-
-
Save LUCIFERsDen26/25ffedfd4101e0d99703211172df0bbf to your computer and use it in GitHub Desktop.
Simple python example using flask, flask_oidc with keycloak server
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import json | |
import logging | |
from flask import Flask, g | |
from flask_oidc import OpenIDConnect | |
import requests | |
logging.basicConfig(level=logging.DEBUG) | |
app = Flask(__name__) | |
app.config.update({ | |
'SECRET_KEY': 'SomethingNotEntirelySecret', | |
'TESTING': True, | |
'DEBUG': True, | |
'OIDC_CLIENT_SECRETS': 'client_secrets.json', | |
'OIDC_ID_TOKEN_COOKIE_SECURE': False, | |
# 'OIDC_REQUIRE_VERIFIED_EMAIL': False, | |
'OIDC_USER_INFO_ENABLED': True, | |
'OIDC_OPENID_REALM': 'flaskAppTest', | |
'OIDC_SCOPES': ['openid', 'email', 'profile'], | |
'OIDC_INTROSPECTION_AUTH_METHOD': 'client_secret_post' | |
}) | |
oidc = OpenIDConnect(app) | |
@app.route('/') | |
def hello_world(): | |
if oidc.user_loggedin: | |
return ('Hello, %s, <a href="/private">See private</a> ' | |
'<a href="/logout">Log out</a>') % \ | |
oidc.user_getfield('preferred_username') | |
else: | |
return 'Welcome anonymous, <a href="/private">Log in</a>' | |
@app.route('/private') | |
@oidc.require_login | |
def hello_me(): | |
"""Example for protected endpoint that extracts private information from the OpenID Connect id_token. | |
Uses the accompanied access_token to access a backend service. | |
""" | |
info = oidc.user_getinfo(['preferred_username', 'email', 'sub']) | |
#print(info) | |
username = info.get('preferred_username') | |
email = info.get('email') | |
user_id = info.get('sub') | |
if oidc.user_loggedin: | |
access_token = oidc.get_access_token() | |
#print('access_token=<%s>' % access_token) | |
return ("""%s your email is %s and your user_id is %s! | |
<ul> | |
<li><a href="/">Home</a></li> | |
</ul>""" % | |
("Good Morning", email, user_id)) | |
@app.route('/signout') | |
def logout(): | |
id_token = session.get('oidc_auth_token').get('id_token') | |
return redirect( | |
"https://my-key-cloak/realms/my-realm/protocol/openid-connect/logout?id_token_hint=%s&post_logout_redirect_uri=%s" % (id_token, urllib.parse.quote("http://localhost/logout", safe=''))) | |
oidc.logout() | |
return 'Hi, you have been logged out! <a href="/">Return</a>' | |
if __name__ == '__main__': | |
app.run() |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
{ | |
"web": { | |
"issuer": "http://0.0.0.0:8080/realms/flaskAppTest", | |
"auth_uri": "http://0.0.0.0:8080/realms/flaskAppTest/protocol/openid-connect/auth", | |
"client_id": "restFalskAppClient", | |
"client_secret": "wrzxUB87fdhMa8p3I3gfSXydlGOv2rA9", | |
"redirect_uris": [ | |
"http://localhost:5000/*" | |
], | |
"userinfo_uri": "http://0.0.0.0:8080/realms/flaskAppTest/protocol/openid-connect/userinfo", | |
"token_uri": "http://0.0.0.0:8080/realms/flaskAppTest/protocol/openid-connect/token", | |
"token_introspection_uri": "http://0.0.0.0:8080/realms/flaskAppTest/protocol/openid-connect/token/introspect" | |
} | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
{ | |
"id" : "b5e4cde3-0669-4c34-a3fa-1ac59119761a", | |
"realm" : "flaskAppTest", | |
"notBefore" : 0, | |
"defaultSignatureAlgorithm" : "RS256", | |
"revokeRefreshToken" : true, | |
"refreshTokenMaxReuse" : 0, | |
"accessTokenLifespan" : 20, | |
"accessTokenLifespanForImplicitFlow" : 900, | |
"ssoSessionIdleTimeout" : 30, | |
"ssoSessionMaxLifespan" : 600, | |
"ssoSessionIdleTimeoutRememberMe" : 0, | |
"ssoSessionMaxLifespanRememberMe" : 0, | |
"offlineSessionIdleTimeout" : 2592000, | |
"offlineSessionMaxLifespanEnabled" : false, | |
"offlineSessionMaxLifespan" : 5184000, | |
"clientSessionIdleTimeout" : 0, | |
"clientSessionMaxLifespan" : 0, | |
"clientOfflineSessionIdleTimeout" : 0, | |
"clientOfflineSessionMaxLifespan" : 0, | |
"accessCodeLifespan" : 60, | |
"accessCodeLifespanUserAction" : 300, | |
"accessCodeLifespanLogin" : 600, | |
"actionTokenGeneratedByAdminLifespan" : 43200, | |
"actionTokenGeneratedByUserLifespan" : 300, | |
"oauth2DeviceCodeLifespan" : 600, | |
"oauth2DevicePollingInterval" : 5, | |
"enabled" : true, | |
"sslRequired" : "external", | |
"registrationAllowed" : true, | |
"registrationEmailAsUsername" : false, | |
"rememberMe" : false, | |
"verifyEmail" : false, | |
"loginWithEmailAllowed" : true, | |
"duplicateEmailsAllowed" : false, | |
"resetPasswordAllowed" : true, | |
"editUsernameAllowed" : false, | |
"bruteForceProtected" : false, | |
"permanentLockout" : false, | |
"maxTemporaryLockouts" : 0, | |
"maxFailureWaitSeconds" : 900, | |
"minimumQuickLoginWaitSeconds" : 60, | |
"waitIncrementSeconds" : 60, | |
"quickLoginCheckMilliSeconds" : 1000, | |
"maxDeltaTimeSeconds" : 43200, | |
"failureFactor" : 30, | |
"roles" : { | |
"realm" : [ { | |
"id" : "6cd8cb02-0bfe-4303-9603-f81167b36f16", | |
"name" : "uma_authorization", | |
"description" : "${role_uma_authorization}", | |
"composite" : false, | |
"clientRole" : false, | |
"containerId" : "b5e4cde3-0669-4c34-a3fa-1ac59119761a", | |
"attributes" : { } | |
}, { | |
"id" : "f91fa959-3558-4eb3-9bd1-dd4f430f9b7a", | |
"name" : "offline_access", | |
"description" : "${role_offline-access}", | |
"composite" : false, | |
"clientRole" : false, | |
"containerId" : "b5e4cde3-0669-4c34-a3fa-1ac59119761a", | |
"attributes" : { } | |
}, { | |
"id" : "d22e51b9-b53b-462b-a488-7d81f36e2cc4", | |
"name" : "default-roles-flaskapptest", | |
"description" : "${role_default-roles}", | |
"composite" : true, | |
"composites" : { | |
"realm" : [ "offline_access", "uma_authorization" ], | |
"client" : { | |
"account" : [ "manage-account", "view-profile" ] | |
} | |
}, | |
"clientRole" : false, | |
"containerId" : "b5e4cde3-0669-4c34-a3fa-1ac59119761a", | |
"attributes" : { } | |
} ], | |
"client" : { | |
"realm-management" : [ { | |
"id" : "8cda773b-1cdd-4223-a736-d1f1fd83d45b", | |
"name" : "manage-authorization", | |
"description" : "${role_manage-authorization}", | |
"composite" : false, | |
"clientRole" : true, | |
"containerId" : "0ccf8439-7a4f-4795-b2ec-7c9783c960af", | |
"attributes" : { } | |
}, { | |
"id" : "00e6bcf2-b9d8-458d-a36a-d1db60e41683", | |
"name" : "manage-realm", | |
"description" : "${role_manage-realm}", | |
"composite" : false, | |
"clientRole" : true, | |
"containerId" : "0ccf8439-7a4f-4795-b2ec-7c9783c960af", | |
"attributes" : { } | |
}, { | |
"id" : "5c84fd1c-750e-47e4-8017-b2130c1af55d", | |
"name" : "create-client", | |
"description" : "${role_create-client}", | |
"composite" : false, | |
"clientRole" : true, | |
"containerId" : "0ccf8439-7a4f-4795-b2ec-7c9783c960af", | |
"attributes" : { } | |
}, { | |
"id" : "0f6a2738-e82a-476d-a703-e5741cfee68f", | |
"name" : "query-clients", | |
"description" : "${role_query-clients}", | |
"composite" : false, | |
"clientRole" : true, | |
"containerId" : "0ccf8439-7a4f-4795-b2ec-7c9783c960af", | |
"attributes" : { } | |
}, { | |
"id" : "ec556b61-4313-4625-bbfa-6d7e00533263", | |
"name" : "manage-identity-providers", | |
"description" : "${role_manage-identity-providers}", | |
"composite" : false, | |
"clientRole" : true, | |
"containerId" : "0ccf8439-7a4f-4795-b2ec-7c9783c960af", | |
"attributes" : { } | |
}, { | |
"id" : "5579282d-5df3-4ae2-84f2-ec4a7ee3af08", | |
"name" : "query-realms", | |
"description" : "${role_query-realms}", | |
"composite" : false, | |
"clientRole" : true, | |
"containerId" : "0ccf8439-7a4f-4795-b2ec-7c9783c960af", | |
"attributes" : { } | |
}, { | |
"id" : "8b5dd03f-89b2-4386-851b-ec362cdb1a0c", | |
"name" : "realm-admin", | |
"description" : "${role_realm-admin}", | |
"composite" : true, | |
"composites" : { | |
"client" : { | |
"realm-management" : [ "manage-authorization", "manage-realm", "create-client", "query-clients", "query-realms", "manage-identity-providers", "view-realm", "view-identity-providers", "view-clients", "view-users", "view-authorization", "query-users", "impersonation", "manage-users", "query-groups", "manage-clients", "manage-events", "view-events" ] | |
} | |
}, | |
"clientRole" : true, | |
"containerId" : "0ccf8439-7a4f-4795-b2ec-7c9783c960af", | |
"attributes" : { } | |
}, { | |
"id" : "7daf7184-363e-4e12-bdf8-c23ade7da006", | |
"name" : "view-clients", | |
"description" : "${role_view-clients}", | |
"composite" : true, | |
"composites" : { | |
"client" : { | |
"realm-management" : [ "query-clients" ] | |
} | |
}, | |
"clientRole" : true, | |
"containerId" : "0ccf8439-7a4f-4795-b2ec-7c9783c960af", | |
"attributes" : { } | |
}, { | |
"id" : "580200f6-554f-4fed-9257-83b0368ea7ac", | |
"name" : "view-identity-providers", | |
"description" : "${role_view-identity-providers}", | |
"composite" : false, | |
"clientRole" : true, | |
"containerId" : "0ccf8439-7a4f-4795-b2ec-7c9783c960af", | |
