
|
|
"protocolMapper" : "oidc-usermodel-realm-role-mapper",
|
|
"consentRequired" : false,
|
|
"config" : {
|
|
"user.attribute" : "foo",
|
|
"access.token.claim" : "true",
|
|
"claim.name" : "realm_access.roles",
|
|
"jsonType.label" : "String",
|
|
"multivalued" : "true"
|
|
}
|
|
}, {
|
|
"id" : "cd60e6fc-1bb8-4b89-9220-6f61a0747524",
|
|
"name" : "client roles",
|
|
"protocol" : "openid-connect",
|
|
"protocolMapper" : "oidc-usermodel-client-role-mapper",
|
|
"consentRequired" : false,
|
|
"config" : {
|
|
"user.attribute" : "foo",
|
|
"access.token.claim" : "true",
|
|
"claim.name" : "resource_access.${client_id}.roles",
|
|
"jsonType.label" : "String",
|
|
"multivalued" : "true"
|
|
}
|
|
}, {
|
|
"id" : "3101dd36-3aa8-47d5-ab02-afd164203fb6",
|
|
"name" : "audience resolve",
|
|
"protocol" : "openid-connect",
|
|
"protocolMapper" : "oidc-audience-resolve-mapper",
|
|
"consentRequired" : false,
|
|
"config" : { }
|
|
} ]
|
|
}, {
|
|
"id" : "84e5f07a-b077-41ae-bbbd-39b0c850fa72",
|
|
"name" : "role_list",
|
|
"description" : "SAML role list",
|
|
"protocol" : "saml",
|
|
"attributes" : {
|
|
"consent.screen.text" : "${samlRoleListScopeConsentText}",
|
|
"display.on.consent.screen" : "true"
|
|
},
|
|
"protocolMappers" : [ {
|
|
"id" : "0cbfa1c1-0d77-40c2-90dd-319645096929",
|
|
"name" : "role list",
|
|
"protocol" : "saml",
|
|
"protocolMapper" : "saml-role-list-mapper",
|
|
"consentRequired" : false,
|
|
"config" : {
|
|
"single" : "false",
|
|
"attribute.nameformat" : "Basic",
|
|
"attribute.name" : "Role"
|
|
}
|
|
} ]
|
|
}, {
|
|
"id" : "255afd80-2297-4bf3-9d60-c23b96e44faf",
|
|
"name" : "offline_access",
|
|
"description" : "OpenID Connect built-in scope: offline_access",
|
|
"protocol" : "openid-connect",
|
|
"attributes" : {
|
|
"consent.screen.text" : "${offlineAccessScopeConsentText}",
|
|
"display.on.consent.screen" : "true"
|
|
}
|
|
}, {
|
|
"id" : "a54c4375-d74c-4138-9f34-2fd3ce79e844",
|
|
"name" : "profile",
|
|
"description" : "OpenID Connect built-in scope: profile",
|
|
"protocol" : "openid-connect",
|
|
"attributes" : {
|
|
"include.in.token.scope" : "true",
|
|
"display.on.consent.screen" : "true",
|
|
"consent.screen.text" : "${profileScopeConsentText}"
|
|
},
|
|
"protocolMappers" : [ {
|
|
"id" : "fe521190-c217-4cbf-b893-a2fcc8233553",
|
|
"name" : "picture",
|
|
"protocol" : "openid-connect",
|
|
"protocolMapper" : "oidc-usermodel-attribute-mapper",
|
|
"consentRequired" : false,
|
|
"config" : {
|
|
"userinfo.token.claim" : "true",
|
|
"user.attribute" : "picture",
|
|
"id.token.claim" : "true",
|
|
"access.token.claim" : "true",
|
|
"claim.name" : "picture",
|
|
"jsonType.label" : "String"
|
|
}
|
|
}, {
|
|
"id" : "afd049e0-f000-4bea-b9e1-586866a2a192",
|
|
"name" : "full name",
|
|
"protocol" : "openid-connect",
|
|
"protocolMapper" : "oidc-full-name-mapper",
|
|
"consentRequired" : false,
|
|
"config" : {
|
|
"id.token.claim" : "true",
|
|
"access.token.claim" : "true",
|
|
"userinfo.token.claim" : "true"
|
|
}
|
|
}, {
|
|
"id" : "2053c06f-574c-4c67-a2f8-0b927afc47a8",
|
|
"name" : "nickname",
|
|
"protocol" : "openid-connect",
|
|
"protocolMapper" : "oidc-usermodel-attribute-mapper",
|
|
"consentRequired" : false,
|
|
"config" : {
|
|
"userinfo.token.claim" : "true",
|
|
"user.attribute" : "nickname",
|
|
"id.token.claim" : "true",
|
|
"access.token.claim" : "true",
|
|
"claim.name" : "nickname",
|
|
"jsonType.label" : "String"
|
|
}
|
|
}, {
|
|
"id" : "0d33e9f7-e9bd-46f2-ade7-982fb56aa4ed",
|
|
"name" : "profile",
|
|
"protocol" : "openid-connect",
|
|
"protocolMapper" : "oidc-usermodel-attribute-mapper",
|
|
"consentRequired" : false,
|
|
"config" : {
|
|
"userinfo.token.claim" : "true",
|
|
"user.attribute" : "profile",
|
|
"id.token.claim" : "true",
|
|
"access.token.claim" : "true",
|
|
"claim.name" : "profile",
|
|
"jsonType.label" : "String"
|
|
}
|
|
}, {
|
|
"id" : "ab71478b-b068-491b-8414-0536b02dcd8a",
|
|
"name" : "middle name",
|
|
"protocol" : "openid-connect",
|
|
"protocolMapper" : "oidc-usermodel-attribute-mapper",
|
|
"consentRequired" : false,
|
|
"config" : {
|
|
"userinfo.token.claim" : "true",
|
|
"user.attribute" : "middleName",
|
|
"id.token.claim" : "true",
|
|
"access.token.claim" : "true",
|
|
"claim.name" : "middle_name",
|
|
"jsonType.label" : "String"
|
|
}
|
|
}, {
|
|
"id" : "5c7c998e-bfb9-4174-aa18-c366d3d79c9f",
|
|
"name" : "given name",
|
|
"protocol" : "openid-connect",
|
|
"protocolMapper" : "oidc-usermodel-property-mapper",
|
|
"consentRequired" : false,
|
|
"config" : {
|
|
"userinfo.token.claim" : "true",
|
|
"user.attribute" : "firstName",
|
|
"id.token.claim" : "true",
|
|
"access.token.claim" : "true",
|
|
"claim.name" : "given_name",
|
|
"jsonType.label" : "String"
|
|
}
|
|
}, {
|
|
"id" : "27aabf78-618f-4b24-b347-4000c16bc940",
|
|
"name" : "gender",
|
|
"protocol" : "openid-connect",
|
|
"protocolMapper" : "oidc-usermodel-attribute-mapper",
|
|
"consentRequired" : false,
|
|
"config" : {
|
|
"userinfo.token.claim" : "true",
|
|
"user.attribute" : "gender",
|
|
"id.token.claim" : "true",
|
|
"access.token.claim" : "true",
|
|
"claim.name" : "gender",
|
|
"jsonType.label" : "String"
|
|
}
|
|
}, {
|
|
"id" : "d5d0731c-f14a-4de1-8765-131528592367",
|
|
"name" : "family name",
|
|
"protocol" : "openid-connect",
