2186 lines
66 KiB
JSON
2186 lines
66 KiB
JSON
{
|
|
"id": "baeldung",
|
|
"realm": "baeldung",
|
|
"notBefore": 0,
|
|
"revokeRefreshToken": false,
|
|
"refreshTokenMaxReuse": 0,
|
|
"accessTokenLifespan": 300,
|
|
"accessTokenLifespanForImplicitFlow": 900,
|
|
"ssoSessionIdleTimeout": 1800,
|
|
"ssoSessionMaxLifespan": 36000,
|
|
"ssoSessionIdleTimeoutRememberMe": 0,
|
|
"ssoSessionMaxLifespanRememberMe": 0,
|
|
"offlineSessionIdleTimeout": 2592000,
|
|
"offlineSessionMaxLifespanEnabled": false,
|
|
"offlineSessionMaxLifespan": 5184000,
|
|
"clientSessionIdleTimeout": 0,
|
|
"clientSessionMaxLifespan": 0,
|
|
"clientOfflineSessionIdleTimeout": 0,
|
|
"clientOfflineSessionMaxLifespan": 0,
|
|
"accessCodeLifespan": 60,
|
|
"accessCodeLifespanUserAction": 300,
|
|
"accessCodeLifespanLogin": 1800,
|
|
"actionTokenGeneratedByAdminLifespan": 43200,
|
|
"actionTokenGeneratedByUserLifespan": 300,
|
|
"enabled": true,
|
|
"sslRequired": "external",
|
|
"registrationAllowed": false,
|
|
"registrationEmailAsUsername": false,
|
|
"rememberMe": false,
|
|
"verifyEmail": false,
|
|
"loginWithEmailAllowed": true,
|
|
"duplicateEmailsAllowed": false,
|
|
"resetPasswordAllowed": false,
|
|
"editUsernameAllowed": false,
|
|
"bruteForceProtected": false,
|
|
"permanentLockout": false,
|
|
"maxFailureWaitSeconds": 900,
|
|
"minimumQuickLoginWaitSeconds": 60,
|
|
"waitIncrementSeconds": 60,
|
|
"quickLoginCheckMilliSeconds": 1000,
|
|
"maxDeltaTimeSeconds": 43200,
|
|
"failureFactor": 30,
|
|
"roles": {
|
|
"realm": [
|
|
{
|
|
"id": "2f721e46-398b-43ff-845f-3c747f1f69f5",
|
|
"name": "standard",
|
|
"description": "Standard customer",
|
|
"composite": false,
|
|
"clientRole": false,
|
|
"containerId": "baeldung",
|
|
"attributes": {}
|
|
},
|
|
{
|
|
"id": "b8b1cb49-c953-4cb0-acea-62b24c4b6d30",
|
|
"name": "silver",
|
|
"description": "Silver customer",
|
|
"composite": false,
|
|
"clientRole": false,
|
|
"containerId": "baeldung",
|
|
"attributes": {}
|
|
},
|
|
{
|
|
"id": "f44f5ba9-2393-4d2a-b581-81cf8dd7f245",
|
|
"name": "gold",
|
|
"description": "Gold customers",
|
|
"composite": false,
|
|
"clientRole": false,
|
|
"containerId": "baeldung",
|
|
"attributes": {}
|
|
},
|
|
{
|
|
"id": "3b6109f5-6e5a-4578-83c3-791ec3e2bf9e",
|
|
"name": "offline_access",
|
|
"description": "${role_offline-access}",
|
|
"composite": false,
|
|
"clientRole": false,
|
|
"containerId": "baeldung",
|
|
"attributes": {}
|
|
},
|
|
{
|
|
"id": "0dd6a8c7-d669-4941-9ea1-521980e9c53f",
|
|
"name": "uma_authorization",
|
|
"description": "${role_uma_authorization}",
|
|
"composite": false,
|
|
"clientRole": false,
|
|
"containerId": "baeldung",
|
|
"attributes": {}
|
|
},
|
|
{
|
|
"id": "ca962095-7f9b-49e2-a190-e391a0d4b704",
|
|
"name": "user",
|
|
"composite": false,
|
|
"clientRole": false,
|
|
"containerId": "baeldung",
|
|
"attributes": {}
|
|
}
|
|
],
|
|
"client": {
|
|
"newClient": [],
|
|
"realm-management": [
|
|
{
|
|
"id": "5d00243f-ceec-4b0c-995e-d86d5b8a0ae6",
|
|
"name": "view-clients",
|
|
"description": "${role_view-clients}",
|
|
"composite": true,
|
|
"composites": {
|
|
"client": {
|
|
"realm-management": [
|
|
"query-clients"
|
|
]
|
|
}
|
|
},
|
|
"clientRole": true,
|
|
"containerId": "6a4bfbd0-576d-4778-af56-56f876647355",
|
|
"attributes": {}
|
|
},
|
|
{
|
|
"id": "941612de-bd85-47a5-8dfa-37c270dde28c",
|
|
"name": "view-authorization",
|
|
"description": "${role_view-authorization}",
|
|
"composite": false,
|
|
"clientRole": true,
|
|
"containerId": "6a4bfbd0-576d-4778-af56-56f876647355",
|
|
"attributes": {}
|
|
},
|
|
{
|
|
"id": "5ea9810d-63cc-4277-9b32-ba8a3d3c6091",
|
|
"name": "manage-realm",
|
|
"description": "${role_manage-realm}",
|
|
"composite": false,
|
|
"clientRole": true,
|
|
"containerId": "6a4bfbd0-576d-4778-af56-56f876647355",
|
|
"attributes": {}
|
|
},
|
|
{
|
|
"id": "8b7b0dd8-350b-473e-b8cd-8acad34f1358",
|
|
"name": "query-clients",
|
|
"description": "${role_query-clients}",
|
|
"composite": false,
|
|
"clientRole": true,
|
|
"containerId": "6a4bfbd0-576d-4778-af56-56f876647355",
|
|
"attributes": {}
|
|
},
|
|
{
|
|
"id": "0f8e5ee8-b014-4b7c-9b69-50f46abcba5f",
|
|
"name": "query-groups",
|
|
"description": "${role_query-groups}",
|
|
"composite": false,
|
|
"clientRole": true,
|
|
"containerId": "6a4bfbd0-576d-4778-af56-56f876647355",
|
|
"attributes": {}
|
|
},
|
|
{
|
|
"id": "911b1489-9383-4734-b134-bf49bf992ce9",
|
|
"name": "manage-clients",
|
|
"description": "${role_manage-clients}",
|
|
"composite": false,
|
|
"clientRole": true,
|
|
"containerId": "6a4bfbd0-576d-4778-af56-56f876647355",
|
|
"attributes": {}
|
|
},
|
|
{
|
|
"id": "5d48274c-bd6b-4c26-ad54-f1a2254beac0",
|
|
"name": "view-realm",
|
|
"description": "${role_view-realm}",
|
|
"composite": false,
|
|
"clientRole": true,
|
|
"containerId": "6a4bfbd0-576d-4778-af56-56f876647355",
|
|
"attributes": {}
|
|
},
|
|
{
|
|
"id": "3ea43b64-316f-4693-8346-9ee78b24adaf",
|
|
"name": "manage-identity-providers",
|
|
"description": "${role_manage-identity-providers}",
|
|
"composite": false,
|
|
"clientRole": true,
|
|
"containerId": "6a4bfbd0-576d-4778-af56-56f876647355",
|
|
"attributes": {}
|
|
},
|
|
{
|
|
"id": "49735614-96ec-49b2-98fe-3af9bcd1a33a",
|
|
"name": "create-client",
|
|
"description": "${role_create-client}",
|
|
"composite": false,
|
|
"clientRole": true,
|
|
"containerId": "6a4bfbd0-576d-4778-af56-56f876647355",
|
|
"attributes": {}
|
|
},
|
|
{
|
|
"id": "e8f8c3cc-0ff1-4f72-a271-db6821a3cdb6",
|
|
"name": "manage-users",
|
|
"description": "${role_manage-users}",
|
|
"composite": false,
|
|
"clientRole": true,
|
|
"containerId": "6a4bfbd0-576d-4778-af56-56f876647355",
|
|
"attributes": {}
|
|
},
|
|
{
|
|
"id": "387418b1-4f80-4b00-b9dd-805ca041f805",
|
|
"name": "view-identity-providers",
|
|
"description": "${role_view-identity-providers}",
|
|
"composite": false,
|
|
"clientRole": true,
|
|
"containerId": "6a4bfbd0-576d-4778-af56-56f876647355",
|
|
"attributes": {}
|
|
},
|
|
{
|
|
"id": "427c27d4-521a-464b-a0df-16d7f537e8d5",
|
|
"name": "realm-admin",
|
|
"description": "${role_realm-admin}",
|
|
"composite": true,
|
|
"composites": {
|
|
"client": {
|
|
"realm-management": [
|
|
"view-clients",
|
|
"view-authorization",
|
|
"query-groups",
|
|
"manage-realm",
|
|
"query-clients",
|
|
"manage-clients",
|
|
"view-realm",
|
|
"manage-identity-providers",
|
|
"create-client",
|
|
"manage-users",
|
|
"view-identity-providers",
|
|
"query-users",
|
|
"query-realms",
|
|
"view-users",
|
|
"impersonation",
|
|
"manage-authorization",
|
|
"manage-events",
|
|
"view-events"
|
|
]
|
|
}
|
|
},
|
|
"clientRole": true,
|
|
"containerId": "6a4bfbd0-576d-4778-af56-56f876647355",
|
|
"attributes": {}
|
|
},
|
|
{
|
|
"id": "a574cf01-03e4-4573-ab9e-276d13a1ce8d",
|
|
"name": "query-users",
|
|
"description": "${role_query-users}",
|
|
"composite": false,
|
|
"clientRole": true,
|
|
"containerId": "6a4bfbd0-576d-4778-af56-56f876647355",
|
|
"attributes": {}
|
|
},
|
|
{
|
|
"id": "c3a253a8-a1b6-4d38-9677-f728f32482ad",
|
|
"name": "query-realms",
|
|
"description": "${role_query-realms}",
|
|
"composite": false,
|
|
"clientRole": true,
|
|
"containerId": "6a4bfbd0-576d-4778-af56-56f876647355",
|
|
"attributes": {}
|
|
},
|
|
{
|
|
"id": "f3cb93da-273e-419a-b2f4-93f09896abcf",
|
|
"name": "view-users",
|
|
"description": "${role_view-users}",
|
|
"composite": true,
|
|
"composites": {
|
|
"client": {
|
|
"realm-management": [
|
|
"query-users",
|