"attributes" : { } | |
}, { | |
"id" : "1b217913-ac9e-41ae-a9a5-1f5875da495d", | |
"name" : "view-realm", | |
"description" : "${role_view-realm}", | |
"composite" : false, | |
"clientRole" : true, | |
"containerId" : "0ccf8439-7a4f-4795-b2ec-7c9783c960af", | |
"attributes" : { } | |
}, { | |
"id" : "a5a4d774-9990-421f-a463-2c1b0a8e042d", | |
"name" : "view-authorization", | |
"description" : "${role_view-authorization}", | |
"composite" : false, | |
"clientRole" : true, | |
"containerId" : "0ccf8439-7a4f-4795-b2ec-7c9783c960af", | |
"attributes" : { } | |
}, { | |
"id" : "2fe8d54b-abe1-425a-90bc-661f765335a6", | |
"name" : "view-users", | |
"description" : "${role_view-users}", | |
"composite" : true, | |
"composites" : { | |
"client" : { | |
"realm-management" : [ "query-users", "query-groups" ] | |
} | |
}, | |
"clientRole" : true, | |
"containerId" : "0ccf8439-7a4f-4795-b2ec-7c9783c960af", | |
"attributes" : { } | |
}, { | |
"id" : "b71299dc-d1e7-4b29-a762-68186a13ac85", | |
"name" : "query-users", | |
"description" : "${role_query-users}", | |
"composite" : false, | |
"clientRole" : true, | |
"containerId" : "0ccf8439-7a4f-4795-b2ec-7c9783c960af", | |
"attributes" : { } | |
}, { | |
"id" : "d360bbf8-62de-4c4b-9ba3-81ec603bdaab", | |
"name" : "impersonation", | |
"description" : "${role_impersonation}", | |
"composite" : false, | |
"clientRole" : true, | |
"containerId" : "0ccf8439-7a4f-4795-b2ec-7c9783c960af", | |
"attributes" : { } | |
}, { | |
"id" : "19f7859b-3883-437c-9c13-92b89e402511", | |
"name" : "manage-users", | |
"description" : "${role_manage-users}", | |
"composite" : false, | |
"clientRole" : true, | |
"containerId" : "0ccf8439-7a4f-4795-b2ec-7c9783c960af", | |
"attributes" : { } | |
}, { | |
"id" : "6d0407c8-bff9-430f-9148-d6dc6711bc1c", | |
"name" : "query-groups", | |
"description" : "${role_query-groups}", | |
"composite" : false, | |
"clientRole" : true, | |
"containerId" : "0ccf8439-7a4f-4795-b2ec-7c9783c960af", | |
"attributes" : { } | |
}, { | |
"id" : "9ca589df-287f-4397-8aae-4202db74fa59", | |
"name" : "manage-clients", | |
"description" : "${role_manage-clients}", | |
"composite" : false, | |
"clientRole" : true, | |
"containerId" : "0ccf8439-7a4f-4795-b2ec-7c9783c960af", | |
"attributes" : { } | |
}, { | |
"id" : "91b4f274-56a7-41dc-9421-48c2ce3ff478", | |
"name" : "manage-events", | |
"description" : "${role_manage-events}", | |
"composite" : false, | |
"clientRole" : true, | |
"containerId" : "0ccf8439-7a4f-4795-b2ec-7c9783c960af", | |
"attributes" : { } | |
}, { | |
"id" : "8b67110e-a1b3-44c1-8983-df4ba53dc3c1", | |
"name" : "view-events", | |
"description" : "${role_view-events}", | |
"composite" : false, | |
"clientRole" : true, | |
"containerId" : "0ccf8439-7a4f-4795-b2ec-7c9783c960af", | |
"attributes" : { } | |
} ], | |
"security-admin-console" : [ ], | |
"admin-cli" : [ ], | |
"restFalskAppClient" : [ ], | |
"account-console" : [ ], | |
"broker" : [ { | |
"id" : "191605d3-ac9b-4b83-b665-f81182233663", | |
"name" : "read-token", | |
"description" : "${role_read-token}", | |
"composite" : false, | |
"clientRole" : true, | |
"containerId" : "a434789d-84ad-4a3a-bb33-7d0e3a0454df", | |
"attributes" : { } | |
} ], | |
"account" : [ { | |
"id" : "1a3f370d-02d6-45af-9626-44a58932daf6", | |
"name" : "manage-account", | |
"description" : "${role_manage-account}", | |
"composite" : true, | |
"composites" : { | |
"client" : { | |
"account" : [ "manage-account-links" ] | |
} | |
}, | |
"clientRole" : true, | |
"containerId" : "c5c7b6b1-67df-4a11-9504-1657c9bb8ec4", | |
"attributes" : { } | |
}, { | |
"id" : "937a83c6-8b6b-4fef-b842-75903b1f50fb", | |
"name" : "view-groups", | |
"description" : "${role_view-groups}", | |
"composite" : false, | |
"clientRole" : true, | |
"containerId" : "c5c7b6b1-67df-4a11-9504-1657c9bb8ec4", | |
"attributes" : { } | |
}, { | |
"id" : "6d090c8c-1afb-44d2-823c-facd575415fc", | |
"name" : "manage-account-links", | |
"description" : "${role_manage-account-links}", | |
"composite" : false, | |
"clientRole" : true, | |
"containerId" : "c5c7b6b1-67df-4a11-9504-1657c9bb8ec4", | |
"attributes" : { } | |
}, { | |
"id" : "32410eb8-7821-4d31-acae-589d824e7ec1", | |
"name" : "view-consent", | |
"description" : "${role_view-consent}", | |
"composite" : false, | |
"clientRole" : true, | |
"containerId" : "c5c7b6b1-67df-4a11-9504-1657c9bb8ec4", | |
"attributes" : { } | |
}, { | |
"id" : "0617f803-940a-449e-8177-69bc605c413c", | |
"name" : "view-applications", | |
"description" : "${role_view-applications}", | |
"composite" : false, | |
"clientRole" : true, | |
"containerId" : "c5c7b6b1-67df-4a11-9504-1657c9bb8ec4", | |
"attributes" : { } | |
}, { | |
"id" : "ac664c33-c584-4a1d-a372-534fda3e1d9d", | |
"name" : "delete-account", | |
"description" : "${role_delete-account}", | |
"composite" : false, | |
"clientRole" : true, | |
"containerId" : "c5c7b6b1-67df-4a11-9504-1657c9bb8ec4", | |
"attributes" : { } | |
}, { | |
"id" : "99f65ec4-1662-407d-9b32-fa11c90840f8", | |
"name" : "view-profile", | |
"description" : "${role_view-profile}", | |
"composite" : false, | |
"clientRole" : true, | |
"containerId" : "c5c7b6b1-67df-4a11-9504-1657c9bb8ec4", | |
"attributes" : { } | |
}, { | |
"id" : "31d23ff7-155e-46d0-810c-e998707adef5", | |
"name" : "manage-consent", | |
"description" : "${role_manage-consent}", | |
"composite" : true, | |
"composites" : { | |
"client" : { | |
"account" : [ "view-consent" ] | |
} | |
}, | |
"clientRole" : true, | |
"containerId" : "c5c7b6b1-67df-4a11-9504-1657c9bb8ec4", | |
"attributes" : { } | |
} ] | |
} | |
}, | |
"groups" : [ ], | |
"defaultRole" : { | |
"id" : "d22e51b9-b53b-462b-a488-7d81f36e2cc4", | |
"name" : "default-roles-flaskapptest", | |
"description" : "${role_default-roles}", | |
"composite" : true, | |
"clientRole" : false, | |
"containerId" : "b5e4cde3-0669-4c34-a3fa-1ac59119761a" | |
}, | |
"requiredCredentials" : [ "password" ], | |
"otpPolicyType" : "totp", | |
"otpPolicyAlgorithm" : "HmacSHA1", | |
"otpPolicyInitialCounter" : 0, | |
"otpPolicyDigits" : 6, | |
"otpPolicyLookAheadWindow" : 1, | |
"otpPolicyPeriod" : 30, | |
"otpPolicyCodeReusable" : false, | |
"otpSupportedApplications" : [ "totpAppFreeOTPName", "totpAppGoogleName", "totpAppMicrosoftAuthenticatorName" ], | |
"localizationTexts" : { }, | |
"webAuthnPolicyRpEntityName" : "keycloak", | |
"webAuthnPolicySignatureAlgorithms" : [ "ES256" ], | |
"webAuthnPolicyRpId" : "", | |
"webAuthnPolicyAttestationConveyancePreference" : "not specified", | |
"webAuthnPolicyAuthenticatorAttachment" : "not specified", | |
"webAuthnPolicyRequireResidentKey" : "not specified", | |
"webAuthnPolicyUserVerificationRequirement" : "not specified", | |
"webAuthnPolicyCreateTimeout" : 0, | |
"webAuthnPolicyAvoidSameAuthenticatorRegister" : false, | |
"webAuthnPolicyAcceptableAaguids" : [ ], | |
"webAuthnPolicyExtraOrigins" : [ ], | |
"webAuthnPolicyPasswordlessRpEntityName" : "keycloak", | |
"webAuthnPolicyPasswordlessSignatureAlgorithms" : [ "ES256" ], | |
"webAuthnPolicyPasswordlessRpId" : "", | |
"webAuthnPolicyPasswordlessAttestationConveyancePreference" : "not specified", | |
"webAuthnPolicyPasswordlessAuthenticatorAttachment" : "not specified", | |
"webAuthnPolicyPasswordlessRequireResidentKey" : "not specified", | |
"webAuthnPolicyPasswordlessUserVerificationRequirement" : "not specified", | |
"webAuthnPolicyPasswordlessCreateTimeout" : 0, | |
"webAuthnPolicyPasswordlessAvoidSameAuthenticatorRegister" : false, | |
"webAuthnPolicyPasswordlessAcceptableAaguids" : [ ], | |
"webAuthnPolicyPasswordlessExtraOrigins" : [ ], | |
"users" : [ { | |
"id" : "8fd3c292-6fba-45d1-8a9a-7ff57823c062", | |
"username" : "lucifer", | |
"firstName" : "Bhushan", | |
"lastName" : "Shelar", | |
"email" : "temp@temp.com", | |
"emailVerified" : true, | |
"createdTimestamp" : 1710225005928, | |
"enabled" : true, | |
"totp" : false, | |
"credentials" : [ { | |
"id" : "3df4acf4-6345-4a8a-b5a7-30d761d3eafe", | |
"type" : "password", | |
"createdDate" : 1710225006179, | |
"secretData" : "{\"value\":\"uoEeqMu0ExjcGDkEfQDQYVISyupPJ3sycO1bYQ3f+/KvmIroEADih1F0MVlMnDHkRuemewFrJ2ImwdU6QF++hg==\",\"salt\":\"FPXshjQhioz2oz+3uOb2hA==\",\"additionalParameters\":{}}", | |
"credentialData" : "{\"hashIterations\":210000,\"algorithm\":\"pbkdf2-sha512\",\"additionalParameters\":{}}" | |
} ], | |
"disableableCredentialTypes" : [ ], | |
"requiredActions" : [ "CONFIGURE_TOTP" ], | |
"realmRoles" : [ "default-roles-flaskapptest" ], | |
"notBefore" : 0, | |
"groups" : [ ] | |
} ], | |
"scopeMappings" : [ { | |
"clientScope" : "offline_access", | |
"roles" : [ "offline_access" ] | |
} ], | |
"clientScopeMappings" : { | |
"account" : [ { | |
"client" : "account-console", | |