|
|
"protocolMapper" : "oidc-usermodel-property-mapper",
|
|
"consentRequired" : false,
|
|
"config" : {
|
|
"userinfo.token.claim" : "true",
|
|
"user.attribute" : "lastName",
|
|
"id.token.claim" : "true",
|
|
"access.token.claim" : "true",
|
|
"claim.name" : "family_name",
|
|
"jsonType.label" : "String"
|
|
}
|
|
}, {
|
|
"id" : "e0faf26d-9c2a-4524-b8aa-791c30d778a6",
|
|
"name" : "website",
|
|
"protocol" : "openid-connect",
|
|
"protocolMapper" : "oidc-usermodel-attribute-mapper",
|
|
"consentRequired" : false,
|
|
"config" : {
|
|
"userinfo.token.claim" : "true",
|
|
"user.attribute" : "website",
|
|
"id.token.claim" : "true",
|
|
"access.token.claim" : "true",
|
|
"claim.name" : "website",
|
|
"jsonType.label" : "String"
|
|
}
|
|
}, {
|
|
"id" : "99e5c422-ed3e-4541-b554-4e8747358728",
|
|
"name" : "zoneinfo",
|
|
"protocol" : "openid-connect",
|
|
"protocolMapper" : "oidc-usermodel-attribute-mapper",
|
|
"consentRequired" : false,
|
|
"config" : {
|
|
"userinfo.token.claim" : "true",
|
|
"user.attribute" : "zoneinfo",
|
|
"id.token.claim" : "true",
|
|
"access.token.claim" : "true",
|
|
"claim.name" : "zoneinfo",
|
|
"jsonType.label" : "String"
|
|
}
|
|
}, {
|
|
"id" : "75320c52-4fbb-43e1-9cab-e81a1fa44f69",
|
|
"name" : "locale",
|
|
"protocol" : "openid-connect",
|
|
"protocolMapper" : "oidc-usermodel-attribute-mapper",
|
|
"consentRequired" : false,
|
|
"config" : {
|
|
"userinfo.token.claim" : "true",
|
|
"user.attribute" : "locale",
|
|
"id.token.claim" : "true",
|
|
"access.token.claim" : "true",
|
|
"claim.name" : "locale",
|
|
"jsonType.label" : "String"
|
|
}
|
|
}, {
|
|
"id" : "f9651ec3-129f-42c5-b613-8428780f5a2e",
|
|
"name" : "username",
|
|
"protocol" : "openid-connect",
|
|
"protocolMapper" : "oidc-usermodel-property-mapper",
|
|
"consentRequired" : false,
|
|
"config" : {
|
|
"userinfo.token.claim" : "true",
|
|
"user.attribute" : "username",
|
|
"id.token.claim" : "true",
|
|
"access.token.claim" : "true",
|
|
"claim.name" : "preferred_username",
|
|
"jsonType.label" : "String"
|
|
}
|
|
}, {
|
|
"id" : "d8daf4a8-cac4-41ce-b5df-7c3f39b703e5",
|
|
"name" : "birthdate",
|
|
"protocol" : "openid-connect",
|
|
"protocolMapper" : "oidc-usermodel-attribute-mapper",
|
|
"consentRequired" : false,
|
|
"config" : {
|
|
"userinfo.token.claim" : "true",
|
|
"user.attribute" : "birthdate",
|
|
"id.token.claim" : "true",
|
|
"access.token.claim" : "true",
|
|
"claim.name" : "birthdate",
|
|
"jsonType.label" : "String"
|
|
}
|
|
}, {
|
|
"id" : "4e205b98-4667-4bd7-abe7-c919992ed513",
|
|
"name" : "updated at",
|
|
"protocol" : "openid-connect",
|
|
"protocolMapper" : "oidc-usermodel-attribute-mapper",
|
|
"consentRequired" : false,
|
|
"config" : {
|
|
"userinfo.token.claim" : "true",
|
|
"user.attribute" : "updatedAt",
|
|
"id.token.claim" : "true",
|
|
"access.token.claim" : "true",
|
|
"claim.name" : "updated_at",
|
|
"jsonType.label" : "long"
|
|
}
|
|
} ]
|
|
}, {
|
|
"id" : "b87f5364-2bf6-497b-975b-b629fb84f753",
|
|
"name" : "web-origins",
|
|
"description" : "OpenID Connect scope for add allowed web origins to the access token",
|
|
"protocol" : "openid-connect",
|
|
"attributes" : {
|
|
"include.in.token.scope" : "false",
|
|
"display.on.consent.screen" : "false",
|
|
"consent.screen.text" : ""
|
|
},
|
|
"protocolMappers" : [ {
|
|
"id" : "b1b8dd77-0736-4047-b8c9-98b8f669941e",
|
|
"name" : "allowed web origins",
|
|
"protocol" : "openid-connect",
|
|
"protocolMapper" : "oidc-allowed-origins-mapper",
|
|
"consentRequired" : false,
|
|
"config" : { }
|
|
} ]
|
|
}, {
|
|
"id" : "cb7c8bb2-9901-4270-8e77-dc5c59013d7c",
|
|
"name" : "address",
|
|
"description" : "OpenID Connect built-in scope: address",
|
|
"protocol" : "openid-connect",
|
|
"attributes" : {
|
|
"include.in.token.scope" : "true",
|
|
"display.on.consent.screen" : "true",
|
|
"consent.screen.text" : "${addressScopeConsentText}"
|
|
},
|
|
"protocolMappers" : [ {
|
|
"id" : "c34cee8d-5724-4c4f-982f-a1f6759d563d",
|
|
"name" : "address",
|
|
"protocol" : "openid-connect",
|
|
"protocolMapper" : "oidc-address-mapper",
|
|
"consentRequired" : false,
|
|
"config" : {
|
|
"user.attribute.formatted" : "formatted",
|
|
"user.attribute.country" : "country",
|
|
"user.attribute.postal_code" : "postal_code",
|
|
"userinfo.token.claim" : "true",
|
|
"user.attribute.street" : "street",
|
|
"id.token.claim" : "true",
|
|
"user.attribute.region" : "region",
|
|
"access.token.claim" : "true",
|
|
"user.attribute.locality" : "locality"
|
|
}
|
|
} ]
|
|
}, {
|
|
"id" : "64a9f5a1-f16b-4cc3-9a33-d97ec1820365",
|
|
"name" : "acr",
|
|
"description" : "OpenID Connect scope for add acr (authentication context class reference) to the token",
|
|
"protocol" : "openid-connect",
|
|
"attributes" : {
|
|
"include.in.token.scope" : "false",
|
|
"display.on.consent.screen" : "false"
|
|
},
|
|
"protocolMappers" : [ {
|
|
"id" : "e6fe5c04-ec0c-451d-9e94-ce99ee2692f4",
|
|
"name" : "acr loa level",
|
|
"protocol" : "openid-connect",
|
|
"protocolMapper" : "oidc-acr-mapper",
|
|
"consentRequired" : false,
|
|
"config" : {
|
|
"id.token.claim" : "true",
|
|
"access.token.claim" : "true"
|
|
}
|
|
} ]
|
|
}, {
|
|
"id" : "c9e4b0b8-07c7-424d-acea-5af1bcff5184",
|
|
"name" : "phone",
|
|
"description" : "OpenID Connect built-in scope: phone",
|
|
"protocol" : "openid-connect",
|
|
"attributes" : {
|
|
"include.in.token.scope" : "true",
|
|
"display.on.consent.screen" : "true",
|
|
"consent.screen.text" : "${phoneScopeConsentText}"
|
|
},
|
|
"protocolMappers" : [ {
|
|
"id" : "6192638b-1fc1-4160-8529-8b10a68c7106",
|
|
"name" : "phone number verified",
|
|
"protocol" : "openid-connect",
|
|
"protocolMapper" : "oidc-usermodel-attribute-mapper",
|
|
"consentRequired" : false,
|
|
"config" : {
|
|
"userinfo.token.claim" : "true",
|
|
"user.attribute" : "phoneNumberVerified",
|
|
"id.token.claim" : "true",
|
|
"access.token.claim" : "true",
|
|
"claim.name" : "phone_number_verified",
|
|
"jsonType.label" : "boolean"
|
|
}
|
|
}, {
|
|
"id" : "012e6d8c-1d8b-4eee-943c-5dbdf7f65361",
|
|
"name" : "phone number",
|
|
"protocol" : "openid-connect",
|
|
"protocolMapper" : "oidc-usermodel-attribute-mapper",
|
|
"consentRequired" : false,
|
|
"config" : {
|
|
"userinfo.token.claim" : "true",
|
|
"user.attribute" : "phoneNumber",
|
|
"id.token.claim" : "true",
|
|
"access.token.claim" : "true",
|
|
"claim.name" : "phone_number",
|
|
"jsonType.label" : "String"
|
|
}
|
|
} ]
|
|
}, {
|
|
"id" : "bbb28710-a0bc-4e25-9f58-46c6eaf4a6e0",
|
|
"name" : "email",
|
|
"description" : "OpenID Connect built-in scope: email",
|
|
"protocol" : "openid-connect",
|
|
"attributes" : {
|
|
"include.in.token.scope" : "true",
|
|
"display.on.consent.screen" : "true",
|
|
"consent.screen.text" : "${emailScopeConsentText}"
|
|
},
|
|
"protocolMappers" : [ {
|
|
"id" : "5c375c89-f600-4ba5-908b-aaa1d59992f1",
|
|
"name" : "email verified",
|
|
"protocol" : "openid-connect",
|
|
"protocolMapper" : "oidc-usermodel-property-mapper",
|
|
"consentRequired" : false,
|
|
"config" : {
|
|
"userinfo.token.claim" : "true",
|
|
"user.attribute" : "emailVerified",
|
|
"id.token.claim" : "true",
|
|
"access.token.claim" : "true",
|
|
"claim.name" : "email_verified",
|
|
"jsonType.label" : "boolean"
|
|
}
|
|
}, {
|
|
"id" : "76567612-76fa-4536-94a3-f2a396e958a5",
|
|
"name" : "email",
|
|
"protocol" : "openid-connect",
|
|
"protocolMapper" : "oidc-usermodel-property-mapper",
|
|
"consentRequired" : false,
|
|
"config" : {
|
|
"userinfo.token.claim" : "true",
|
|
"user.attribute" : "email",
|
|
"id.token.claim" : "true",
|
|
"access.token.claim" : "true",
|
|
"claim.name" : "email",
|
|
"jsonType.label" : "String"
|
|
}
|
|
} ]
|
|
}, {
|
|
"id" : "617c9eb5-3e4e-4356-b5da-d8b453fdaf20",
|
|
"name" : "microprofile-jwt",
|
|
"description" : "Microprofile - JWT built-in scope",
|
|
"protocol" : "openid-connect",
|
|
"attributes" : {
|
|
"include.in.token.scope" : "true",
|
|
"display.on.consent.screen" : "false"
|
|
},
|
|
"protocolMappers" : [ {
|
|
"id" : "4f74badb-98eb-48db-939e-6d7dd69fc2b4",
|
|
"name" : "groups",
|
|
"protocol" : "openid-connect",
|
|
"protocolMapper" : "oidc-usermodel-realm-role-mapper",
|
|
"consentRequired" : false,
|
|
"config" : {
|
|
"multivalued" : "true",
|
|
"user.attribute" : "foo",
|
|
"id.token.claim" : "true",
|
|
"access.token.claim" : "true",
|
|
"claim.name" : "groups",
|
|
"jsonType.label" : "String"
|
|
}
|
|
}, {
|
|
"id" : "50cac1e7-6729-435b-afc8-44d2c3f1e777",
|
|
"name" : "upn",
|
|
"protocol" : "openid-connect",
|
|
"protocolMapper" : "oidc-usermodel-property-mapper",
|
|
"consentRequired" : false,
|
|
"config" : {
|
|
"userinfo.token.claim" : "true",
|
|
"user.attribute" : "username",
|
|
"id.token.claim" : "true",
|
|
"access.token.claim" : "true",
|
|
"claim.name" : "upn",
|
|
"jsonType.label" : "String"
|
|
}
|
|
} ]
|
|
} ],
|
|
"defaultDefaultClientScopes" : [ "role_list", "profile", "email", "roles", "web-origins", "acr" ],
|
|
"defaultOptionalClientScopes" : [ "offline_access", "address", "phone", "microprofile-jwt" ],
|
|
"browserSecurityHeaders" : {
|
|
"contentSecurityPolicyReportOnly" : "",
|
|
"xContentTypeOptions" : "nosniff",
|
|
"xRobotsTag" : "none",
|
|
"xFrameOptions" : "SAMEORIGIN",
|
|
"contentSecurityPolicy" : "frame-src 'self'; frame-ancestors 'self'; object-src 'none';",
|
|
"xXSSProtection" : "1; mode=block",
|
|
"strictTransportSecurity" : "max-age=31536000; includeSubDomains"
|
|
},
|
|
"smtpServer" : { },
|
|
"eventsEnabled" : false,
|
|
"eventsListeners" : [ "jboss-logging" ],
|
|
"enabledEventTypes" : [ ],
|
|
"adminEventsEnabled" : false,
|
|
"adminEventsDetailsEnabled" : false,
|
|
"identityProviders" : [ ],
|
|
"identityProviderMappers" : [ ],
|
|
"components" : {
|
|
"org.keycloak.services.clientregistration.policy.ClientRegistrationPolicy" : [ {
|
|
"id" : "dde8f327-34bc-4b0c-8bf5-9e5e7cda5b12",
|
|
"name" : "Max Clients Limit",
|
|
"providerId" : "max-clients",
|
|
"subType" : "anonymous",
|
|
"subComponents" : { },
|
|
"config" : {
|
|
"max-clients" : [ "200" ]
|
|
}
|
|
}, {
|
|
"id" : "9589a161-8463-4a2f-b742-ac602c718aed",
|
|
"name" : "Allowed Client Scopes",
|
|
"providerId" : "allowed-client-templates",
|
|
"subType" : "authenticated",
|
|
"subComponents" : { },
|
|
"config" : {
|
|
"allow-default-scopes" : [ "true" ]
|
|
}
|
|
}, {
|
|
"id" : "6342164d-80d9-4214-bfb3-d9eed9492b54",
|
|
"name" : "Consent Required",
|
|
"providerId" : "consent-required",
|
|
"subType" : "anonymous",
|
|
"subComponents" : { },
|
|
"config" : { }
|
|
}, {
|
|
"id" : "498a1139-819a-49f5-a5ac-7616334159cf",
|
|
"name" : "Allowed Protocol Mapper Types",
|
|
"providerId" : "allowed-protocol-mappers",
|
|
"subType" : "anonymous",
|
|
"subComponents" : { },
|
|
"config" : {
|
|
"allowed-protocol-mapper-types" : [ "saml-user-attribute-mapper", "oidc-usermodel-attribute-mapper", "saml-user-property-mapper", "oidc-usermodel-property-mapper", "saml-role-list-mapper", "oidc-full-name-mapper", "oidc-address-mapper", "oidc-sha256-pairwise-sub-mapper" ]
|
|
}
|
|
}, {
|
|
"id" : "691f62c7-b5ad-45bb-b0d7-36331e3eaf93",
|
|
"name" : "Full Scope Disabled",
|
|
"providerId" : "scope",
|
|
"subType" : "anonymous",
|
|
"subComponents" : { },
|
|
"config" : { }
|
|
}, {
|
|
"id" : "c21e6d44-f52a-4ae6-9d54-66324f73ef7e",
|
|
"name" : "Allowed Client Scopes",
|
|
"providerId" : "allowed-client-templates",
|
|
"subType" : "anonymous",
|
|
"subComponents" : { },
|
|
"config" : {
|
|
"allow-default-scopes" : [ "true" ]
|
|
}
|
|
}, {
|
|
"id" : "2ad8a6ce-4701-4b64-b518-b13a9e401575",
|
|
"name" : "Allowed Protocol Mapper Types",
|
|
"providerId" : "allowed-protocol-mappers",
|
|
"subType" : "authenticated",
|
|
"subComponents" : { },
|
|
"config" : {
|
|
"allowed-protocol-mapper-types" : [ "oidc-usermodel-attribute-mapper", "oidc-sha256-pairwise-sub-mapper", "saml-user-attribute-mapper", "saml-user-property-mapper", "saml-role-list-mapper", "oidc-usermodel-property-mapper", "oidc-address-mapper", "oidc-full-name-mapper" ]
|
|
}
|
|
}, {
|
|
"id" : "3835a80f-ed98-494d-9ecb-b6e4c112ed57",
|
|
"name" : "Trusted Hosts",
|
|
"providerId" : "trusted-hosts",
|
|
"subType" : "anonymous",
|
|
"subComponents" : { },
|
|
"config" : {
|
|
"host-sending-registration-request-must-match" : [ "true" ],
|
|
"client-uris-must-match" : [ "true" ]
|
|
}
|
|
} ],
|
|
"org.keycloak.keys.KeyProvider" : [ {
|
|
"id" : "d44e360c-5d09-4833-a544-fe0a22bf362a",
|
|
"name" : "rsa-enc-generated",
|
|
"providerId" : "rsa-enc-generated",
|
|
"subComponents" : { },
|
|
"config" : {
|
|
"privateKey" : [ "MIIEpAIBAAKCAQEAnpeqE8e0uJcG507iW3bfxWG3oKxKm2PBNeOB3vkkpVeGh+Jaa1T9t1m9USNMcKTRtSsfB3S8QzNOEuAkLMKxNHnBScu6kL8lduZ4aSJeB+AwtuxpD7yq5RjdDShf+zWRlBJmrD/aN4gvrOuUc4jV3WtrCDberZsb8gpmwY55T1EzJ5tYNkFVKnoIf27iZbnZ0bzeIKc2m7eQrI+bKxju8MholOP9a0WGIXqUVfXWfMb4jWv9gjVHJJNY9Th0U0kEhtDD0yBksDqgvgCX224lN/GEZEFXOAmccd91YxnA2D4gPWvWAGOzyR/plgFLAxWjjWPneI6TUzCwfSZWyGcEKQIDAQABAoIBAD3kwOqxUPWNc5NIdQzvKsvUpB6fvwo/90K5xJCpuUSSER3tGA61f8NT0Y/d79IycOl8p8J4K5Uqa7jwIw4Y+aGaNvY+/VPKVau+rJWTZRE7zKdHQoVyw1tfxb2B2Vun/2XDfLCSxu5PRxP8aNZiO90LNB1jlKo6U8C1kH7PxMZQM1p2sRVuPBsTN0eLchcHSADt51ZxmAmsyzeKP6PuoIsEcj3IkYwiJ/AuIrvq2+xmygm5vQlVGfXWlCYZ0kwd6SuHvBrpaEEeEaoX8a/Lpv8X3dqR5fBXV63QTyJjeZHPtqAjW8lNMsdLblDXOfGFBMy9fx14YCLKKsbJVRK+DqUCgYEA3hUNG6XuGdcQ3t0kgS6pVVXGGsPyJOqqSUiJsHnuroXxCoMncvTu8cFQ/D7E5jruUnfiT64gfO32ztuFf65CYgXE/8h0DL9FXA5GHtanpFLh+pX6wfeYnaDTUausM/ERBxKgvqDyD4r2p8SjLNfLGjkP0ic3zWXTfx/bJ6QR/9sCgYEAttBLrmoym2i3er08zRt3TK6XH+G8zR4IDiVctoNr2IcOhkDKaPcTqzPpd6QSYfTuF/incrmBhlAb521ssEOJR393Knoto1VvY+SR3lKAeQAOava0W0b5dTD+Zc8VRYGKwhIFbzmj3atjH3v5utUYFoI3eqELsIvdCDKqD5AT3UsCgYEAktxi9bSuFyJ1ApxFRrRfwJHfVtXbbHROtfWlMDICGCF1PBltXgUBepf3gUfVF9dCwQCMhVrGGzeWbkcXKk9HkOD13JxnugJG0NCTqFMVO4Kf9AF4eQrOPvcap7iaQSMauo2kBUwTpxmjcWCE8+OkaSvw/W135nl++mNLnxRN3t8CgYEAkt5W3uGslJQVS8M6VKGrP2zINrHZR4TH/e1gRbThcIxYS91Df/53y8Qh3Z9vsUjf+1wl0pJcD7bOJCgR+K3ZXRp3dyW/AoiBu+QGmHD5i7xS2PYoQWiMwuzAhLRQp42CF5X4zbml/1FQihvErqfB+VtWDOvTA1vqEEr7uxMKEm8CgYBOOstm0aiVXi72mdIya0LWmSe1Z5OeB6UfBG/vIfS0A++v+RI72TgIvLZ2xukkAMuieAm0injMmTIunbIo+g29jmZ0ExkwhsXrrvZGmhUjVUGHySQI6YbZBPTEgXdGPwijpwRAzIEYhoqe+ZJyKCbXpjWA8o3S6VvfF+b2AYOUkw==" ],
|
|
"keyUse" : [ "ENC" ],
|
|
"certificate" : [ "MIIClzCCAX8CBgGDEY5znzANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDDARvaWRjMB4XDTIyMDkwNjA2NDYzMVoXDTMyMDkwNjA2NDgxMVowDzENMAsGA1UEAwwEb2lkYzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJ6XqhPHtLiXBudO4lt238Vht6CsSptjwTXjgd75JKVXhofiWmtU/bdZvVEjTHCk0bUrHwd0vEMzThLgJCzCsTR5wUnLupC/JXbmeGkiXgfgMLbsaQ+8quUY3Q0oX/s1kZQSZqw/2jeIL6zrlHOI1d1rawg23q2bG/IKZsGOeU9RMyebWDZBVSp6CH9u4mW52dG83iCnNpu3kKyPmysY7vDIaJTj/WtFhiF6lFX11nzG+I1r/YI1RySTWPU4dFNJBIbQw9MgZLA6oL4Al9tuJTfxhGRBVzgJnHHfdWMZwNg+ID1r1gBjs8kf6ZYBSwMVo41j53iOk1MwsH0mVshnBCkCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAJJ7fyInTpC00EbpH33On4B1iZvqWlkjc6Z5o4rKjMmd2U34F3RXwXEJ1m6uLwrudIIczJuVXKVmYQ0bzzBGITdA7VK2FU5MfjZbZwJCykBbIMkMo+w6mmelqSMgORunaQpFl478CJjwqt3VsXRYRmdB/Tydla2IynhTtquzKWqlDLaMsMi8DYTsJfwY+2Ua4AeTML4pax41nhh6vUoWGGKv1M3UScHjMcC0v/6Tyc443qGPtgNwshjHdmMIED2y/UGNodLcwf0MRrPihqqVh/slks7b7Q1/eqKjhxkhsFkbHxdTsCKLBVriZmCw6+Ls5z5KHPa3K7x9smI6EyHrxKg==" ],
|
|
"priority" : [ "100" ],
|
|
"algorithm" : [ "RSA-OAEP" ]
|
|
}
|
|
}, {
|
|
"id" : "d029e8af-e741-4b98-b64e-9772c2f6abe1",
|
|
"name" : "aes-generated",
|
|
"providerId" : "aes-generated",
|
|
"subComponents" : { },
|
|
"config" : {
|
|
"kid" : [ "9da0d8b6-d184-449d-a841-c13a510b73e5" ],
|
|
"secret" : [ "tsenbqS3xhomjaeBEDRHVQ" ],
|
|
"priority" : [ "100" ]
|
|
}
|
|
}, {
|
|
"id" : "f96a3b11-292e-457d-9391-2e5d8e1365a4",
|
|
"name" : "rsa-generated",
|
|
"providerId" : "rsa-generated",
|
|
"subComponents" : { },
|
|
"config" : {
|
|
"privateKey" : [ "MIIEowIBAAKCAQEAk8OcXrdN/6V8o/fxLO5AHqq7OQYEvU3TUZwcu3sSh6BhFUs4BVx4YkxKwT6Q9b7EtE5pp1TK5w8FQnaJTISRwoAhnTNyytrVgcqmtmwkbSLyZMu6Q0+hJOdSb+dRcNnDckEfV1NJxE07dKXnzD9l+wla1vkPXYIZRMirOhJWW8uFBVGH79dVxukbYnKPZ81dzz4ruwusZ3zXya1iZtHp8VZZgiddltMICKY6loVLBL7sPa40/nHhYfjgcxmLD7XLkZidT4Ob0yiMLSbuou2WVBJwoEp6KUiFeFt1ui59mB4fHEdEvW4ZCni5/n8e8uhIG/2LAzILrAOyKw1Pw2ffBwIDAQABAoIBAFiIIM5XAXKkUjNjwKps7RnyrU4THw/U60HASS7DJG0CWGiLsrrzlmU+1KNHu06hx/VH7eGF2jPqOfqCTuz7mOFyJ7GqO6Lyzm1/X7d4v7Jr99MQhT8DHMehmTDW5WK59nIkNoT5r/7fTzoqlOE5Mv7fsf+PJfeelUky+fRHPFqugqq8vzy6YfBbZgGvJg8cVrlk1vz6pOwN4vGhPmD8Awo9wCT6W04lgnJUfnqDYc5eoDw0nRQ2nWUjkLsFb3ZvEznK9zcrpAzVRAntL+7TtRu8ot9WoN4Rt2SCfZ4QW4hds3XzryEFi4eYf1NBZAGba3cEySoTGDfuf3h25iHskGECgYEAwqc2A5kFrBnISdLv9oFUk3GEieyJkA7qNaNoRTJOOMM7n2DSMk7LyENl0TU5U9sSrVasIaSZGhNpQo6eHPLH/tivlLrStQwGZ978AB/wBsPDhGFtvj8s2+UI0MVvp3Tun4MZBzQp+GA8JmwtCMVNPCSQZ7/ucqSt5cABc+GVZikCgYEAwlVZUsEUF/HPc4BTLNRA3bsuMAb1KCeu7A8pxUr6gXsVRi4lo5q+f8gF2NVLhSLPtWXZPcMnaGv1Uu0I6oWDbXOk+ZkKYczgBuuLMEFubdxeNsPhDHdv2PIXz3KJFARg9R+iVcIw8Xfq+9XOp9VVYkvx+wtFkJXm4Ji/HnE14a8CgYEAi2+AL7+T4p5tbQSfRHOMhDoS+UHpoLouZ9HwRXEtu1ePBDI1IDh1nbU54E1CDaGmlWi60Ta5PYaeJkFHXfFD9nh9/gp+GZbNl+aRmf1G0XG2QsQP+vICTlqYoARuYQRQUw90BEcHsZYuQE/JSrkbBHQkxU0loBX7Q9Lwt3Pms1ECgYBvim1qgkf2NmTL9qvG300b94PbLSMpmR1dgJaJFzARgYQEdBhGf1s4HKa+fi6KjCCMDZlTSeAkn1J/9m1Xrqpw+B+I476BxAYR8sBBQk0P4Zxx8pwJe8RG0S25dBQZ2SmNiEq0znEpJ5tIUL/8tQX9FXoejamwA1oxL3sDDhfPIQKBgBvf8PumyvBOMBN2obwdQLInbANvpaXam7EzHZDrqIHLNho6CTkUq6tYfHPh8nj2JwotdX7K0zbooOPrf32L8oyRUhI5MAQCwPoZsJ9j9Yvv6M78jFxKbUboKte27LYz6GPZwQITRwJprCDTSS+Z3G0TmBi2k42mnduLPAJMKXdN" ],
|
|
"keyUse" : [ "SIG" ],
|
|
"certificate" : [ "MIIClzCCAX8CBgGDEY5yLTANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDDARvaWRjMB4XDTIyMDkwNjA2NDYzMVoXDTMyMDkwNjA2NDgxMVowDzENMAsGA1UEAwwEb2lkYzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJPDnF63Tf+lfKP38SzuQB6quzkGBL1N01GcHLt7EoegYRVLOAVceGJMSsE+kPW+xLROaadUyucPBUJ2iUyEkcKAIZ0zcsra1YHKprZsJG0i8mTLukNPoSTnUm/nUXDZw3JBH1dTScRNO3Sl58w/ZfsJWtb5D12CGUTIqzoSVlvLhQVRh+/XVcbpG2Jyj2fNXc8+K7sLrGd818mtYmbR6fFWWYInXZbTCAimOpaFSwS+7D2uNP5x4WH44HMZiw+1y5GYnU+Dm9MojC0m7qLtllQScKBKeilIhXhbdboufZgeHxxHRL1uGQp4uf5/HvLoSBv9iwMyC6wDsisNT8Nn3wcCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAQqon8sKCqFbdz1mAbn8jBU8AIo1zcjInNfqBdIEaRaYebKiaM8U4uyMc9zlSCph0diRiy2kTbwx2jqk78cEFFcogRvGrONfZz7n5WllXk7LdFLG+sNnSNC1kgNAu/f2pxwDQHABgpjJENi38Bpo7jNX+GBcMjUgq9dc28DBV/0QtEm6THRnMrHapvxrJ6ujEGMTYjVQoqrsIX8mOj7w6NknNcoFxPiQHM+8igCDG4EdvUlU2lH/DODF0rU21qui1BEyP3SsQOEEwenVkDcnz/cF1LIlhnRgJcB2uQ4uczpBnzc9wZl7etHIq7ZprpzlMZe7wqcAvQqZocnjnPezklQ==" ],
|
|
"priority" : [ "100" ]
|
|
}
|
|
}, {
|
|
"id" : "5270527a-3a76-4733-8484-8072275bc9f1",
|
|
"name" : "hmac-generated",
|
|
"providerId" : "hmac-generated",
|
|
"subComponents" : { },
|
|
"config" : {
|
|
"kid" : [ "5d3595cf-a8fa-4904-920a-80ef9e7070c9" ],
|
|
"secret" : [ "_Lsq-8Htjc1gM2EPGNlnEhQQ7dahWyCt6UHTdHd9-81CKi1Qmd6DVRdSlHOMCP9BY60tF4h-pkQnhep3tIB2kw" ],
|
|
"priority" : [ "100" ],
|
|
"algorithm" : [ "HS256" ]
|
|
}
|
|
} ]
|
|
},
|
|
"internationalizationEnabled" : false,
|
|
"supportedLocales" : [ ],
|
|
"authenticationFlows" : [ {
|
|
"id" : "dd4c0cf7-bba1-4b28-a52a-9fbf62331b1f",
|
|
"alias" : "Account verification options",
|
|
"description" : "Method with which to verity the existing account",
|
|
"providerId" : "basic-flow",
|
|
"topLevel" : false,
|
|
"builtIn" : true,
|
|
"authenticationExecutions" : [ {
|
|
"authenticator" : "idp-email-verification",
|
|
"authenticatorFlow" : false,
|
|
"requirement" : "ALTERNATIVE",
|
|
"priority" : 10,
|
|
"autheticatorFlow" : false,
|
|
"userSetupAllowed" : false
|
|
}, {
|
|
"authenticatorFlow" : true,
|
|
"requirement" : "ALTERNATIVE",
|
|
"priority" : 20,
|
|
"autheticatorFlow" : true,
|
|
"flowAlias" : "Verify Existing Account by Re-authentication",
|
|
"userSetupAllowed" : false
|
|
} ]
|
|
}, {
|
|
"id" : "f2d6db36-c002-4c98-b936-7e782544e753",
|
|
"alias" : "Authentication Options",
|
|
"description" : "Authentication options.",
|
|
"providerId" : "basic-flow",
|
|
"topLevel" : false,
|
|
"builtIn" : true,
|
|
"authenticationExecutions" : [ {
|
|
"authenticator" : "basic-auth",
|
|
"authenticatorFlow" : false,
|
|
"requirement" : "REQUIRED",
|
|
"priority" : 10,
|
|
"autheticatorFlow" : false,
|
|
"userSetupAllowed" : false
|
|
}, {
|
|
"authenticator" : "basic-auth-otp",
|
|
"authenticatorFlow" : false,
|
|
"requirement" : "DISABLED",
|
|
"priority" : 20,
|
|
"autheticatorFlow" : false,
|
|
"userSetupAllowed" : false
|
|
}, {
|
|
"authenticator" : "auth-spnego",
|
|
"authenticatorFlow" : false,
|
|
"requirement" : "DISABLED",
|
|
"priority" : 30,
|
|
"autheticatorFlow" : false,
|
|
"userSetupAllowed" : false
|
|
} ]
|
|
}, {
|
|
"id" : "386af9a8-ccfb-4b85-8142-14013e9dbe69",
|
|
"alias" : "Browser - Conditional OTP",
|
|
"description" : "Flow to determine if the OTP is required for the authentication",
|
|
"providerId" : "basic-flow",
|
|
"topLevel" : false,
|
|
"builtIn" : true,
|
|
"authenticationExecutions" : [ {
|
|
"authenticator" : "conditional-user-configured",
|
|
"authenticatorFlow" : false,
|
|
"requirement" : "REQUIRED",
|
|
"priority" : 10,
|
|
"autheticatorFlow" : false,
|
|
"userSetupAllowed" : false
|
|
}, {
|
|
"authenticator" : "auth-otp-form",
|
|
"authenticatorFlow" : false,
|
|
"requirement" : "REQUIRED",
|
|
"priority" : 20,
|
|
"autheticatorFlow" : false,
|
|
"userSetupAllowed" : false
|
|
} ]
|
|
}, {
|
|
"id" : "572bb2df-e605-46bc-8672-734c36406715",
|
|
"alias" : "Direct Grant - Conditional OTP",
|
|
"description" : "Flow to determine if the OTP is required for the authentication",
|
|
"providerId" : "basic-flow",
|
|
"topLevel" : false,
|
|
"builtIn" : true,
|
|
"authenticationExecutions" : [ {
|
|
"authenticator" : "conditional-user-configured",
|
|
"authenticatorFlow" : false,
|
|
"requirement" : "REQUIRED",
|
|
"priority" : 10,
|
|
"autheticatorFlow" : false,
|
|
"userSetupAllowed" : false
|
|
}, {
|
|
"authenticator" : "direct-grant-validate-otp",
|
|
"authenticatorFlow" : false,
|
|
"requirement" : "REQUIRED",
|
|
"priority" : 20,
|
|
"autheticatorFlow" : false,
|
|
"userSetupAllowed" : false
|
|
} ]
|
|
}, {
|
|
"id" : "ca5ccff0-4d78-4210-9189-765988fad50b",
|
|
"alias" : "First broker login - Conditional OTP",
|
|
"description" : "Flow to determine if the OTP is required for the authentication",
|
|
"providerId" : "basic-flow",
|
|
"topLevel" : false,
|
|
"builtIn" : true,
|
|
"authenticationExecutions" : [ {
|
|
"authenticator" : "conditional-user-configured",
|
|
"authenticatorFlow" : false,
|
|
"requirement" : "REQUIRED",
|
|
"priority" : 10,
|
|
"autheticatorFlow" : false,
|
|
"userSetupAllowed" : false
|
|
}, {
|
|
"authenticator" : "auth-otp-form",
|
|
"authenticatorFlow" : false,
|
|
"requirement" : "REQUIRED",
|
|
"priority" : 20,
|
|
"autheticatorFlow" : false,
|
|
"userSetupAllowed" : false
|
|
} ]
|
|
}, {
|
|
"id" : "16f3b4b1-9a6e-4567-a605-0cac26135a4c",
|
|
"alias" : "Handle Existing Account",
|
|
"description" : "Handle what to do if there is existing account with same email/username like authenticated identity provider",
|
|
"providerId" : "basic-flow",
|
|
"topLevel" : false,
|
|
"builtIn" : true,
|
|
"authenticationExecutions" : [ {
|
|
"authenticator" : "idp-confirm-link",
|
|
"authenticatorFlow" : false,
|
|
"requirement" : "REQUIRED",
|
|
"priority" : 10,
|
|
"autheticatorFlow" : false,
|
|
"userSetupAllowed" : false
|
|
}, {
|
|
"authenticatorFlow" : true,
|
|
"requirement" : "REQUIRED",
|
|
"priority" : 20,
|
|
"autheticatorFlow" : true,
|
|
"flowAlias" : "Account verification options",
|
|
"userSetupAllowed" : false
|
|
} ]
|
|
}, {
|
|
"id" : "b483c8c5-4884-493e-8eb8-b37e78240771",
|
|
"alias" : "Reset - Conditional OTP",
|
|
"description" : "Flow to determine if the OTP should be reset or not. Set to REQUIRED to force.",
|
|
"providerId" : "basic-flow",
|
|
"topLevel" : false,
|
|
"builtIn" : true,
|
|
"authenticationExecutions" : [ {
|
|
"authenticator" : "conditional-user-configured",
|
|
"authenticatorFlow" : false,
|
|
"requirement" : "REQUIRED",
|
|
"priority" : 10,
|
|
"autheticatorFlow" : false,
|
|
"userSetupAllowed" : false
|
|
}, {
|
|
"authenticator" : "reset-otp",
|
|
"authenticatorFlow" : false,
|
|
"requirement" : "REQUIRED",
|
|
"priority" : 20,
|
|
"autheticatorFlow" : false,
|
|
"userSetupAllowed" : false
|
|
} ]
|
|
}, {
|
|
"id" : "04f498e8-2f60-412a-8a9f-43b21c4b0932",
|
|
"alias" : "User creation or linking",
|
|
"description" : "Flow for the existing/non-existing user alternatives",
|
|
"providerId" : "basic-flow",
|
|
"topLevel" : false,
|
|
"builtIn" : true,
|
|
"authenticationExecutions" : [ {
|
|
"authenticatorConfig" : "create unique user config",
|
|
"authenticator" : "idp-create-user-if-unique",
|
|
"authenticatorFlow" : false,
|
|
"requirement" : "ALTERNATIVE",
|
|
"priority" : 10,
|
|
"autheticatorFlow" : false,
|
|
"userSetupAllowed" : false
|
|
}, {
|
|
"authenticatorFlow" : true,
|
|
"requirement" : "ALTERNATIVE",
|
|
"priority" : 20,
|
|
"autheticatorFlow" : true,
|
|
"flowAlias" : "Handle Existing Account",
|
|
"userSetupAllowed" : false
|
|
} ]
|
|
}, {
|
|
"id" : "ac2a493f-44ca-4a2f-aeea-d6b76da8994f",
|
|
"alias" : "Verify Existing Account by Re-authentication",
|
|
"description" : "Reauthentication of existing account",
|
|
"providerId" : "basic-flow",
|
|
"topLevel" : false,
|
|
"builtIn" : true,
|
|
"authenticationExecutions" : [ {
|
|
"authenticator" : "idp-username-password-form",
|
|
"authenticatorFlow" : false,
|
|
"requirement" : "REQUIRED",
|
|
"priority" : 10,
|
|
"autheticatorFlow" : false,
|
|
"userSetupAllowed" : false
|
|
}, {
|
|
"authenticatorFlow" : true,
|
|
"requirement" : "CONDITIONAL",
|
|
"priority" : 20,
|
|
"autheticatorFlow" : true,
|
|
"flowAlias" : "First broker login - Conditional OTP",
|
|
"userSetupAllowed" : false
|
|
} ]
|
|
}, {
|
|
"id" : "ab9fedb1-63d3-40e0-9bb4-e44dedfbeaa0",
|
|
"alias" : "browser",
|
|
"description" : "browser based authentication",
|
|
"providerId" : "basic-flow",
|
|
"topLevel" : true,
|
|
"builtIn" : true,
|
|
"authenticationExecutions" : [ {
|
|
"authenticator" : "auth-cookie",
|
|
"authenticatorFlow" : false,
|
|
"requirement" : "ALTERNATIVE",
|
|
"priority" : 10,
|
|
"autheticatorFlow" : false,
|
|
"userSetupAllowed" : false
|
|
}, {
|
|
"authenticator" : "auth-spnego",
|
|
"authenticatorFlow" : false,
|
|
"requirement" : "DISABLED",
|
|
"priority" : 20,
|
|
"autheticatorFlow" : false,
|
|
"userSetupAllowed" : false
|
|
}, {
|
|
"authenticator" : "identity-provider-redirector",
|
|
"authenticatorFlow" : false,
|
|
"requirement" : "ALTERNATIVE",
|
|
"priority" : 25,
|
|
"autheticatorFlow" : false,
|
|
"userSetupAllowed" : false
|
|
}, {
|
|
"authenticatorFlow" : true,
|
|
"requirement" : "ALTERNATIVE",
|
|
"priority" : 30,
|
|
"autheticatorFlow" : true,
|
|
"flowAlias" : "forms",
|
|
"userSetupAllowed" : false
|
|
} ]
|
|
}, {
|
|
"id" : "136626ef-9299-405a-b938-21cb4c68cc84",
|
|
"alias" : "clients",
|
|
"description" : "Base authentication for clients",
|
|
"providerId" : "client-flow",
|
|
"topLevel" : true,
|
|
"builtIn" : true,
|
|
"authenticationExecutions" : [ {
|
|
"authenticator" : "client-secret",
|
|
"authenticatorFlow" : false,
|
|
"requirement" : "ALTERNATIVE",
|
|
"priority" : 10,
|
|
"autheticatorFlow" : false,
|
|
"userSetupAllowed" : false
|
|
}, {
|
|
"authenticator" : "client-jwt",
|
|
"authenticatorFlow" : false,
|
|
"requirement" : "ALTERNATIVE",
|
|
"priority" : 20,
|
|
"autheticatorFlow" : false,
|
|
"userSetupAllowed" : false
|
|
}, {
|
|
"authenticator" : "client-secret-jwt",
|
|
"authenticatorFlow" : false,
|
|
"requirement" : "ALTERNATIVE",
|
|
"priority" : 30,
|
|
"autheticatorFlow" : false,
|
|
"userSetupAllowed" : false
|
|
}, {
|
|
"authenticator" : "client-x509",
|
|
"authenticatorFlow" : false,
|
|
"requirement" : "ALTERNATIVE",
|
|
"priority" : 40,
|
|
"autheticatorFlow" : false,
|
|
"userSetupAllowed" : false
|
|
} ]
|
|
}, {
|
|
"id" : "0d771a94-dce6-4586-9127-d30ac7c3b3e7",
|
|
"alias" : "direct grant",
|
|
"description" : "OpenID Connect Resource Owner Grant",
|
|
"providerId" : "basic-flow",
|
|
"topLevel" : true,
|
|
"builtIn" : true,
|
|
"authenticationExecutions" : [ {
|
|
"authenticator" : "direct-grant-validate-username",
|
|
"authenticatorFlow" : false,
|
|
"requirement" : "REQUIRED",
|
|
"priority" : 10,
|
|
"autheticatorFlow" : false,
|
|
"userSetupAllowed" : false
|
|
}, {
|
|
"authenticator" : "direct-grant-validate-password",
|
|
"authenticatorFlow" : false,
|
|
"requirement" : "REQUIRED",
|
|
"priority" : 20,
|
|
"autheticatorFlow" : false,
|
|
"userSetupAllowed" : false
|
|
}, {
|
|
"authenticatorFlow" : true,
|
|
"requirement" : "CONDITIONAL",
|
|
"priority" : 30,
|
|
"autheticatorFlow" : true,
|
|
"flowAlias" : "Direct Grant - Conditional OTP",
|
|
"userSetupAllowed" : false
|
|
} ]
|
|
}, {
|
|
"id" : "54b2b3ac-12d3-4d7e-83f9-45908b906a73",
|
|
"alias" : "docker auth",
|
|
"description" : "Used by Docker clients to authenticate against the IDP",
|
|
"providerId" : "basic-flow",
|
|
"topLevel" : true,
|
|
"builtIn" : true,
|
|
"authenticationExecutions" : [ {
|
|
"authenticator" : "docker-http-basic-authenticator",
|
|
"authenticatorFlow" : false,
|
|
"requirement" : "REQUIRED",
|
|
"priority" : 10,
|
|
"autheticatorFlow" : false,
|
|
"userSetupAllowed" : false
|
|
} ]
|
|
}, {
|
|
"id" : "ecb2ebf6-e1f2-45ca-a15d-ca49da49c1f7",
|
|
"alias" : "first broker login",
|
|
"description" : "Actions taken after first broker login with identity provider account, which is not yet linked to any Keycloak account",
|
|
"providerId" : "basic-flow",
|
|
"topLevel" : true,
|
|
"builtIn" : true,
|
|
"authenticationExecutions" : [ {
|
|
"authenticatorConfig" : "review profile config",
|
|
"authenticator" : "idp-review-profile",
|
|
"authenticatorFlow" : false,
|
|
"requirement" : "REQUIRED",
|
|
"priority" : 10,
|
|
"autheticatorFlow" : false,
|
|
"userSetupAllowed" : false
|
|
}, {
|
|
"authenticatorFlow" : true,
|
|
"requirement" : "REQUIRED",
|
|
"priority" : 20,
|
|
"autheticatorFlow" : true,
|
|
"flowAlias" : "User creation or linking",
|
|
"userSetupAllowed" : false
|
|
} ]
|
|
}, {
|
|
"id" : "465247d9-f374-453d-9a56-38401a189581",
|
|
"alias" : "forms",
|
|
"description" : "Username, password, otp and other auth forms.",
|
|
"providerId" : "basic-flow",
|
|
"topLevel" : false,
|
|
"builtIn" : true,
|
|
"authenticationExecutions" : [ {
|
|
"authenticator" : "auth-username-password-form",
|
|
"authenticatorFlow" : false,
|
|
"requirement" : "REQUIRED",
|
|
"priority" : 10,
|
|
"autheticatorFlow" : false,
|
|
"userSetupAllowed" : false
|
|
}, {
|
|
"authenticatorFlow" : true,
|
|
"requirement" : "CONDITIONAL",
|
|
"priority" : 20,
|
|
"autheticatorFlow" : true,
|
|
"flowAlias" : "Browser - Conditional OTP",
|
|
"userSetupAllowed" : false
|
|
} ]
|
|
}, {
|
|
"id" : "d744e6a5-29d4-4ed9-bd23-2401429cc853",
|
|
"alias" : "http challenge",
|
|
"description" : "An authentication flow based on challenge-response HTTP Authentication Schemes",
|
|
"providerId" : "basic-flow",
|
|
"topLevel" : true,
|
|
"builtIn" : true,
|
|
"authenticationExecutions" : [ {
|
|
"authenticator" : "no-cookie-redirect",
|
|
"authenticatorFlow" : false,
|
|
"requirement" : "REQUIRED",
|
|
"priority" : 10,
|
|
"autheticatorFlow" : false,
|
|
"userSetupAllowed" : false
|
|
}, {
|
|
"authenticatorFlow" : true,
|
|
"requirement" : "REQUIRED",
|
|
"priority" : 20,
|
|
"autheticatorFlow" : true,
|
|
"flowAlias" : "Authentication Options",
|
|
"userSetupAllowed" : false
|
|
} ]
|
|
}, {
|
|
"id" : "ff523ac3-317c-4c6a-b0dc-45726794bdd9",
|
|
"alias" : "registration",
|
|
"description" : "registration flow",
|
|
"providerId" : "basic-flow",
|
|
"topLevel" : true,
|
|
"builtIn" : true,
|
|
"authenticationExecutions" : [ {
|
|
"authenticator" : "registration-page-form",
|
|
"authenticatorFlow" : true,
|
|
"requirement" : "REQUIRED",
|
|
"priority" : 10,
|
|
"autheticatorFlow" : true,
|
|
"flowAlias" : "registration form",
|
|
"userSetupAllowed" : false
|
|
} ]
|
|
}, {
|
|
"id" : "e9bfc331-94ab-48d7-8bb3-e9e863370148",
|
|
"alias" : "registration form",
|
|
"description" : "registration form",
|
|
"providerId" : "form-flow",
|
|
"topLevel" : false,
|
|
"builtIn" : true,
|
|
"authenticationExecutions" : [ {
|
|
"authenticator" : "registration-user-creation",
|
|
"authenticatorFlow" : false,
|
|
"requirement" : "REQUIRED",
|
|
"priority" : 20,
|
|
"autheticatorFlow" : false,
|
|
"userSetupAllowed" : false
|
|
}, {
|
|
"authenticator" : "registration-profile-action",
|
|
"authenticatorFlow" : false,
|
|
"requirement" : "REQUIRED",
|
|
"priority" : 40,
|
|
"autheticatorFlow" : false,
|
|
"userSetupAllowed" : false
|
|
}, {
|
|
"authenticator" : "registration-password-action",
|
|
"authenticatorFlow" : false,
|
|
"requirement" : "REQUIRED",
|
|
"priority" : 50,
|
|
"autheticatorFlow" : false,
|
|
"userSetupAllowed" : false
|
|
}, {
|
|
"authenticator" : "registration-recaptcha-action",
|
|
"authenticatorFlow" : false,
|
|
"requirement" : "DISABLED",
|
|
"priority" : 60,
|
|
"autheticatorFlow" : false,
|
|
"userSetupAllowed" : false
|
|
} ]
|
|
}, {
|
|
"id" : "a867e4f3-9b66-41d1-a10a-775d74495308",
|
|
"alias" : "reset credentials",
|
|
"description" : "Reset credentials for a user if they forgot their password or something",
|
|
"providerId" : "basic-flow",
|
|
"topLevel" : true,
|
|
"builtIn" : true,
|
|
"authenticationExecutions" : [ {
|
|
"authenticator" : "reset-credentials-choose-user",
|
|
"authenticatorFlow" : false,
|
|
"requirement" : "REQUIRED",
|
|
"priority" : 10,
|
|
"autheticatorFlow" : false,
|
|
"userSetupAllowed" : false
|
|
}, {
|
|
"authenticator" : "reset-credential-email",
|
|
"authenticatorFlow" : false,
|
|
"requirement" : "REQUIRED",
|
|
"priority" : 20,
|
|
"autheticatorFlow" : false,
|
|
"userSetupAllowed" : false
|
|
}, {
|
|
"authenticator" : "reset-password",
|
|
"authenticatorFlow" : false,
|
|
"requirement" : "REQUIRED",
|
|
"priority" : 30,
|
|
"autheticatorFlow" : false,
|
|
"userSetupAllowed" : false
|
|
}, {
|
|
"authenticatorFlow" : true,
|
|
"requirement" : "CONDITIONAL",
|
|
"priority" : 40,
|
|
"autheticatorFlow" : true,
|
|
"flowAlias" : "Reset - Conditional OTP",
|
|
"userSetupAllowed" : false
|
|
} ]
|
|
}, {
|
|
"id" : "2ef0a8c7-d133-4f94-86a8-15df8a747958",
|
|
"alias" : "saml ecp",
|
|
"description" : "SAML ECP Profile Authentication Flow",
|
|
"providerId" : "basic-flow",
|
|
"topLevel" : true,
|
|
"builtIn" : true,
|
|
"authenticationExecutions" : [ {
|
|
"authenticator" : "http-basic-authenticator",
|
|
"authenticatorFlow" : false,
|
|
"requirement" : "REQUIRED",
|
|
"priority" : 10,
|
|
"autheticatorFlow" : false,
|
|
"userSetupAllowed" : false
|
|
} ]
|
|
} ],
|
|
"authenticatorConfig" : [ {
|
|
"id" : "8ba7ec2c-298c-47ad-9613-b5f9230b3361",
|
|
"alias" : "create unique user config",
|
|
"config" : {
|
|
"require.password.update.after.registration" : "false"
|
|
}
|
|
}, {
|
|
"id" : "1b396a87-bca7-4cbc-9f91-69f8b7e44eca",
|
|
"alias" : "review profile config",
|
|
"config" : {
|
|
"update.profile.on.first.login" : "missing"
|
|
}
|
|
} ],
|
|
"requiredActions" : [ {
|
|
"alias" : "CONFIGURE_TOTP",
|
|
"name" : "Configure OTP",
|
|
"providerId" : "CONFIGURE_TOTP",
|
|
"enabled" : true,
|
|
"defaultAction" : false,
|
|
"priority" : 10,
|
|
"config" : { }
|
|
}, {
|
|
"alias" : "terms_and_conditions",
|
|
"name" : "Terms and Conditions",
|
|
"providerId" : "terms_and_conditions",
|
|
"enabled" : false,
|
|
"defaultAction" : false,
|
|
"priority" : 20,
|
|
"config" : { }
|
|
}, {
|
|
"alias" : "UPDATE_PASSWORD",
|
|
"name" : "Update Password",
|
|
"providerId" : "UPDATE_PASSWORD",
|
|
"enabled" : true,
|
|
"defaultAction" : false,
|
|
"priority" : 30,
|
|
"config" : { }
|
|
}, {
|
|
"alias" : "UPDATE_PROFILE",
|
|
"name" : "Update Profile",
|
|
"providerId" : "UPDATE_PROFILE",
|
|
"enabled" : true,
|
|
"defaultAction" : false,
|
|
"priority" : 40,
|
|
"config" : { }
|
|
}, {
|
|
"alias" : "VERIFY_EMAIL",
|
|
"name" : "Verify Email",
|
|
"providerId" : "VERIFY_EMAIL",
|
|
"enabled" : true,
|
|
"defaultAction" : false,
|
|
"priority" : 50,
|
|
"config" : { }
|
|
}, {
|
|
"alias" : "delete_account",
|
|
"name" : "Delete Account",
|
|
"providerId" : "delete_account",
|
|
"enabled" : false,
|
|
"defaultAction" : false,
|
|
"priority" : 60,
|
|
"config" : { }
|
|
}, {
|
|
"alias" : "update_user_locale",
|
|
"name" : "Update User Locale",
|
|
"providerId" : "update_user_locale",
|
|
"enabled" : true,
|
|
"defaultAction" : false,
|
|
"priority" : 1000,
|
|
"config" : { }
|
|
} ],
|
|
"browserFlow" : "browser",
|
|
"registrationFlow" : "registration",
|
|
"directGrantFlow" : "direct grant",
|
|
"resetCredentialsFlow" : "reset credentials",
|
|
"clientAuthenticationFlow" : "clients",
|
|
"dockerAuthenticationFlow" : "docker auth",
|
|
"attributes" : {
|
|
"cibaBackchannelTokenDeliveryMode" : "poll",
|
|
"cibaExpiresIn" : "120",
|
|
"cibaAuthRequestedUserHint" : "login_hint",
|
|
"oauth2DeviceCodeLifespan" : "600",
|
|
"oauth2DevicePollingInterval" : "5",
|
|
"parRequestUriLifespan" : "60",
|
|
"cibaInterval" : "5"
|
|
},
|
|
"keycloakVersion" : "18.0.2",
|
|
"userManagedAccessAllowed" : false,
|
|
"clientProfiles" : {
|
|
"profiles" : [ ]
|
|
},
|
|
"clientPolicies" : {
|
|
"policies" : [ ]
|
|
}
|
|
} |