|
"query-groups"
|
|
]
|
|
}
|
|
},
|
|
"clientRole": true,
|
|
"containerId": "6a4bfbd0-576d-4778-af56-56f876647355",
|
|
"attributes": {}
|
|
},
|
|
{
|
|
"id": "6eedf2b7-50ef-4495-a89b-54aef751b7fa",
|
|
"name": "manage-authorization",
|
|
"description": "${role_manage-authorization}",
|
|
"composite": false,
|
|
"clientRole": true,
|
|
"containerId": "6a4bfbd0-576d-4778-af56-56f876647355",
|
|
"attributes": {}
|
|
},
|
|
{
|
|
"id": "0332e99b-3dfc-4193-9e13-5728f8f3e6d6",
|
|
"name": "impersonation",
|
|
"description": "${role_impersonation}",
|
|
"composite": false,
|
|
"clientRole": true,
|
|
"containerId": "6a4bfbd0-576d-4778-af56-56f876647355",
|
|
"attributes": {}
|
|
},
|
|
{
|
|
"id": "b690cb9c-0f4a-4be5-ade0-b40443d8149d",
|
|
"name": "view-events",
|
|
"description": "${role_view-events}",
|
|
"composite": false,
|
|
"clientRole": true,
|
|
"containerId": "6a4bfbd0-576d-4778-af56-56f876647355",
|
|
"attributes": {}
|
|
},
|
|
{
|
|
"id": "aac3def5-f193-4a6c-9065-1667a0746a8a",
|
|
"name": "manage-events",
|
|
"description": "${role_manage-events}",
|
|
"composite": false,
|
|
"clientRole": true,
|
|
"containerId": "6a4bfbd0-576d-4778-af56-56f876647355",
|
|
"attributes": {}
|
|
}
|
|
],
|
|
"security-admin-console": [],
|
|
"quotes-client": [],
|
|
"admin-cli": [],
|
|
"account-console": [],
|
|
"broker": [
|
|
{
|
|
"id": "397b5703-4c81-48fd-a24c-a7e8177ef657",
|
|
"name": "read-token",
|
|
"description": "${role_read-token}",
|
|
"composite": false,
|
|
"clientRole": true,
|
|
"containerId": "4b9609f0-48d1-4e71-9381-2ecec08616f9",
|
|
"attributes": {}
|
|
}
|
|
],
|
|
"account": [
|
|
{
|
|
"id": "8daa8096-d14e-4d1c-ad1f-83f822016aa1",
|
|
"name": "manage-account",
|
|
"description": "${role_manage-account}",
|
|
"composite": true,
|
|
"composites": {
|
|
"client": {
|
|
"account": [
|
|
"manage-account-links"
|
|
]
|
|
}
|
|
},
|
|
"clientRole": true,
|
|
"containerId": "12eebf0b-a3eb-49f8-9ecf-173cf8a00145",
|
|
"attributes": {}
|
|
},
|
|
{
|
|
"id": "15f0d8be-932b-4565-8ad0-e8aa170093dd",
|
|
"name": "view-consent",
|
|
"description": "${role_view-consent}",
|
|
"composite": false,
|
|
"clientRole": true,
|
|
"containerId": "12eebf0b-a3eb-49f8-9ecf-173cf8a00145",
|
|
"attributes": {}
|
|
},
|
|
{
|
|
"id": "c5aa697c-bf87-47c6-bd94-9121b72420b9",
|
|
"name": "view-applications",
|
|
"description": "${role_view-applications}",
|
|
"composite": false,
|
|
"clientRole": true,
|
|
"containerId": "12eebf0b-a3eb-49f8-9ecf-173cf8a00145",
|
|
"attributes": {}
|
|
},
|
|
{
|
|
"id": "f0b3bbe4-aec1-4227-b9d3-2c314d612a04",
|
|
"name": "manage-consent",
|
|
"description": "${role_manage-consent}",
|
|
"composite": true,
|
|
"composites": {
|
|
"client": {
|
|
"account": [
|
|
"view-consent"
|
|
]
|
|
}
|
|
},
|
|
"clientRole": true,
|
|
"containerId": "12eebf0b-a3eb-49f8-9ecf-173cf8a00145",
|
|
"attributes": {}
|
|
},
|
|
{
|
|
"id": "948269c7-a69c-4c82-a7f3-88868713dfd9",
|
|
"name": "manage-account-links",
|
|
"description": "${role_manage-account-links}",
|
|
"composite": false,
|
|
"clientRole": true,
|
|
"containerId": "12eebf0b-a3eb-49f8-9ecf-173cf8a00145",
|
|
"attributes": {}
|
|
},
|
|
{
|
|
"id": "aed18201-2433-4998-8fa3-0979b0b31c10",
|
|
"name": "view-profile",
|
|
"description": "${role_view-profile}",
|
|
"composite": false,
|
|
"clientRole": true,
|
|
"containerId": "12eebf0b-a3eb-49f8-9ecf-173cf8a00145",
|
|
"attributes": {}
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"groups": [
|
|
{
|
|
"id": "635c3314-f15f-4c02-bcb7-8739fd4c21b7",
|
|
"name": "golden_customers",
|
|
"path": "/golden_customers",
|
|
"attributes": {},
|
|
"realmRoles": [
|
|
"gold"
|
|
],
|
|
"clientRoles": {},
|
|
"subGroups": []
|
|
},
|
|
{
|
|
"id": "279c5ec4-0588-4884-91c1-2697ed5c9826",
|
|
"name": "silver_customers",
|
|
"path": "/silver_customers",
|
|
"attributes": {},
|
|
"realmRoles": [
|
|
"silver"
|
|
],
|
|
"clientRoles": {},
|
|
"subGroups": []
|
|
}
|
|
],
|
|
"defaultRoles": [
|
|
"uma_authorization",
|
|
"offline_access"
|
|
],
|
|
"requiredCredentials": [
|
|
"password"
|
|
],
|
|
"otpPolicyType": "totp",
|
|
"otpPolicyAlgorithm": "HmacSHA1",
|
|
"otpPolicyInitialCounter": 0,
|
|
"otpPolicyDigits": 6,
|
|
"otpPolicyLookAheadWindow": 1,
|
|
"otpPolicyPeriod": 30,
|
|
"otpSupportedApplications": [
|
|
"FreeOTP",
|
|
"Google Authenticator"
|
|
],
|
|
"webAuthnPolicyRpEntityName": "keycloak",
|
|
"webAuthnPolicySignatureAlgorithms": [
|
|
"ES256"
|
|
],
|
|
"webAuthnPolicyRpId": "",
|
|
"webAuthnPolicyAttestationConveyancePreference": "not specified",
|
|
"webAuthnPolicyAuthenticatorAttachment": "not specified",
|
|
"webAuthnPolicyRequireResidentKey": "not specified",
|
|
"webAuthnPolicyUserVerificationRequirement": "not specified",
|
|
"webAuthnPolicyCreateTimeout": 0,
|
|
"webAuthnPolicyAvoidSameAuthenticatorRegister": false,
|
|
"webAuthnPolicyAcceptableAaguids": [],
|
|
"webAuthnPolicyPasswordlessRpEntityName": "keycloak",
|
|
"webAuthnPolicyPasswordlessSignatureAlgorithms": [
|
|
"ES256"
|
|
],
|
|
"webAuthnPolicyPasswordlessRpId": "",
|
|
"webAuthnPolicyPasswordlessAttestationConveyancePreference": "not specified",
|
|
"webAuthnPolicyPasswordlessAuthenticatorAttachment": "not specified",
|
|
"webAuthnPolicyPasswordlessRequireResidentKey": "not specified",
|
|
"webAuthnPolicyPasswordlessUserVerificationRequirement": "not specified",
|
|
"webAuthnPolicyPasswordlessCreateTimeout": 0,
|
|
"webAuthnPolicyPasswordlessAvoidSameAuthenticatorRegister": false,
|
|
"webAuthnPolicyPasswordlessAcceptableAaguids": [],
|
|
"scopeMappings": [
|
|
{
|
|
"clientScope": "offline_access",
|
|
"roles": [
|
|
"offline_access"
|
|
]
|
|
}
|
|
],
|
|
"clientScopeMappings": {
|
|
"account": [
|
|
{
|
|
"client": "account-console",
|
|
"roles": [
|
|
"manage-account"
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"clients": [
|
|
{
|
|
"id": "12eebf0b-a3eb-49f8-9ecf-173cf8a00145",
|
|
"clientId": "account",
|
|
"name": "${client_account}",
|
|
"rootUrl": "${authBaseUrl}",
|
|
"baseUrl": "/realms/baeldung/account/",
|
|
"surrogateAuthRequired": false,
|
|
"enabled": true,
|
|
"alwaysDisplayInConsole": false,
|
|
"clientAuthenticatorType": "client-secret",
|
|
"secret": "**********",
|
|
"defaultRoles": [
|
|
"manage-account",
|
|
"view-profile"
|
|
],
|
|
"redirectUris": [
|
|
"/realms/baeldung/account/*"
|
|
],
|
|
"webOrigins": [],
|
|
"notBefore": 0,
|
|
"bearerOnly": false,
|
|
"consentRequired": false,
|
|
"standardFlowEnabled": true,
|
|
"implicitFlowEnabled": false,
|
|
"directAccessGrantsEnabled": false,
|
|
"serviceAccountsEnabled": false,
|
|
"publicClient": false,
|
|
"frontchannelLogout": false,
|
|
"protocol": "openid-connect",
|
|
"attributes": {},
|
|
"authenticationFlowBindingOverrides": {},
|
|
"fullScopeAllowed": false,
|
|
"nodeReRegistrationTimeout": 0,
|
|
"defaultClientScopes": [
|
|
"web-origins",
|
|
"role_list",
|
|
"roles",
|
|
"profile",
|
|
"email"
|
|
],
|
|
"optionalClientScopes": [
|
|
"address",
|
|
"phone",
|
|
"offline_access",
|
|
"microprofile-jwt"
|
|
]
|
|
},
|
|
{
|
|
"id": "8209784b-8540-43c2-aece-241acf12ea5a",
|
|
"clientId": "account-console",
|
|
"name": "${client_account-console}",
|
|
"rootUrl": "${authBaseUrl}",
|
|
"baseUrl": "/realms/baeldung/account/",
|
|
"surrogateAuthRequired": false,
|
|
"enabled": true,
|
|
"alwaysDisplayInConsole": false,
|
|
"clientAuthenticatorType": "client-secret",
|
|
"secret": "**********",
|
|
"redirectUris": [
|
|
"/realms/baeldung/account/*"
|
|