"roles" : [ "manage-account", "view-groups" ] | |
} ] | |
}, | |
"clients" : [ { | |
"id" : "c5c7b6b1-67df-4a11-9504-1657c9bb8ec4", | |
"clientId" : "account", | |
"name" : "${client_account}", | |
"rootUrl" : "${authBaseUrl}", | |
"baseUrl" : "/realms/flaskAppTest/account/", | |
"surrogateAuthRequired" : false, | |
"enabled" : true, | |
"alwaysDisplayInConsole" : false, | |
"clientAuthenticatorType" : "client-secret", | |
"redirectUris" : [ "/realms/flaskAppTest/account/*" ], | |
"webOrigins" : [ ], | |
"notBefore" : 0, | |
"bearerOnly" : false, | |
"consentRequired" : false, | |
"standardFlowEnabled" : true, | |
"implicitFlowEnabled" : false, | |
"directAccessGrantsEnabled" : false, | |
"serviceAccountsEnabled" : false, | |
"publicClient" : true, | |
"frontchannelLogout" : false, | |
"protocol" : "openid-connect", | |
"attributes" : { | |
"post.logout.redirect.uris" : "+" | |
}, | |
"authenticationFlowBindingOverrides" : { }, | |
"fullScopeAllowed" : false, | |
"nodeReRegistrationTimeout" : 0, | |
"defaultClientScopes" : [ "web-origins", "acr", "profile", "roles", "email" ], | |
"optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ] | |
}, { | |
"id" : "fe2fc44d-526f-4665-a498-409eecfdf798", | |
"clientId" : "account-console", | |
"name" : "${client_account-console}", | |
"rootUrl" : "${authBaseUrl}", | |
"baseUrl" : "/realms/flaskAppTest/account/", | |
"surrogateAuthRequired" : false, | |
"enabled" : true, | |
"alwaysDisplayInConsole" : false, | |
"clientAuthenticatorType" : "client-secret", | |
"redirectUris" : [ "/realms/flaskAppTest/account/*" ], | |
"webOrigins" : [ ], | |
"notBefore" : 0, | |
"bearerOnly" : false, | |
"consentRequired" : false, | |
"standardFlowEnabled" : true, | |
"implicitFlowEnabled" : false, | |
"directAccessGrantsEnabled" : false, | |
"serviceAccountsEnabled" : false, | |
"publicClient" : true, | |
"frontchannelLogout" : false, | |
"protocol" : "openid-connect", | |
"attributes" : { | |
"post.logout.redirect.uris" : "+", | |
"pkce.code.challenge.method" : "S256" | |
}, | |
"authenticationFlowBindingOverrides" : { }, | |
"fullScopeAllowed" : false, | |
"nodeReRegistrationTimeout" : 0, | |
"protocolMappers" : [ { | |
"id" : "0382111f-b5aa-4a71-bef9-dba518804bb7", | |
"name" : "audience resolve", | |
"protocol" : "openid-connect", | |
"protocolMapper" : "oidc-audience-resolve-mapper", | |
"consentRequired" : false, | |
"config" : { } | |
} ], | |
"defaultClientScopes" : [ "web-origins", "acr", "profile", "roles", "email" ], | |
"optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ] | |
}, { | |
"id" : "78eb7537-8be7-429c-ab60-7ed866432006", | |
"clientId" : "admin-cli", | |
"name" : "${client_admin-cli}", | |
"surrogateAuthRequired" : false, | |
"enabled" : true, | |
"alwaysDisplayInConsole" : false, | |
"clientAuthenticatorType" : "client-secret", | |
"redirectUris" : [ ], | |
"webOrigins" : [ ], | |
"notBefore" : 0, | |
"bearerOnly" : false, | |
"consentRequired" : false, | |
"standardFlowEnabled" : false, | |
"implicitFlowEnabled" : false, | |
"directAccessGrantsEnabled" : true, | |
"serviceAccountsEnabled" : false, | |
"publicClient" : true, | |
"frontchannelLogout" : false, | |
"protocol" : "openid-connect", | |
"attributes" : { }, | |
"authenticationFlowBindingOverrides" : { }, | |
"fullScopeAllowed" : false, | |
"nodeReRegistrationTimeout" : 0, | |
"defaultClientScopes" : [ "web-origins", "acr", "profile", "roles", "email" ], | |
"optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ] | |
}, { | |
"id" : "a434789d-84ad-4a3a-bb33-7d0e3a0454df", | |
"clientId" : "broker", | |
"name" : "${client_broker}", | |
"surrogateAuthRequired" : false, | |
"enabled" : true, | |
"alwaysDisplayInConsole" : false, | |
"clientAuthenticatorType" : "client-secret", | |
"redirectUris" : [ ], | |
"webOrigins" : [ ], | |
"notBefore" : 0, | |
"bearerOnly" : true, | |
"consentRequired" : false, | |
"standardFlowEnabled" : true, | |
"implicitFlowEnabled" : false, | |
"directAccessGrantsEnabled" : false, | |
"serviceAccountsEnabled" : false, | |
"publicClient" : false, | |
"frontchannelLogout" : false, | |
"protocol" : "openid-connect", | |
"attributes" : { }, | |
"authenticationFlowBindingOverrides" : { }, | |
"fullScopeAllowed" : false, | |
"nodeReRegistrationTimeout" : 0, | |
"defaultClientScopes" : [ "web-origins", "acr", "profile", "roles", "email" ], | |
"optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ] | |
}, { | |
"id" : "0ccf8439-7a4f-4795-b2ec-7c9783c960af", | |
"clientId" : "realm-management", | |
"name" : "${client_realm-management}", | |
"surrogateAuthRequired" : false, | |
"enabled" : true, | |
"alwaysDisplayInConsole" : false, | |
"clientAuthenticatorType" : "client-secret", | |
"redirectUris" : [ ], | |
"webOrigins" : [ ], | |
"notBefore" : 0, | |
"bearerOnly" : true, | |
"consentRequired" : false, | |
"standardFlowEnabled" : true, | |
"implicitFlowEnabled" : false, | |
"directAccessGrantsEnabled" : false, | |
"serviceAccountsEnabled" : false, | |
"publicClient" : false, | |
"frontchannelLogout" : false, | |
"protocol" : "openid-connect", | |
"attributes" : { }, | |
"authenticationFlowBindingOverrides" : { }, | |
"fullScopeAllowed" : false, | |
"nodeReRegistrationTimeout" : 0, | |
"defaultClientScopes" : [ "web-origins", "acr", "profile", "roles", "email" ], | |
"optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ] | |
}, { | |
"id" : "9b086b24-2fa2-40e3-9f66-a38cd402abe6", | |
"clientId" : "restFalskAppClient", | |
"name" : "", | |
"description" : "", | |
"rootUrl" : "http://localhost:5000/", | |
"adminUrl" : "http://localhost:5000/", | |
"baseUrl" : "http://localhost:5000/*", | |
"surrogateAuthRequired" : false, | |
"enabled" : true, | |
"alwaysDisplayInConsole" : true, | |
"clientAuthenticatorType" : "client-secret", | |
"secret" : "wrzxUB87fdhMa8p3I3gfSXydlGOv2rA9", | |
"redirectUris" : [ "http://localhost:5000/*" ], | |
"webOrigins" : [ "http://localhost:5000" ], | |
"notBefore" : 0, | |
"bearerOnly" : false, | |
"consentRequired" : false, | |
"standardFlowEnabled" : true, | |
"implicitFlowEnabled" : false, | |
"directAccessGrantsEnabled" : true, | |
"serviceAccountsEnabled" : false, | |
"publicClient" : false, | |
"frontchannelLogout" : true, | |
"protocol" : "openid-connect", | |
"attributes" : { | |
"oidc.ciba.grant.enabled" : "false", | |
"oauth2.device.authorization.grant.enabled" : "false", | |
"client.secret.creation.time" : "1710223947", | |
"backchannel.logout.session.required" : "true", | |
"backchannel.logout.revoke.offline.tokens" : "false" | |
}, | |
"authenticationFlowBindingOverrides" : { }, | |
"fullScopeAllowed" : true, | |
"nodeReRegistrationTimeout" : -1, | |
"defaultClientScopes" : [ "web-origins", "acr", "profile", "roles", "email" ], | |
"optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ] | |
}, { | |
"id" : "53273cab-7ff2-416f-925f-211ede629c6e", | |
"clientId" : "security-admin-console", | |
"name" : "${client_security-admin-console}", | |
"rootUrl" : "${authAdminUrl}", | |
"baseUrl" : "/admin/flaskAppTest/console/", | |
"surrogateAuthRequired" : false, | |
"enabled" : true, | |
"alwaysDisplayInConsole" : false, | |
"clientAuthenticatorType" : "client-secret", | |
"redirectUris" : [ "/admin/flaskAppTest/console/*" ], | |
"webOrigins" : [ "+" ], | |
"notBefore" : 0, | |
"bearerOnly" : false, | |
"consentRequired" : false, | |
"standardFlowEnabled" : true, | |
"implicitFlowEnabled" : false, | |
"directAccessGrantsEnabled" : false, | |
"serviceAccountsEnabled" : false, | |
"publicClient" : true, | |
"frontchannelLogout" : false, | |
"protocol" : "openid-connect", | |
"attributes" : { | |
"post.logout.redirect.uris" : "+", | |
"pkce.code.challenge.method" : "S256" | |
}, | |
"authenticationFlowBindingOverrides" : { }, | |
"fullScopeAllowed" : false, | |
"nodeReRegistrationTimeout" : 0, | |
"protocolMappers" : [ { | |
"id" : "8c930cfd-7d8c-4913-939b-2f48f9afc843", | |
"name" : "locale", | |
"protocol" : "openid-connect", | |
"protocolMapper" : "oidc-usermodel-attribute-mapper", | |
"consentRequired" : false, | |
"config" : { | |
"introspection.token.claim" : "true", | |
"userinfo.token.claim" : "true", | |
"user.attribute" : "locale", | |
"id.token.claim" : "true", | |
"access.token.claim" : "true", | |
"claim.name" : "locale", | |
"jsonType.label" : "String" | |
} | |
} ], | |
"defaultClientScopes" : [ "web-origins", "acr", "profile", "roles", "email" ], | |
"optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ] | |
} ], | |
"clientScopes" : [ { | |
"id" : "75b3c667-2070-4c50-aa90-456d1581fe43", | |
"name" : "email", | |
"description" : "OpenID Connect built-in scope: email", | |
"protocol" : "openid-connect", | |
"attributes" : { | |
"include.in.token.scope" : "true", | |
"display.on.consent.screen" : "true", | |
"consent.screen.text" : "${emailScopeConsentText}" | |
}, | |
"protocolMappers" : [ { | |
"id" : "fee908ac-afb2-4cda-9102-71fd88e6d7ef", | |
"name" : "email", | |
"protocol" : "openid-connect", | |
"protocolMapper" : "oidc-usermodel-attribute-mapper", | |
"consentRequired" : false, | |
"config" : { | |
"introspection.token.claim" : "true", | |
"userinfo.token.claim" : "true", | |
"user.attribute" : "email", | |
"id.token.claim" : "true", | |
"access.token.claim" : "true", | |
"claim.name" : "email", | |
"jsonType.label" : "String" | |
} | |
}, { | |
"id" : "beca2d22-c967-4cb0-88f1-8bf8ec9bddc8", | |
"name" : "email verified", | |
"protocol" : "openid-connect", | |
"protocolMapper" : "oidc-usermodel-property-mapper", | |
"consentRequired" : false, | |
"config" : { | |
"introspection.token.claim" : "true", | |
"userinfo.token.claim" : "true", | |
"user.attribute" : "emailVerified", | |
"id.token.claim" : "true", | |
"access.token.claim" : "true", | |
"claim.name" : "email_verified", | |
"jsonType.label" : "boolean" | |
} | |
} ] | |
}, { | |
"id" : "433da6da-8331-41ec-87fc-186391115854", | |
"name" : "offline_access", | |
"description" : "OpenID Connect built-in scope: offline_access", | |
"protocol" : "openid-connect", | |
"attributes" : { | |
"consent.screen.text" : "${offlineAccessScopeConsentText}", | |
"display.on.consent.screen" : "true" | |
} | |
}, { | |
"id" : "c226ec80-831b-4c77-aa66-a2c8cd0eda7f", | |
"name" : "profile", | |
"description" : "OpenID Connect built-in scope: profile", | |
"protocol" : "openid-connect", | |
"attributes" : { | |
"include.in.token.scope" : "true", | |
"display.on.consent.screen" : "true", | |
"consent.screen.text" : "${profileScopeConsentText}" | |
}, | |
"protocolMappers" : [ { | |
"id" : "aa44740e-dbc3-4d10-bb12-81eb8a25110e", | |
"name" : "nickname", | |
"protocol" : "openid-connect", | |
"protocolMapper" : "oidc-usermodel-attribute-mapper", | |
"consentRequired" : false, | |
"config" : { | |
"introspection.token.claim" : "true", | |
"userinfo.token.claim" : "true", | |
"user.attribute" : "nickname", | |
"id.token.claim" : "true", | |
"access.token.claim" : "true", | |
"claim.name" : "nickname", | |
"jsonType.label" : "String" | |
} | |
}, { | |
"id" : "eb1c2dcb-d0e0-454f-a6ed-9f5be84d8e68", | |
"name" : "locale", | |
"protocol" : "openid-connect", | |
"protocolMapper" : "oidc-usermodel-attribute-mapper", | |
"consentRequired" : false, | |
"config" : { | |
"introspection.token.claim" : "true", | |
"userinfo.token.claim" : "true", | |
"user.attribute" : "locale", | |
"id.token.claim" : "true", | |
"access.token.claim" : "true", | |
"claim.name" : "locale", | |
"jsonType.label" : "String" | |
} | |
}, { | |
"id" : "a8ec2855-5925-4560-b8dc-39e6bb888376", | |
"name" : "middle name", | |
"protocol" : "openid-connect", | |
"protocolMapper" : "oidc-usermodel-attribute-mapper", | |
"consentRequired" : false, | |
"config" : { | |
"introspection.token.claim" : "true", | |
"userinfo.token.claim" : "true", | |
"user.attribute" : "middleName", | |
"id.token.claim" : "true", | |
"access.token.claim" : "true", | |
"claim.name" : "middle_name", | |
"jsonType.label" : "String" | |
} | |
}, { | |
"id" : "46f1f877-e2d6-4789-848b-94966b11640a", | |
"name" : "zoneinfo", | |
"protocol" : "openid-connect", | |
"protocolMapper" : "oidc-usermodel-attribute-mapper", | |
"consentRequired" : false, | |
"config" : { | |
"introspection.token.claim" : "true", | |
"userinfo.token.claim" : "true", | |
"user.attribute" : "zoneinfo", | |
"id.token.claim" : "true", | |
"access.token.claim" : "true", | |
"claim.name" : "zoneinfo", | |
"jsonType.label" : "String" | |
} | |
}, { | |
"id" : "e99d83ef-e7cf-4aeb-b7f0-7a7942ce8f40", | |
"name" : "full name", | |
"protocol" : "openid-connect", | |
"protocolMapper" : "oidc-full-name-mapper", | |
"consentRequired" : false, | |
"config" : { | |
"id.token.claim" : "true", | |
"introspection.token.claim" : "true", | |
"access.token.claim" : "true", | |
"userinfo.token.claim" : "true" | |
} | |
}, { | |
"id" : "23724523-9cf5-40a2-8cbc-b36f5599c6a6", | |
"name" : "updated at", | |
"protocol" : "openid-connect", | |
"protocolMapper" : "oidc-usermodel-attribute-mapper", | |
"consentRequired" : false, | |
"config" : { | |
"introspection.token.claim" : "true", | |
"userinfo.token.claim" : "true", | |
"user.attribute" : "updatedAt", | |
"id.token.claim" : "true", | |
"access.token.claim" : "true", | |
"claim.name" : "updated_at", | |
"jsonType.label" : "long" | |
} | |
}, { | |
"id" : "e915405a-a966-43c0-81dc-df1689df0e8f", | |
"name" : "website", | |
"protocol" : "openid-connect", | |
"protocolMapper" : "oidc-usermodel-attribute-mapper", | |
"consentRequired" : false, | |
"config" : { | |
"introspection.token.claim" : "true", | |
"userinfo.token.claim" : "true", | |
"user.attribute" : "website", | |
"id.token.claim" : "true", | |
"access.token.claim" : "true", | |
"claim.name" : "website", | |
"jsonType.label" : "String" | |
} | |
}, { | |
"id" : "5b9b31f4-f107-41ec-95e7-6042e988a18c", | |
"name" : "given name", | |
"protocol" : "openid-connect", | |
"protocolMapper" : "oidc-usermodel-attribute-mapper", | |
"consentRequired" : false, | |
"config" : { | |
"introspection.token.claim" : "true", | |
"userinfo.token.claim" : "true", | |
"user.attribute" : "firstName", | |
"id.token.claim" : "true", | |
"access.token.claim" : "true", | |
"claim.name" : "given_name", | |
"jsonType.label" : "String" | |
} | |
}, { | |
"id" : "55c34959-cb4c-4060-b17e-fb226a88affb", | |
"name" : "picture", | |
"protocol" : "openid-connect", | |
"protocolMapper" : "oidc-usermodel-attribute-mapper", | |
"consentRequired" : false, | |
"config" : { | |
"introspection.token.claim" : "true", | |
"userinfo.token.claim" : "true", | |
"user.attribute" : "picture", | |
"id.token.claim" : "true", | |
"access.token.claim" : "true", | |
"claim.name" : "picture", | |
"jsonType.label" : "String" | |
} | |
}, { | |
"id" : "46a0abd8-d4cb-4949-89c8-709e7f257bbd", | |
"name" : "birthdate", | |
"protocol" : "openid-connect", | |
"protocolMapper" : "oidc-usermodel-attribute-mapper", | |
"consentRequired" : false, | |
"config" : { | |
"introspection.token.claim" : "true", | |
"userinfo.token.claim" : "true", | |
"user.attribute" : "birthdate", | |
"id.token.claim" : "true", | |
"access.token.claim" : "true", | |
"claim.name" : "birthdate", | |
"jsonType.label" : "String" | |
} | |
}, { | |
"id" : "4f900fc8-75ff-4f3d-96aa-7e1b6ce1a01c", | |
"name" : "profile", | |
"protocol" : "openid-connect", | |
"protocolMapper" : "oidc-usermodel-attribute-mapper", | |
"consentRequired" : false, | |
"config" : { | |
"introspection.token.claim" : "true", | |
"userinfo.token.claim" : "true", | |
"user.attribute" : "profile", | |
"id.token.claim" : "true", | |
"access.token.claim" : "true", | |
"claim.name" : "profile", | |
"jsonType.label" : "String" | |
} | |
}, { | |
"id" : "607f5b4f-be01-44ae-86a7-87b63292e664", | |
"name" : "username", | |
"protocol" : "openid-connect", | |
"protocolMapper" : "oidc-usermodel-attribute-mapper", | |
"consentRequired" : false, | |
"config" : { | |
"introspection.token.claim" : "true", | |
"userinfo.token.claim" : "true", | |
"user.attribute" : "username", | |
"id.token.claim" : "true", | |
"access.token.claim" : "true", | |
"claim.name" : "preferred_username", | |
"jsonType.label" : "String" | |
} | |
}, { | |
"id" : "d121d277-eae5-4632-9e76-5ec34ac9233f", | |
"name" : "family name", | |
"protocol" : "openid-connect", | |
"protocolMapper" : "oidc-usermodel-attribute-mapper", | |
"consentRequired" : false, | |
"config" : { | |
"introspection.token.claim" : "true", | |
"userinfo.token.claim" : "true", | |
"user.attribute" : "lastName", | |
"id.token.claim" : "true", | |
"access.token.claim" : "true", | |
"claim.name" : "family_name", | |
"jsonType.label" : "String" | |
} | |
}, { | |
"id" : "6596146e-c700-458a-b974-3460af86c2e5", | |
"name" : "gender", | |
"protocol" : "openid-connect", | |
"protocolMapper" : "oidc-usermodel-attribute-mapper", | |
"consentRequired" : false, | |
"config" : { | |
"introspection.token.claim" : "true", | |
"userinfo.token.claim" : "true", | |
"user.attribute" : "gender", | |
"id.token.claim" : "true", | |
"access.token.claim" : "true", | |
"claim.name" : "gender", | |
"jsonType.label" : "String" | |
} | |
} ] | |
}, { | |
"id" : "f23394a5-1da6-429a-989a-2568b9141967", | |
"name" : "address", | |
"description" : "OpenID Connect built-in scope: address", | |
"protocol" : "openid-connect", | |
"attributes" : { | |
"include.in.token.scope" : "true", | |
"display.on.consent.screen" : "true", | |
"consent.screen.text" : "${addressScopeConsentText}" | |
}, | |
"protocolMappers" : [ { | |
"id" : "b98496df-eccc-4e4e-8369-28f1fbf3c191", | |
"name" : "address", | |
"protocol" : "openid-connect", | |
"protocolMapper" : "oidc-address-mapper", | |
"consentRequired" : false, | |
"config" : { | |
"user.attribute.formatted" : "formatted", | |
"user.attribute.country" : "country", | |
"introspection.token.claim" : "true", | |
"user.attribute.postal_code" : "postal_code", | |
"userinfo.token.claim" : "true", | |
"user.attribute.street" : "street", | |
"id.token.claim" : "true", | |
"user.attribute.region" : "region", | |
"access.token.claim" : "true", | |
"user.attribute.locality" : "locality" | |
} | |
} ] | |
}, { | |
"id" : "15a9d50b-0441-44b5-95f2-9932100097c0", | |
"name" : "phone", | |
"description" : "OpenID Connect built-in scope: phone", | |
"protocol" : "openid-connect", | |
"attributes" : { | |
"include.in.token.scope" : "true", | |
"display.on.consent.screen" : "true", | |
"consent.screen.text" : "${phoneScopeConsentText}" | |
}, | |
"protocolMappers" : [ { | |
"id" : "3ee719e9-0ce6-4a93-94c8-a4457e8ceb02", | |
"name" : "phone number verified", | |
"protocol" : "openid-connect", | |
"protocolMapper" : "oidc-usermodel-attribute-mapper", | |
"consentRequired" : false, | |
"config" : { | |
"introspection.token.claim" : "true", | |
"userinfo.token.claim" : "true", | |
"user.attribute" : "phoneNumberVerified", | |
"id.token.claim" : "true", | |
"access.token.claim" : "true", | |
"claim.name" : "phone_number_verified", | |
"jsonType.label" : "boolean" | |
} | |
}, { | |
"id" : "dce9a354-b1b0-41a3-8631-127b7d39bda6", | |
"name" : "phone number", | |
"protocol" : "openid-connect", | |
"protocolMapper" : "oidc-usermodel-attribute-mapper", | |
"consentRequired" : false, | |
"config" : { | |
"introspection.token.claim" : "true", | |
"userinfo.token.claim" : "true", | |
"user.attribute" : "phoneNumber", | |
"id.token.claim" : "true", | |
"access.token.claim" : "true", | |
"claim.name" : "phone_number", | |
"jsonType.label" : "String" | |
} | |
} ] | |
}, { | |
"id" : "97a5c35d-9e2b-42d2-839a-d6fff68e6930", | |
"name" : "roles", | |
"description" : "OpenID Connect scope for add user roles to the access token", | |
"protocol" : "openid-connect", | |
"attributes" : { | |
"include.in.token.scope" : "false", | |
"display.on.consent.screen" : "true", | |
"consent.screen.text" : "${rolesScopeConsentText}" | |
}, | |
"protocolMappers" : [ { | |
"id" : "7020e933-26ca-467a-80e3-98f3e328e2bb", | |
"name" : "realm roles", | |
"protocol" : "openid-connect", | |
"protocolMapper" : "oidc-usermodel-realm-role-mapper", | |
"consentRequired" : false, | |
"config" : { | |
"introspection.token.claim" : "true", | |
"multivalued" : "true", | |
"user.attribute" : "foo", | |
"access.token.claim" : "true", | |
"claim.name" : "realm_access.roles", | |
"jsonType.label" : "String" | |
} | |
}, { | |
"id" : "4785fa76-9f0d-4bfd-82c0-b65477fd0470", | |
"name" : "audience resolve", | |
"protocol" : "openid-connect", | |
"protocolMapper" : "oidc-audience-resolve-mapper", | |
"consentRequired" : false, | |
"config" : { | |
"introspection.token.claim" : "true", | |
"access.token.claim" : "true" | |
} | |
}, { | |
"id" : "d1cd0e4d-43ae-4899-b821-6ade768c3a4f", | |
"name" : "client roles", | |
"protocol" : "openid-connect", | |
"protocolMapper" : "oidc-usermodel-client-role-mapper", | |
"consentRequired" : false, | |
"config" : { | |
"introspection.token.claim" : "true", | |
"multivalued" : "true", | |
"user.attribute" : "foo", | |
"access.token.claim" : "true", | |
"claim.name" : "resource_access.${client_id}.roles", | |
"jsonType.label" : "String" | |
} | |
} ] | |
}, { | |
"id" : "ebbb6556-cd9b-4cb7-871b-0ab758ff3efb", | |
"name" : "acr", | |
"description" : "OpenID Connect scope for add acr (authentication context class reference) to the token", | |
"protocol" : "openid-connect", | |
"attributes" : { | |
"include.in.token.scope" : "false", | |
"display.on.consent.screen" : "false" | |
}, | |
"protocolMappers" : [ { | |
"id" : "4496a492-f0ea-4514-ade7-803d6d9617d2", | |
"name" : "acr loa level", | |
"protocol" : "openid-connect", | |
"protocolMapper" : "oidc-acr-mapper", | |
"consentRequired" : false, | |
"config" : { | |
"id.token.claim" : "true", | |
"introspection.token.claim" : "true", | |
"access.token.claim" : "true" | |
} | |
} ] | |
}, { | |
"id" : "d9da22e8-2b90-4b52-b2c6-02b1965b4d00", | |
"name" : "web-origins", | |
"description" : "OpenID Connect scope for add allowed web origins to the access token", | |
"protocol" : "openid-connect", | |
"attributes" : { | |
"include.in.token.scope" : "false", | |
"display.on.consent.screen" : "false", | |
"consent.screen.text" : "" | |
}, | |
"protocolMappers" : [ { | |
"id" : "7ef81c1f-8189-4b2c-adca-9ddc2d5c82c8", | |
"name" : "allowed web origins", | |
"protocol" : "openid-connect", | |
"protocolMapper" : "oidc-allowed-origins-mapper", | |
"consentRequired" : false, | |
"config" : { | |
"introspection.token.claim" : "true", | |
"access.token.claim" : "true" | |
} | |
} ] | |
}, { | |
"id" : "b80b4a37-7168-48a6-8c6a-57424e58d0cb", | |
"name" : "microprofile-jwt", | |
"description" : "Microprofile - JWT built-in scope", | |
"protocol" : "openid-connect", | |
"attributes" : { | |
"include.in.token.scope" : "true", | |
"display.on.consent.screen" : "false" | |
}, | |
"protocolMappers" : [ { | |
"id" : "949e1560-cdf1-4314-9655-462be6741266", | |
"name" : "upn", | |
"protocol" : "openid-connect", | |
"protocolMapper" : "oidc-usermodel-attribute-mapper", | |
"consentRequired" : false, | |
"config" : { | |
"introspection.token.claim" : "true", | |
"userinfo.token.claim" : "true", | |
"user.attribute" : "username", | |
"id.token.claim" : "true", | |
"access.token.claim" : "true", | |
"claim.name" : "upn", | |
"jsonType.label" : "String" | |
} | |
}, { | |
"id" : "0b221c53-570c-4d6a-9d5e-bde828f9691d", | |
"name" : "groups", | |
"protocol" : "openid-connect", | |
"protocolMapper" : "oidc-usermodel-realm-role-mapper", | |
"consentRequired" : false, | |
"config" : { | |
"introspection.token.claim" : "true", | |
"multivalued" : "true", | |
"user.attribute" : "foo", | |
"id.token.claim" : "true", | |
"access.token.claim" : "true", | |
"claim.name" : "groups", | |
"jsonType.label" : "String" | |
} | |
} ] | |
}, { | |
"id" : "e721f7ac-e2b7-47ab-9764-ab9913118c7f", | |
"name" : "role_list", | |
"description" : "SAML role list", | |
"protocol" : "saml", | |
"attributes" : { | |
"consent.screen.text" : "${samlRoleListScopeConsentText}", | |
"display.on.consent.screen" : "true" | |
}, | |
"protocolMappers" : [ { | |
"id" : "76c8bc79-5a95-4747-b32d-d7e4de880d47", | |
"name" : "role list", | |
"protocol" : "saml", | |
"protocolMapper" : "saml-role-list-mapper", | |
"consentRequired" : false, | |
"config" : { | |
"single" : "false", | |
"attribute.nameformat" : "Basic", | |
"attribute.name" : "Role" | |
} | |
} ] | |
} ], | |
"defaultDefaultClientScopes" : [ "role_list", "profile", "email", "roles", "web-origins", "acr" ], | |
"defaultOptionalClientScopes" : [ "offline_access", "address", "phone", "microprofile-jwt" ], | |
"browserSecurityHeaders" : { | |
"contentSecurityPolicyReportOnly" : "", | |
"xContentTypeOptions" : "nosniff", | |
"referrerPolicy" : "no-referrer", | |
"xRobotsTag" : "none", | |
"xFrameOptions" : "SAMEORIGIN", | |
"contentSecurityPolicy" : "frame-src 'self'; frame-ancestors 'self'; object-src 'none';", | |
"xXSSProtection" : "1; mode=block", | |
"strictTransportSecurity" : "max-age=31536000; includeSubDomains" | |
}, | |
"smtpServer" : { }, | |
"eventsEnabled" : false, | |
"eventsListeners" : [ "jboss-logging" ], | |
"enabledEventTypes" : [ ], | |
"adminEventsEnabled" : false, | |
"adminEventsDetailsEnabled" : false, | |
"identityProviders" : [ ], | |
"identityProviderMappers" : [ ], | |
"components" : { | |
"org.keycloak.services.clientregistration.policy.ClientRegistrationPolicy" : [ { | |
"id" : "ae7b94ac-004b-49ea-b613-73325053c7f9", | |
"name" : "Max Clients Limit", | |
"providerId" : "max-clients", | |
"subType" : "anonymous", | |
"subComponents" : { }, | |
"config" : { | |
"max-clients" : [ "200" ] | |
} | |
}, { | |
"id" : "6ce0e728-7cd4-4410-ba04-9553999f275a", | |
"name" : "Allowed Client Scopes", | |
"providerId" : "allowed-client-templates", | |
"subType" : "anonymous", | |
"subComponents" : { }, | |
"config" : { | |
"allow-default-scopes" : [ "true" ] | |
} | |
}, { | |
"id" : "65cdfb09-898b-4fbb-b28d-0464ca2a0ced", | |
"name" : "Allowed Protocol Mapper Types", | |
"providerId" : "allowed-protocol-mappers", | |
"subType" : "authenticated", | |
"subComponents" : { }, | |
"config" : { | |
"allowed-protocol-mapper-types" : [ "oidc-sha256-pairwise-sub-mapper", "saml-role-list-mapper", "oidc-address-mapper", "oidc-usermodel-attribute-mapper", "saml-user-property-mapper", "saml-user-attribute-mapper", "oidc-full-name-mapper", "oidc-usermodel-property-mapper" ] | |
} | |
}, { | |
"id" : "a2cb1e9b-d388-4836-8887-d1821c0c23ef", | |
"name" : "Trusted Hosts", | |
"providerId" : "trusted-hosts", | |
"subType" : "anonymous", | |
"subComponents" : { }, | |
"config" : { | |
"host-sending-registration-request-must-match" : [ "true" ], | |
"client-uris-must-match" : [ "true" ] | |
} | |
}, { | |
"id" : "bae96be4-0b5d-4072-b855-14f58490d4d5", | |
"name" : "Full Scope Disabled", | |
"providerId" : "scope", | |
"subType" : "anonymous", | |
"subComponents" : { }, | |
"config" : { } | |
}, { | |
"id" : "c4e76d35-9581-416e-947f-7106af73f841", | |
"name" : "Allowed Client Scopes", | |
"providerId" : "allowed-client-templates", | |
"subType" : "authenticated", | |
"subComponents" : { }, | |
"config" : { | |
"allow-default-scopes" : [ "true" ] | |
} | |
}, { | |
"id" : "45ca4ec5-f162-41c4-a624-5dd3d6cbdd36", | |
"name" : "Allowed Protocol Mapper Types", | |
"providerId" : "allowed-protocol-mappers", | |
"subType" : "anonymous", | |
"subComponents" : { }, | |
"config" : { | |
"allowed-protocol-mapper-types" : [ "oidc-usermodel-property-mapper", "oidc-full-name-mapper", "oidc-usermodel-attribute-mapper", "oidc-address-mapper", "saml-user-attribute-mapper", "saml-role-list-mapper", "saml-user-property-mapper", "oidc-sha256-pairwise-sub-mapper" ] | |
} | |
}, { | |
"id" : "e71f9b5a-2016-4c86-b53b-95c4197dd8d6", | |
"name" : "Consent Required", | |
"providerId" : "consent-required", | |
"subType" : "anonymous", | |
"subComponents" : { }, | |
"config" : { } | |
} ], | |
"org.keycloak.keys.KeyProvider" : [ { | |
"id" : "ca9bc8d6-cf2b-47a8-9ca1-483939b6079a", | |
"name" : "rsa-enc-generated", | |
"providerId" : "rsa-enc-generated", | |
"subComponents" : { }, | |
"config" : { | |
"privateKey" : [ "MIIEowIBAAKCAQEAz7hlnkQdEowHNu3T2+04m+VBdf56TTaVlmBLfPIOk54Mcc7fHrS5E2wCv877f/z/VFtnJtxHdg3mde/66oXXMdNuUrwCmy/s15U7hVmIF/a6TOszZcbsemUPJQ0GzU+hkDfh18P5FhIqZZ78/FPGQwGzxHItNnpgXeZYswzhjVqFxuTcrXYLekGgNjsgSLjx9QESRlR990LQtALs/s7hq9tq2xs5XUAquT/AowpInHbEboSPRQFtZWsefY83Qt3NsLpmlN7+c5G8j9at0w87jGQSa0XcveaKkp9obT+FDCMmSVehhpQBu3fROOUdqmbJL4PUQjJwjrUtompNH+TL5wIDAQABAoIBABNpHlSDS0Tb6/gAkm8h7vZ2c78JzYuglwBAiwf9JfU6bDGdt3DgSiPb+zJ0WOvVYatph9f0TAM7+ktkEQpQVn3T+E0SlPBuh+R/ZVqpNVP+nNsqPBkof8RSOZo96jhOVtZ/ZQMreip1/nCU7PwhUfdvVclSMr0SriWoLFATBegWSxqAHhJ4DlfA9HLxS1fMKcq/Jzq0znlHC5bVncOIsxTw1Vbh2y+kleeXdEvwGWI6QEnjRsE77LU8TlqVsHThJ4mG/blgeIQPak3C+oRsKkhSwbPHhxBM4+i63CH+BOS0Lnp1jCUErONXcByUcUwXfunNy8Gq5a9PAwI6ymVYVBkCgYEA9HDvS7VxzCi2udMwe6+jZv1q0g4q8MJKGOhgVSViwjBOoYYyoTuBGNR79zkj009gqtETlketdAjDVdKTwTJrjSxhxvs2SIm4WQhzBgNXaZbM7tnz7GllWgQFrUuHMAHIki45tlPm7FdIcRFV72LxKfE62dmWa4Pue4HgE345UnkCgYEA2YrwxR6iy3Wa3BSB0HqW8WRNHrUT9Bri9XU1bJXYOVvhvlQuzBWT5NEt/tHZ6xBAnJLZTa+nNBftDy9Pd31VuAxMOci0nx+S9zo5w/8tF8ve6UYYbu0uEoZHGE6EnxUp0sK57pL80SugtzSkFGqb/R3/nuudwPBM8TzJCmzEeV8CgYEAxobuovOTn/e1KEkwyFPHB39sgXvGPlHd8krQ6nZ5tjObuS4P8sksOWlh4VFEGnwOi81Q9i3y3xm64/opzLBRj4/rPbuLw/AujAkDum9+UCCNArR7mpejHC/GGJAOFNxt9OOcNcwA8hSVnlcxD0KxkZn9bS9+LoYxa5f40HwkvCkCgYBj1XuBOvoC3UngThj1EA1NYnZx7S/nCp+1fcCywGGmkSAcNI31YsGodMbi9nNHiQHd2RaYrE/TfFdybIfPkllQSXSB4DXkAJ11j+cKp4SOMyVtcJmt7nMCVVUzNnVufEvhSTQC5LnZVGhBK4tRQ0uq8aVpzT9sV9s3qmmouxm/iQKBgBHVYse9qbS3tRK/5O1pYoubgDyr/qvYbYtcD6M4wprIO2cvajCA+5l7MKDswp8X/8H7+zbFQTj1TuypiX8i/QOtBVHXrCuLZIfjCkqjZvw7GnaXXu0z0fWnGQJQxIyBw1AK1HYyTAB0MLjaIavp0VWG9JSkZc62nrtPMibz6amO" ], | |
"keyUse" : [ "ENC" ], | |
"certificate" : [ "MIICpzCCAY8CBgGOMUd0wjANBgkqhkiG9w0BAQsFADAXMRUwEwYDVQQDDAxmbGFza0FwcFRlc3QwHhcNMjQwMzEyMDYwNzMwWhcNMzQwMzEyMDYwOTEwWjAXMRUwEwYDVQQDDAxmbGFza0FwcFRlc3QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPuGWeRB0SjAc27dPb7Tib5UF1/npNNpWWYEt88g6Tngxxzt8etLkTbAK/zvt//P9UW2cm3Ed2DeZ17/rqhdcx025SvAKbL+zXlTuFWYgX9rpM6zNlxux6ZQ8lDQbNT6GQN+HXw/kWEiplnvz8U8ZDAbPEci02emBd5lizDOGNWoXG5Nytdgt6QaA2OyBIuPH1ARJGVH33QtC0Auz+zuGr22rbGzldQCq5P8CjCkicdsRuhI9FAW1lax59jzdC3c2wumaU3v5zkbyP1q3TDzuMZBJrRdy95oqSn2htP4UMIyZJV6GGlAG7d9E45R2qZskvg9RCMnCOtS2iak0f5MvnAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAMu4xx/Xg7EcERQhLt3tWhNh52rItms+BM6R6FCIVSPfRVM+E5eQw6VbvTl0YmdLUma7YEjSyA0t8sx95cs2cm+Dfn/Jzuq0bIf5n0a0O9nClp0o1N/nuAZoR2ZZ31i8YbKTGh84BN82p3x3xSjjCS/AMWXE6aWw+NesBGS2lxXyg1IpChF3bhsyLh0keKlIp3wSHzRaTauyaoBCJKE66ywcC7aHo9B5qNhDOiE0oHTioiSqcIFWAcZgKzLXGTQIlXZ6JaSOy1xVOe+/MyFeNl+vO56DvFJydgH4yexOFotz6CfIYbYFvZ1ERCsF70JrlkYgZaHx9iz+U2y0oSjDo1g=" ], | |
"priority" : [ "100" ], | |
"algorithm" : [ "RSA-OAEP" ] | |
} | |
}, { | |
"id" : "cf6a7029-1e52-48da-8155-5ee22964bae8", | |
"name" : "aes-generated", | |
"providerId" : "aes-generated", | |
"subComponents" : { }, | |
"config" : { | |
"kid" : [ "80b898af-3c7b-4b34-a3ab-0f1d50d27956" ], | |
"secret" : [ "e45MP1mHukCi3KsLpm7OpA" ], | |
"priority" : [ "100" ] | |
} | |
}, { | |
"id" : "b9ad6274-0d96-4b66-9064-63e06d2599f5", | |
"name" : "hmac-generated-hs512", | |
"providerId" : "hmac-generated", | |
"subComponents" : { }, | |
"config" : { | |
"kid" : [ "6a379f67-c0e6-4ff6-8690-2516df19b843" ], | |
"secret" : [ "I3CbdD48cvNgeV2rRT3ZIacLj7VQvBoHY35SsnOO1Dd0JMYObxOQcDGUylCbac0DayBi0X9mPc_To7o_ndmJ0qxPVK9lmnpY4pt5kiZoK1di7vUyvJ4mDcG14kj7e23rxZ8GvWGNXpcCi6IaeBwXYGQuaTfaIK3omcF6zkzCFro" ], | |
"priority" : [ "100" ], | |
"algorithm" : [ "HS512" ] | |
} | |
}, { | |
"id" : "b1a61fbc-df29-402c-950f-901b7aeeb36e", | |
"name" : "rsa-generated", | |
"providerId" : "rsa-generated", | |
"subComponents" : { }, | |
"config" : { | |
"privateKey" : [ "MIIEpQIBAAKCAQEA44s9sE7gta6rmhOPzo/2XVQZBRKKIGG8lFy8aIOZNp41Xyq1skN6jPo2M+J/fKikDMja+0euwJtoq7MJCDgMskUqS6zfRXaH+eCZ0UW174E5OeCUK2PUNhkefdAf+1jPd29LOiMTuDHWbjKpzze8dFIc9MpVmQu5hZMvVtxADq0yZEAybUUl9uvQjcUvfoc5/QDXyLqpQEQBiOMCwlZ743fIJ9CzYiQxWVD18P2Q+1XYX0hSVmfua0WfrPwYwWVqvidsexeI7KTiLk6pKzEx9AJGt3zO/oZJj+gNK+udTYt4wZdF/ZOw5DzoOvnllF33ohKe4KDv4UuxrduH26M9RwIDAQABAoIBAFQT5z92ZeG8IPxVrhWNbGMf5/7P0uoUMzI+8f9MYRilbOM1TN4JwQbGjbCuSJ0vUy7GKOQgoJna0tpe1T+MNmTI2dAMmJN6MNRMAYoqUAenoBWaviUqRgeXUIT8mlSthDuFjC53N5ogEDO31LcUyTXSAZESEn7yriKFOEDIMYM6Gb23lLxZo+obyrnf9dCQsOSF+XByh6uE+3W1szQyFVweqEZWnWD85tJC0do/PunoBvNkzT+PCrn2mh3AVqM/oWIuICVEtpoLxGmWzl5NP8OSTvELpPnbCmdG2kxh3a5+k+kHz4x0YLK5ql1GglKrexMoTDx743wLxteHgbtvfgECgYEA85igDW2q4+rChm51dmCtvZT/ubhErVREftsXkcCBittEQubzHMKKL5xdARx+a57MHj6NJ4BP+CWDcXDeUuJkl8HeGFfu3oMTghjgHqXLRR985oM4JJEB++MIGK6fnbaPZv9e7dvwoouh1OGdjKp2b2PCx5DgKKibeAN5wOJdJOECgYEA7yFeJvyTPFdvAq74nfaftS8Dwr42+f9Q4TO+qU/rrM0gnU27d2umcN/y0D3HBSCWZ2FN+lSRd9OScFMCaONrVg2hAWPOIe0NdYIoWL0XzQW4WKRMjUbd/U6l6/9+d1cWbjNA9umxdqIS8fRJqT6rQY4yapXyVnzG3C2nyigHfycCgYEAnfzqKWtsP1/+BARWCI3RgTjG1qQtXqFdv0zHr49ENVPapO121btStmhaZaMeVxxp1F/LWsg8lXt3EbcbanRMu6RQMEevs/8dQu5xRU9QU6eFcVe/rO+jcsOfd6qh+T7zKOENp4VTP4kCT7h4X0gbgkkYhihvSc947dCLQc9Oi+ECgYEAsqqVtD9mquEQ2kptC2knLrJv9uM0JFm0zm5g+BP0nGmvApj/hlxyQUeyHhDqUFRmy9sR7gWdoo/7i90ZodC5c9Q/BdDSRNrfAXs8NgEidVbew6wOXkgiuI44vjlo/jWdVr0IvvMgWukBirHhD4j5X8Oku6pJJIGZ+wxJn2uFHmUCgYEAwq8Y2EgmEgz6mkq72qi5YFryCR2HiCSR9I6l/jsu9UZ90EZiKscIf3EsU8Mq1jKW5tzOvddQggEncN0SFO32igGBUmwRiM1OHxrI7V3Twupyr55uJYH46nGyRhscW2p0mgN26H5eP+70/z+raii+SKdBn+JhnOK9baGkerZ9QzA=" ], | |
"keyUse" : [ "SIG" ], | |
"certificate" : [ "MIICpzCCAY8CBgGOMUd0RTANBgkqhkiG9w0BAQsFADAXMRUwEwYDVQQDDAxmbGFza0FwcFRlc3QwHhcNMjQwMzEyMDYwNzMwWhcNMzQwMzEyMDYwOTEwWjAXMRUwEwYDVQQDDAxmbGFza0FwcFRlc3QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDjiz2wTuC1rquaE4/Oj/ZdVBkFEoogYbyUXLxog5k2njVfKrWyQ3qM+jYz4n98qKQMyNr7R67Am2irswkIOAyyRSpLrN9Fdof54JnRRbXvgTk54JQrY9Q2GR590B/7WM93b0s6IxO4MdZuMqnPN7x0Uhz0ylWZC7mFky9W3EAOrTJkQDJtRSX269CNxS9+hzn9ANfIuqlARAGI4wLCVnvjd8gn0LNiJDFZUPXw/ZD7VdhfSFJWZ+5rRZ+s/BjBZWq+J2x7F4jspOIuTqkrMTH0Aka3fM7+hkmP6A0r651Ni3jBl0X9k7DkPOg6+eWUXfeiEp7goO/hS7Gt24fboz1HAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAIJCfRZr6C0WYuRSGTjkE25ZwgA/Wxxm85AIw8QeNbE5HwhzCJnYdn74z94vm3iWBfoRYmdlie8LHXE9DeX7+8I1xhg4QOcbDuI5IsEcC7Bq5Er/fQu4I8mA0P9phymGT6NQx2YqH8B70FSmJ1iwK8X0z/mHfZSPS6uSp8IxUV6rO7NKi1ZChzXcczXDCghdESuRKL2D/CudiLqyRZNm+OSsqj9VxIPqFuTibRmXQp3hutsoucNgeCNtUS1uNf2BKyWBTc33C2dxa5+J7u9baJhMFNg9h4K90XPkVudZ5VH5jzYqIUN8p8WeYCFPPwCeVI5A69Cye+e3yrKSmUUEkQA=" ], | |
"priority" : [ "100" ] | |
} | |
} ] | |
}, | |
"internationalizationEnabled" : false, | |
"supportedLocales" : [ ], | |
"authenticationFlows" : [ { | |
"id" : "b6e03c6b-ece4-4c3f-92c9-e91781a439e1", | |
"alias" : "Account verification options", | |
"description" : "Method with which to verity the existing account", | |
"providerId" : "basic-flow", | |
"topLevel" : false, | |
"builtIn" : true, | |
"authenticationExecutions" : [ { | |
"authenticator" : "idp-email-verification", | |
"authenticatorFlow" : false, | |
"requirement" : "ALTERNATIVE", | |
"priority" : 10, | |
"autheticatorFlow" : false, | |
"userSetupAllowed" : false | |
}, { | |
"authenticatorFlow" : true, | |
"requirement" : "ALTERNATIVE", | |
"priority" : 20, | |
"autheticatorFlow" : true, | |
"flowAlias" : "Verify Existing Account by Re-authentication", | |
"userSetupAllowed" : false | |
} ] | |
}, { | |
"id" : "7abf834a-1b6f-4177-802b-bb7b80bd4982", | |
"alias" : "Browser - Conditional OTP", | |
"description" : "Flow to determine if the OTP is required for the authentication", | |
"providerId" : "basic-flow", | |
"topLevel" : false, | |
"builtIn" : true, | |
"authenticationExecutions" : [ { | |
"authenticator" : "conditional-user-configured", | |
"authenticatorFlow" : false, | |
"requirement" : "REQUIRED", | |
"priority" : 10, | |
"autheticatorFlow" : false, | |
"userSetupAllowed" : false | |
}, { | |
"authenticator" : "auth-otp-form", | |
"authenticatorFlow" : false, | |
"requirement" : "REQUIRED", | |
"priority" : 20, | |
"autheticatorFlow" : false, | |
"userSetupAllowed" : false | |
} ] | |
}, { | |
"id" : "3fbe9eb8-752f-4247-9347-bf763668da52", | |
"alias" : "Direct Grant - Conditional OTP", | |
"description" : "Flow to determine if the OTP is required for the authentication", | |
"providerId" : "basic-flow", | |
"topLevel" : false, | |
"builtIn" : true, | |
"authenticationExecutions" : [ { | |
"authenticator" : "conditional-user-configured", | |
"authenticatorFlow" : false, | |
"requirement" : "REQUIRED", | |
"priority" : 10, | |
"autheticatorFlow" : false, | |
"userSetupAllowed" : false | |
}, { | |
"authenticator" : "direct-grant-validate-otp", | |
"authenticatorFlow" : false, | |
"requirement" : "REQUIRED", | |
"priority" : 20, | |
"autheticatorFlow" : false, | |
"userSetupAllowed" : false | |
} ] | |
}, { | |
"id" : "463caab3-4927-49ee-9b49-8f6ff1fa768f", | |
"alias" : "First broker login - Conditional OTP", | |
"description" : "Flow to determine if the OTP is required for the authentication", | |
"providerId" : "basic-flow", | |
"topLevel" : false, | |
"builtIn" : true, | |
"authenticationExecutions" : [ { | |
"authenticator" : "conditional-user-configured", | |
"authenticatorFlow" : false, | |
"requirement" : "REQUIRED", | |
"priority" : 10, | |
"autheticatorFlow" : false, | |
"userSetupAllowed" : false | |
}, { | |
"authenticator" : "auth-otp-form", | |
"authenticatorFlow" : false, | |
"requirement" : "REQUIRED", | |
"priority" : 20, | |
"autheticatorFlow" : false, | |
"userSetupAllowed" : false | |
} ] | |
}, { | |
"id" : "904629d6-6f37-47e8-93b7-22ad7e479963", | |
"alias" : "Handle Existing Account", | |
"description" : "Handle what to do if there is existing account with same email/username like authenticated identity provider", | |
"providerId" : "basic-flow", | |
"topLevel" : false, | |
"builtIn" : true, | |
"authenticationExecutions" : [ { | |
"authenticator" : "idp-confirm-link", | |
"authenticatorFlow" : false, | |
"requirement" : "REQUIRED", | |
"priority" : 10, | |
"autheticatorFlow" : false, | |
"userSetupAllowed" : false | |
}, { | |
"authenticatorFlow" : true, | |
"requirement" : "REQUIRED", | |
"priority" : 20, | |
"autheticatorFlow" : true, | |
"flowAlias" : "Account verification options", | |
"userSetupAllowed" : false | |
} ] | |
}, { | |
"id" : "629946ae-e3c7-4c6a-a62a-4bcda2718739", | |
"alias" : "Reset - Conditional OTP", | |
"description" : "Flow to determine if the OTP should be reset or not. Set to REQUIRED to force.", | |
"providerId" : "basic-flow", | |
"topLevel" : false, | |
"builtIn" : true, | |
"authenticationExecutions" : [ { | |
"authenticator" : "conditional-user-configured", | |
"authenticatorFlow" : false, | |
"requirement" : "REQUIRED", | |
"priority" : 10, | |
"autheticatorFlow" : false, | |
"userSetupAllowed" : false | |
}, { | |
"authenticator" : "reset-otp", | |
"authenticatorFlow" : false, | |
"requirement" : "REQUIRED", | |
"priority" : 20, | |
"autheticatorFlow" : false, | |
"userSetupAllowed" : false | |
} ] | |
}, { | |
"id" : "8a55e731-10b7-4eac-aef9-9a7e618bf96f", | |
"alias" : "User creation or linking", | |
"description" : "Flow for the existing/non-existing user alternatives", | |
"providerId" : "basic-flow", | |
"topLevel" : false, | |
"builtIn" : true, | |
"authenticationExecutions" : [ { | |
"authenticatorConfig" : "create unique user config", | |
"authenticator" : "idp-create-user-if-unique", | |
"authenticatorFlow" : false, | |
"requirement" : "ALTERNATIVE", | |
"priority" : 10, | |
"autheticatorFlow" : false, | |
"userSetupAllowed" : false | |
}, { | |
"authenticatorFlow" : true, | |
"requirement" : "ALTERNATIVE", | |
"priority" : 20, | |
"autheticatorFlow" : true, | |
"flowAlias" : "Handle Existing Account", | |
"userSetupAllowed" : false | |
} ] | |
}, { | |
"id" : "140db9a5-3c51-45a2-90cd-9d90e82ddad5", | |
"alias" : "Verify Existing Account by Re-authentication", | |
"description" : "Reauthentication of existing account", | |
"providerId" : "basic-flow", | |
"topLevel" : false, | |
"builtIn" : true, | |
"authenticationExecutions" : [ { | |
"authenticator" : "idp-username-password-form", | |
"authenticatorFlow" : false, | |
"requirement" : "REQUIRED", | |
"priority" : 10, | |
"autheticatorFlow" : false, | |
"userSetupAllowed" : false | |
}, { | |
"authenticatorFlow" : true, | |
"requirement" : "CONDITIONAL", | |
"priority" : 20, | |
"autheticatorFlow" : true, | |
"flowAlias" : "First broker login - Conditional OTP", | |
"userSetupAllowed" : false | |
} ] | |
}, { | |
"id" : "087fad00-fe3a-4fb4-9b92-a08a0fc8ce1a", | |
"alias" : "browser", | |
"description" : "browser based authentication", | |
"providerId" : "basic-flow", | |
"topLevel" : true, | |
"builtIn" : true, | |
"authenticationExecutions" : [ { | |
"authenticator" : "auth-cookie", | |
"authenticatorFlow" : false, | |
"requirement" : "ALTERNATIVE", | |
"priority" : 10, | |
"autheticatorFlow" : false, | |
"userSetupAllowed" : false | |
}, { | |
"authenticator" : "auth-spnego", | |
"authenticatorFlow" : false, | |
"requirement" : "DISABLED", | |
"priority" : 20, | |
"autheticatorFlow" : false, | |
"userSetupAllowed" : false | |
}, { | |
"authenticator" : "identity-provider-redirector", | |
"authenticatorFlow" : false, | |
"requirement" : "ALTERNATIVE", | |
"priority" : 25, | |
"autheticatorFlow" : false, | |
"userSetupAllowed" : false | |
}, { | |
"authenticatorFlow" : true, | |
"requirement" : "ALTERNATIVE", | |
"priority" : 30, | |
"autheticatorFlow" : true, | |
"flowAlias" : "forms", | |
"userSetupAllowed" : false | |
} ] | |
}, { | |
"id" : "647bf856-bf35-4f15-a3c1-1a0ffaf031ff", | |
"alias" : "clients", | |
"description" : "Base authentication for clients", | |
"providerId" : "client-flow", | |
"topLevel" : true, | |
"builtIn" : true, | |
"authenticationExecutions" : [ { | |
"authenticator" : "client-secret", | |
"authenticatorFlow" : false, | |
"requirement" : "ALTERNATIVE", | |
"priority" : 10, | |
"autheticatorFlow" : false, | |
"userSetupAllowed" : false | |
}, { | |
"authenticator" : "client-jwt", | |
"authenticatorFlow" : false, | |
"requirement" : "ALTERNATIVE", | |
"priority" : 20, | |
"autheticatorFlow" : false, | |
"userSetupAllowed" : false | |
}, { | |
"authenticator" : "client-secret-jwt", | |
"authenticatorFlow" : false, | |
"requirement" : "ALTERNATIVE", | |
"priority" : 30, | |
"autheticatorFlow" : false, | |
"userSetupAllowed" : false | |
}, { | |
"authenticator" : "client-x509", | |
"authenticatorFlow" : false, | |
"requirement" : "ALTERNATIVE", | |
"priority" : 40, | |
"autheticatorFlow" : false, | |
"userSetupAllowed" : false | |
} ] | |
}, { | |
"id" : "04b1134e-3d52-42c5-9e49-0b4e971c9056", | |
"alias" : "direct grant", | |
"description" : "OpenID Connect Resource Owner Grant", | |
"providerId" : "basic-flow", | |
"topLevel" : true, | |
"builtIn" : true, | |
"authenticationExecutions" : [ { | |
"authenticator" : "direct-grant-validate-username", | |
"authenticatorFlow" : false, | |
"requirement" : "REQUIRED", | |
"priority" : 10, | |
"autheticatorFlow" : false, | |
"userSetupAllowed" : false | |
}, { | |
"authenticator" : "direct-grant-validate-password", | |
"authenticatorFlow" : false, | |
"requirement" : "REQUIRED", | |
"priority" : 20, | |
"autheticatorFlow" : false, | |
"userSetupAllowed" : false | |
}, { | |
"authenticatorFlow" : true, | |
"requirement" : "CONDITIONAL", | |
"priority" : 30, | |
"autheticatorFlow" : true, | |
"flowAlias" : "Direct Grant - Conditional OTP", | |
"userSetupAllowed" : false | |
} ] | |
}, { | |
"id" : "e3e53d6f-8d77-43cc-8676-6ea60560a5de", | |
"alias" : "docker auth", | |
"description" : "Used by Docker clients to authenticate against the IDP", | |
"providerId" : "basic-flow", | |
"topLevel" : true, | |
"builtIn" : true, | |
"authenticationExecutions" : [ { | |
"authenticator" : "docker-http-basic-authenticator", | |
"authenticatorFlow" : false, | |
"requirement" : "REQUIRED", | |
"priority" : 10, | |
"autheticatorFlow" : false, | |
"userSetupAllowed" : false | |
} ] | |
}, { | |
"id" : "d441ee9e-f8aa-4c36-94cb-5f342391fcd9", | |
"alias" : "first broker login", | |
"description" : "Actions taken after first broker login with identity provider account, which is not yet linked to any Keycloak account", | |
"providerId" : "basic-flow", | |
"topLevel" : true, | |
"builtIn" : true, | |
"authenticationExecutions" : [ { | |
"authenticatorConfig" : "review profile config", | |
"authenticator" : "idp-review-profile", | |
"authenticatorFlow" : false, | |
"requirement" : "REQUIRED", | |
"priority" : 10, | |
"autheticatorFlow" : false, | |
"userSetupAllowed" : false | |
}, { | |
"authenticatorFlow" : true, | |
"requirement" : "REQUIRED", | |
"priority" : 20, | |
"autheticatorFlow" : true, | |
"flowAlias" : "User creation or linking", | |
"userSetupAllowed" : false | |
} ] | |
}, { | |
"id" : "457b5ad7-a23b-47dc-afbc-b1a5fc35c7f1", | |
"alias" : "forms", | |
"description" : "Username, password, otp and other auth forms.", | |
"providerId" : "basic-flow", | |
"topLevel" : false, | |
"builtIn" : true, | |
"authenticationExecutions" : [ { | |
"authenticator" : "auth-username-password-form", | |
"authenticatorFlow" : false, | |
"requirement" : "REQUIRED", | |
"priority" : 10, | |
"autheticatorFlow" : false, | |
"userSetupAllowed" : false | |
}, { | |
"authenticatorFlow" : true, | |
"requirement" : "CONDITIONAL", | |
"priority" : 20, | |
"autheticatorFlow" : true, | |
"flowAlias" : "Browser - Conditional OTP", | |
"userSetupAllowed" : false | |
} ] | |
}, { | |
"id" : "fcd691fb-8a3c-420a-9325-9dea0b2462e0", | |
"alias" : "registration", | |
"description" : "registration flow", | |
"providerId" : "basic-flow", | |
"topLevel" : true, | |
"builtIn" : true, | |
"authenticationExecutions" : [ { | |
"authenticator" : "registration-page-form", | |
"authenticatorFlow" : true, | |
"requirement" : "REQUIRED", | |
"priority" : 10, | |
"autheticatorFlow" : true, | |
"flowAlias" : "registration form", | |
"userSetupAllowed" : false | |
} ] | |
}, { | |
"id" : "a1553261-9fc6-4acd-ab32-c18d9ec541c3", | |
"alias" : "registration form", | |
"description" : "registration form", | |
"providerId" : "form-flow", | |
"topLevel" : false, | |
"builtIn" : true, | |
"authenticationExecutions" : [ { | |
"authenticator" : "registration-user-creation", | |
"authenticatorFlow" : false, | |
"requirement" : "REQUIRED", | |
"priority" : 20, | |
"autheticatorFlow" : false, | |
"userSetupAllowed" : false | |
}, { | |
"authenticator" : "registration-password-action", | |
"authenticatorFlow" : false, | |
"requirement" : "REQUIRED", | |
"priority" : 50, | |
"autheticatorFlow" : false, | |
"userSetupAllowed" : false | |
}, { | |
"authenticator" : "registration-recaptcha-action", | |
"authenticatorFlow" : false, | |
"requirement" : "DISABLED", | |
"priority" : 60, | |
"autheticatorFlow" : false, | |
"userSetupAllowed" : false | |
}, { | |
"authenticator" : "registration-terms-and-conditions", | |
"authenticatorFlow" : false, | |
"requirement" : "DISABLED", | |
"priority" : 70, | |
"autheticatorFlow" : false, | |
"userSetupAllowed" : false | |
} ] | |
}, { | |
"id" : "efa8e588-b443-4a8a-82fb-05423d00c828", | |
"alias" : "reset credentials", | |
"description" : "Reset credentials for a user if they forgot their password or something", | |
"providerId" : "basic-flow", | |
"topLevel" : true, | |
"builtIn" : true, | |
"authenticationExecutions" : [ { | |
"authenticator" : "reset-credentials-choose-user", | |
"authenticatorFlow" : false, | |
"requirement" : "REQUIRED", | |
"priority" : 10, | |
"autheticatorFlow" : false, | |
"userSetupAllowed" : false | |
}, { | |
"authenticator" : "reset-credential-email", | |
"authenticatorFlow" : false, | |
"requirement" : "REQUIRED", | |
"priority" : 20, | |
"autheticatorFlow" : false, | |
"userSetupAllowed" : false | |
}, { | |
"authenticator" : "reset-password", | |
"authenticatorFlow" : false, | |
"requirement" : "REQUIRED", | |
"priority" : 30, | |
"autheticatorFlow" : false, | |
"userSetupAllowed" : false | |
}, { | |
"authenticatorFlow" : true, | |
"requirement" : "CONDITIONAL", | |
"priority" : 40, | |
"autheticatorFlow" : true, | |
"flowAlias" : "Reset - Conditional OTP", | |
"userSetupAllowed" : false | |
} ] | |
}, { | |
"id" : "3f28804b-b72a-4e4d-a249-1128157d888e", | |
"alias" : "saml ecp", | |
"description" : "SAML ECP Profile Authentication Flow", | |
"providerId" : "basic-flow", | |
"topLevel" : true, | |
"builtIn" : true, | |
"authenticationExecutions" : [ { | |
"authenticator" : "http-basic-authenticator", | |
"authenticatorFlow" : false, | |
"requirement" : "REQUIRED", | |
"priority" : 10, | |
"autheticatorFlow" : false, | |
"userSetupAllowed" : false | |
} ] | |
} ], | |
"authenticatorConfig" : [ { | |
"id" : "0e728444-75bc-47d3-a8cc-0481349f3e42", | |
"alias" : "create unique user config", | |
"config" : { | |
"require.password.update.after.registration" : "false" | |
} | |
}, { | |
"id" : "92a4b7c8-ff70-4e56-a53b-aba1d1967b46", | |
"alias" : "review profile config", | |
"config" : { | |
"update.profile.on.first.login" : "missing" | |
} | |
} ], | |
"requiredActions" : [ { | |
"alias" : "CONFIGURE_TOTP", | |
"name" : "Configure OTP", | |
"providerId" : "CONFIGURE_TOTP", | |
"enabled" : true, | |
"defaultAction" : false, | |
"priority" : 10, | |
"config" : { } | |
}, { | |
"alias" : "TERMS_AND_CONDITIONS", | |
"name" : "Terms and Conditions", | |
"providerId" : "TERMS_AND_CONDITIONS", | |
"enabled" : false, | |
"defaultAction" : false, | |
"priority" : 20, | |
"config" : { } | |
}, { | |
"alias" : "UPDATE_PASSWORD", | |
"name" : "Update Password", | |
"providerId" : "UPDATE_PASSWORD", | |
"enabled" : true, | |
"defaultAction" : false, | |
"priority" : 30, | |
"config" : { } | |
}, { | |
"alias" : "UPDATE_PROFILE", | |
"name" : "Update Profile", | |
"providerId" : "UPDATE_PROFILE", | |
"enabled" : true, | |
"defaultAction" : false, | |
"priority" : 40, | |
"config" : { } | |
}, { | |
"alias" : "VERIFY_EMAIL", | |
"name" : "Verify Email", | |
"providerId" : "VERIFY_EMAIL", | |
"enabled" : true, | |
"defaultAction" : false, | |
"priority" : 50, | |
"config" : { } | |
}, { | |
"alias" : "delete_account", | |
"name" : "Delete Account", | |
"providerId" : "delete_account", | |
"enabled" : false, | |
"defaultAction" : false, | |
"priority" : 60, | |
"config" : { } | |
}, { | |
"alias" : "webauthn-register", | |
"name" : "Webauthn Register", | |
"providerId" : "webauthn-register", | |
"enabled" : true, | |
"defaultAction" : false, | |
"priority" : 70, | |
"config" : { } | |
}, { | |
"alias" : "webauthn-register-passwordless", | |
"name" : "Webauthn Register Passwordless", | |
"providerId" : "webauthn-register-passwordless", | |
"enabled" : true, | |
"defaultAction" : false, | |
"priority" : 80, | |
"config" : { } | |
}, { | |
"alias" : "VERIFY_PROFILE", | |
"name" : "Verify Profile", | |
"providerId" : "VERIFY_PROFILE", | |
"enabled" : true, | |
"defaultAction" : false, | |
"priority" : 90, | |
"config" : { } | |
}, { | |
"alias" : "update_user_locale", | |
"name" : "Update User Locale", | |
"providerId" : "update_user_locale", | |
"enabled" : true, | |
"defaultAction" : false, | |
"priority" : 1000, | |
"config" : { } | |
} ], | |
"browserFlow" : "browser", | |
"registrationFlow" : "registration", | |
"directGrantFlow" : "direct grant", | |
"resetCredentialsFlow" : "reset credentials", | |
"clientAuthenticationFlow" : "clients", | |
"dockerAuthenticationFlow" : "docker auth", | |
"firstBrokerLoginFlow" : "first broker login", | |
"attributes" : { | |
"cibaBackchannelTokenDeliveryMode" : "poll", | |
"cibaAuthRequestedUserHint" : "login_hint", | |
"oauth2DevicePollingInterval" : "5", | |
"clientOfflineSessionMaxLifespan" : "0", | |
"clientSessionIdleTimeout" : "0", | |
"actionTokenGeneratedByUserLifespan.verify-email" : "", | |
"actionTokenGeneratedByUserLifespan.idp-verify-account-via-email" : "", | |
"clientOfflineSessionIdleTimeout" : "0", | |
"actionTokenGeneratedByUserLifespan.execute-actions" : "", | |
"cibaInterval" : "5", | |
"realmReusableOtpCode" : "false", | |
"cibaExpiresIn" : "120", | |
"oauth2DeviceCodeLifespan" : "600", | |
"parRequestUriLifespan" : "60", | |
"clientSessionMaxLifespan" : "0", | |
"shortVerificationUri" : "", | |
"actionTokenGeneratedByUserLifespan.reset-credentials" : "" | |
}, | |
"keycloakVersion" : "24.0.1", | |
"userManagedAccessAllowed" : false, | |
"clientProfiles" : { | |
"profiles" : [ ] | |
}, | |
"clientPolicies" : { | |
"policies" : [ ] | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment