Skip to content

Instantly share code, notes, and snippets.

@LUCIFERsDen26

LUCIFERsDen26/app.py

Forked from thomasdarimont/app.py
Last active March 12, 2024 10:01
Show Gist options
  • Save LUCIFERsDen26/25ffedfd4101e0d99703211172df0bbf to your computer and use it in GitHub Desktop.
Save LUCIFERsDen26/25ffedfd4101e0d99703211172df0bbf to your computer and use it in GitHub Desktop.
Download ZIP
Simple python example using flask, flask_oidc with keycloak server
Raw
app.py
import json
import logging
from flask import Flask, g
from flask_oidc import OpenIDConnect
import requests
logging.basicConfig(level=logging.DEBUG)
app = Flask(__name__)
app.config.update({
'SECRET_KEY': 'SomethingNotEntirelySecret',
'TESTING': True,
'DEBUG': True,
'OIDC_CLIENT_SECRETS': 'client_secrets.json',
'OIDC_ID_TOKEN_COOKIE_SECURE': False,
# 'OIDC_REQUIRE_VERIFIED_EMAIL': False,
'OIDC_USER_INFO_ENABLED': True,
'OIDC_OPENID_REALM': 'flaskAppTest',
'OIDC_SCOPES': ['openid', 'email', 'profile'],
'OIDC_INTROSPECTION_AUTH_METHOD': 'client_secret_post'
})
oidc = OpenIDConnect(app)
@app.route('/')
def hello_world():
if oidc.user_loggedin:
return ('Hello, %s, <a href="/private">See private</a> '
'<a href="/logout">Log out</a>') % \
oidc.user_getfield('preferred_username')
else:
return 'Welcome anonymous, <a href="/private">Log in</a>'
@app.route('/private')
@oidc.require_login
def hello_me():
"""Example for protected endpoint that extracts private information from the OpenID Connect id_token.
Uses the accompanied access_token to access a backend service.
"""
info = oidc.user_getinfo(['preferred_username', 'email', 'sub'])
#print(info)
username = info.get('preferred_username')
email = info.get('email')
user_id = info.get('sub')
if oidc.user_loggedin:
access_token = oidc.get_access_token()
#print('access_token=<%s>' % access_token)
return ("""%s your email is %s and your user_id is %s!
<ul>
<li><a href="/">Home</a></li>
</ul>""" %
("Good Morning", email, user_id))
@app.route('/signout')
def logout():
id_token = session.get('oidc_auth_token').get('id_token')
return redirect(
"https://my-key-cloak/realms/my-realm/protocol/openid-connect/logout?id_token_hint=%s&post_logout_redirect_uri=%s" % (id_token, urllib.parse.quote("http://localhost/logout", safe='')))
oidc.logout()
return 'Hi, you have been logged out! <a href="/">Return</a>'
if __name__ == '__main__':
app.run()
Raw
client_secrets.json
{
"web": {
"issuer": "http://0.0.0.0:8080/realms/flaskAppTest",
"auth_uri": "http://0.0.0.0:8080/realms/flaskAppTest/protocol/openid-connect/auth",
"client_id": "restFalskAppClient",
"client_secret": "wrzxUB87fdhMa8p3I3gfSXydlGOv2rA9",
"redirect_uris": [
"http://localhost:5000/*"
],
"userinfo_uri": "http://0.0.0.0:8080/realms/flaskAppTest/protocol/openid-connect/userinfo",
"token_uri": "http://0.0.0.0:8080/realms/flaskAppTest/protocol/openid-connect/token",
"token_introspection_uri": "http://0.0.0.0:8080/realms/flaskAppTest/protocol/openid-connect/token/introspect"
}
}
Raw
flaskAppTest-realm.json
{
"id" : "b5e4cde3-0669-4c34-a3fa-1ac59119761a",
"realm" : "flaskAppTest",
"notBefore" : 0,
"defaultSignatureAlgorithm" : "RS256",
"revokeRefreshToken" : true,
"refreshTokenMaxReuse" : 0,
"accessTokenLifespan" : 20,
"accessTokenLifespanForImplicitFlow" : 900,
"ssoSessionIdleTimeout" : 30,
"ssoSessionMaxLifespan" : 600,
"ssoSessionIdleTimeoutRememberMe" : 0,
"ssoSessionMaxLifespanRememberMe" : 0,
"offlineSessionIdleTimeout" : 2592000,
"offlineSessionMaxLifespanEnabled" : false,
"offlineSessionMaxLifespan" : 5184000,
"clientSessionIdleTimeout" : 0,
"clientSessionMaxLifespan" : 0,
"clientOfflineSessionIdleTimeout" : 0,
"clientOfflineSessionMaxLifespan" : 0,
"accessCodeLifespan" : 60,
"accessCodeLifespanUserAction" : 300,
"accessCodeLifespanLogin" : 600,
"actionTokenGeneratedByAdminLifespan" : 43200,
"actionTokenGeneratedByUserLifespan" : 300,
"oauth2DeviceCodeLifespan" : 600,
"oauth2DevicePollingInterval" : 5,
"enabled" : true,
"sslRequired" : "external",
"registrationAllowed" : true,
"registrationEmailAsUsername" : false,
"rememberMe" : false,
"verifyEmail" : false,
"loginWithEmailAllowed" : true,
"duplicateEmailsAllowed" : false,
"resetPasswordAllowed" : true,
"editUsernameAllowed" : false,
"bruteForceProtected" : false,
"permanentLockout" : false,
"maxTemporaryLockouts" : 0,
"maxFailureWaitSeconds" : 900,
"minimumQuickLoginWaitSeconds" : 60,
"waitIncrementSeconds" : 60,
"quickLoginCheckMilliSeconds" : 1000,
"maxDeltaTimeSeconds" : 43200,
"failureFactor" : 30,
"roles" : {
"realm" : [ {
"id" : "6cd8cb02-0bfe-4303-9603-f81167b36f16",
"name" : "uma_authorization",
"description" : "${role_uma_authorization}",
"composite" : false,
"clientRole" : false,
"containerId" : "b5e4cde3-0669-4c34-a3fa-1ac59119761a",
"attributes" : { }
}, {
"id" : "f91fa959-3558-4eb3-9bd1-dd4f430f9b7a",
"name" : "offline_access",
"description" : "${role_offline-access}",
"composite" : false,
"clientRole" : false,
"containerId" : "b5e4cde3-0669-4c34-a3fa-1ac59119761a",
"attributes" : { }
}, {
"id" : "d22e51b9-b53b-462b-a488-7d81f36e2cc4",
"name" : "default-roles-flaskapptest",
"description" : "${role_default-roles}",
"composite" : true,
"composites" : {
"realm" : [ "offline_access", "uma_authorization" ],
"client" : {
"account" : [ "manage-account", "view-profile" ]
}
},
"clientRole" : false,
"containerId" : "b5e4cde3-0669-4c34-a3fa-1ac59119761a",
"attributes" : { }
} ],
"client" : {
"realm-management" : [ {
"id" : "8cda773b-1cdd-4223-a736-d1f1fd83d45b",
"name" : "manage-authorization",
"description" : "${role_manage-authorization}",
"composite" : false,
"clientRole" : true,
"containerId" : "0ccf8439-7a4f-4795-b2ec-7c9783c960af",
"attributes" : { }
}, {
"id" : "00e6bcf2-b9d8-458d-a36a-d1db60e41683",
"name" : "manage-realm",
"description" : "${role_manage-realm}",
"composite" : false,
"clientRole" : true,
"containerId" : "0ccf8439-7a4f-4795-b2ec-7c9783c960af",
"attributes" : { }
}, {
"id" : "5c84fd1c-750e-47e4-8017-b2130c1af55d",
"name" : "create-client",
"description" : "${role_create-client}",
"composite" : false,
"clientRole" : true,
"containerId" : "0ccf8439-7a4f-4795-b2ec-7c9783c960af",
"attributes" : { }
}, {
"id" : "0f6a2738-e82a-476d-a703-e5741cfee68f",
"name" : "query-clients",
"description" : "${role_query-clients}",
"composite" : false,
"clientRole" : true,
"containerId" : "0ccf8439-7a4f-4795-b2ec-7c9783c960af",
"attributes" : { }
}, {
"id" : "ec556b61-4313-4625-bbfa-6d7e00533263",
"name" : "manage-identity-providers",
"description" : "${role_manage-identity-providers}",
"composite" : false,
"clientRole" : true,
"containerId" : "0ccf8439-7a4f-4795-b2ec-7c9783c960af",
"attributes" : { }
}, {
"id" : "5579282d-5df3-4ae2-84f2-ec4a7ee3af08",
"name" : "query-realms",
"description" : "${role_query-realms}",
"composite" : false,
"clientRole" : true,
"containerId" : "0ccf8439-7a4f-4795-b2ec-7c9783c960af",
"attributes" : { }
}, {
"id" : "8b5dd03f-89b2-4386-851b-ec362cdb1a0c",
"name" : "realm-admin",
"description" : "${role_realm-admin}",
"composite" : true,
"composites" : {
"client" : {
"realm-management" : [ "manage-authorization", "manage-realm", "create-client", "query-clients", "query-realms", "manage-identity-providers", "view-realm", "view-identity-providers", "view-clients", "view-users", "view-authorization", "query-users", "impersonation", "manage-users", "query-groups", "manage-clients", "manage-events", "view-events" ]
}
},
"clientRole" : true,
"containerId" : "0ccf8439-7a4f-4795-b2ec-7c9783c960af",
"attributes" : { }
}, {
"id" : "7daf7184-363e-4e12-bdf8-c23ade7da006",
"name" : "view-clients",
"description" : "${role_view-clients}",
"composite" : true,
"composites" : {
"client" : {
"realm-management" : [ "query-clients" ]
}
},
"clientRole" : true,
"containerId" : "0ccf8439-7a4f-4795-b2ec-7c9783c960af",
"attributes" : { }
}, {
"id" : "580200f6-554f-4fed-9257-83b0368ea7ac",
"name" : "view-identity-providers",
"description" : "${role_view-identity-providers}",
"composite" : false,
"clientRole" : true,
"containerId" : "0ccf8439-7a4f-4795-b2ec-7c9783c960af",
"attributes" : { }
}, {
"id" : "1b217913-ac9e-41ae-a9a5-1f5875da495d",
"name" : "view-realm",
"description" : "${role_view-realm}",
"composite" : false,
"clientRole" : true,
"containerId" : "0ccf8439-7a4f-4795-b2ec-7c9783c960af",
"attributes" : { }
}, {
"id" : "a5a4d774-9990-421f-a463-2c1b0a8e042d",
"name" : "view-authorization",
"description" : "${role_view-authorization}",
"composite" : false,
"clientRole" : true,
"containerId" : "0ccf8439-7a4f-4795-b2ec-7c9783c960af",
"attributes" : { }
}, {
"id" : "2fe8d54b-abe1-425a-90bc-661f765335a6",
"name" : "view-users",
"description" : "${role_view-users}",
"composite" : true,
"composites" : {
"client" : {
"realm-management" : [ "query-users", "query-groups" ]
}
},
"clientRole" : true,
"containerId" : "0ccf8439-7a4f-4795-b2ec-7c9783c960af",
"attributes" : { }
}, {
"id" : "b71299dc-d1e7-4b29-a762-68186a13ac85",
"name" : "query-users",
"description" : "${role_query-users}",
"composite" : false,
"clientRole" : true,
"containerId" : "0ccf8439-7a4f-4795-b2ec-7c9783c960af",
"attributes" : { }
}, {
"id" : "d360bbf8-62de-4c4b-9ba3-81ec603bdaab",
"name" : "impersonation",
"description" : "${role_impersonation}",
"composite" : false,
"clientRole" : true,
"containerId" : "0ccf8439-7a4f-4795-b2ec-7c9783c960af",
"attributes" : { }
}, {
"id" : "19f7859b-3883-437c-9c13-92b89e402511",
"name" : "manage-users",
"description" : "${role_manage-users}",
"composite" : false,
"clientRole" : true,
"containerId" : "0ccf8439-7a4f-4795-b2ec-7c9783c960af",
"attributes" : { }
}, {
"id" : "6d0407c8-bff9-430f-9148-d6dc6711bc1c",
"name" : "query-groups",
"description" : "${role_query-groups}",
"composite" : false,
"clientRole" : true,
"containerId" : "0ccf8439-7a4f-4795-b2ec-7c9783c960af",
"attributes" : { }
}, {
"id" : "9ca589df-287f-4397-8aae-4202db74fa59",
"name" : "manage-clients",
"description" : "${role_manage-clients}",
"composite" : false,
"clientRole" : true,
"containerId" : "0ccf8439-7a4f-4795-b2ec-7c9783c960af",
"attributes" : { }
}, {
"id" : "91b4f274-56a7-41dc-9421-48c2ce3ff478",
"name" : "manage-events",
"description" : "${role_manage-events}",
"composite" : false,
"clientRole" : true,
"containerId" : "0ccf8439-7a4f-4795-b2ec-7c9783c960af",
"attributes" : { }
}, {
"id" : "8b67110e-a1b3-44c1-8983-df4ba53dc3c1",
"name" : "view-events",
"description" : "${role_view-events}",
"composite" : false,
"clientRole" : true,
"containerId" : "0ccf8439-7a4f-4795-b2ec-7c9783c960af",
"attributes" : { }
} ],
"security-admin-console" : [ ],
"admin-cli" : [ ],
"restFalskAppClient" : [ ],
"account-console" : [ ],
"broker" : [ {
"id" : "191605d3-ac9b-4b83-b665-f81182233663",
"name" : "read-token",
"description" : "${role_read-token}",
"composite" : false,
"clientRole" : true,
"containerId" : "a434789d-84ad-4a3a-bb33-7d0e3a0454df",
"attributes" : { }
} ],
"account" : [ {
"id" : "1a3f370d-02d6-45af-9626-44a58932daf6",
"name" : "manage-account",
"description" : "${role_manage-account}",
"composite" : true,
"composites" : {
"client" : {
"account" : [ "manage-account-links" ]
}
},
"clientRole" : true,
"containerId" : "c5c7b6b1-67df-4a11-9504-1657c9bb8ec4",
"attributes" : { }
}, {
"id" : "937a83c6-8b6b-4fef-b842-75903b1f50fb",
"name" : "view-groups",
"description" : "${role_view-groups}",
"composite" : false,
"clientRole" : true,
"containerId" : "c5c7b6b1-67df-4a11-9504-1657c9bb8ec4",
"attributes" : { }
}, {
"id" : "6d090c8c-1afb-44d2-823c-facd575415fc",
"name" : "manage-account-links",
"description" : "${role_manage-account-links}",
"composite" : false,
"clientRole" : true,
"containerId" : "c5c7b6b1-67df-4a11-9504-1657c9bb8ec4",
"attributes" : { }
}, {
"id" : "32410eb8-7821-4d31-acae-589d824e7ec1",
"name" : "view-consent",
"description" : "${role_view-consent}",
"composite" : false,
"clientRole" : true,
"containerId" : "c5c7b6b1-67df-4a11-9504-1657c9bb8ec4",
"attributes" : { }
}, {
"id" : "0617f803-940a-449e-8177-69bc605c413c",
"name" : "view-applications",
"description" : "${role_view-applications}",
"composite" : false,
"clientRole" : true,
"containerId" : "c5c7b6b1-67df-4a11-9504-1657c9bb8ec4",
"attributes" : { }
}, {
"id" : "ac664c33-c584-4a1d-a372-534fda3e1d9d",
"name" : "delete-account",
"description" : "${role_delete-account}",
"composite" : false,
"clientRole" : true,
"containerId" : "c5c7b6b1-67df-4a11-9504-1657c9bb8ec4",
"attributes" : { }
}, {
"id" : "99f65ec4-1662-407d-9b32-fa11c90840f8",
"name" : "view-profile",
"description" : "${role_view-profile}",
"composite" : false,
"clientRole" : true,
"containerId" : "c5c7b6b1-67df-4a11-9504-1657c9bb8ec4",
"attributes" : { }
}, {
"id" : "31d23ff7-155e-46d0-810c-e998707adef5",
"name" : "manage-consent",
"description" : "${role_manage-consent}",
"composite" : true,
"composites" : {
"client" : {
"account" : [ "view-consent" ]
}
},
"clientRole" : true,
"containerId" : "c5c7b6b1-67df-4a11-9504-1657c9bb8ec4",
"attributes" : { }
} ]
}
},
"groups" : [ ],
"defaultRole" : {
"id" : "d22e51b9-b53b-462b-a488-7d81f36e2cc4",
"name" : "default-roles-flaskapptest",
"description" : "${role_default-roles}",
"composite" : true,
"clientRole" : false,
"containerId" : "b5e4cde3-0669-4c34-a3fa-1ac59119761a"
},
"requiredCredentials" : [ "password" ],
"otpPolicyType" : "totp",
"otpPolicyAlgorithm" : "HmacSHA1",
"otpPolicyInitialCounter" : 0,
"otpPolicyDigits" : 6,
"otpPolicyLookAheadWindow" : 1,
"otpPolicyPeriod" : 30,
"otpPolicyCodeReusable" : false,
"otpSupportedApplications" : [ "totpAppFreeOTPName", "totpAppGoogleName", "totpAppMicrosoftAuthenticatorName" ],
"localizationTexts" : { },
"webAuthnPolicyRpEntityName" : "keycloak",
"webAuthnPolicySignatureAlgorithms" : [ "ES256" ],
"webAuthnPolicyRpId" : "",
"webAuthnPolicyAttestationConveyancePreference" : "not specified",
"webAuthnPolicyAuthenticatorAttachment" : "not specified",
"webAuthnPolicyRequireResidentKey" : "not specified",
"webAuthnPolicyUserVerificationRequirement" : "not specified",
"webAuthnPolicyCreateTimeout" : 0,
"webAuthnPolicyAvoidSameAuthenticatorRegister" : false,
"webAuthnPolicyAcceptableAaguids" : [ ],
"webAuthnPolicyExtraOrigins" : [ ],
"webAuthnPolicyPasswordlessRpEntityName" : "keycloak",
"webAuthnPolicyPasswordlessSignatureAlgorithms" : [ "ES256" ],
"webAuthnPolicyPasswordlessRpId" : "",
"webAuthnPolicyPasswordlessAttestationConveyancePreference" : "not specified",
"webAuthnPolicyPasswordlessAuthenticatorAttachment" : "not specified",
"webAuthnPolicyPasswordlessRequireResidentKey" : "not specified",
"webAuthnPolicyPasswordlessUserVerificationRequirement" : "not specified",
"webAuthnPolicyPasswordlessCreateTimeout" : 0,
"webAuthnPolicyPasswordlessAvoidSameAuthenticatorRegister" : false,
"webAuthnPolicyPasswordlessAcceptableAaguids" : [ ],
"webAuthnPolicyPasswordlessExtraOrigins" : [ ],
"users" : [ {
"id" : "8fd3c292-6fba-45d1-8a9a-7ff57823c062",
"username" : "lucifer",
"firstName" : "Bhushan",
"lastName" : "Shelar",
"email" : "temp@temp.com",
"emailVerified" : true,
"createdTimestamp" : 1710225005928,
"enabled" : true,
"totp" : false,
"credentials" : [ {
"id" : "3df4acf4-6345-4a8a-b5a7-30d761d3eafe",
"type" : "password",
"createdDate" : 1710225006179,
"secretData" : "{\"value\":\"uoEeqMu0ExjcGDkEfQDQYVISyupPJ3sycO1bYQ3f+/KvmIroEADih1F0MVlMnDHkRuemewFrJ2ImwdU6QF++hg==\",\"salt\":\"FPXshjQhioz2oz+3uOb2hA==\",\"additionalParameters\":{}}",
"credentialData" : "{\"hashIterations\":210000,\"algorithm\":\"pbkdf2-sha512\",\"additionalParameters\":{}}"
} ],
"disableableCredentialTypes" : [ ],
"requiredActions" : [ "CONFIGURE_TOTP" ],
"realmRoles" : [ "default-roles-flaskapptest" ],
"notBefore" : 0,
"groups" : [ ]