],
|
|
"webOrigins": [],
|
|
"notBefore": 0,
|
|
"bearerOnly": false,
|
|
"consentRequired": false,
|
|
"standardFlowEnabled": true,
|
|
"implicitFlowEnabled": false,
|
|
"directAccessGrantsEnabled": false,
|
|
"serviceAccountsEnabled": false,
|
|
"publicClient": true,
|
|
"frontchannelLogout": false,
|
|
"protocol": "openid-connect",
|
|
"attributes": {
|
|
"pkce.code.challenge.method": "S256"
|
|
},
|
|
"authenticationFlowBindingOverrides": {},
|
|
"fullScopeAllowed": false,
|
|
"nodeReRegistrationTimeout": 0,
|
|
"protocolMappers": [
|
|
{
|
|
"id": "58395b96-1718-4787-8f92-74577e2bfc30",
|
|
"name": "audience resolve",
|
|
"protocol": "openid-connect",
|
|
"protocolMapper": "oidc-audience-resolve-mapper",
|
|
"consentRequired": false,
|
|
"config": {}
|
|
}
|
|
],
|
|
"defaultClientScopes": [
|
|
"web-origins",
|
|
"role_list",
|
|
"roles",
|
|
"profile",
|
|
"email"
|
|
],
|
|
"optionalClientScopes": [
|
|
"address",
|
|
"phone",
|
|
"offline_access",
|
|
"microprofile-jwt"
|
|
]
|
|
},
|
|
{
|
|
"id": "13d76feb-d762-4409-bb84-7a75bc395a61",
|
|
"clientId": "admin-cli",
|
|
"name": "${client_admin-cli}",
|
|
"surrogateAuthRequired": false,
|
|
"enabled": true,
|
|
"alwaysDisplayInConsole": false,
|
|
"clientAuthenticatorType": "client-secret",
|
|
"secret": "**********",
|
|
"redirectUris": [],
|
|
"webOrigins": [],
|
|
"notBefore": 0,
|
|
"bearerOnly": false,
|
|
"consentRequired": false,
|
|
"standardFlowEnabled": false,
|
|
"implicitFlowEnabled": false,
|
|
"directAccessGrantsEnabled": true,
|
|
"serviceAccountsEnabled": false,
|
|
"publicClient": true,
|
|
"frontchannelLogout": false,
|
|
"protocol": "openid-connect",
|
|
"attributes": {},
|
|
"authenticationFlowBindingOverrides": {},
|
|
"fullScopeAllowed": false,
|
|
"nodeReRegistrationTimeout": 0,
|
|
"defaultClientScopes": [
|
|
"web-origins",
|
|
"role_list",
|
|
"roles",
|
|
"profile",
|
|
"email"
|
|
],
|
|
"optionalClientScopes": [
|
|
"address",
|
|
"phone",
|
|
"offline_access",
|
|
"microprofile-jwt"
|
|
]
|
|
},
|
|
{
|
|
"id": "4b9609f0-48d1-4e71-9381-2ecec08616f9",
|
|
"clientId": "broker",
|
|
"name": "${client_broker}",
|
|
"surrogateAuthRequired": false,
|
|
"enabled": true,
|
|
"alwaysDisplayInConsole": false,
|
|
"clientAuthenticatorType": "client-secret",
|
|
"secret": "**********",
|
|
"redirectUris": [],
|
|
"webOrigins": [],
|
|
"notBefore": 0,
|
|
"bearerOnly": false,
|
|
"consentRequired": false,
|
|
"standardFlowEnabled": true,
|
|
"implicitFlowEnabled": false,
|
|
"directAccessGrantsEnabled": false,
|
|
"serviceAccountsEnabled": false,
|
|
"publicClient": false,
|
|
"frontchannelLogout": false,
|
|
"protocol": "openid-connect",
|
|
"attributes": {},
|
|
"authenticationFlowBindingOverrides": {},
|
|
"fullScopeAllowed": false,
|
|
"nodeReRegistrationTimeout": 0,
|
|
"defaultClientScopes": [
|
|
"web-origins",
|
|
"role_list",
|
|
"roles",
|
|
"profile",
|
|
"email"
|
|
],
|
|
"optionalClientScopes": [
|
|
"address",
|
|
"phone",
|
|
"offline_access",
|
|
"microprofile-jwt"
|
|
]
|
|
},
|
|
{
|
|
"id": "b88ce206-63d6-43b6-87c9-ea09d8c02f32",
|
|
"clientId": "newClient",
|
|
"surrogateAuthRequired": false,
|
|
"enabled": true,
|
|
"alwaysDisplayInConsole": false,
|
|
"clientAuthenticatorType": "client-secret",
|
|
"secret": "**********",
|
|
"redirectUris": [
|
|
"http://localhost:8082/new-client/login/oauth2/code/custom",
|
|
"http://localhost:8089/",
|
|
"http://localhost:8089/auth/redirect/"
|
|
],
|
|
"webOrigins": [
|
|
"+"
|
|
],
|
|
"notBefore": 0,
|
|
"bearerOnly": false,
|
|
"consentRequired": false,
|
|
"standardFlowEnabled": true,
|
|
"implicitFlowEnabled": true,
|
|
"directAccessGrantsEnabled": true,
|
|
"serviceAccountsEnabled": false,
|
|
"publicClient": false,
|
|
"frontchannelLogout": false,
|
|
"protocol": "openid-connect",
|
|
"attributes": {
|
|
"saml.assertion.signature": "false",
|
|
"saml.force.post.binding": "false",
|
|
"saml.multivalued.roles": "false",
|
|
"saml.encrypt": "false",
|
|
"saml.server.signature": "false",
|
|
"saml.server.signature.keyinfo.ext": "false",
|
|
"exclude.session.state.from.auth.response": "false",
|
|
"saml_force_name_id_format": "false",
|
|
"saml.client.signature": "false",
|
|
"tls.client.certificate.bound.access.tokens": "false",
|
|
"saml.authnstatement": "false",
|
|
"display.on.consent.screen": "false",
|
|
"saml.onetimeuse.condition": "false"
|
|
},
|
|
"authenticationFlowBindingOverrides": {},
|
|
"fullScopeAllowed": true,
|
|
"nodeReRegistrationTimeout": -1,
|
|
"defaultClientScopes": [
|
|
"role_list",
|
|
"profile"
|
|
],
|
|
"optionalClientScopes": [
|
|
"web-origins",
|
|
"address",
|
|
"read",
|
|
"phone",
|
|
"roles",
|
|
"offline_access",
|
|
"microprofile-jwt",
|
|
"write",
|
|
"email"
|
|
]
|
|
},
|
|
{
|
|
"id": "5898f71f-b91e-4c3f-9c86-48de0e8665c4",
|
|
"clientId": "quotes-client",
|
|
"name": "Quotes Client",
|
|
"surrogateAuthRequired": false,
|
|
"enabled": true,
|
|
"alwaysDisplayInConsole": false,
|
|
"clientAuthenticatorType": "client-secret",
|
|
"secret": "0e082231-a70d-48e8-b8a5-fbfb743041b6",
|
|
"redirectUris": [
|
|
"http://localhost:8082/*",
|
|
"http://localhost:8087/*"
|
|
],
|
|
"webOrigins": [],
|
|
"notBefore": 0,
|
|
"bearerOnly": false,
|
|
"consentRequired": false,
|
|
"standardFlowEnabled": true,
|
|
"implicitFlowEnabled": false,
|
|
"directAccessGrantsEnabled": true,
|
|
"serviceAccountsEnabled": false,
|
|
"publicClient": false,
|
|
"frontchannelLogout": false,
|
|
"protocol": "openid-connect",
|
|
"attributes": {
|
|
"saml.assertion.signature": "false",
|
|
"saml.multivalued.roles": "false",
|
|
"saml.force.post.binding": "false",
|
|
"saml.encrypt": "false",
|
|
"saml.server.signature": "false",
|
|
"saml.server.signature.keyinfo.ext": "false",
|
|
"exclude.session.state.from.auth.response": "false",
|
|
"saml_force_name_id_format": "false",
|
|
"saml.client.signature": "false",
|
|
"tls.client.certificate.bound.access.tokens": "false",
|
|
"saml.authnstatement": "false",
|
|
"display.on.consent.screen": "false",
|
|
"saml.onetimeuse.condition": "false"
|
|
},
|
|
"authenticationFlowBindingOverrides": {},
|
|
"fullScopeAllowed": true,
|
|
"nodeReRegistrationTimeout": -1,
|
|
"protocolMappers": [
|
|
{
|
|
"id": "008d32b5-ea7b-4739-89af-e90fe137bda9",
|
|
"name": "realm roles",
|
|
"protocol": "openid-connect",
|
|
"protocolMapper": "oidc-usermodel-realm-role-mapper",
|
|
"consentRequired": false,
|
|
"config": {
|
|
"user.attribute": "foo",
|
|
"access.token.claim": "true",
|
|
"claim.name": "realm_access.roles",
|
|
"jsonType.label": "String",
|
|
"multivalued": "true"
|
|
}
|
|
}
|
|
],
|
|
"defaultClientScopes": [
|
|
"web-origins",
|
|
"role_list",
|
|
"roles",
|
|
"profile",
|
|
"email"
|
|
],
|
|
"optionalClientScopes": [
|
|
"address",
|
|
"phone",
|
|
"offline_access",
|
|
"microprofile-jwt"
|
|
]
|
|
},
|
|
{
|
|
"id": "6a4bfbd0-576d-4778-af56-56f876647355",
|
|
"clientId": "realm-management",
|
|
"name": "${client_realm-management}",
|
|
"surrogateAuthRequired": false,
|
|
"enabled": true,
|
|
"alwaysDisplayInConsole": false,
|
|
"clientAuthenticatorType": "client-secret",
|
|
"secret": "**********",
|
|
"redirectUris": [],
|
|
"webOrigins": [],
|
|
"notBefore": 0,
|
|
"bearerOnly": true,
|
|
"consentRequired": false,
|
|
"standardFlowEnabled": true,
|
|
"implicitFlowEnabled": false,
|
|
"directAccessGrantsEnabled": false,
|
|
"serviceAccountsEnabled": false,
|
|
"publicClient": false,
|
|
"frontchannelLogout": false,
|
|
"protocol": "openid-connect",
|
|
"attributes": {},
|
|
"authenticationFlowBindingOverrides": {},
|
|
"fullScopeAllowed": false,
|
|
"nodeReRegistrationTimeout": 0,
|
|
"defaultClientScopes": [
|
|
"web-origins",
|
|
"role_list",
|
|
"roles",
|
|
"profile",
|
|
"email"
|
|
],
|
|
"optionalClientScopes": [
|
|
"address",
|
|
"phone",
|
|
"offline_access",
|
|
"microprofile-jwt"
|
|
]
|
|
},
|
|
{
|
|
"id": "8e358d2f-b085-4243-8e6e-c175431e5eeb",
|
|
"clientId": "security-admin-console",
|
|
"name": "${client_security-admin-console}",
|
|
"rootUrl": "${authAdminUrl}",
|
|
"baseUrl": "/admin/baeldung/console/",
|
|
"surrogateAuthRequired": false,
|
|
"enabled": true,
|
|
"alwaysDisplayInConsole": false,
|
|
"clientAuthenticatorType": "client-secret",
|
|
"secret": "**********",
|
|
"redirectUris": [
|
|
"/admin/baeldung/console/*"
|
|
],
|
|
"webOrigins": [
|
|
"+"
|
|
],
|
|
"notBefore": 0,
|
|
"bearerOnly": false,
|
|
"consentRequired": false,
|
|
"standardFlowEnabled": true,
|
|
"implicitFlowEnabled": false,
|
|
"directAccessGrantsEnabled": false,
|
|
"serviceAccountsEnabled": false,
|
|
"publicClient": true,
|
|
"frontchannelLogout": false,
|
|
"protocol": "openid-connect",
|
|
"attributes": {
|
|
"pkce.code.challenge.method": "S256"
|
|
},
|
|
"authenticationFlowBindingOverrides": {},
|
|
"fullScopeAllowed": false,
|
|
"nodeReRegistrationTimeout": 0,
|
|
"protocolMappers": [
|
|
{
|
|
"id": "9cfca9ee-493d-4b5e-8170-2d364149de59",
|
|
"name": "locale",
|
|
"protocol": "openid-connect",
|
|
"protocolMapper": "oidc-usermodel-attribute-mapper",
|
|
"consentRequired": false,
|
|
"config": {
|
|
"userinfo.token.claim": "true",
|
|
"user.attribute": "locale",
|
|
"id.token.claim": "true",
|
|
"access.token.claim": "true",
|
|
"claim.name": "locale",
|
|
"jsonType.label": "String"
|
|
}
|
|
}
|
|
],
|
|
"defaultClientScopes": [
|
|
"web-origins",
|
|
"role_list",
|
|
"roles",
|
|
"profile",
|
|
"email"
|
|
],
|
|
"optionalClientScopes": [
|
|
"address",
|
|
"phone",
|
|
"offline_access",
|
|
"microprofile-jwt"
|
|
]
|
|
}
|
|
],
|
|
"clientScopes": [
|
|
{
|
|
"id": "77c7e29d-1a22-4419-bbfb-4a62bb033449",
|
|
"name": "address",
|
|
"description": "OpenID Connect built-in scope: address",
|
|
"protocol": "openid-connect",
|
|
"attributes": {
|
|
"include.in.token.scope": "true",
|
|
"display.on.consent.screen": "true",
|
|
"consent.screen.text": "${addressScopeConsentText}"
|
|
},
|
|
"protocolMappers": [
|
|
{
|
|
"id": "94e1879d-b49e-4178-96e0-bf8d7f32c160",
|
|
"name": "address",
|
|
"protocol": "openid-connect",
|
|
"protocolMapper": "oidc-address-mapper",
|
|
"consentRequired": false,
|
|
"config": {
|
|
"user.attribute.formatted": "formatted",
|
|
"user.attribute.country": "country",
|
|
"user.attribute.postal_code": "postal_code",
|
|
"userinfo.token.claim": "true",
|
|
"user.attribute.street": "street",
|
|
"id.token.claim": "true",
|
|
"user.attribute.region": "region",
|
|
"access.token.claim": "true",
|
|
"user.attribute.locality": "locality"
|
|
}
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"id": "b3526ac1-10e2-4344-8621-9c5a0853e97a",
|
|
"name": "email",
|
|
"description": "OpenID Connect built-in scope: email",
|
|
"protocol": "openid-connect",
|
|
"attributes": {
|
|
"include.in.token.scope": "true",
|
|
"display.on.consent.screen": "true",
|
|
"consent.screen.text": "${emailScopeConsentText}"
|
|
},
|
|
"protocolMappers": [
|
|
{
|
|
"id": "d30270dc-baa6-455a-8ff6-ddccf8a78d86",
|
|
"name": "email verified",
|
|
"protocol": "openid-connect",
|
|
"protocolMapper": "oidc-usermodel-property-mapper",
|
|
"consentRequired": false,
|
|
"config": {
|
|
"userinfo.token.claim": "true",
|
|
"user.attribute": "emailVerified",
|
|
"id.token.claim": "true",
|
|
"access.token.claim": "true",
|
|
"claim.name": "email_verified",
|
|
"jsonType.label": "boolean"
|
|
}
|
|
},
|
|
{
|
|
"id": "f5b1684d-e479-4134-8578-457fa64717da",
|
|
"name": "email",
|
|
"protocol": "openid-connect",
|
|
"protocolMapper": "oidc-usermodel-property-mapper",
|
|
"consentRequired": false,
|
|
"config": {
|
|
"userinfo.token.claim": "true",
|
|
"user.attribute": "email",
|
|
"id.token.claim": "true",
|
|
"access.token.claim": "true",
|
|
"claim.name": "email",
|
|
"jsonType.label": "String"
|
|
}
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"id": "c658ae14-e96a-4745-b21b-2ed5c4c63f5f",
|
|
"name": "microprofile-jwt",
|
|
"description": "Microprofile - JWT built-in scope",
|
|
"protocol": "openid-connect",
|
|
"attributes": {
|
|
"include.in.token.scope": "true",
|
|
"display.on.consent.screen": "false"
|
|
},
|
|
"protocolMappers": [
|
|
{
|
|
"id": "959521bc-5ffd-465b-95f2-5b0c20d1909c",
|
|
"name": "upn",
|
|
"protocol": "openid-connect",
|
|
"protocolMapper": "oidc-usermodel-property-mapper",
|
|
"consentRequired": false,
|
|
"config": {
|
|
"userinfo.token.claim": "true",
|
|
"user.attribute": "username",
|
|
"id.token.claim": "true",
|
|
"access.token.claim": "true",
|
|
"claim.name": "upn",
|
|
"jsonType.label": "String"
|
|
}
|
|
},
|
|
{
|
|
"id": "07b8550c-b298-4cce-9ffb-900182575b76",
|
|
"name": "groups",
|
|
"protocol": "openid-connect",
|
|
"protocolMapper": "oidc-usermodel-realm-role-mapper",
|
|
"consentRequired": false,
|
|
"config": {
|
|
"multivalued": "true",
|
|
"userinfo.token.claim": "true",
|
|
"user.attribute": "foo",
|
|
"id.token.claim": "true",
|
|
"access.token.claim": "true",
|
|
"claim.name": "groups",
|
|
"jsonType.label": "String"
|
|
}
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"id": "569b3d44-4ecd-4768-a58c-70ff38f4b4fe",
|
|
"name": "offline_access",
|
|
"description": "OpenID Connect built-in scope: offline_access",
|
|
"protocol": "openid-connect",
|
|
"attributes": {
|
|
"consent.screen.text": "${offlineAccessScopeConsentText}",
|
|
"display.on.consent.screen": "true"
|
|
}
|
|
},
|
|
{
|
|
"id": "a3e7b19d-df6c-437e-9eea-06fec1becb2f",
|
|
"name": "phone",
|
|
"description": "OpenID Connect built-in scope: phone",
|
|
"protocol": "openid-connect",
|
|
"attributes": {
|
|
"include.in.token.scope": "true",
|
|
"display.on.consent.screen": "true",
|
|
"consent.screen.text": "${phoneScopeConsentText}"
|
|
},
|
|
"protocolMappers": [
|
|
{
|
|
"id": "72a070f7-4363-4c88-8153-6fd2d12b9b04",
|
|
"name": "phone number verified",
|
|
"protocol": "openid-connect",
|
|
"protocolMapper": "oidc-usermodel-attribute-mapper",
|
|
"consentRequired": false,
|
|
"config": {
|
|
"userinfo.token.claim": "true",
|
|
"user.attribute": "phoneNumberVerified",
|
|
"id.token.claim": "true",
|
|
"access.token.claim": "true",
|
|
"claim.name": "phone_number_verified",
|
|
"jsonType.label": "boolean"
|
|
}
|
|
},
|
|
{
|
|
"id": "24b42c6d-a93c-4aa1-9a03-2a2b55954c13",
|
|
"name": "phone number",
|
|
"protocol": "openid-connect",
|
|
"protocolMapper": "oidc-usermodel-attribute-mapper",
|
|
"consentRequired": false,
|
|
"config": {
|
|
"userinfo.token.claim": "true",
|
|
"user.attribute": "phoneNumber",
|
|
"id.token.claim": "true",
|
|
"access.token.claim": "true",
|
|
"claim.name": "phone_number",
|
|
"jsonType.label": "String"
|
|
}
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"id": "ba8c9950-fd0b-4434-8be6-b58456d7b6d4",
|
|
"name": "profile",
|
|
"description": "OpenID Connect built-in scope: profile",
|
|
"protocol": "openid-connect",
|
|
"attributes": {
|
|
"include.in.token.scope": "true",
|
|
"display.on.consent.screen": "true",
|
|
"consent.screen.text": "${profileScopeConsentText}"
|
|
},
|
|
"protocolMappers": [
|
|
{
|
|
"id": "0a9ddd71-309c-40f0-8ea6-a0791070c6ed",
|
|
"name": "profile",
|
|
"protocol": "openid-connect",
|
|
"protocolMapper": "oidc-usermodel-attribute-mapper",
|
|
"consentRequired": false,
|
|
"config": {
|
|
"userinfo.token.claim": "true",
|
|
"user.attribute": "profile",
|
|
"id.token.claim": "true",
|
|
"access.token.claim": "true",
|
|
"claim.name": "profile",
|
|
"jsonType.label": "String"
|
|
}
|
|
},
|
|
{
|
|
"id": "fbf53bbd-1ad0-4bf8-8030-50f81696d8ee",
|
|
"name": "nickname",
|
|
"protocol": "openid-connect",
|
|
"protocolMapper": "oidc-usermodel-attribute-mapper",
|
|
"consentRequired": false,
|
|
"config": {
|
|
"userinfo.token.claim": "true",
|
|
"user.attribute": "nickname",
|
|
"id.token.claim": "true",
|
|
"access.token.claim": "true",
|
|
"claim.name": "nickname",
|
|
"jsonType.label": "String"
|
|
}
|
|
},
|
|
{
|
|
"id": "423be2cd-42c0-462e-9030-18f9b28ff2d3",
|
|
"name": "gender",
|
|
"protocol": "openid-connect",
|
|
"protocolMapper": "oidc-usermodel-attribute-mapper",
|
|
"consentRequired": false,
|
|
"config": {
|
|
"userinfo.token.claim": "true",
|
|
"user.attribute": "gender",
|
|
"id.token.claim": "true",
|
|
"access.token.claim": "true",
|
|
"claim.name": "gender",
|
|
"jsonType.label": "String"
|
|
}
|
|
},
|
|
{
|
|
"id": "53eb9006-4b81-474a-8b60-80f775d54b63",
|
|
"name": "picture",
|
|
"protocol": "openid-connect",
|
|
"protocolMapper": "oidc-usermodel-attribute-mapper",
|
|
"consentRequired": false,
|
|
"config": {
|
|
"userinfo.token.claim": "true",
|
|
"user.attribute": "picture",
|
|
"id.token.claim": "true",
|
|
"access.token.claim": "true",
|
|
"claim.name": "picture",
|
|
"jsonType.label": "String"
|
|
}
|
|
},
|
|
{
|
|
"id": "4d8bc82a-eaeb-499e-8eb2-0f1dcbe91699",
|
|
"name": "locale",
|
|
"protocol": "openid-connect",
|
|
"protocolMapper": "oidc-usermodel-attribute-mapper",
|
|
"consentRequired": false,
|
|
"config": {
|
|
"userinfo.token.claim": "true",
|
|
"user.attribute": "locale",
|
|
"id.token.claim": "true",
|
|
"access.token.claim": "true",
|
|
"claim.name": "locale",
|
|
"jsonType.label": "String"
|
|
}
|
|
},
|
|
{
|
|
"id": "d3b25485-4042-419d-afff-cfd63a76e229",
|
|
"name": "full name",
|
|
"protocol": "openid-connect",
|
|
"protocolMapper": "oidc-full-name-mapper",
|
|
"consentRequired": false,
|
|
"config": {
|
|
"id.token.claim": "true",
|
|
"access.token.claim": "true",
|
|
"userinfo.token.claim": "true"
|
|
}
|
|
},
|
|
{
|
|
"id": "422cfa5a-f2f4-4f36-82df-91b47ae1ea50",
|
|
"name": "given name",
|
|
"protocol": "openid-connect",
|
|
"protocolMapper": "oidc-usermodel-property-mapper",
|
|
"consentRequired": false,
|
|
"config": {
|
|
"userinfo.token.claim": "true",
|
|
"user.attribute": "firstName",
|
|
"id.token.claim": "true",
|
|
"access.token.claim": "true",
|
|
"claim.name": "given_name",
|
|
"jsonType.label": "String"
|
|
}
|
|
},
|
|
{
|
|
"id": "3f2863c1-d98d-45b5-b08f-af9c4d9c10f8",
|
|
"name": "website",
|
|
"protocol": "openid-connect",
|
|
"protocolMapper": "oidc-usermodel-attribute-mapper",
|
|
"consentRequired": false,
|
|
"config": {
|
|
"userinfo.token.claim": "true",
|
|
"user.attribute": "website",
|
|
"id.token.claim": "true",
|
|
"access.token.claim": "true",
|
|
"claim.name": "website",
|
|
"jsonType.label": "String"
|
|
}
|
|
},
|
|
{
|
|
"id": "c98c063d-eee4-41a0-9130-595afd709d1f",
|
|
"name": "middle name",
|
|
"protocol": "openid-connect",
|
|
"protocolMapper": "oidc-usermodel-attribute-mapper",
|
|
"consentRequired": false,
|
|
"config": {
|
|
"userinfo.token.claim": "true",
|
|
"user.attribute": "middleName",
|
|
"id.token.claim": "true",
|
|
"access.token.claim": "true",
|
|
"claim.name": "middle_name",
|
|
"jsonType.label": "String"
|
|
}
|
|
},
|
|
{
|
|
"id": "8dbed80a-d672-4185-8dda-4bba2a56ec83",
|
|
"name": "family name",
|
|
"protocol": "openid-connect",
|
|
"protocolMapper": "oidc-usermodel-property-mapper",
|
|
"consentRequired": false,
|
|
"config": {
|
|
"userinfo.token.claim": "true",
|
|
"user.attribute": "lastName",
|
|
"id.token.claim": "true",
|
|
"access.token.claim": "true",
|
|
"claim.name": "family_name",
|
|
"jsonType.label": "String"
|
|
}
|
|
},
|
|
{
|
|
"id": "5e5c690c-93cf-489d-a054-b109eab8911b",
|
|
"name": "updated at",
|
|
"protocol": "openid-connect",
|
|
"protocolMapper": "oidc-usermodel-attribute-mapper",
|
|
"consentRequired": false,
|
|
"config": {
|
|
"userinfo.token.claim": "true",
|
|
"user.attribute": "updatedAt",
|
|
"id.token.claim": "true",
|
|
"access.token.claim": "true",
|
|
"claim.name": "updated_at",
|
|
"jsonType.label": "String"
|
|
}
|
|
},
|
|
{
|
|
"id": "3b985202-af8a-42f1-ac5f-0966a404f5d7",
|
|
"name": "birthdate",
|
|
"protocol": "openid-connect",
|
|
"protocolMapper": "oidc-usermodel-attribute-mapper",
|
|
"consentRequired": false,
|
|
"config": {
|
|
"userinfo.token.claim": "true",
|
|
"user.attribute": "birthdate",
|
|
"id.token.claim": "true",
|
|
"access.token.claim": "true",
|
|
"claim.name": "birthdate",
|
|
"jsonType.label": "String"
|
|
}
|
|
},
|
|
{
|
|
"id": "6eafd1b3-7121-4919-ad1e-039fa58acc32",
|
|
"name": "username",
|
|
"protocol": "openid-connect",
|
|
"protocolMapper": "oidc-usermodel-property-mapper",
|
|
"consentRequired": false,
|
|
"config": {
|
|
"userinfo.token.claim": "true",
|
|
"user.attribute": "username",
|
|
"id.token.claim": "true",
|
|
"access.token.claim": "true",
|
|
"claim.name": "preferred_username",
|
|
"jsonType.label": "String"
|
|
}
|
|
},
|
|
{
|
|
"id": "73cba925-8c31-443f-9601-b1514e6396c1",
|
|
"name": "zoneinfo",
|
|
"protocol": "openid-connect",
|
|
"protocolMapper": "oidc-usermodel-attribute-mapper",
|
|
"consentRequired": false,
|
|
"config": {
|
|
"userinfo.token.claim": "true",
|
|
"user.attribute": "zoneinfo",
|
|
"id.token.claim": "true",
|
|
"access.token.claim": "true",
|
|
"claim.name": "zoneinfo",
|
|
"jsonType.label": "String"
|
|
}
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"id": "c1a2eb23-25c6-4be7-a791-bbdca99c83f7",
|
|
"name": "read",
|
|
"protocol": "openid-connect",
|
|
"attributes": {
|
|
"include.in.token.scope": "true",
|
|
"display.on.consent.screen": "true"
|
|
}
|
|
},
|
|
{
|
|
"id": "18e141bf-dabe-4858-879c-dbc439cdead4",
|
|
"name": "role_list",
|
|
"description": "SAML role list",
|
|
"protocol": "saml",
|
|
"attributes": {
|
|
"consent.screen.text": "${samlRoleListScopeConsentText}",
|
|
"display.on.consent.screen": "true"
|
|
},
|
|
"protocolMappers": [
|
|
{
|
|
"id": "10cbe37f-0198-4d65-bc8a-bfe5ad8145d1",
|
|
"name": "role list",
|
|
"protocol": "saml",
|
|
"protocolMapper": "saml-role-list-mapper",
|
|
"consentRequired": false,
|
|
"config": {
|
|
"single": "false",
|
|
"attribute.nameformat": "Basic",
|
|
"attribute.name": "Role"
|
|
}
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"id": "111ed87a-5fd3-4cee-96df-8dbfb88cfdc0",
|
|
"name": "roles",
|
|
"description": "OpenID Connect scope for add user roles to the access token",
|
|
"protocol": "openid-connect",
|
|
"attributes": {
|
|
"include.in.token.scope": "false",
|
|
"display.on.consent.screen": "true",
|
|
"consent.screen.text": "${rolesScopeConsentText}"
|
|
},
|
|
"protocolMappers": [
|
|
{
|
|
"id": "24924d8d-6071-4a93-b40f-326176cb335e",
|
|
"name": "realm roles",
|
|
"protocol": "openid-connect",
|
|
"protocolMapper": "oidc-usermodel-realm-role-mapper",
|
|
"consentRequired": false,
|
|
"config": {
|
|
"user.attribute": "foo",
|
|
"access.token.claim": "true",
|
|
"claim.name": "realm_access.roles",
|
|
"jsonType.label": "String",
|
|
"multivalued": "true"
|
|
}
|
|
},
|
|
{
|
|
"id": "2f6a9bdf-3758-484c-996d-e4f93555559f",
|
|
"name": "audience resolve",
|
|
"protocol": "openid-connect",
|
|
"protocolMapper": "oidc-audience-resolve-mapper",
|
|
"consentRequired": false,
|
|
"config": {}
|
|
},
|
|
{
|
|
"id": "804d4798-d9a3-4fd3-8b28-d12142e8cb3d",
|
|
"name": "client roles",
|
|
"protocol": "openid-connect",
|
|
"protocolMapper": "oidc-usermodel-client-role-mapper",
|
|
"consentRequired": false,
|
|
"config": {
|
|
"user.attribute": "foo",
|
|
"access.token.claim": "true",
|
|
"claim.name": "resource_access.${client_id}.roles",
|
|
"jsonType.label": "String",
|
|
"multivalued": "true"
|
|
}
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"id": "51d49314-b511-43e0-9258-bfb873758a78",
|
|
"name": "web-origins",
|
|
"description": "OpenID Connect scope for add allowed web origins to the access token",
|
|
"protocol": "openid-connect",
|
|
"attributes": {
|
|
"include.in.token.scope": "false",
|
|
"display.on.consent.screen": "false",
|
|
"consent.screen.text": ""
|
|
},
|
|
"protocolMappers": [
|
|
{
|
|
"id": "2b384cd0-9e85-4a87-8eeb-2b480b0587b7",
|
|
"name": "allowed web origins",
|
|
"protocol": "openid-connect",
|
|
"protocolMapper": "oidc-allowed-origins-mapper",
|
|
"consentRequired": false,
|
|
"config": {}
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"id": "c3e253fb-7361-47cf-9d4a-86245686fdf1",
|
|
"name": "write",
|
|
"protocol": "openid-connect",
|
|
"attributes": {
|
|
"include.in.token.scope": "true",
|
|
"display.on.consent.screen": "true"
|
|
}
|
|
}
|
|
],
|
|
"defaultDefaultClientScopes": [
|
|
"roles",
|
|
"role_list",
|
|
"web-origins",
|
|
"email",
|
|
"profile"
|
|
],
|
|
"defaultOptionalClientScopes": [
|
|
"offline_access",
|
|
"address",
|
|
"phone",
|
|
"microprofile-jwt"
|
|
],
|
|
"browserSecurityHeaders": {
|
|
"contentSecurityPolicyReportOnly": "",
|
|
"xContentTypeOptions": "nosniff",
|
|
"xRobotsTag": "none",
|
|
"xFrameOptions": "SAMEORIGIN",
|
|
"contentSecurityPolicy": "frame-src 'self'; frame-ancestors 'self'; object-src 'none';",
|
|
"xXSSProtection": "1; mode=block",
|
|
"strictTransportSecurity": "max-age=31536000; includeSubDomains"
|
|
},
|
|
"smtpServer": {},
|
|
"eventsEnabled": false,
|
|
"eventsListeners": [
|
|
"jboss-logging"
|
|
],
|
|
"enabledEventTypes": [],
|
|
"adminEventsEnabled": false,
|
|
"adminEventsDetailsEnabled": false,
|
|
"components": {
|
|
"org.keycloak.services.clientregistration.policy.ClientRegistrationPolicy": [
|
|
{
|
|
"id": "84305f42-4b6d-4b0a-ac7c-53e406e3ac63",
|
|
"name": "Allowed Client Scopes",
|
|
"providerId": "allowed-client-templates",
|
|
"subType": "authenticated",
|
|
"subComponents": {},
|
|
"config": {
|
|
"allow-default-scopes": [
|
|
"true"
|
|
]
|
|
}
|
|
},
|
|
{
|
|
"id": "c7c38a95-744f-4558-a403-9cf692fe1944",
|
|
"name": "Allowed Client Scopes",
|
|
"providerId": "allowed-client-templates",
|
|
"subType": "anonymous",
|
|
"subComponents": {},
|
|
"config": {
|
|
"allow-default-scopes": [
|
|
"true"
|
|
]
|
|
}
|
|
},
|
|
{
|
|
"id": "365b2899-befe-4417-b89b-562650ec4446",
|
|
"name": "Full Scope Disabled",
|
|
"providerId": "scope",
|
|
"subType": "anonymous",
|
|
"subComponents": {},
|
|
"config": {}
|
|
},
|
|
{
|
|
"id": "81c32244-7921-43e9-9356-a3469259b78c",
|
|
"name": "Trusted Hosts",
|
|
"providerId": "trusted-hosts",
|
|
"subType": "anonymous",
|
|
"subComponents": {},
|
|
"config": {
|
|
"host-sending-registration-request-must-match": [
|
|
"true"
|
|
],
|
|
"client-uris-must-match": [
|
|
"true"
|
|
]
|
|
}
|
|
},
|
|
{
|
|
"id": "d09b2147-afea-4f7f-a49c-0aec7eee10de",
|
|
"name": "Max Clients Limit",
|
|
"providerId": "max-clients",
|
|
"subType": "anonymous",
|
|
"subComponents": {},
|
|
"config": {
|
|
"max-clients": [
|
|
"200"
|
|
]
|
|
}
|
|
},
|
|
{
|
|
"id": "41ffde1b-72a2-416f-87a7-94989e940dc0",
|
|
"name": "Allowed Protocol Mapper Types",
|
|
"providerId": "allowed-protocol-mappers",
|
|
"subType": "authenticated",
|
|
"subComponents": {},
|
|
"config": {
|
|
"allowed-protocol-mapper-types": [
|
|
"saml-user-property-mapper",
|
|
"oidc-address-mapper",
|
|
"oidc-usermodel-property-mapper",
|
|
"oidc-full-name-mapper",
|
|
"oidc-sha256-pairwise-sub-mapper",
|
|
"saml-role-list-mapper",
|
|
"oidc-usermodel-attribute-mapper",
|
|
"saml-user-attribute-mapper"
|
|
]
|
|
}
|
|
},
|
|
{
|
|
"id": "76075388-2782-4656-a986-313493239a9f",
|
|
"name": "Consent Required",
|
|
"providerId": "consent-required",
|
|
"subType": "anonymous",
|
|
"subComponents": {},
|
|
"config": {}
|
|
},
|
|
{
|
|
"id": "3caaf57a-9cd7-48c1-b709-b40b887414f7",
|
|
"name": "Allowed Protocol Mapper Types",
|
|
"providerId": "allowed-protocol-mappers",
|
|
"subType": "anonymous",
|
|
"subComponents": {},
|
|
"config": {
|
|
"allowed-protocol-mapper-types": [
|
|
"oidc-usermodel-attribute-mapper",
|
|
"saml-user-property-mapper",
|
|
"oidc-usermodel-property-mapper",
|
|
"oidc-full-name-mapper",
|
|
"saml-user-attribute-mapper",
|
|
"oidc-address-mapper",
|
|
"saml-role-list-mapper",
|
|
"oidc-sha256-pairwise-sub-mapper"
|
|
]
|
|
}
|
|
}
|
|
],
|
|
"org.keycloak.keys.KeyProvider": [
|
|
{
|
|
"id": "d67a940a-52e4-44a5-9f69-6ffdd67a188f",
|
|
"name": "rsa-generated",
|
|
"providerId": "rsa-generated",
|
|
"subComponents": {},
|
|
"config": {
|
|
"priority": [
|
|
"100"
|
|
]
|
|
}
|
|
},
|
|
{
|
|
"id": "48d40de3-6234-42e8-9449-f68f56abb54b",
|
|
"name": "aes-generated",
|
|
"providerId": "aes-generated",
|
|
"subComponents": {},
|
|
"config": {
|
|
"priority": [
|
|
"100"
|
|
]
|
|
}
|
|
},
|
|
{
|
|
"id": "52ea1c5d-2a30-459f-b66a-249f298b32f8",
|
|
"name": "hmac-generated",
|
|
"providerId": "hmac-generated",
|
|
"subComponents": {},
|
|
"config": {
|
|
"priority": [
|
|
"100"
|
|
],
|
|
"algorithm": [
|
|
"HS256"
|
|
]
|
|
}
|
|
}
|
|
]
|
|
},
|
|
"internationalizationEnabled": false,
|
|
"supportedLocales": [],
|
|
"authenticationFlows": [
|
|
{
|
|
"id": "b35b726e-c1cc-4a31-8670-8c858c088498",
|
|
"alias": "Handle Existing Account",
|
|
"description": "Handle what to do if there is existing account with same email/username like authenticated identity provider",
|
|
"providerId": "basic-flow",
|
|
"topLevel": false,
|
|
"builtIn": true,
|
|
"authenticationExecutions": [
|
|
{
|
|
"authenticator": "idp-confirm-link",
|
|
"requirement": "REQUIRED",
|
|
"priority": 10,
|
|
"userSetupAllowed": false,
|
|
"autheticatorFlow": false
|
|
},
|
|
{
|
|
"requirement": "REQUIRED",
|
|
"priority": 20,
|
|
"flowAlias": "Handle Existing Account - Alternatives - 0",
|
|
"userSetupAllowed": false,
|
|
"autheticatorFlow": true
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"id": "b7cb4b8c-0064-4c6b-95ee-d7f50011bae7",
|
|
"alias": "Handle Existing Account - Alternatives - 0",
|
|
"description": "Subflow of Handle Existing Account with alternative executions",
|
|
"providerId": "basic-flow",
|
|
"topLevel": false,
|
|
"builtIn": true,
|
|
"authenticationExecutions": [
|
|
{
|
|
"authenticator": "idp-email-verification",
|
|
"requirement": "ALTERNATIVE",
|
|
"priority": 10,
|
|
"userSetupAllowed": false,
|
|
"autheticatorFlow": false
|
|
},
|
|
{
|
|
"requirement": "ALTERNATIVE",
|
|
"priority": 20,
|
|
"flowAlias": "Verify Existing Account by Re-authentication",
|
|
"userSetupAllowed": false,
|
|
"autheticatorFlow": true
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"id": "2576bf21-a516-4e22-8ed8-8a1a3d35c06a",
|
|
"alias": "Verify Existing Account by Re-authentication",
|
|
"description": "Reauthentication of existing account",
|
|
"providerId": "basic-flow",
|
|
"topLevel": false,
|
|
"builtIn": true,
|
|
"authenticationExecutions": [
|
|
{
|
|
"authenticator": "idp-username-password-form",
|
|
"requirement": "REQUIRED",
|
|
"priority": 10,
|
|
"userSetupAllowed": false,
|
|
"autheticatorFlow": false
|
|
},
|
|
{
|
|
"requirement": "CONDITIONAL",
|
|
"priority": 20,
|
|
"flowAlias": "Verify Existing Account by Re-authentication - auth-otp-form - Conditional",
|
|
"userSetupAllowed": false,
|
|
"autheticatorFlow": true
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"id": "867b0355-c2b0-4f4e-b535-09406e2bc086",
|
|
"alias": "Verify Existing Account by Re-authentication - auth-otp-form - Conditional",
|
|
"description": "Flow to determine if the auth-otp-form authenticator should be used or not.",
|
|
"providerId": "basic-flow",
|
|
"topLevel": false,
|
|
"builtIn": true,
|
|
"authenticationExecutions": [
|
|
{
|
|
"authenticator": "conditional-user-configured",
|
|
"requirement": "REQUIRED",
|
|
"priority": 10,
|
|
"userSetupAllowed": false,
|
|
"autheticatorFlow": false
|
|
},
|
|
{
|
|
"authenticator": "auth-otp-form",
|
|
"requirement": "REQUIRED",
|
|
"priority": 20,
|
|
"userSetupAllowed": false,
|
|
"autheticatorFlow": false
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"id": "52e45a6a-292f-4a34-9c02-7f97d9997a9c",
|
|
"alias": "browser",
|
|
"description": "browser based authentication",
|
|
"providerId": "basic-flow",
|
|
"topLevel": true,
|
|
"builtIn": true,
|
|
"authenticationExecutions": [
|
|
{
|
|
"authenticator": "auth-cookie",
|
|
"requirement": "ALTERNATIVE",
|
|
"priority": 10,
|
|
"userSetupAllowed": false,
|
|
"autheticatorFlow": false
|
|
},
|
|
{
|
|
"authenticator": "auth-spnego",
|
|
"requirement": "DISABLED",
|
|
"priority": 20,
|
|
"userSetupAllowed": false,
|
|
"autheticatorFlow": false
|
|
},
|
|
{
|
|
"authenticator": "identity-provider-redirector",
|
|
"requirement": "ALTERNATIVE",
|
|
"priority": 25,
|
|
"userSetupAllowed": false,
|
|
"autheticatorFlow": false
|
|
},
|
|
{
|
|
"requirement": "ALTERNATIVE",
|
|
"priority": 30,
|
|
"flowAlias": "forms",
|
|
"userSetupAllowed": false,
|
|
"autheticatorFlow": true
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"id": "ef818d24-fb06-418a-a093-16239068cb58",
|
|
"alias": "clients",
|
|
"description": "Base authentication for clients",
|
|
"providerId": "client-flow",
|
|
"topLevel": true,
|
|
"builtIn": true,
|
|
"authenticationExecutions": [
|
|
{
|
|
"authenticator": "client-secret",
|
|
"requirement": "ALTERNATIVE",
|
|
"priority": 10,
|
|
"userSetupAllowed": false,
|
|
"autheticatorFlow": false
|
|
},
|
|
{
|
|
"authenticator": "client-jwt",
|
|
"requirement": "ALTERNATIVE",
|
|
"priority": 20,
|
|
"userSetupAllowed": false,
|
|
"autheticatorFlow": false
|
|
},
|
|
{
|
|
"authenticator": "client-secret-jwt",
|
|
"requirement": "ALTERNATIVE",
|
|
"priority": 30,
|
|
"userSetupAllowed": false,
|
|
"autheticatorFlow": false
|
|
},
|
|
{
|
|
"authenticator": "client-x509",
|
|
"requirement": "ALTERNATIVE",
|
|
"priority": 40,
|
|
"userSetupAllowed": false,
|
|
"autheticatorFlow": false
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"id": "f7864004-be4b-40f2-8534-454981f09f98",
|
|
"alias": "direct grant",
|
|
"description": "OpenID Connect Resource Owner Grant",
|
|
"providerId": "basic-flow",
|
|
"topLevel": true,
|
|
"builtIn": true,
|
|
"authenticationExecutions": [
|
|
{
|
|
"authenticator": "direct-grant-validate-username",
|
|
"requirement": "REQUIRED",
|
|
"priority": 10,
|
|
"userSetupAllowed": false,
|
|
"autheticatorFlow": false
|
|
},
|
|
{
|
|
"authenticator": "direct-grant-validate-password",
|
|
"requirement": "REQUIRED",
|
|
"priority": 20,
|
|
"userSetupAllowed": false,
|
|
"autheticatorFlow": false
|
|
},
|
|
{
|
|
"requirement": "CONDITIONAL",
|
|
"priority": 30,
|
|
"flowAlias": "direct grant - direct-grant-validate-otp - Conditional",
|
|
"userSetupAllowed": false,
|
|
"autheticatorFlow": true
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"id": "233225f2-78b0-4756-9568-a775ea7cc975",
|
|
"alias": "direct grant - direct-grant-validate-otp - Conditional",
|
|
"description": "Flow to determine if the direct-grant-validate-otp authenticator should be used or not.",
|
|
"providerId": "basic-flow",
|
|
"topLevel": false,
|
|
"builtIn": true,
|
|
"authenticationExecutions": [
|
|
{
|
|
"authenticator": "conditional-user-configured",
|
|
"requirement": "REQUIRED",
|
|
"priority": 10,
|
|
"userSetupAllowed": false,
|
|
"autheticatorFlow": false
|
|
},
|
|
{
|
|
"authenticator": "direct-grant-validate-otp",
|
|
"requirement": "REQUIRED",
|
|
"priority": 20,
|
|
"userSetupAllowed": false,
|
|
"autheticatorFlow": false
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"id": "2787939c-3312-4d56-9d61-22a71947e154",
|
|
"alias": "docker auth",
|
|
"description": "Used by Docker clients to authenticate against the IDP",
|
|
"providerId": "basic-flow",
|
|
"topLevel": true,
|
|
"builtIn": true,
|
|
"authenticationExecutions": [
|
|
{
|
|
"authenticator": "docker-http-basic-authenticator",
|
|
"requirement": "REQUIRED",
|
|
"priority": 10,
|
|
"userSetupAllowed": false,
|
|
"autheticatorFlow": false
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"id": "c80ca473-6e65-4140-a9d1-035414546bfb",
|
|
"alias": "first broker login",
|
|
"description": "Actions taken after first broker login with identity provider account, which is not yet linked to any Keycloak account",
|
|
"providerId": "basic-flow",
|
|
"topLevel": true,
|
|
"builtIn": true,
|
|
"authenticationExecutions": [
|
|
{
|
|
"authenticatorConfig": "review profile config",
|
|
"authenticator": "idp-review-profile",
|
|
"requirement": "REQUIRED",
|
|
"priority": 10,
|
|
"userSetupAllowed": false,
|
|
"autheticatorFlow": false
|
|
},
|
|
{
|
|
"requirement": "REQUIRED",
|
|
"priority": 20,
|
|
"flowAlias": "first broker login - Alternatives - 0",
|
|
"userSetupAllowed": false,
|
|
"autheticatorFlow": true
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"id": "700a71e1-f176-432e-9e70-ccb06d539730",
|
|
"alias": "first broker login - Alternatives - 0",
|
|
"description": "Subflow of first broker login with alternative executions",
|
|
"providerId": "basic-flow",
|
|
"topLevel": false,
|
|
"builtIn": true,
|
|
"authenticationExecutions": [
|
|
{
|
|
"authenticatorConfig": "create unique user config",
|
|
"authenticator": "idp-create-user-if-unique",
|
|
"requirement": "ALTERNATIVE",
|
|
"priority": 10,
|
|
"userSetupAllowed": false,
|
|
"autheticatorFlow": false
|
|
},
|
|
{
|
|
"requirement": "ALTERNATIVE",
|
|
"priority": 20,
|
|
"flowAlias": "Handle Existing Account",
|
|
"userSetupAllowed": false,
|
|
"autheticatorFlow": true
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"id": "13cd2ee9-8ebb-4651-8a9d-535d4020d889",
|
|
"alias": "forms",
|
|
"description": "Username, password, otp and other auth forms.",
|
|
"providerId": "basic-flow",
|
|
"topLevel": false,
|
|
"builtIn": true,
|
|
"authenticationExecutions": [
|
|
{
|
|
"authenticator": "auth-username-password-form",
|
|
"requirement": "REQUIRED",
|
|
"priority": 10,
|
|
"userSetupAllowed": false,
|
|
"autheticatorFlow": false
|
|
},
|
|
{
|
|
"requirement": "CONDITIONAL",
|
|
"priority": 20,
|
|
"flowAlias": "forms - auth-otp-form - Conditional",
|
|
"userSetupAllowed": false,
|
|
"autheticatorFlow": true
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"id": "80067ebf-72b9-4ba5-abc3-161dfdd53938",
|
|
"alias": "forms - auth-otp-form - Conditional",
|
|
"description": "Flow to determine if the auth-otp-form authenticator should be used or not.",
|
|
"providerId": "basic-flow",
|
|
"topLevel": false,
|
|
"builtIn": true,
|
|
"authenticationExecutions": [
|
|
{
|
|
"authenticator": "conditional-user-configured",
|
|
"requirement": "REQUIRED",
|
|
"priority": 10,
|
|
"userSetupAllowed": false,
|
|
"autheticatorFlow": false
|
|
},
|
|
{
|
|
"authenticator": "auth-otp-form",
|
|
"requirement": "REQUIRED",
|
|
"priority": 20,
|
|
"userSetupAllowed": false,
|
|
"autheticatorFlow": false
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"id": "269354b1-7dd7-46ff-8a69-084cd2c7be80",
|
|
"alias": "http challenge",
|
|
"description": "An authentication flow based on challenge-response HTTP Authentication Schemes",
|
|
"providerId": "basic-flow",
|
|
"topLevel": true,
|
|
"builtIn": true,
|
|
"authenticationExecutions": [
|
|
{
|
|
"authenticator": "no-cookie-redirect",
|
|
"requirement": "REQUIRED",
|
|
"priority": 10,
|
|
"userSetupAllowed": false,
|
|
"autheticatorFlow": false
|
|
},
|
|
{
|
|
"authenticator": "basic-auth",
|
|
"requirement": "REQUIRED",
|
|
"priority": 20,
|
|
"userSetupAllowed": false,
|
|
"autheticatorFlow": false
|
|
},
|
|
{
|
|
"authenticator": "basic-auth-otp",
|
|
"requirement": "DISABLED",
|
|
"priority": 30,
|
|
"userSetupAllowed": false,
|
|
"autheticatorFlow": false
|
|
},
|
|
{
|
|
"authenticator": "auth-spnego",
|
|
"requirement": "DISABLED",
|
|
"priority": 40,
|
|
"userSetupAllowed": false,
|
|
"autheticatorFlow": false
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"id": "c5fa64a0-e784-490f-8879-0e8a209e3636",
|
|
"alias": "registration",
|
|
"description": "registration flow",
|
|
"providerId": "basic-flow",
|
|
"topLevel": true,
|
|
"builtIn": true,
|
|
"authenticationExecutions": [
|
|
{
|
|
"authenticator": "registration-page-form",
|
|
"requirement": "REQUIRED",
|
|
"priority": 10,
|
|
"flowAlias": "registration form",
|
|
"userSetupAllowed": false,
|
|
"autheticatorFlow": true
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"id": "bc48f897-4d16-49a8-be70-183c7867e20a",
|
|
"alias": "registration form",
|
|
"description": "registration form",
|
|
"providerId": "form-flow",
|
|
"topLevel": false,
|
|
"builtIn": true,
|
|
"authenticationExecutions": [
|
|
{
|
|
"authenticator": "registration-user-creation",
|
|
"requirement": "REQUIRED",
|
|
"priority": 20,
|
|
"userSetupAllowed": false,
|
|
"autheticatorFlow": false
|
|
},
|
|
{
|
|
"authenticator": "registration-profile-action",
|
|
"requirement": "REQUIRED",
|
|
"priority": 40,
|
|
"userSetupAllowed": false,
|
|
"autheticatorFlow": false
|
|
},
|
|
{
|
|
"authenticator": "registration-password-action",
|
|
"requirement": "REQUIRED",
|
|
"priority": 50,
|
|
"userSetupAllowed": false,
|
|
"autheticatorFlow": false
|
|
},
|
|
{
|
|
"authenticator": "registration-recaptcha-action",
|
|
"requirement": "DISABLED",
|
|
"priority": 60,
|
|
"userSetupAllowed": false,
|
|
"autheticatorFlow": false
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"id": "fddaba41-87b1-40d1-b147-f062c38e39ad",
|
|
"alias": "reset credentials",
|
|
"description": "Reset credentials for a user if they forgot their password or something",
|
|
"providerId": "basic-flow",
|
|
"topLevel": true,
|
|
"builtIn": true,
|
|
"authenticationExecutions": [
|
|
{
|
|
"authenticator": "reset-credentials-choose-user",
|
|
"requirement": "REQUIRED",
|
|
"priority": 10,
|
|
"userSetupAllowed": false,
|
|
"autheticatorFlow": false
|
|
},
|
|
{
|
|
"authenticator": "reset-credential-email",
|
|
"requirement": "REQUIRED",
|
|
"priority": 20,
|
|
"userSetupAllowed": false,
|
|
"autheticatorFlow": false
|
|
},
|
|
{
|
|
"authenticator": "reset-password",
|
|
"requirement": "REQUIRED",
|
|
"priority": 30,
|
|
"userSetupAllowed": false,
|
|
"autheticatorFlow": false
|
|
},
|
|
{
|
|
"requirement": "CONDITIONAL",
|
|
"priority": 40,
|
|
"flowAlias": "reset credentials - reset-otp - Conditional",
|
|
"userSetupAllowed": false,
|
|
"autheticatorFlow": true
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"id": "6b9fa295-1eb4-48b0-a286-b17ebd6be7e1",
|
|
"alias": "reset credentials - reset-otp - Conditional",
|
|
"description": "Flow to determine if the reset-otp authenticator should be used or not.",
|
|
"providerId": "basic-flow",
|
|
"topLevel": false,
|
|
"builtIn": true,
|
|
"authenticationExecutions": [
|
|
{
|
|
"authenticator": "conditional-user-configured",
|
|
"requirement": "REQUIRED",
|
|
"priority": 10,
|
|
"userSetupAllowed": false,
|
|
"autheticatorFlow": false
|
|
},
|
|
{
|
|
"authenticator": "reset-otp",
|
|
"requirement": "REQUIRED",
|
|
"priority": 20,
|
|
"userSetupAllowed": false,
|
|
"autheticatorFlow": false
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"id": "c890d4c4-e4e2-4618-b69d-8d30f8278965",
|
|
"alias": "saml ecp",
|
|
"description": "SAML ECP Profile Authentication Flow",
|
|
"providerId": "basic-flow",
|
|
"topLevel": true,
|
|
"builtIn": true,
|
|
"authenticationExecutions": [
|
|
{
|
|
"authenticator": "http-basic-authenticator",
|
|
"requirement": "REQUIRED",
|
|
"priority": 10,
|
|
"userSetupAllowed": false,
|
|
"autheticatorFlow": false
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"authenticatorConfig": [
|
|
{
|
|
"id": "2b02fbe4-e05e-4238-bb0e-04da7d4efd4e",
|
|
"alias": "create unique user config",
|
|
"config": {
|
|
"require.password.update.after.registration": "false"
|
|
}
|
|
},
|
|
{
|
|
"id": "07dd933b-ce95-4a7c-bd81-3efa24f9558c",
|
|
"alias": "review profile config",
|
|
"config": {
|
|
"update.profile.on.first.login": "missing"
|
|
}
|
|
}
|
|
],
|
|
"requiredActions": [
|
|
{
|
|
"alias": "CONFIGURE_TOTP",
|
|
"name": "Configure OTP",
|
|
"providerId": "CONFIGURE_TOTP",
|
|
"enabled": true,
|
|
"defaultAction": false,
|
|
"priority": 10,
|
|
"config": {}
|
|
},
|
|
{
|
|
"alias": "terms_and_conditions",
|
|
"name": "Terms and Conditions",
|
|
"providerId": "terms_and_conditions",
|
|
"enabled": false,
|
|
"defaultAction": false,
|
|
"priority": 20,
|
|
"config": {}
|
|
},
|
|
{
|
|
"alias": "UPDATE_PASSWORD",
|
|
"name": "Update Password",
|
|
"providerId": "UPDATE_PASSWORD",
|
|
"enabled": true,
|
|
"defaultAction": false,
|
|
"priority": 30,
|
|
"config": {}
|
|
},
|
|
{
|
|
"alias": "UPDATE_PROFILE",
|
|
"name": "Update Profile",
|
|
"providerId": "UPDATE_PROFILE",
|
|
"enabled": true,
|
|
"defaultAction": false,
|
|
"priority": 40,
|
|
"config": {}
|
|
},
|
|
{
|
|
"alias": "VERIFY_EMAIL",
|
|
"name": "Verify Email",
|
|
"providerId": "VERIFY_EMAIL",
|
|
"enabled": true,
|
|
"defaultAction": false,
|
|
"priority": 50,
|
|
"config": {}
|
|
},
|
|
{
|
|
"alias": "update_user_locale",
|
|
"name": "Update User Locale",
|
|
"providerId": "update_user_locale",
|
|
"enabled": true,
|
|
"defaultAction": false,
|
|
"priority": 1000,
|
|
"config": {}
|
|
}
|
|
],
|
|
"browserFlow": "browser",
|
|
"registrationFlow": "registration",
|
|
"directGrantFlow": "direct grant",
|
|
"resetCredentialsFlow": "reset credentials",
|
|
"clientAuthenticationFlow": "clients",
|
|
"dockerAuthenticationFlow": "docker auth",
|
|
"attributes": {
|
|
"clientOfflineSessionMaxLifespan": "0",
|
|
"clientSessionIdleTimeout": "0",
|
|
"clientSessionMaxLifespan": "0",
|
|
"clientOfflineSessionIdleTimeout": "0"
|
|
},
|
|
"keycloakVersion": "11.0.2",
|
|
"userManagedAccessAllowed": false
|
|
} |