} ],
"scopeMappings" : [ {
"clientScope" : "offline_access",
"roles" : [ "offline_access" ]
} ],
"clientScopeMappings" : {
"account" : [ {
"client" : "account-console",
"roles" : [ "manage-account", "view-groups" ]
} ]
},
"clients" : [ {
"id" : "c5c7b6b1-67df-4a11-9504-1657c9bb8ec4",
"clientId" : "account",
"name" : "${client_account}",
"rootUrl" : "${authBaseUrl}",
"baseUrl" : "/realms/flaskAppTest/account/",
"surrogateAuthRequired" : false,
"enabled" : true,
"alwaysDisplayInConsole" : false,
"clientAuthenticatorType" : "client-secret",
"redirectUris" : [ "/realms/flaskAppTest/account/*" ],
"webOrigins" : [ ],
"notBefore" : 0,
"bearerOnly" : false,
"consentRequired" : false,
"standardFlowEnabled" : true,
"implicitFlowEnabled" : false,
"directAccessGrantsEnabled" : false,
"serviceAccountsEnabled" : false,
"publicClient" : true,
"frontchannelLogout" : false,
"protocol" : "openid-connect",
"attributes" : {
"post.logout.redirect.uris" : "+"
},
"authenticationFlowBindingOverrides" : { },
"fullScopeAllowed" : false,
"nodeReRegistrationTimeout" : 0,
"defaultClientScopes" : [ "web-origins", "acr", "profile", "roles", "email" ],
"optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ]
}, {
"id" : "fe2fc44d-526f-4665-a498-409eecfdf798",
"clientId" : "account-console",
"name" : "${client_account-console}",
"rootUrl" : "${authBaseUrl}",
"baseUrl" : "/realms/flaskAppTest/account/",
"surrogateAuthRequired" : false,
"enabled" : true,
"alwaysDisplayInConsole" : false,
"clientAuthenticatorType" : "client-secret",
"redirectUris" : [ "/realms/flaskAppTest/account/*" ],
"webOrigins" : [ ],
"notBefore" : 0,
"bearerOnly" : false,
"consentRequired" : false,
"standardFlowEnabled" : true,
"implicitFlowEnabled" : false,
"directAccessGrantsEnabled" : false,
"serviceAccountsEnabled" : false,
"publicClient" : true,
"frontchannelLogout" : false,
"protocol" : "openid-connect",
"attributes" : {
"post.logout.redirect.uris" : "+",
"pkce.code.challenge.method" : "S256"
},
"authenticationFlowBindingOverrides" : { },
"fullScopeAllowed" : false,
"nodeReRegistrationTimeout" : 0,
"protocolMappers" : [ {
"id" : "0382111f-b5aa-4a71-bef9-dba518804bb7",
"name" : "audience resolve",
"protocol" : "openid-connect",
"protocolMapper" : "oidc-audience-resolve-mapper",
"consentRequired" : false,
"config" : { }
} ],
"defaultClientScopes" : [ "web-origins", "acr", "profile", "roles", "email" ],
"optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ]
}, {
"id" : "78eb7537-8be7-429c-ab60-7ed866432006",
"clientId" : "admin-cli",
"name" : "${client_admin-cli}",
"surrogateAuthRequired" : false,
"enabled" : true,
"alwaysDisplayInConsole" : false,
"clientAuthenticatorType" : "client-secret",
"redirectUris" : [ ],
"webOrigins" : [ ],
"notBefore" : 0,
"bearerOnly" : false,
"consentRequired" : false,
"standardFlowEnabled" : false,
"implicitFlowEnabled" : false,
"directAccessGrantsEnabled" : true,
"serviceAccountsEnabled" : false,
"publicClient" : true,
"frontchannelLogout" : false,
"protocol" : "openid-connect",
"attributes" : { },
"authenticationFlowBindingOverrides" : { },
"fullScopeAllowed" : false,
"nodeReRegistrationTimeout" : 0,
"defaultClientScopes" : [ "web-origins", "acr", "profile", "roles", "email" ],
"optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ]
}, {
"id" : "a434789d-84ad-4a3a-bb33-7d0e3a0454df",
"clientId" : "broker",
"name" : "${client_broker}",
"surrogateAuthRequired" : false,
"enabled" : true,
"alwaysDisplayInConsole" : false,
"clientAuthenticatorType" : "client-secret",
"redirectUris" : [ ],
"webOrigins" : [ ],
"notBefore" : 0,
"bearerOnly" : true,
"consentRequired" : false,
"standardFlowEnabled" : true,
"implicitFlowEnabled" : false,
"directAccessGrantsEnabled" : false,
"serviceAccountsEnabled" : false,
"publicClient" : false,
"frontchannelLogout" : false,
"protocol" : "openid-connect",
"attributes" : { },
"authenticationFlowBindingOverrides" : { },
"fullScopeAllowed" : false,
"nodeReRegistrationTimeout" : 0,
"defaultClientScopes" : [ "web-origins", "acr", "profile", "roles", "email" ],
"optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ]
}, {
"id" : "0ccf8439-7a4f-4795-b2ec-7c9783c960af",
"clientId" : "realm-management",
"name" : "${client_realm-management}",
"surrogateAuthRequired" : false,
"enabled" : true,
"alwaysDisplayInConsole" : false,
"clientAuthenticatorType" : "client-secret",
"redirectUris" : [ ],
"webOrigins" : [ ],
"notBefore" : 0,
"bearerOnly" : true,
"consentRequired" : false,
"standardFlowEnabled" : true,
"implicitFlowEnabled" : false,
"directAccessGrantsEnabled" : false,
"serviceAccountsEnabled" : false,
"publicClient" : false,
"frontchannelLogout" : false,
"protocol" : "openid-connect",
"attributes" : { },
"authenticationFlowBindingOverrides" : { },
"fullScopeAllowed" : false,
"nodeReRegistrationTimeout" : 0,
"defaultClientScopes" : [ "web-origins", "acr", "profile", "roles", "email" ],
"optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ]
}, {
"id" : "9b086b24-2fa2-40e3-9f66-a38cd402abe6",
"clientId" : "restFalskAppClient",
"name" : "",
"description" : "",
"rootUrl" : "http://localhost:5000/",
"adminUrl" : "http://localhost:5000/",
"baseUrl" : "http://localhost:5000/*",
"surrogateAuthRequired" : false,
"enabled" : true,
"alwaysDisplayInConsole" : true,
"clientAuthenticatorType" : "client-secret",
"secret" : "wrzxUB87fdhMa8p3I3gfSXydlGOv2rA9",
"redirectUris" : [ "http://localhost:5000/*" ],
"webOrigins" : [ "http://localhost:5000" ],
"notBefore" : 0,
"bearerOnly" : false,
"consentRequired" : false,
"standardFlowEnabled" : true,
"implicitFlowEnabled" : false,
"directAccessGrantsEnabled" : true,
"serviceAccountsEnabled" : false,
"publicClient" : false,
"frontchannelLogout" : true,
"protocol" : "openid-connect",
"attributes" : {
"oidc.ciba.grant.enabled" : "false",
"oauth2.device.authorization.grant.enabled" : "false",
"client.secret.creation.time" : "1710223947",
"backchannel.logout.session.required" : "true",
"backchannel.logout.revoke.offline.tokens" : "false"
},
"authenticationFlowBindingOverrides" : { },
"fullScopeAllowed" : true,
"nodeReRegistrationTimeout" : -1,
"defaultClientScopes" : [ "web-origins", "acr", "profile", "roles", "email" ],
"optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ]
}, {
"id" : "53273cab-7ff2-416f-925f-211ede629c6e",
"clientId" : "security-admin-console",
"name" : "${client_security-admin-console}",
"rootUrl" : "${authAdminUrl}",
"baseUrl" : "/admin/flaskAppTest/console/",
"surrogateAuthRequired" : false,
"enabled" : true,
"alwaysDisplayInConsole" : false,
"clientAuthenticatorType" : "client-secret",
"redirectUris" : [ "/admin/flaskAppTest/console/*" ],
"webOrigins" : [ "+" ],
"notBefore" : 0,
"bearerOnly" : false,
"consentRequired" : false,
"standardFlowEnabled" : true,
"implicitFlowEnabled" : false,
"directAccessGrantsEnabled" : false,
"serviceAccountsEnabled" : false,
"publicClient" : true,
"frontchannelLogout" : false,
"protocol" : "openid-connect",
"attributes" : {
"post.logout.redirect.uris" : "+",
"pkce.code.challenge.method" : "S256"
},
"authenticationFlowBindingOverrides" : { },
"fullScopeAllowed" : false,
"nodeReRegistrationTimeout" : 0,
"protocolMappers" : [ {
"id" : "8c930cfd-7d8c-4913-939b-2f48f9afc843",
"name" : "locale",
"protocol" : "openid-connect",
"protocolMapper" : "oidc-usermodel-attribute-mapper",
"consentRequired" : false,
"config" : {
"introspection.token.claim" : "true",
"userinfo.token.claim" : "true",
"user.attribute" : "locale",
"id.token.claim" : "true",
"access.token.claim" : "true",
"claim.name" : "locale",
"jsonType.label" : "String"
}
} ],
"defaultClientScopes" : [ "web-origins", "acr", "profile", "roles", "email" ],
"optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ]
} ],
"clientScopes" : [ {
"id" : "75b3c667-2070-4c50-aa90-456d1581fe43",
"name" : "email",
"description" : "OpenID Connect built-in scope: email",
"protocol" : "openid-connect",
"attributes" : {
"include.in.token.scope" : "true",
"display.on.consent.screen" : "true",
"consent.screen.text" : "${emailScopeConsentText}"
},
"protocolMappers" : [ {
"id" : "fee908ac-afb2-4cda-9102-71fd88e6d7ef",
"name" : "email",
"protocol" : "openid-connect",
"protocolMapper" : "oidc-usermodel-attribute-mapper",
"consentRequired" : false,
"config" : {
"introspection.token.claim" : "true",
"userinfo.token.claim" : "true",
"user.attribute" : "email",
"id.token.claim" : "true",
"access.token.claim" : "true",
"claim.name" : "email",
"jsonType.label" : "String"
}
}, {
"id" : "beca2d22-c967-4cb0-88f1-8bf8ec9bddc8",
"name" : "email verified",
"protocol" : "openid-connect",
"protocolMapper" : "oidc-usermodel-property-mapper",
"consentRequired" : false,
"config" : {
"introspection.token.claim" : "true",
"userinfo.token.claim" : "true",
"user.attribute" : "emailVerified",
"id.token.claim" : "true",
"access.token.claim" : "true",
"claim.name" : "email_verified",
"jsonType.label" : "boolean"
}
} ]
}, {
"id" : "433da6da-8331-41ec-87fc-186391115854",
"name" : "offline_access",
"description" : "OpenID Connect built-in scope: offline_access",
"protocol" : "openid-connect",
"attributes" : {
"consent.screen.text" : "${offlineAccessScopeConsentText}",
"display.on.consent.screen" : "true"
}
}, {
"id" : "c226ec80-831b-4c77-aa66-a2c8cd0eda7f",
"name" : "profile",
"description" : "OpenID Connect built-in scope: profile",
"protocol" : "openid-connect",
"attributes" : {
"include.in.token.scope" : "true",
"display.on.consent.screen" : "true",
"consent.screen.text" : "${profileScopeConsentText}"
},
"protocolMappers" : [ {
"id" : "aa44740e-dbc3-4d10-bb12-81eb8a25110e",
"name" : "nickname",
"protocol" : "openid-connect",
"protocolMapper" : "oidc-usermodel-attribute-mapper",
"consentRequired" : false,
"config" : {
"introspection.token.claim" : "true",
"userinfo.token.claim" : "true",
"user.attribute" : "nickname",
"id.token.claim" : "true",
"access.token.claim" : "true",
"claim.name" : "nickname",
"jsonType.label" : "String"
}
}, {
"id" : "eb1c2dcb-d0e0-454f-a6ed-9f5be84d8e68",
"name" : "locale",
"protocol" : "openid-connect",
"protocolMapper" : "oidc-usermodel-attribute-mapper",
"consentRequired" : false,
"config" : {
"introspection.token.claim" : "true",
"userinfo.token.claim" : "true",
"user.attribute" : "locale",
"id.token.claim" : "true",
"access.token.claim" : "true",
"claim.name" : "locale",
"jsonType.label" : "String"
}
}, {
"id" : "a8ec2855-5925-4560-b8dc-39e6bb888376",
"name" : "middle name",
"protocol" : "openid-connect",
"protocolMapper" : "oidc-usermodel-attribute-mapper",
"consentRequired" : false,
"config" : {
"introspection.token.claim" : "true",
"userinfo.token.claim" : "true",
"user.attribute" : "middleName",
"id.token.claim" : "true",
"access.token.claim" : "true",
"claim.name" : "middle_name",
"jsonType.label" : "String"
}
}, {
"id" : "46f1f877-e2d6-4789-848b-94966b11640a",
"name" : "zoneinfo",
"protocol" : "openid-connect",
"protocolMapper" : "oidc-usermodel-attribute-mapper",
"consentRequired" : false,
"config" : {
"introspection.token.claim" : "true",
"userinfo.token.claim" : "true",
"user.attribute" : "zoneinfo",
"id.token.claim" : "true",
"access.token.claim" : "true",
"claim.name" : "zoneinfo",
"jsonType.label" : "String"
}
}, {
"id" : "e99d83ef-e7cf-4aeb-b7f0-7a7942ce8f40",
"name" : "full name",
"protocol" : "openid-connect",
"protocolMapper" : "oidc-full-name-mapper",
"consentRequired" : false,
"config" : {
"id.token.claim" : "true",
"introspection.token.claim" : "true",
"access.token.claim" : "true",
"userinfo.token.claim" : "true"
}
}, {
"id" : "23724523-9cf5-40a2-8cbc-b36f5599c6a6",
"name" : "updated at",
"protocol" : "openid-connect",
"protocolMapper" : "oidc-usermodel-attribute-mapper",
"consentRequired" : false,
"config" : {
"introspection.token.claim" : "true",
"userinfo.token.claim" : "true",
"user.attribute" : "updatedAt",
"id.token.claim" : "true",
"access.token.claim" : "true",
"claim.name" : "updated_at",
"jsonType.label" : "long"
}
}, {
"id" : "e915405a-a966-43c0-81dc-df1689df0e8f",
"name" : "website",
"protocol" : "openid-connect",
"protocolMapper" : "oidc-usermodel-attribute-mapper",
"consentRequired" : false,
"config" : {
"introspection.token.claim" : "true",
"userinfo.token.claim" : "true",
"user.attribute" : "website",
"id.token.claim" : "true",
"access.token.claim" : "true",
"claim.name" : "website",
"jsonType.label" : "String"
}
}, {
"id" : "5b9b31f4-f107-41ec-95e7-6042e988a18c",
"name" : "given name",
"protocol" : "openid-connect",
"protocolMapper" : "oidc-usermodel-attribute-mapper",
"consentRequired" : false,
"config" : {
"introspection.token.claim" : "true",
"userinfo.token.claim" : "true",
"user.attribute" : "firstName",
"id.token.claim" : "true",
"access.token.claim" : "true",
"claim.name" : "given_name",
"jsonType.label" : "String"
}
}, {
"id" : "55c34959-cb4c-4060-b17e-fb226a88affb",
"name" : "picture",
"protocol" : "openid-connect",
"protocolMapper" : "oidc-usermodel-attribute-mapper",
"consentRequired" : false,
"config" : {
"introspection.token.claim" : "true",
"userinfo.token.claim" : "true",
"user.attribute" : "picture",
"id.token.claim" : "true",
"access.token.claim" : "true",
"claim.name" : "picture",
"jsonType.label" : "String"
}
}, {
"id" : "46a0abd8-d4cb-4949-89c8-709e7f257bbd",
"name" : "birthdate",
"protocol" : "openid-connect",
"protocolMapper" : "oidc-usermodel-attribute-mapper",
"consentRequired" : false,
"config" : {
"introspection.token.claim" : "true",
"userinfo.token.claim" : "true",
"user.attribute" : "birthdate",
"id.token.claim" : "true",
"access.token.claim" : "true",
"claim.name" : "birthdate",
"jsonType.label" : "String"
}
}, {
"id" : "4f900fc8-75ff-4f3d-96aa-7e1b6ce1a01c",
"name" : "profile",
"protocol" : "openid-connect",
"protocolMapper" : "oidc-usermodel-attribute-mapper",
"consentRequired" : false,
"config" : {
"introspection.token.claim" : "true",
"userinfo.token.claim" : "true",
"user.attribute" : "profile",
"id.token.claim" : "true",
"access.token.claim" : "true",
"claim.name" : "profile",
"jsonType.label" : "String"
}
}, {
"id" : "607f5b4f-be01-44ae-86a7-87b63292e664",
"name" : "username",
"protocol" : "openid-connect",
"protocolMapper" : "oidc-usermodel-attribute-mapper",
"consentRequired" : false,
"config" : {
"introspection.token.claim" : "true",
"userinfo.token.claim" : "true",
"user.attribute" : "username",
"id.token.claim" : "true",
"access.token.claim" : "true",
"claim.name" : "preferred_username",
"jsonType.label" : "String"
}
}, {
"id" : "d121d277-eae5-4632-9e76-5ec34ac9233f",
"name" : "family name",
"protocol" : "openid-connect",
"protocolMapper" : "oidc-usermodel-attribute-mapper",
"consentRequired" : false,
"config" : {
"introspection.token.claim" : "true",
"userinfo.token.claim" : "true",
"user.attribute" : "lastName",
"id.token.claim" : "true",
"access.token.claim" : "true",
"claim.name" : "family_name",
"jsonType.label" : "String"
}
}, {
"id" : "6596146e-c700-458a-b974-3460af86c2e5",
"name" : "gender",
"protocol" : "openid-connect",
"protocolMapper" : "oidc-usermodel-attribute-mapper",
"consentRequired" : false,
"config" : {
"introspection.token.claim" : "true",
"userinfo.token.claim" : "true",
"user.attribute" : "gender",
"id.token.claim" : "true",
"access.token.claim" : "true",
"claim.name" : "gender",
"jsonType.label" : "String"
}
} ]
}, {
"id" : "f23394a5-1da6-429a-989a-2568b9141967",
"name" : "address",
"description" : "OpenID Connect built-in scope: address",
"protocol" : "openid-connect",
"attributes" : {
"include.in.token.scope" : "true",
"display.on.consent.screen" : "true",
"consent.screen.text" : "${addressScopeConsentText}"
},
"protocolMappers" : [ {
"id" : "b98496df-eccc-4e4e-8369-28f1fbf3c191",
"name" : "address",
"protocol" : "openid-connect",
"protocolMapper" : "oidc-address-mapper",
"consentRequired" : false,
"config" : {
"user.attribute.formatted" : "formatted",
"user.attribute.country" : "country",
"introspection.token.claim" : "true",
"user.attribute.postal_code" : "postal_code",
"userinfo.token.claim" : "true",
"user.attribute.street" : "street",
"id.token.claim" : "true",
"user.attribute.region" : "region",
"access.token.claim" : "true",
"user.attribute.locality" : "locality"
}
} ]
}, {
"id" : "15a9d50b-0441-44b5-95f2-9932100097c0",
"name" : "phone",
"description" : "OpenID Connect built-in scope: phone",
"protocol" : "openid-connect",
"attributes" : {
"include.in.token.scope" : "true",
"display.on.consent.screen" : "true",
"consent.screen.text" : "${phoneScopeConsentText}"
},
"protocolMappers" : [ {
"id" : "3ee719e9-0ce6-4a93-94c8-a4457e8ceb02",
"name" : "phone number verified",
"protocol" : "openid-connect",
"protocolMapper" : "oidc-usermodel-attribute-mapper",
"consentRequired" : false,
"config" : {
"introspection.token.claim" : "true",
"userinfo.token.claim" : "true",
"user.attribute" : "phoneNumberVerified",
"id.token.claim" : "true",
"access.token.claim" : "true",
"claim.name" : "phone_number_verified",
"jsonType.label" : "boolean"
}
}, {
"id" : "dce9a354-b1b0-41a3-8631-127b7d39bda6",
"name" : "phone number",
"protocol" : "openid-connect",
"protocolMapper" : "oidc-usermodel-attribute-mapper",
"consentRequired" : false,
"config" : {
"introspection.token.claim" : "true",
"userinfo.token.claim" : "true",
"user.attribute" : "phoneNumber",
"id.token.claim" : "true",
"access.token.claim" : "true",
"claim.name" : "phone_number",
"jsonType.label" : "String"
}
} ]
}, {
"id" : "97a5c35d-9e2b-42d2-839a-d6fff68e6930",
"name" : "roles",
"description" : "OpenID Connect scope for add user roles to the access token",
"protocol" : "openid-connect",
"attributes" : {
"include.in.token.scope" : "false",
"display.on.consent.screen" : "true",
"consent.screen.text" : "${rolesScopeConsentText}"
},
"protocolMappers" : [ {
"id" : "7020e933-26ca-467a-80e3-98f3e328e2bb",
"name" : "realm roles",
"protocol" : "openid-connect",
"protocolMapper" : "oidc-usermodel-realm-role-mapper",
"consentRequired" : false,
"config" : {
"introspection.token.claim" : "true",
"multivalued" : "true",
"user.attribute" : "foo",
"access.token.claim" : "true",
"claim.name" : "realm_access.roles",
"jsonType.label" : "String"
}
}, {
"id" : "4785fa76-9f0d-4bfd-82c0-b65477fd0470",
"name" : "audience resolve",
"protocol" : "openid-connect",
"protocolMapper" : "oidc-audience-resolve-mapper",
"consentRequired" : false,
"config" : {
"introspection.token.claim" : "true",
"access.token.claim" : "true"
}
}, {
"id" : "d1cd0e4d-43ae-4899-b821-6ade768c3a4f",
"name" : "client roles",
"protocol" : "openid-connect",
"protocolMapper" : "oidc-usermodel-client-role-mapper",
"consentRequired" : false,
"config" : {
"introspection.token.claim" : "true",
"multivalued" : "true",
"user.attribute" : "foo",
"access.token.claim" : "true",
"claim.name" : "resource_access.${client_id}.roles",
"jsonType.label" : "String"
}
} ]
}, {
"id" : "ebbb6556-cd9b-4cb7-871b-0ab758ff3efb",
"name" : "acr",
"description" : "OpenID Connect scope for add acr (authentication context class reference) to the token",
"protocol" : "openid-connect",
"attributes" : {
"include.in.token.scope" : "false",
"display.on.consent.screen" : "false"
},
"protocolMappers" : [ {
"id" : "4496a492-f0ea-4514-ade7-803d6d9617d2",
"name" : "acr loa level",
"protocol" : "openid-connect",
"protocolMapper" : "oidc-acr-mapper",
"consentRequired" : false,
"config" : {
"id.token.claim" : "true",
"introspection.token.claim" : "true",
"access.token.claim" : "true"
}
} ]
}, {
"id" : "d9da22e8-2b90-4b52-b2c6-02b1965b4d00",
"name" : "web-origins",
"description" : "OpenID Connect scope for add allowed web origins to the access token",
"protocol" : "openid-connect",
"attributes" : {
"include.in.token.scope" : "false",
"display.on.consent.screen" : "false",
"consent.screen.text" : ""
},
"protocolMappers" : [ {
"id" : "7ef81c1f-8189-4b2c-adca-9ddc2d5c82c8",
"name" : "allowed web origins",
"protocol" : "openid-connect",
"protocolMapper" : "oidc-allowed-origins-mapper",
"consentRequired" : false,
"config" : {
"introspection.token.claim" : "true",
"access.token.claim" : "true"
}
} ]
}, {
"id" : "b80b4a37-7168-48a6-8c6a-57424e58d0cb",
"name" : "microprofile-jwt",
"description" : "Microprofile - JWT built-in scope",
"protocol" : "openid-connect",
"attributes" : {
"include.in.token.scope" : "true",
"display.on.consent.screen" : "false"
},
"protocolMappers" : [ {
"id" : "949e1560-cdf1-4314-9655-462be6741266",
"name" : "upn",
"protocol" : "openid-connect",
"protocolMapper" : "oidc-usermodel-attribute-mapper",
"consentRequired" : false,
"config" : {
"introspection.token.claim" : "true",
"userinfo.token.claim" : "true",
"user.attribute" : "username",
"id.token.claim" : "true",
"access.token.claim" : "true",
"claim.name" : "upn",
"jsonType.label" : "String"
}
}, {
"id" : "0b221c53-570c-4d6a-9d5e-bde828f9691d",
"name" : "groups",
"protocol" : "openid-connect",
"protocolMapper" : "oidc-usermodel-realm-role-mapper",
"consentRequired" : false,
"config" : {
"introspection.token.claim" : "true",
"multivalued" : "true",
"user.attribute" : "foo",
"id.token.claim" : "true",
"access.token.claim" : "true",
"claim.name" : "groups",
"jsonType.label" : "String"
}
} ]
}, {
"id" : "e721f7ac-e2b7-47ab-9764-ab9913118c7f",
"name" : "role_list",
"description" : "SAML role list",
"protocol" : "saml",
"attributes" : {
"consent.screen.text" : "${samlRoleListScopeConsentText}",
"display.on.consent.screen" : "true"
},
"protocolMappers" : [ {
"id" : "76c8bc79-5a95-4747-b32d-d7e4de880d47",
"name" : "role list",
"protocol" : "saml",
"protocolMapper" : "saml-role-list-mapper",
"consentRequired" : false,
"config" : {
"single" : "false",
"attribute.nameformat" : "Basic",
"attribute.name" : "Role"
}
} ]
} ],
"defaultDefaultClientScopes" : [ "role_list", "profile", "email", "roles", "web-origins", "acr" ],
"defaultOptionalClientScopes" : [ "offline_access", "address", "phone", "microprofile-jwt" ],
"browserSecurityHeaders" : {
"contentSecurityPolicyReportOnly" : "",
"xContentTypeOptions" : "nosniff",
"referrerPolicy" : "no-referrer",
"xRobotsTag" : "none",
"xFrameOptions" : "SAMEORIGIN",
"contentSecurityPolicy" : "frame-src 'self'; frame-ancestors 'self'; object-src 'none';",
"xXSSProtection" : "1; mode=block",
"strictTransportSecurity" : "max-age=31536000; includeSubDomains"
},
"smtpServer" : { },
"eventsEnabled" : false,
"eventsListeners" : [ "jboss-logging" ],
"enabledEventTypes" : [ ],
"adminEventsEnabled" : false,
"adminEventsDetailsEnabled" : false,
"identityProviders" : [ ],
"identityProviderMappers" : [ ],
"components" : {
"org.keycloak.services.clientregistration.policy.ClientRegistrationPolicy" : [ {
"id" : "ae7b94ac-004b-49ea-b613-73325053c7f9",
"name" : "Max Clients Limit",
"providerId" : "max-clients",
"subType" : "anonymous",
"subComponents" : { },
"config" : {
"max-clients" : [ "200" ]
}
}, {
"id" : "6ce0e728-7cd4-4410-ba04-9553999f275a",
"name" : "Allowed Client Scopes",
"providerId" : "allowed-client-templates",
"subType" : "anonymous",
"subComponents" : { },
"config" : {
"allow-default-scopes" : [ "true" ]
}
}, {
"id" : "65cdfb09-898b-4fbb-b28d-0464ca2a0ced",
"name" : "Allowed Protocol Mapper Types",
"providerId" : "allowed-protocol-mappers",
"subType" : "authenticated",
"subComponents" : { },
"config" : {
"allowed-protocol-mapper-types" : [ "oidc-sha256-pairwise-sub-mapper", "saml-role-list-mapper", "oidc-address-mapper", "oidc-usermodel-attribute-mapper", "saml-user-property-mapper", "saml-user-attribute-mapper", "oidc-full-name-mapper", "oidc-usermodel-property-mapper" ]
}
}, {
"id" : "a2cb1e9b-d388-4836-8887-d1821c0c23ef",
"name" : "Trusted Hosts",
"providerId" : "trusted-hosts",
"subType" : "anonymous",
"subComponents" : { },
"config" : {
"host-sending-registration-request-must-match" : [ "true" ],
"client-uris-must-match" : [ "true" ]
}
}, {
"id" : "bae96be4-0b5d-4072-b855-14f58490d4d5",
"name" : "Full Scope Disabled",
"providerId" : "scope",
"subType" : "anonymous",
"subComponents" : { },
"config" : { }
}, {
"id" : "c4e76d35-9581-416e-947f-7106af73f841",
"name" : "Allowed Client Scopes",
"providerId" : "allowed-client-templates",
"subType" : "authenticated",
"subComponents" : { },
"config" : {
"allow-default-scopes" : [ "true" ]
}
}, {
"id" : "45ca4ec5-f162-41c4-a624-5dd3d6cbdd36",
"name" : "Allowed Protocol Mapper Types",
"providerId" : "allowed-protocol-mappers",
"subType" : "anonymous",
"subComponents" : { },
"config" : {
"allowed-protocol-mapper-types" : [ "oidc-usermodel-property-mapper", "oidc-full-name-mapper", "oidc-usermodel-attribute-mapper", "oidc-address-mapper", "saml-user-attribute-mapper", "saml-role-list-mapper", "saml-user-property-mapper", "oidc-sha256-pairwise-sub-mapper" ]
}
}, {
"id" : "e71f9b5a-2016-4c86-b53b-95c4197dd8d6",
"name" : "Consent Required",
"providerId" : "consent-required",
"subType" : "anonymous",
"subComponents" : { },
"config" : { }
} ],
"org.keycloak.keys.KeyProvider" : [ {
"id" : "ca9bc8d6-cf2b-47a8-9ca1-483939b6079a",
"name" : "rsa-enc-generated",
"providerId" : "rsa-enc-generated",
"subComponents" : { },
"config" : {
"privateKey" : [ "MIIEowIBAAKCAQEAz7hlnkQdEowHNu3T2+04m+VBdf56TTaVlmBLfPIOk54Mcc7fHrS5E2wCv877f/z/VFtnJtxHdg3mde/66oXXMdNuUrwCmy/s15U7hVmIF/a6TOszZcbsemUPJQ0GzU+hkDfh18P5FhIqZZ78/FPGQwGzxHItNnpgXeZYswzhjVqFxuTcrXYLekGgNjsgSLjx9QESRlR990LQtALs/s7hq9tq2xs5XUAquT/AowpInHbEboSPRQFtZWsefY83Qt3NsLpmlN7+c5G8j9at0w87jGQSa0XcveaKkp9obT+FDCMmSVehhpQBu3fROOUdqmbJL4PUQjJwjrUtompNH+TL5wIDAQABAoIBABNpHlSDS0Tb6/gAkm8h7vZ2c78JzYuglwBAiwf9JfU6bDGdt3DgSiPb+zJ0WOvVYatph9f0TAM7+ktkEQpQVn3T+E0SlPBuh+R/ZVqpNVP+nNsqPBkof8RSOZo96jhOVtZ/ZQMreip1/nCU7PwhUfdvVclSMr0SriWoLFATBegWSxqAHhJ4DlfA9HLxS1fMKcq/Jzq0znlHC5bVncOIsxTw1Vbh2y+kleeXdEvwGWI6QEnjRsE77LU8TlqVsHThJ4mG/blgeIQPak3C+oRsKkhSwbPHhxBM4+i63CH+BOS0Lnp1jCUErONXcByUcUwXfunNy8Gq5a9PAwI6ymVYVBkCgYEA9HDvS7VxzCi2udMwe6+jZv1q0g4q8MJKGOhgVSViwjBOoYYyoTuBGNR79zkj009gqtETlketdAjDVdKTwTJrjSxhxvs2SIm4WQhzBgNXaZbM7tnz7GllWgQFrUuHMAHIki45tlPm7FdIcRFV72LxKfE62dmWa4Pue4HgE345UnkCgYEA2YrwxR6iy3Wa3BSB0HqW8WRNHrUT9Bri9XU1bJXYOVvhvlQuzBWT5NEt/tHZ6xBAnJLZTa+nNBftDy9Pd31VuAxMOci0nx+S9zo5w/8tF8ve6UYYbu0uEoZHGE6EnxUp0sK57pL80SugtzSkFGqb/R3/nuudwPBM8TzJCmzEeV8CgYEAxobuovOTn/e1KEkwyFPHB39sgXvGPlHd8krQ6nZ5tjObuS4P8sksOWlh4VFEGnwOi81Q9i3y3xm64/opzLBRj4/rPbuLw/AujAkDum9+UCCNArR7mpejHC/GGJAOFNxt9OOcNcwA8hSVnlcxD0KxkZn9bS9+LoYxa5f40HwkvCkCgYBj1XuBOvoC3UngThj1EA1NYnZx7S/nCp+1fcCywGGmkSAcNI31YsGodMbi9nNHiQHd2RaYrE/TfFdybIfPkllQSXSB4DXkAJ11j+cKp4SOMyVtcJmt7nMCVVUzNnVufEvhSTQC5LnZVGhBK4tRQ0uq8aVpzT9sV9s3qmmouxm/iQKBgBHVYse9qbS3tRK/5O1pYoubgDyr/qvYbYtcD6M4wprIO2cvajCA+5l7MKDswp8X/8H7+zbFQTj1TuypiX8i/QOtBVHXrCuLZIfjCkqjZvw7GnaXXu0z0fWnGQJQxIyBw1AK1HYyTAB0MLjaIavp0VWG9JSkZc62nrtPMibz6amO" ],
"keyUse" : [ "ENC" ],
"certificate" : [ "MIICpzCCAY8CBgGOMUd0wjANBgkqhkiG9w0BAQsFADAXMRUwEwYDVQQDDAxmbGFza0FwcFRlc3QwHhcNMjQwMzEyMDYwNzMwWhcNMzQwMzEyMDYwOTEwWjAXMRUwEwYDVQQDDAxmbGFza0FwcFRlc3QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPuGWeRB0SjAc27dPb7Tib5UF1/npNNpWWYEt88g6Tngxxzt8etLkTbAK/zvt//P9UW2cm3Ed2DeZ17/rqhdcx025SvAKbL+zXlTuFWYgX9rpM6zNlxux6ZQ8lDQbNT6GQN+HXw/kWEiplnvz8U8ZDAbPEci02emBd5lizDOGNWoXG5Nytdgt6QaA2OyBIuPH1ARJGVH33QtC0Auz+zuGr22rbGzldQCq5P8CjCkicdsRuhI9FAW1lax59jzdC3c2wumaU3v5zkbyP1q3TDzuMZBJrRdy95oqSn2htP4UMIyZJV6GGlAG7d9E45R2qZskvg9RCMnCOtS2iak0f5MvnAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAMu4xx/Xg7EcERQhLt3tWhNh52rItms+BM6R6FCIVSPfRVM+E5eQw6VbvTl0YmdLUma7YEjSyA0t8sx95cs2cm+Dfn/Jzuq0bIf5n0a0O9nClp0o1N/nuAZoR2ZZ31i8YbKTGh84BN82p3x3xSjjCS/AMWXE6aWw+NesBGS2lxXyg1IpChF3bhsyLh0keKlIp3wSHzRaTauyaoBCJKE66ywcC7aHo9B5qNhDOiE0oHTioiSqcIFWAcZgKzLXGTQIlXZ6JaSOy1xVOe+/MyFeNl+vO56DvFJydgH4yexOFotz6CfIYbYFvZ1ERCsF70JrlkYgZaHx9iz+U2y0oSjDo1g=" ],
"priority" : [ "100" ],
"algorithm" : [ "RSA-OAEP" ]
}
}, {
"id" : "cf6a7029-1e52-48da-8155-5ee22964bae8",
"name" : "aes-generated",
"providerId" : "aes-generated",
"subComponents" : { },
"config" : {
"kid" : [ "80b898af-3c7b-4b34-a3ab-0f1d50d27956" ],
"secret" : [ "e45MP1mHukCi3KsLpm7OpA" ],
"priority" : [ "100" ]
}
}, {
"id" : "b9ad6274-0d96-4b66-9064-63e06d2599f5",
"name" : "hmac-generated-hs512",
"providerId" : "hmac-generated",
"subComponents" : { },
"config" : {
"kid" : [ "6a379f67-c0e6-4ff6-8690-2516df19b843" ],
"secret" : [ "I3CbdD48cvNgeV2rRT3ZIacLj7VQvBoHY35SsnOO1Dd0JMYObxOQcDGUylCbac0DayBi0X9mPc_To7o_ndmJ0qxPVK9lmnpY4pt5kiZoK1di7vUyvJ4mDcG14kj7e23rxZ8GvWGNXpcCi6IaeBwXYGQuaTfaIK3omcF6zkzCFro" ],
"priority" : [ "100" ],
"algorithm" : [ "HS512" ]
}
}, {
"id" : "b1a61fbc-df29-402c-950f-901b7aeeb36e",
"name" : "rsa-generated",
"providerId" : "rsa-generated",
"subComponents" : { },
"config" : {
"privateKey" : [ "MIIEpQIBAAKCAQEA44s9sE7gta6rmhOPzo/2XVQZBRKKIGG8lFy8aIOZNp41Xyq1skN6jPo2M+J/fKikDMja+0euwJtoq7MJCDgMskUqS6zfRXaH+eCZ0UW174E5OeCUK2PUNhkefdAf+1jPd29LOiMTuDHWbjKpzze8dFIc9MpVmQu5hZMvVtxADq0yZEAybUUl9uvQjcUvfoc5/QDXyLqpQEQBiOMCwlZ743fIJ9CzYiQxWVD18P2Q+1XYX0hSVmfua0WfrPwYwWVqvidsexeI7KTiLk6pKzEx9AJGt3zO/oZJj+gNK+udTYt4wZdF/ZOw5DzoOvnllF33ohKe4KDv4UuxrduH26M9RwIDAQABAoIBAFQT5z92ZeG8IPxVrhWNbGMf5/7P0uoUMzI+8f9MYRilbOM1TN4JwQbGjbCuSJ0vUy7GKOQgoJna0tpe1T+MNmTI2dAMmJN6MNRMAYoqUAenoBWaviUqRgeXUIT8mlSthDuFjC53N5ogEDO31LcUyTXSAZESEn7yriKFOEDIMYM6Gb23lLxZo+obyrnf9dCQsOSF+XByh6uE+3W1szQyFVweqEZWnWD85tJC0do/PunoBvNkzT+PCrn2mh3AVqM/oWIuICVEtpoLxGmWzl5NP8OSTvELpPnbCmdG2kxh3a5+k+kHz4x0YLK5ql1GglKrexMoTDx743wLxteHgbtvfgECgYEA85igDW2q4+rChm51dmCtvZT/ubhErVREftsXkcCBittEQubzHMKKL5xdARx+a57MHj6NJ4BP+CWDcXDeUuJkl8HeGFfu3oMTghjgHqXLRR985oM4JJEB++MIGK6fnbaPZv9e7dvwoouh1OGdjKp2b2PCx5DgKKibeAN5wOJdJOECgYEA7yFeJvyTPFdvAq74nfaftS8Dwr42+f9Q4TO+qU/rrM0gnU27d2umcN/y0D3HBSCWZ2FN+lSRd9OScFMCaONrVg2hAWPOIe0NdYIoWL0XzQW4WKRMjUbd/U6l6/9+d1cWbjNA9umxdqIS8fRJqT6rQY4yapXyVnzG3C2nyigHfycCgYEAnfzqKWtsP1/+BARWCI3RgTjG1qQtXqFdv0zHr49ENVPapO121btStmhaZaMeVxxp1F/LWsg8lXt3EbcbanRMu6RQMEevs/8dQu5xRU9QU6eFcVe/rO+jcsOfd6qh+T7zKOENp4VTP4kCT7h4X0gbgkkYhihvSc947dCLQc9Oi+ECgYEAsqqVtD9mquEQ2kptC2knLrJv9uM0JFm0zm5g+BP0nGmvApj/hlxyQUeyHhDqUFRmy9sR7gWdoo/7i90ZodC5c9Q/BdDSRNrfAXs8NgEidVbew6wOXkgiuI44vjlo/jWdVr0IvvMgWukBirHhD4j5X8Oku6pJJIGZ+wxJn2uFHmUCgYEAwq8Y2EgmEgz6mkq72qi5YFryCR2HiCSR9I6l/jsu9UZ90EZiKscIf3EsU8Mq1jKW5tzOvddQggEncN0SFO32igGBUmwRiM1OHxrI7V3Twupyr55uJYH46nGyRhscW2p0mgN26H5eP+70/z+raii+SKdBn+JhnOK9baGkerZ9QzA=" ],
"keyUse" : [ "SIG" ],
"certificate" : [ "MIICpzCCAY8CBgGOMUd0RTANBgkqhkiG9w0BAQsFADAXMRUwEwYDVQQDDAxmbGFza0FwcFRlc3QwHhcNMjQwMzEyMDYwNzMwWhcNMzQwMzEyMDYwOTEwWjAXMRUwEwYDVQQDDAxmbGFza0FwcFRlc3QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDjiz2wTuC1rquaE4/Oj/ZdVBkFEoogYbyUXLxog5k2njVfKrWyQ3qM+jYz4n98qKQMyNr7R67Am2irswkIOAyyRSpLrN9Fdof54JnRRbXvgTk54JQrY9Q2GR590B/7WM93b0s6IxO4MdZuMqnPN7x0Uhz0ylWZC7mFky9W3EAOrTJkQDJtRSX269CNxS9+hzn9ANfIuqlARAGI4wLCVnvjd8gn0LNiJDFZUPXw/ZD7VdhfSFJWZ+5rRZ+s/BjBZWq+J2x7F4jspOIuTqkrMTH0Aka3fM7+hkmP6A0r651Ni3jBl0X9k7DkPOg6+eWUXfeiEp7goO/hS7Gt24fboz1HAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAIJCfRZr6C0WYuRSGTjkE25ZwgA/Wxxm85AIw8QeNbE5HwhzCJnYdn74z94vm3iWBfoRYmdlie8LHXE9DeX7+8I1xhg4QOcbDuI5IsEcC7Bq5Er/fQu4I8mA0P9phymGT6NQx2YqH8B70FSmJ1iwK8X0z/mHfZSPS6uSp8IxUV6rO7NKi1ZChzXcczXDCghdESuRKL2D/CudiLqyRZNm+OSsqj9VxIPqFuTibRmXQp3hutsoucNgeCNtUS1uNf2BKyWBTc33C2dxa5+J7u9baJhMFNg9h4K90XPkVudZ5VH5jzYqIUN8p8WeYCFPPwCeVI5A69Cye+e3yrKSmUUEkQA=" ],
"priority" : [ "100" ]
}
} ]
},
"internationalizationEnabled" : false,
"supportedLocales" : [ ],
"authenticationFlows" : [ {
"id" : "b6e03c6b-ece4-4c3f-92c9-e91781a439e1",
"alias" : "Account verification options",
"description" : "Method with which to verity the existing account",
"providerId" : "basic-flow",
"topLevel" : false,
"builtIn" : true,
"authenticationExecutions" : [ {
"authenticator" : "idp-email-verification",
"authenticatorFlow" : false,
"requirement" : "ALTERNATIVE",
"priority" : 10,
"autheticatorFlow" : false,
"userSetupAllowed" : false
}, {
"authenticatorFlow" : true,
"requirement" : "ALTERNATIVE",
"priority" : 20,
"autheticatorFlow" : true,
"flowAlias" : "Verify Existing Account by Re-authentication",
"userSetupAllowed" : false
} ]
}, {
"id" : "7abf834a-1b6f-4177-802b-bb7b80bd4982",
"alias" : "Browser - Conditional OTP",
"description" : "Flow to determine if the OTP is required for the authentication",
"providerId" : "basic-flow",
"topLevel" : false,
"builtIn" : true,
"authenticationExecutions" : [ {
"authenticator" : "conditional-user-configured",
"authenticatorFlow" : false,
"requirement" : "REQUIRED",
"priority" : 10,
"autheticatorFlow" : false,
"userSetupAllowed" : false
}, {
"authenticator" : "auth-otp-form",
"authenticatorFlow" : false,
"requirement" : "REQUIRED",
"priority" : 20,
"autheticatorFlow" : false,
"userSetupAllowed" : false
} ]
}, {
"id" : "3fbe9eb8-752f-4247-9347-bf763668da52",
"alias" : "Direct Grant - Conditional OTP",
"description" : "Flow to determine if the OTP is required for the authentication",
"providerId" : "basic-flow",
"topLevel" : false,
"builtIn" : true,
"authenticationExecutions" : [ {
"authenticator" : "conditional-user-configured",
"authenticatorFlow" : false,
"requirement" : "REQUIRED",
"priority" : 10,
"autheticatorFlow" : false,
"userSetupAllowed" : false
}, {
"authenticator" : "direct-grant-validate-otp",
"authenticatorFlow" : false,
"requirement" : "REQUIRED",
"priority" : 20,
"autheticatorFlow" : false,
"userSetupAllowed" : false
} ]
}, {
"id" : "463caab3-4927-49ee-9b49-8f6ff1fa768f",
"alias" : "First broker login - Conditional OTP",
"description" : "Flow to determine if the OTP is required for the authentication",
"providerId" : "basic-flow",
"topLevel" : false,
"builtIn" : true,
"authenticationExecutions" : [ {
"authenticator" : "conditional-user-configured",
"authenticatorFlow" : false,
"requirement" : "REQUIRED",
"priority" : 10,
"autheticatorFlow" : false,
"userSetupAllowed" : false
}, {
"authenticator" : "auth-otp-form",
"authenticatorFlow" : false,
"requirement" : "REQUIRED",
"priority" : 20,
"autheticatorFlow" : false,
"userSetupAllowed" : false
} ]
}, {
"id" : "904629d6-6f37-47e8-93b7-22ad7e479963",
"alias" : "Handle Existing Account",
"description" : "Handle what to do if there is existing account with same email/username like authenticated identity provider",
"providerId" : "basic-flow",
"topLevel" : false,
"builtIn" : true,
"authenticationExecutions" : [ {
"authenticator" : "idp-confirm-link",
"authenticatorFlow" : false,
"requirement" : "REQUIRED",
"priority" : 10,
"autheticatorFlow" : false,
"userSetupAllowed" : false
}, {
"authenticatorFlow" : true,
"requirement" : "REQUIRED",
"priority" : 20,
"autheticatorFlow" : true,
"flowAlias" : "Account verification options",
"userSetupAllowed" : false
} ]
}, {
"id" : "629946ae-e3c7-4c6a-a62a-4bcda2718739",
"alias" : "Reset - Conditional OTP",
"description" : "Flow to determine if the OTP should be reset or not. Set to REQUIRED to force.",
"providerId" : "basic-flow",
"topLevel" : false,
"builtIn" : true,
"authenticationExecutions" : [ {
"authenticator" : "conditional-user-configured",
"authenticatorFlow" : false,
"requirement" : "REQUIRED",
"priority" : 10,
"autheticatorFlow" : false,
"userSetupAllowed" : false
}, {
"authenticator" : "reset-otp",
"authenticatorFlow" : false,
"requirement" : "REQUIRED",
"priority" : 20,
"autheticatorFlow" : false,
"userSetupAllowed" : false
} ]
}, {
"id" : "8a55e731-10b7-4eac-aef9-9a7e618bf96f",
"alias" : "User creation or linking",
"description" : "Flow for the existing/non-existing user alternatives",
"providerId" : "basic-flow",
"topLevel" : false,
"builtIn" : true,
"authenticationExecutions" : [ {
"authenticatorConfig" : "create unique user config",
"authenticator" : "idp-create-user-if-unique",
"authenticatorFlow" : false,
"requirement" : "ALTERNATIVE",
"priority" : 10,
"autheticatorFlow" : false,
"userSetupAllowed" : false
}, {
"authenticatorFlow" : true,
"requirement" : "ALTERNATIVE",
"priority" : 20,
"autheticatorFlow" : true,
"flowAlias" : "Handle Existing Account",
"userSetupAllowed" : false
} ]
}, {
"id" : "140db9a5-3c51-45a2-90cd-9d90e82ddad5",
"alias" : "Verify Existing Account by Re-authentication",
"description" : "Reauthentication of existing account",
"providerId" : "basic-flow",
"topLevel" : false,
"builtIn" : true,
"authenticationExecutions" : [ {
"authenticator" : "idp-username-password-form",
"authenticatorFlow" : false,
"requirement" : "REQUIRED",
"priority" : 10,
"autheticatorFlow" : false,
"userSetupAllowed" : false
}, {
"authenticatorFlow" : true,
"requirement" : "CONDITIONAL",
"priority" : 20,
"autheticatorFlow" : true,
"flowAlias" : "First broker login - Conditional OTP",
"userSetupAllowed" : false
} ]
}, {
"id" : "087fad00-fe3a-4fb4-9b92-a08a0fc8ce1a",
"alias" : "browser",
"description" : "browser based authentication",
"providerId" : "basic-flow",
"topLevel" : true,
"builtIn" : true,
"authenticationExecutions" : [ {
"authenticator" : "auth-cookie",
"authenticatorFlow" : false,
"requirement" : "ALTERNATIVE",
"priority" : 10,
"autheticatorFlow" : false,
"userSetupAllowed" : false
}, {
"authenticator" : "auth-spnego",
"authenticatorFlow" : false,
"requirement" : "DISABLED",
"priority" : 20,
"autheticatorFlow" : false,
"userSetupAllowed" : false
}, {
"authenticator" : "identity-provider-redirector",
"authenticatorFlow" : false,
"requirement" : "ALTERNATIVE",
"priority" : 25,
"autheticatorFlow" : false,
"userSetupAllowed" : false
}, {
"authenticatorFlow" : true,
"requirement" : "ALTERNATIVE",
"priority" : 30,
"autheticatorFlow" : true,
"flowAlias" : "forms",
"userSetupAllowed" : false
} ]
}, {
"id" : "647bf856-bf35-4f15-a3c1-1a0ffaf031ff",
"alias" : "clients",
"description" : "Base authentication for clients",
"providerId" : "client-flow",
"topLevel" : true,
"builtIn" : true,
"authenticationExecutions" : [ {
"authenticator" : "client-secret",
"authenticatorFlow" : false,
"requirement" : "ALTERNATIVE",
"priority" : 10,
"autheticatorFlow" : false,
"userSetupAllowed" : false
}, {
"authenticator" : "client-jwt",
"authenticatorFlow" : false,
"requirement" : "ALTERNATIVE",
"priority" : 20,
"autheticatorFlow" : false,
"userSetupAllowed" : false
}, {
"authenticator" : "client-secret-jwt",
"authenticatorFlow" : false,
"requirement" : "ALTERNATIVE",
"priority" : 30,
"autheticatorFlow" : false,
"userSetupAllowed" : false
}, {
"authenticator" : "client-x509",
"authenticatorFlow" : false,
"requirement" : "ALTERNATIVE",
"priority" : 40,
"autheticatorFlow" : false,
"userSetupAllowed" : false
} ]
}, {
"id" : "04b1134e-3d52-42c5-9e49-0b4e971c9056",
"alias" : "direct grant",
"description" : "OpenID Connect Resource Owner Grant",
"providerId" : "basic-flow",
"topLevel" : true,
"builtIn" : true,
"authenticationExecutions" : [ {
"authenticator" : "direct-grant-validate-username",
"authenticatorFlow" : false,
"requirement" : "REQUIRED",
"priority" : 10,
"autheticatorFlow" : false,
"userSetupAllowed" : false
}, {
"authenticator" : "direct-grant-validate-password",
"authenticatorFlow" : false,
"requirement" : "REQUIRED",
"priority" : 20,
"autheticatorFlow" : false,
"userSetupAllowed" : false
}, {
"authenticatorFlow" : true,
"requirement" : "CONDITIONAL",
"priority" : 30,
"autheticatorFlow" : true,
"flowAlias" : "Direct Grant - Conditional OTP",
"userSetupAllowed" : false
} ]
}, {
"id" : "e3e53d6f-8d77-43cc-8676-6ea60560a5de",
"alias" : "docker auth",
"description" : "Used by Docker clients to authenticate against the IDP",
"providerId" : "basic-flow",
"topLevel" : true,
"builtIn" : true,
"authenticationExecutions" : [ {
"authenticator" : "docker-http-basic-authenticator",
"authenticatorFlow" : false,
"requirement" : "REQUIRED",
"priority" : 10,
"autheticatorFlow" : false,
"userSetupAllowed" : false
} ]
}, {
"id" : "d441ee9e-f8aa-4c36-94cb-5f342391fcd9",
"alias" : "first broker login",
"description" : "Actions taken after first broker login with identity provider account, which is not yet linked to any Keycloak account",
"providerId" : "basic-flow",
"topLevel" : true,
"builtIn" : true,
"authenticationExecutions" : [ {
"authenticatorConfig" : "review profile config",
"authenticator" : "idp-review-profile",
"authenticatorFlow" : false,
"requirement" : "REQUIRED",
"priority" : 10,
"autheticatorFlow" : false,
"userSetupAllowed" : false
}, {
"authenticatorFlow" : true,
"requirement" : "REQUIRED",
"priority" : 20,
"autheticatorFlow" : true,
"flowAlias" : "User creation or linking",
"userSetupAllowed" : false
} ]
}, {
"id" : "457b5ad7-a23b-47dc-afbc-b1a5fc35c7f1",
"alias" : "forms",
"description" : "Username, password, otp and other auth forms.",
"providerId" : "basic-flow",
"topLevel" : false,
"builtIn" : true,
"authenticationExecutions" : [ {
"authenticator" : "auth-username-password-form",
"authenticatorFlow" : false,
"requirement" : "REQUIRED",
"priority" : 10,
"autheticatorFlow" : false,
"userSetupAllowed" : false
}, {
"authenticatorFlow" : true,
"requirement" : "CONDITIONAL",
"priority" : 20,
"autheticatorFlow" : true,
"flowAlias" : "Browser - Conditional OTP",
"userSetupAllowed" : false
} ]
}, {
"id" : "fcd691fb-8a3c-420a-9325-9dea0b2462e0",
"alias" : "registration",
"description" : "registration flow",
"providerId" : "basic-flow",
"topLevel" : true,
"builtIn" : true,
"authenticationExecutions" : [ {
"authenticator" : "registration-page-form",
"authenticatorFlow" : true,
"requirement" : "REQUIRED",
"priority" : 10,
"autheticatorFlow" : true,
"flowAlias" : "registration form",
"userSetupAllowed" : false
} ]
}, {
"id" : "a1553261-9fc6-4acd-ab32-c18d9ec541c3",
"alias" : "registration form",
"description" : "registration form",
"providerId" : "form-flow",
"topLevel" : false,
"builtIn" : true,
"authenticationExecutions" : [ {
"authenticator" : "registration-user-creation",
"authenticatorFlow" : false,
"requirement" : "REQUIRED",
"priority" : 20,
"autheticatorFlow" : false,
"userSetupAllowed" : false
}, {
"authenticator" : "registration-password-action",
"authenticatorFlow" : false,
"requirement" : "REQUIRED",
"priority" : 50,
"autheticatorFlow" : false,
"userSetupAllowed" : false
}, {
"authenticator" : "registration-recaptcha-action",
"authenticatorFlow" : false,
"requirement" : "DISABLED",
"priority" : 60,
"autheticatorFlow" : false,
"userSetupAllowed" : false
}, {
"authenticator" : "registration-terms-and-conditions",
"authenticatorFlow" : false,
"requirement" : "DISABLED",
"priority" : 70,
"autheticatorFlow" : false,
"userSetupAllowed" : false
} ]
}, {
"id" : "efa8e588-b443-4a8a-82fb-05423d00c828",
"alias" : "reset credentials",
"description" : "Reset credentials for a user if they forgot their password or something",
"providerId" : "basic-flow",
"topLevel" : true,
"builtIn" : true,
"authenticationExecutions" : [ {
"authenticator" : "reset-credentials-choose-user",
"authenticatorFlow" : false,
"requirement" : "REQUIRED",
"priority" : 10,
"autheticatorFlow" : false,
"userSetupAllowed" : false
}, {
"authenticator" : "reset-credential-email",
"authenticatorFlow" : false,
"requirement" : "REQUIRED",
"priority" : 20,
"autheticatorFlow" : false,
"userSetupAllowed" : false
}, {
"authenticator" : "reset-password",
"authenticatorFlow" : false,
"requirement" : "REQUIRED",
"priority" : 30,
"autheticatorFlow" : false,
"userSetupAllowed" : false
}, {
"authenticatorFlow" : true,
"requirement" : "CONDITIONAL",
"priority" : 40,
"autheticatorFlow" : true,
"flowAlias" : "Reset - Conditional OTP",
"userSetupAllowed" : false
} ]
}, {
"id" : "3f28804b-b72a-4e4d-a249-1128157d888e",
"alias" : "saml ecp",
"description" : "SAML ECP Profile Authentication Flow",
"providerId" : "basic-flow",
"topLevel" : true,
"builtIn" : true,
"authenticationExecutions" : [ {
"authenticator" : "http-basic-authenticator",
"authenticatorFlow" : false,
"requirement" : "REQUIRED",
"priority" : 10,
"autheticatorFlow" : false,
"userSetupAllowed" : false
} ]
} ],
"authenticatorConfig" : [ {
"id" : "0e728444-75bc-47d3-a8cc-0481349f3e42",
"alias" : "create unique user config",
"config" : {
"require.password.update.after.registration" : "false"
}
}, {
"id" : "92a4b7c8-ff70-4e56-a53b-aba1d1967b46",
"alias" : "review profile config",
"config" : {
"update.profile.on.first.login" : "missing"
}
} ],
"requiredActions" : [ {
"alias" : "CONFIGURE_TOTP",
"name" : "Configure OTP",
"providerId" : "CONFIGURE_TOTP",
"enabled" : true,
"defaultAction" : false,
"priority" : 10,
"config" : { }
}, {
"alias" : "TERMS_AND_CONDITIONS",
"name" : "Terms and Conditions",
"providerId" : "TERMS_AND_CONDITIONS",
"enabled" : false,
"defaultAction" : false,
"priority" : 20,
"config" : { }
}, {
"alias" : "UPDATE_PASSWORD",
"name" : "Update Password",
"providerId" : "UPDATE_PASSWORD",
"enabled" : true,
"defaultAction" : false,
"priority" : 30,
"config" : { }
}, {
"alias" : "UPDATE_PROFILE",
"name" : "Update Profile",
"providerId" : "UPDATE_PROFILE",
"enabled" : true,
"defaultAction" : false,
"priority" : 40,
"config" : { }
}, {
"alias" : "VERIFY_EMAIL",
"name" : "Verify Email",
"providerId" : "VERIFY_EMAIL",
"enabled" : true,
"defaultAction" : false,
"priority" : 50,
"config" : { }
}, {
"alias" : "delete_account",
"name" : "Delete Account",
"providerId" : "delete_account",
"enabled" : false,
"defaultAction" : false,
"priority" : 60,
"config" : { }
}, {
"alias" : "webauthn-register",
"name" : "Webauthn Register",
"providerId" : "webauthn-register",
"enabled" : true,
"defaultAction" : false,
"priority" : 70,
"config" : { }
}, {
"alias" : "webauthn-register-passwordless",
"name" : "Webauthn Register Passwordless",
"providerId" : "webauthn-register-passwordless",
"enabled" : true,
"defaultAction" : false,
"priority" : 80,
"config" : { }
}, {
"alias" : "VERIFY_PROFILE",
"name" : "Verify Profile",
"providerId" : "VERIFY_PROFILE",
"enabled" : true,
"defaultAction" : false,
"priority" : 90,
"config" : { }
}, {
"alias" : "update_user_locale",
"name" : "Update User Locale",
"providerId" : "update_user_locale",
"enabled" : true,
"defaultAction" : false,
"priority" : 1000,
"config" : { }
} ],
"browserFlow" : "browser",
"registrationFlow" : "registration",
"directGrantFlow" : "direct grant",
"resetCredentialsFlow" : "reset credentials",
"clientAuthenticationFlow" : "clients",
"dockerAuthenticationFlow" : "docker auth",
"firstBrokerLoginFlow" : "first broker login",
"attributes" : {
"cibaBackchannelTokenDeliveryMode" : "poll",
"cibaAuthRequestedUserHint" : "login_hint",
"oauth2DevicePollingInterval" : "5",
"clientOfflineSessionMaxLifespan" : "0",
"clientSessionIdleTimeout" : "0",
"actionTokenGeneratedByUserLifespan.verify-email" : "",
"actionTokenGeneratedByUserLifespan.idp-verify-account-via-email" : "",
"clientOfflineSessionIdleTimeout" : "0",
"actionTokenGeneratedByUserLifespan.execute-actions" : "",
"cibaInterval" : "5",
"realmReusableOtpCode" : "false",
"cibaExpiresIn" : "120",
"oauth2DeviceCodeLifespan" : "600",
"parRequestUriLifespan" : "60",
"clientSessionMaxLifespan" : "0",
"shortVerificationUri" : "",
"actionTokenGeneratedByUserLifespan.reset-credentials" : ""
},
"keycloakVersion" : "24.0.1",
"userManagedAccessAllowed" : false,
"clientProfiles" : {
"profiles" : [ ]
},
"clientPolicies" : {
"policies" : [ ]
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment