Created
October 21, 2022 19:54
-
-
Save devent/289d1a97d0e37d5dfa90295ac2079f5f to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
{ | |
"id": "open", | |
"realm": "SSO Andrea-1", | |
"notBefore": 0, | |
"defaultSignatureAlgorithm": "RS256", | |
"revokeRefreshToken": false, | |
"refreshTokenMaxReuse": 0, | |
"accessTokenLifespan": 300, | |
"accessTokenLifespanForImplicitFlow": 900, | |
"ssoSessionIdleTimeout": 1800, | |
"ssoSessionMaxLifespan": 36000, | |
"ssoSessionIdleTimeoutRememberMe": 0, | |
"ssoSessionMaxLifespanRememberMe": 0, | |
"offlineSessionIdleTimeout": 2592000, | |
"offlineSessionMaxLifespanEnabled": false, | |
"offlineSessionMaxLifespan": 5184000, | |
"clientSessionIdleTimeout": 0, | |
"clientSessionMaxLifespan": 0, | |
"clientOfflineSessionIdleTimeout": 0, | |
"clientOfflineSessionMaxLifespan": 0, | |
"accessCodeLifespan": 60, | |
"accessCodeLifespanUserAction": 300, | |
"accessCodeLifespanLogin": 1800, | |
"actionTokenGeneratedByAdminLifespan": 43200, | |
"actionTokenGeneratedByUserLifespan": 300, | |
"oauth2DeviceCodeLifespan": 600, | |
"oauth2DevicePollingInterval": 5, | |
"enabled": true, | |
"sslRequired": "external", | |
"registrationAllowed": true, | |
"registrationEmailAsUsername": false, | |
"rememberMe": false, | |
"verifyEmail": true, | |
"loginWithEmailAllowed": true, | |
"duplicateEmailsAllowed": false, | |
"resetPasswordAllowed": true, | |
"editUsernameAllowed": false, | |
"bruteForceProtected": false, | |
"permanentLockout": false, | |
"maxFailureWaitSeconds": 900, | |
"minimumQuickLoginWaitSeconds": 60, | |
"waitIncrementSeconds": 60, | |
"quickLoginCheckMilliSeconds": 1000, | |
"maxDeltaTimeSeconds": 43200, | |
"failureFactor": 30, | |
"roles": { | |
"realm": [ | |
{ | |
"id": "b4f511d8-fe6a-4c69-865b-e0bf9ba3a078", | |
"name": "offline_access", | |
"description": "${role_offline-access}", | |
"composite": false, | |
"clientRole": false, | |
"containerId": "open", | |
"attributes": {} | |
}, | |
{ | |
"id": "be8fc272-4256-46fc-8e64-742568a7948a", | |
"name": "uma_authorization", | |
"description": "${role_uma_authorization}", | |
"composite": false, | |
"clientRole": false, | |
"containerId": "open", | |
"attributes": {} | |
}, | |
{ | |
"id": "cc9e7897-0919-4fca-adfb-4b4ff75f68a3", | |
"name": "default-roles-open", | |
"description": "${role_default-roles}", | |
"composite": true, | |
"composites": { | |
"realm": [ | |
"offline_access", | |
"uma_authorization" | |
], | |
"client": { | |
"account": [ | |
"view-profile", | |
"manage-account" | |
] | |
} | |
}, | |
"clientRole": false, | |
"containerId": "open", | |
"attributes": {} | |
} | |
], | |
"client": { | |
"realm-management": [ | |
{ | |
"id": "13f9186f-ddaa-437d-bf2a-12af40d59132", | |
"name": "manage-identity-providers", | |
"description": "${role_manage-identity-providers}", | |
"composite": false, | |
"clientRole": true, | |
"containerId": "d3cf4f94-36c2-4f78-aacc-337812056aff", | |
"attributes": {} | |
}, | |
{ | |
"id": "3a0acdd2-c821-4cc2-9d7a-9859cd38d75c", | |
"name": "view-identity-providers", | |
"description": "${role_view-identity-providers}", | |
"composite": false, | |
"clientRole": true, | |
"containerId": "d3cf4f94-36c2-4f78-aacc-337812056aff", | |
"attributes": {} | |
}, | |
{ | |
"id": "881aff65-469e-400f-8488-0e9840ce7f0b", | |
"name": "query-clients", | |
"description": "${role_query-clients}", | |
"composite": false, | |
"clientRole": true, | |
"containerId": "d3cf4f94-36c2-4f78-aacc-337812056aff", | |
"attributes": {} | |
}, | |
{ | |
"id": "5e14b5f7-ce71-4be6-b619-8993c4f1b375", | |
"name": "manage-realm", | |
"description": "${role_manage-realm}", | |
"composite": false, | |
"clientRole": true, | |
"containerId": "d3cf4f94-36c2-4f78-aacc-337812056aff", | |
"attributes": {} | |
}, | |
{ | |
"id": "5163fab6-3fe9-41e0-85da-fa89574dcd72", | |
"name": "manage-users", | |
"description": "${role_manage-users}", | |
"composite": false, | |
"clientRole": true, | |
"containerId": "d3cf4f94-36c2-4f78-aacc-337812056aff", | |
"attributes": {} | |
}, | |
{ | |
"id": "8dd02331-a439-496d-bcf7-bbf68b4cbc3b", | |
"name": "query-realms", | |
"description": "${role_query-realms}", | |
"composite": false, | |
"clientRole": true, | |
"containerId": "d3cf4f94-36c2-4f78-aacc-337812056aff", | |
"attributes": {} | |
}, | |
{ | |
"id": "3451e071-3cac-474d-b2e7-8f2ac0a755a3", | |
"name": "manage-clients", | |
"description": "${role_manage-clients}", | |
"composite": false, | |
"clientRole": true, | |
"containerId": "d3cf4f94-36c2-4f78-aacc-337812056aff", | |
"attributes": {} | |
}, | |
{ | |
"id": "fe8cff1e-7833-46e4-9aa0-97fff3115c3d", | |
"name": "query-users", | |
"description": "${role_query-users}", | |
"composite": false, | |
"clientRole": true, | |
"containerId": "d3cf4f94-36c2-4f78-aacc-337812056aff", | |
"attributes": {} | |
}, | |
{ | |
"id": "ef80578a-e74d-41e8-aaaf-7dbfec40e416", | |
"name": "view-users", | |
"description": "${role_view-users}", | |
"composite": true, | |
"composites": { | |
"client": { | |
"realm-management": [ | |
"query-users", | |
"query-groups" | |
] | |
} | |
}, | |
"clientRole": true, | |
"containerId": "d3cf4f94-36c2-4f78-aacc-337812056aff", | |
"attributes": {} | |
}, | |
{ | |
"id": "90b17f79-e454-47e3-b747-6e25aa778c96", | |
"name": "manage-authorization", | |
"description": "${role_manage-authorization}", | |
"composite": false, | |
"clientRole": true, | |
"containerId": "d3cf4f94-36c2-4f78-aacc-337812056aff", | |
"attributes": {} | |
}, | |
{ | |
"id": "722fcdbe-5ed0-42aa-b74c-3c62bd319113", | |
"name": "view-authorization", | |
"description": "${role_view-authorization}", | |
"composite": false, | |
"clientRole": true, | |
"containerId": "d3cf4f94-36c2-4f78-aacc-337812056aff", | |
"attributes": {} | |
}, | |
{ | |
"id": "4edb38dd-cfe9-46c5-b238-a0cfbf9fcd53", | |
"name": "impersonation", | |
"description": "${role_impersonation}", | |
"composite": false, | |
"clientRole": true, | |
"containerId": "d3cf4f94-36c2-4f78-aacc-337812056aff", | |
"attributes": {} | |
}, | |
{ | |
"id": "efd6c3d9-e964-4bdc-bc99-777e51e1d53b", | |
"name": "view-events", | |
"description": "${role_view-events}", | |
"composite": false, | |
"clientRole": true, | |
"containerId": "d3cf4f94-36c2-4f78-aacc-337812056aff", | |
"attributes": {} | |
}, | |
{ | |
"id": "e04eaee9-a0b0-4157-a18f-17288d59066f", | |
"name": "view-clients", | |
"description": "${role_view-clients}", | |
"composite": true, | |
"composites": { | |
"client": { | |
"realm-management": [ | |
"query-clients" | |
] | |
} | |
}, | |
"clientRole": true, | |
"containerId": "d3cf4f94-36c2-4f78-aacc-337812056aff", | |
"attributes": {} | |
}, | |
{ | |
"id": "b7c0fdc8-41f2-4b95-aebc-16e44a689eb9", | |
"name": "manage-events", | |
"description": "${role_manage-events}", | |
"composite": false, | |
"clientRole": true, | |
"containerId": "d3cf4f94-36c2-4f78-aacc-337812056aff", | |
"attributes": {} | |
}, | |
{ | |
"id": "28424d54-ca18-4471-97be-4626dcc056ef", | |
"name": "view-realm", | |
"description": "${role_view-realm}", | |
"composite": false, | |
"clientRole": true, | |
"containerId": "d3cf4f94-36c2-4f78-aacc-337812056aff", | |
"attributes": {} | |
}, | |
{ | |
"id": "67e0e968-e6b7-4808-a270-b2d726b07283", | |
"name": "create-client", | |
"description": "${role_create-client}", | |
"composite": false, | |
"clientRole": true, | |
"containerId": "d3cf4f94-36c2-4f78-aacc-337812056aff", | |
"attributes": {} | |
}, | |
{ | |
"id": "338fe7cf-e978-4878-8fc1-1b6130b9ccce", | |
"name": "query-groups", | |
"description": "${role_query-groups}", | |
"composite": false, | |
"clientRole": true, | |
"containerId": "d3cf4f94-36c2-4f78-aacc-337812056aff", | |
"attributes": {} | |
}, | |
{ | |
"id": "6cfe031e-d1e6-43ee-a1ab-9d96b1e771cd", | |
"name": "realm-admin", | |
"description": "${role_realm-admin}", | |
"composite": true, | |
"composites": { | |
"client": { | |
"realm-management": [ | |
"manage-identity-providers", | |
"view-identity-providers", | |
"query-clients", | |
"manage-realm", | |
"manage-users", | |
"query-realms", | |
"manage-clients", | |
"query-users", | |
"view-users", | |
"view-authorization", | |
"manage-authorization", | |
"view-events", | |
"impersonation", | |
"view-clients", | |
"manage-events", | |
"view-realm", | |
"create-client", | |
"query-groups" | |
] | |
} | |
}, | |
"clientRole": true, | |
"containerId": "d3cf4f94-36c2-4f78-aacc-337812056aff", | |
"attributes": {} | |
} | |
], | |
"security-admin-console": [], | |
"anrisoftware-com-gitea": [], | |
"admin-cli": [], | |
"account-console": [], | |
"muellerpublic-de-grafana": [], | |
"broker": [ | |
{ | |
"id": "17a3b841-62df-4c6f-ba6e-6a5e0f7fbabb", | |
"name": "read-token", | |
"description": "${role_read-token}", | |
"composite": false, | |
"clientRole": true, | |
"containerId": "97fb851c-d443-46c5-8ffe-a8de8c1bd282", | |
"attributes": {} | |
} | |
], | |
"account": [ | |
{ | |
"id": "9318be70-071f-4826-baf2-41eba1667524", | |
"name": "view-profile", | |
"description": "${role_view-profile}", | |
"composite": false, | |
"clientRole": true, | |
"containerId": "aed337a2-fc99-4386-ad71-7603bf454918", | |
"attributes": {} | |
}, | |
{ | |
"id": "54c2bebf-5441-43db-8d9c-83ac7f0d3a83", | |
"name": "manage-consent", | |
"description": "${role_manage-consent}", | |
"composite": true, | |
"composites": { | |
"client": { | |
"account": [ | |
"view-consent" | |
] | |
} | |
}, | |
"clientRole": true, | |
"containerId": "aed337a2-fc99-4386-ad71-7603bf454918", | |
"attributes": {} | |
}, | |
{ | |
"id": "0b589be0-654f-4788-9ff5-742aa33308ba", | |
"name": "view-applications", | |
"description": "${role_view-applications}", | |
"composite": false, | |
"clientRole": true, | |
"containerId": "aed337a2-fc99-4386-ad71-7603bf454918", | |
"attributes": {} | |
}, | |
{ | |
"id": "a3bfa01c-5612-4cee-8e55-df0c55db0e37", | |
"name": "manage-account", | |
"description": "${role_manage-account}", | |
"composite": true, | |
"composites": { | |
"client": { | |
"account": [ | |
"manage-account-links" | |
] | |
} | |
}, | |
"clientRole": true, | |
"containerId": "aed337a2-fc99-4386-ad71-7603bf454918", | |
"attributes": {} | |
}, | |
{ | |
"id": "0953698a-9f7d-41f1-a7ba-cd463ed68f17", | |
"name": "manage-account-links", | |
"description": "${role_manage-account-links}", | |
"composite": false, | |
"clientRole": true, | |
"containerId": "aed337a2-fc99-4386-ad71-7603bf454918", | |
"attributes": {} | |
}, | |
{ | |
"id": "a953cb87-3285-4606-8d6b-359febc556ba", | |
"name": "delete-account", | |
"description": "${role_delete-account}", | |
"composite": false, | |
"clientRole": true, | |
"containerId": "aed337a2-fc99-4386-ad71-7603bf454918", | |
"attributes": {} | |
}, | |
{ | |
"id": "b811a7da-d0c9-40de-af34-613794a4bb62", | |
"name": "view-consent", | |
"description": "${role_view-consent}", | |
"composite": false, | |
"clientRole": true, | |
"containerId": "aed337a2-fc99-4386-ad71-7603bf454918", | |
"attributes": {} | |
} | |
] | |
} | |
}, | |
"groups": [ | |
{ | |
"id": "2fb0e64d-8afd-4438-8575-52845da3945c", | |
"name": "Administrators", | |
"path": "/Administrators", | |
"attributes": {}, | |
"realmRoles": [], | |
"clientRoles": {}, | |
"subGroups": [] | |
}, | |
{ | |
"id": "045faf0d-4f92-4eda-b8bc-5b05b653c98f", | |
"name": "Editors", | |
"path": "/Editors", | |
"attributes": {}, | |
"realmRoles": [], | |
"clientRoles": {}, | |
"subGroups": [] | |
}, | |
{ | |
"id": "c8d9f389-a5eb-494b-8db7-fbb03f1c385b", | |
"name": "Gitea", | |
"path": "/Gitea", | |
"attributes": {}, | |
"realmRoles": [], | |
"clientRoles": {}, | |
"subGroups": [] | |
}, | |
{ | |
"id": "26b879e7-1042-4fa7-b36f-119deac28c31", | |
"name": "Grafana", | |
"path": "/Grafana", | |
"attributes": {}, | |
"realmRoles": [], | |
"clientRoles": {}, | |
"subGroups": [] | |
}, | |
{ | |
"id": "7a48e5c3-c468-477d-a90a-263b12b4abfc", | |
"name": "Harbor", | |
"path": "/Harbor", | |
"attributes": {}, | |
"realmRoles": [], | |
"clientRoles": {}, | |
"subGroups": [] | |
}, | |
{ | |
"id": "04a41db5-0066-45ea-8e09-825f10eaea6a", | |
"name": "Interscalar", | |
"path": "/Interscalar", | |
"attributes": {}, | |
"realmRoles": [], | |
"clientRoles": {}, | |
"subGroups": [] | |
}, | |
{ | |
"id": "9f2796b5-924d-4fce-a146-41b62a93b6c8", | |
"name": "Jenkins", | |
"path": "/Jenkins", | |
"attributes": {}, | |
"realmRoles": [], | |
"clientRoles": {}, | |
"subGroups": [] | |
}, | |
{ | |
"id": "c32c6acb-504d-45ac-811a-2ebc1c3f368f", | |
"name": "JenkinsTrusted", | |
"path": "/JenkinsTrusted", | |
"attributes": {}, | |
"realmRoles": [], | |
"clientRoles": {}, | |
"subGroups": [] | |
}, | |
{ | |
"id": "7f70b132-9242-455c-be22-74837cf80e1e", | |
"name": "Jenkins_anrisoftware.com", | |
"path": "/Jenkins_anrisoftware.com", | |
"attributes": {}, | |
"realmRoles": [], | |
"clientRoles": {}, | |
"subGroups": [] | |
}, | |
{ | |
"id": "75b9964d-0c74-44de-a2e0-60c70c096489", | |
"name": "Jenkins_robobeerun.com", | |
"path": "/Jenkins_robobeerun.com", | |
"attributes": {}, | |
"realmRoles": [], | |
"clientRoles": {}, | |
"subGroups": [] | |
}, | |
{ | |
"id": "98010ae2-501a-4694-a3d2-3e2c8879c959", | |
"name": "Matomo", | |
"path": "/Matomo", | |
"attributes": {}, | |
"realmRoles": [], | |
"clientRoles": {}, | |
"subGroups": [] | |
}, | |
{ | |
"id": "d61a5b41-8953-432d-ae4a-de97e4674c4c", | |
"name": "Minio", | |
"path": "/Minio", | |
"attributes": {}, | |
"realmRoles": [], | |
"clientRoles": {}, | |
"subGroups": [] | |
}, | |
{ | |
"id": "3af77b03-8f91-4708-b062-d287e5e45f5e", | |
"name": "Nexus", | |
"path": "/Nexus", | |
"attributes": {}, | |
"realmRoles": [], | |
"clientRoles": {}, | |
"subGroups": [] | |
}, | |
{ | |
"id": "711d065c-40ce-4db2-ab55-2ed7b448e8e0", | |
"name": "Sonarqube", | |
"path": "/Sonarqube", | |
"attributes": {}, | |
"realmRoles": [], | |
"clientRoles": {}, | |
"subGroups": [] | |
}, | |
{ | |
"id": "96559c36-3d09-4d74-bcec-cd90cb7c723d", | |
"name": "Vault", | |
"path": "/Vault", | |
"attributes": {}, | |
"realmRoles": [], | |
"clientRoles": {}, | |
"subGroups": [] | |
}, | |
{ | |
"id": "206dff37-c504-4088-a820-5c79eedc269d", | |
"name": "nx-admin", | |
"path": "/nx-admin", | |
"attributes": {}, | |
"realmRoles": [], | |
"clientRoles": {}, | |
"subGroups": [] | |
}, | |
{ | |
"id": "b49fea31-d4df-4d91-b85a-b09ab2e3102c", | |
"name": "nx-developer", | |
"path": "/nx-developer", | |
"attributes": {}, | |
"realmRoles": [], | |
"clientRoles": {}, | |
"subGroups": [] | |
}, | |
{ | |
"id": "2c48d7cc-122c-4642-925d-9bc878d86327", | |
"name": "nx-jenkins", | |
"path": "/nx-jenkins", | |
"attributes": {}, | |
"realmRoles": [], | |
"clientRoles": {}, | |
"subGroups": [] | |
}, | |
{ | |
"id": "1289940f-d4f4-4951-8a21-bc2bb55071d8", | |
"name": "sonar-administrators", | |
"path": "/sonar-administrators", | |
"attributes": {}, | |
"realmRoles": [], | |
"clientRoles": {}, | |
"subGroups": [] | |
}, | |
{ | |
"id": "ad89ddb2-7530-4012-bcc2-4006ff69842c", | |
"name": "sq-developer", | |
"path": "/sq-developer", | |
"attributes": {}, | |
"realmRoles": [], | |
"clientRoles": {}, | |
"subGroups": [] | |
}, | |
{ | |
"id": "eaafd033-cc40-41b0-91d0-2665cc40cc4d", | |
"name": "sq-jenkins", | |
"path": "/sq-jenkins", | |
"attributes": {}, | |
"realmRoles": [], | |
"clientRoles": {}, | |
"subGroups": [] | |
} | |
], | |
"defaultRole": { | |
"id": "cc9e7897-0919-4fca-adfb-4b4ff75f68a3", | |
"name": "default-roles-open", | |
"description": "${role_default-roles}", | |
"composite": true, | |
"clientRole": false, | |
"containerId": "open" | |
}, | |
"requiredCredentials": [ | |
"password" | |
], | |
"otpPolicyType": "totp", | |
"otpPolicyAlgorithm": "HmacSHA1", | |
"otpPolicyInitialCounter": 0, | |
"otpPolicyDigits": 6, | |
"otpPolicyLookAheadWindow": 1, | |
"otpPolicyPeriod": 30, | |
"otpSupportedApplications": [ | |
"FreeOTP", | |
"Google Authenticator" | |
], | |
"webAuthnPolicyRpEntityName": "keycloak", | |
"webAuthnPolicySignatureAlgorithms": [ | |
"ES256" | |
], | |
"webAuthnPolicyRpId": "", | |
"webAuthnPolicyAttestationConveyancePreference": "not specified", | |
"webAuthnPolicyAuthenticatorAttachment": "not specified", | |
"webAuthnPolicyRequireResidentKey": "not specified", | |
"webAuthnPolicyUserVerificationRequirement": "not specified", | |
"webAuthnPolicyCreateTimeout": 0, | |
"webAuthnPolicyAvoidSameAuthenticatorRegister": false, | |
"webAuthnPolicyAcceptableAaguids": [], | |
"webAuthnPolicyPasswordlessRpEntityName": "keycloak", | |
"webAuthnPolicyPasswordlessSignatureAlgorithms": [ | |
"ES256" | |
], | |
"webAuthnPolicyPasswordlessRpId": "", | |
"webAuthnPolicyPasswordlessAttestationConveyancePreference": "not specified", | |
"webAuthnPolicyPasswordlessAuthenticatorAttachment": "not specified", | |
"webAuthnPolicyPasswordlessRequireResidentKey": "not specified", | |
"webAuthnPolicyPasswordlessUserVerificationRequirement": "not specified", | |
"webAuthnPolicyPasswordlessCreateTimeout": 0, | |
"webAuthnPolicyPasswordlessAvoidSameAuthenticatorRegister": false, | |
"webAuthnPolicyPasswordlessAcceptableAaguids": [], | |
"scopeMappings": [ | |
{ | |
"clientScope": "offline_access", | |
"roles": [ | |
"offline_access" | |
] | |
} | |
], | |
"clientScopeMappings": { | |
"account": [ | |
{ | |
"client": "account-console", | |
"roles": [ | |
"manage-account" | |
] | |
} | |
] | |
}, | |
"clients": [ | |
{ | |
"id": "aed337a2-fc99-4386-ad71-7603bf454918", | |
"clientId": "account", | |
"name": "${client_account}", | |
"rootUrl": "${authBaseUrl}", | |
"baseUrl": "/realms/SSO Andrea-1/account/", | |
"surrogateAuthRequired": false, | |
"enabled": true, | |
"alwaysDisplayInConsole": false, | |
"clientAuthenticatorType": "client-secret", | |
"redirectUris": [ | |
"/realms/SSO Andrea-1/account/*" | |
], | |
"webOrigins": [], | |
"notBefore": 0, | |
"bearerOnly": false, | |
"consentRequired": false, | |
"standardFlowEnabled": true, | |
"implicitFlowEnabled": false, | |
"directAccessGrantsEnabled": false, | |
"serviceAccountsEnabled": false, | |
"publicClient": true, | |
"frontchannelLogout": false, | |
"protocol": "openid-connect", | |
"attributes": {}, | |
"authenticationFlowBindingOverrides": {}, | |
"fullScopeAllowed": false, | |
"nodeReRegistrationTimeout": 0, | |
"defaultClientScopes": [ | |
"web-origins", | |
"roles", | |
"profile", | |
"email" | |
], | |
"optionalClientScopes": [ | |
"address", | |
"phone", | |
"offline_access", | |
"microprofile-jwt" | |
] | |
}, | |
{ | |
"id": "b7773075-baa5-4c1a-a2c9-9ffa986c8d93", | |
"clientId": "account-console", | |
"name": "${client_account-console}", | |
"rootUrl": "${authBaseUrl}", | |
"baseUrl": "/realms/open/account/", | |
"surrogateAuthRequired": false, | |
"enabled": true, | |
"alwaysDisplayInConsole": false, | |
"clientAuthenticatorType": "client-secret", | |
"redirectUris": [ | |
"/realms/open/account/*" | |
], | |
"webOrigins": [], | |
"notBefore": 0, | |
"bearerOnly": false, | |
"consentRequired": false, | |
"standardFlowEnabled": true, | |
"implicitFlowEnabled": false, | |
"directAccessGrantsEnabled": false, | |
"serviceAccountsEnabled": false, | |
"publicClient": true, | |
"frontchannelLogout": false, | |
"protocol": "openid-connect", | |
"attributes": { | |
"pkce.code.challenge.method": "S256" | |
}, | |
"authenticationFlowBindingOverrides": {}, | |
"fullScopeAllowed": false, | |
"nodeReRegistrationTimeout": 0, | |
"protocolMappers": [ | |
{ | |
"id": "8046baeb-0f67-49f7-b1d8-f43f0d1dcb38", | |
"name": "audience resolve", | |
"protocol": "openid-connect", | |
"protocolMapper": "oidc-audience-resolve-mapper", | |
"consentRequired": false, | |
"config": {} | |
} | |
], | |
"defaultClientScopes": [ | |
"web-origins", | |
"roles", | |
"profile", | |
"email" | |
], | |
"optionalClientScopes": [ | |
"address", | |
"phone", | |
"offline_access", | |
"microprofile-jwt" | |
] | |
}, | |
{ | |
"id": "3daaa61e-304b-45b7-9432-b8a1b9d80e28", | |
"clientId": "admin-cli", | |
"name": "${client_admin-cli}", | |
"surrogateAuthRequired": false, | |
"enabled": true, | |
"alwaysDisplayInConsole": false, | |
"clientAuthenticatorType": "client-secret", | |
"redirectUris": [], | |
"webOrigins": [], | |
"notBefore": 0, | |
"bearerOnly": false, | |
"consentRequired": false, | |
"standardFlowEnabled": false, | |
"implicitFlowEnabled": false, | |
"directAccessGrantsEnabled": true, | |
"serviceAccountsEnabled": false, | |
"publicClient": true, | |
"frontchannelLogout": false, | |
"protocol": "openid-connect", | |
"attributes": {}, | |
"authenticationFlowBindingOverrides": {}, | |
"fullScopeAllowed": false, | |
"nodeReRegistrationTimeout": 0, | |
"defaultClientScopes": [ | |
"web-origins", | |
"roles", | |
"profile", | |
"email" | |
], | |
"optionalClientScopes": [ | |
"address", | |
"phone", | |
"offline_access", | |
"microprofile-jwt" | |
] | |
}, | |
{ | |
"id": "06ec18cc-d208-4c1c-85c7-ebd575db0849", | |
"clientId": "anrisoftware-com-gitea", | |
"rootUrl": "https://gitea.anrisoftware.com", | |
"adminUrl": "https://gitea.anrisoftware.com", | |
"baseUrl": "https://gitea.anrisoftware.com", | |
"surrogateAuthRequired": false, | |
"enabled": true, | |
"alwaysDisplayInConsole": false, | |
"clientAuthenticatorType": "client-secret", | |
"secret": "**********", | |
"redirectUris": [ | |
"https://gitea.anrisoftware.com/*", | |
"http://gitea.anrisoftware.com/*" | |
], | |
"webOrigins": [ | |
"https://gitea.andrea-1.anrisoftware.com" | |
], | |
"notBefore": 0, | |
"bearerOnly": false, | |
"consentRequired": false, | |
"standardFlowEnabled": true, | |
"implicitFlowEnabled": false, | |
"directAccessGrantsEnabled": true, | |
"serviceAccountsEnabled": false, | |
"publicClient": false, | |
"frontchannelLogout": false, | |
"protocol": "openid-connect", | |
"attributes": { | |
"saml.assertion.signature": "false", | |
"id.token.as.detached.signature": "false", | |
"saml.multivalued.roles": "false", | |
"saml.force.post.binding": "false", | |
"saml.encrypt": "false", | |
"oauth2.device.authorization.grant.enabled": "false", | |
"logoUri": "https://gitea.anrisoftware.com/assets/img/logo.svg", | |
"backchannel.logout.revoke.offline.tokens": "false", | |
"saml.server.signature": "false", | |
"saml.server.signature.keyinfo.ext": "false", | |
"use.refresh.tokens": "true", | |
"exclude.session.state.from.auth.response": "false", | |
"oidc.ciba.grant.enabled": "false", | |
"saml.artifact.binding": "false", | |
"backchannel.logout.session.required": "true", | |
"client_credentials.use_refresh_token": "false", | |
"saml_force_name_id_format": "false", | |
"saml.client.signature": "false", | |
"tls.client.certificate.bound.access.tokens": "false", | |
"require.pushed.authorization.requests": "false", | |
"saml.authnstatement": "false", | |
"display.on.consent.screen": "false", | |
"saml.onetimeuse.condition": "false" | |
}, | |
"authenticationFlowBindingOverrides": {}, | |
"fullScopeAllowed": true, | |
"nodeReRegistrationTimeout": -1, | |
"defaultClientScopes": [ | |
"web-origins", | |
"roles", | |
"profile", | |
"email" | |
], | |
"optionalClientScopes": [ | |
"address", | |
"phone", | |
"offline_access", | |
"microprofile-jwt" | |
] | |
}, | |
{ | |
"id": "97fb851c-d443-46c5-8ffe-a8de8c1bd282", | |
"clientId": "broker", | |
"name": "${client_broker}", | |
"surrogateAuthRequired": false, | |
"enabled": true, | |
"alwaysDisplayInConsole": false, | |
"clientAuthenticatorType": "client-secret", | |
"redirectUris": [], | |
"webOrigins": [], | |
"notBefore": 0, | |
"bearerOnly": true, | |
"consentRequired": false, | |
"standardFlowEnabled": true, | |
"implicitFlowEnabled": false, | |
"directAccessGrantsEnabled": false, | |
"serviceAccountsEnabled": false, | |
"publicClient": false, | |
"frontchannelLogout": false, | |
"protocol": "openid-connect", | |
"attributes": {}, | |
"authenticationFlowBindingOverrides": {}, | |
"fullScopeAllowed": false, | |
"nodeReRegistrationTimeout": 0, | |
"defaultClientScopes": [ | |
"web-origins", | |
"roles", | |
"profile", | |
"email" | |
], | |
"optionalClientScopes": [ | |
"address", | |
"phone", | |
"offline_access", | |
"microprofile-jwt" | |
] | |
}, | |
{ | |
"id": "033bce45-6589-4687-bfe6-7c69fb12f903", | |
"clientId": "muellerpublic-de-grafana", | |
"rootUrl": "https://grafana.andrea-1.muellerpublic.de", | |
"adminUrl": "https://grafana.andrea-1.muellerpublic.de", | |
"surrogateAuthRequired": false, | |
"enabled": true, | |
"alwaysDisplayInConsole": false, | |
"clientAuthenticatorType": "client-secret", | |
"secret": "**********", | |
"redirectUris": [ | |
"https://grafana.andrea-1.muellerpublic.de/*" | |
], | |
"webOrigins": [ | |
"https://grafana.andrea-1.muellerpublic.de" | |
], | |
"notBefore": 0, | |
"bearerOnly": false, | |
"consentRequired": false, | |
"standardFlowEnabled": true, | |
"implicitFlowEnabled": false, | |
"directAccessGrantsEnabled": true, | |
"serviceAccountsEnabled": false, | |
"publicClient": false, | |
"frontchannelLogout": false, | |
"protocol": "openid-connect", | |
"attributes": { | |
"saml.assertion.signature": "false", | |
"id.token.as.detached.signature": "false", | |
"saml.multivalued.roles": "false", | |
"saml.force.post.binding": "false", | |
"saml.encrypt": "false", | |
"oauth2.device.authorization.grant.enabled": "false", | |
"backchannel.logout.revoke.offline.tokens": "false", | |
"saml.server.signature": "false", | |
"saml.server.signature.keyinfo.ext": "false", | |
"use.refresh.tokens": "true", | |
"exclude.session.state.from.auth.response": "false", | |
"oidc.ciba.grant.enabled": "false", | |
"saml.artifact.binding": "false", | |
"backchannel.logout.session.required": "true", | |
"client_credentials.use_refresh_token": "false", | |
"saml_force_name_id_format": "false", | |
"saml.client.signature": "false", | |
"tls.client.certificate.bound.access.tokens": "false", | |
"require.pushed.authorization.requests": "false", | |
"saml.authnstatement": "false", | |
"display.on.consent.screen": "false", | |
"saml.onetimeuse.condition": "false" | |
}, | |
"authenticationFlowBindingOverrides": {}, | |
"fullScopeAllowed": true, | |
"nodeReRegistrationTimeout": -1, | |
"defaultClientScopes": [ | |
"web-origins", | |
"roles", | |
"profile", | |
"email" | |
], | |
"optionalClientScopes": [ | |
"address", | |
"phone", | |
"offline_access", | |
"microprofile-jwt" | |
] | |
}, | |
{ | |
"id": "d3cf4f94-36c2-4f78-aacc-337812056aff", | |
"clientId": "realm-management", | |
"name": "${client_realm-management}", | |
"surrogateAuthRequired": false, | |
"enabled": true, | |
"alwaysDisplayInConsole": false, | |
"clientAuthenticatorType": "client-secret", | |
"redirectUris": [], | |
"webOrigins": [], | |
"notBefore": 0, | |
"bearerOnly": true, | |
"consentRequired": false, | |
"standardFlowEnabled": true, | |
"implicitFlowEnabled": false, | |
"directAccessGrantsEnabled": false, | |
"serviceAccountsEnabled": false, | |
"publicClient": false, | |
"frontchannelLogout": false, | |
"protocol": "openid-connect", | |
"attributes": {}, | |
"authenticationFlowBindingOverrides": {}, | |
"fullScopeAllowed": false, | |
"nodeReRegistrationTimeout": 0, | |
"defaultClientScopes": [ | |
"web-origins", | |
"roles", | |
"profile", | |
"email" | |
], | |
"optionalClientScopes": [ | |
"address", | |
"phone", | |
"offline_access", | |
"microprofile-jwt" | |
] | |
}, | |
{ | |
"id": "aa4ca907-c8ac-48f6-b9f0-5a7d7cd3475b", | |
"clientId": "security-admin-console", | |
"name": "${client_security-admin-console}", | |
"rootUrl": "${authAdminUrl}", | |
"baseUrl": "/admin/SSO Andrea-1/console/", | |
"surrogateAuthRequired": false, | |
"enabled": true, | |
"alwaysDisplayInConsole": false, | |
"clientAuthenticatorType": "client-secret", | |
"redirectUris": [ | |
"/admin/SSO Andrea-1/console/*" | |
], | |
"webOrigins": [ | |
"+" | |
], | |
"notBefore": 0, | |
"bearerOnly": false, | |
"consentRequired": false, | |
"standardFlowEnabled": true, | |
"implicitFlowEnabled": false, | |
"directAccessGrantsEnabled": false, | |
"serviceAccountsEnabled": false, | |
"publicClient": true, | |
"frontchannelLogout": false, | |
"protocol": "openid-connect", | |
"attributes": { | |
"pkce.code.challenge.method": "S256" | |
}, | |
"authenticationFlowBindingOverrides": {}, | |
"fullScopeAllowed": false, | |
"nodeReRegistrationTimeout": 0, | |
"protocolMappers": [ | |
{ | |
"id": "45fdd1ce-adbf-486b-93b4-91c6209c9004", | |
"name": "locale", | |
"protocol": "openid-connect", | |
"protocolMapper": "oidc-usermodel-attribute-mapper", | |
"consentRequired": false, | |
"config": { | |
"userinfo.token.claim": "true", | |
"user.attribute": "locale", | |
"id.token.claim": "true", | |
"access.token.claim": "true", | |
"claim.name": "locale", | |
"jsonType.label": "String" | |
} | |
} | |
], | |
"defaultClientScopes": [ | |
"web-origins", | |
"roles", | |
"profile", | |
"email" | |
], | |
"optionalClientScopes": [ | |
"address", | |
"phone", | |
"offline_access", | |
"microprofile-jwt" | |
] | |
} | |
], | |
"clientScopes": [ | |
{ | |
"id": "64e8c6da-436f-463a-ab52-4bdb36a7286b", | |
"name": "role_list", | |
"description": "SAML role list", | |
"protocol": "saml", | |
"attributes": { | |
"consent.screen.text": "${samlRoleListScopeConsentText}", | |
"display.on.consent.screen": "true" | |
}, | |
"protocolMappers": [ | |
{ | |
"id": "da14d661-c86e-4983-a0c3-ccf57c974b0f", | |
"name": "role list", | |
"protocol": "saml", | |
"protocolMapper": "saml-role-list-mapper", | |
"consentRequired": false, | |
"config": { | |
"single": "false", | |
"attribute.nameformat": "Basic", | |
"attribute.name": "Role" | |
} | |
} | |
] | |
}, | |
{ | |
"id": "4abf657b-c0b2-4048-8cd0-3f256e77600b", | |
"name": "roles", | |
"description": "OpenID Connect scope for add user roles to the access token", | |
"protocol": "openid-connect", | |
"attributes": { | |
"include.in.token.scope": "false", | |
"display.on.consent.screen": "true", | |
"consent.screen.text": "${rolesScopeConsentText}" | |
}, | |
"protocolMappers": [ | |
{ | |
"id": "5af094db-ac7f-41fb-a41d-92b6cc8daeb8", | |
"name": "realm roles", | |
"protocol": "openid-connect", | |
"protocolMapper": "oidc-usermodel-realm-role-mapper", | |
"consentRequired": false, | |
"config": { | |
"user.attribute": "foo", | |
"access.token.claim": "true", | |
"claim.name": "realm_access.roles", | |
"jsonType.label": "String", | |
"multivalued": "true" | |
} | |
}, | |
{ | |
"id": "13aada5d-41dc-4320-8cb8-2906d00674cc", | |
"name": "audience resolve", | |
"protocol": "openid-connect", | |
"protocolMapper": "oidc-audience-resolve-mapper", | |
"consentRequired": false, | |
"config": {} | |
}, | |
{ | |
"id": "73aed9b1-6e23-4ccd-b939-f3bbf5de65ed", | |
"name": "client roles", | |
"protocol": "openid-connect", | |
"protocolMapper": "oidc-usermodel-client-role-mapper", | |
"consentRequired": false, | |
"config": { | |
"user.attribute": "foo", | |
"access.token.claim": "true", | |
"claim.name": "resource_access.${client_id}.roles", | |
"jsonType.label": "String", | |
"multivalued": "true" | |
} | |
} | |
] | |
}, | |
{ | |
"id": "b8934f87-2302-4abe-93c1-fe10f3a8ca53", | |
"name": "address", | |
"description": "OpenID Connect built-in scope: address", | |
"protocol": "openid-connect", | |
"attributes": { | |
"include.in.token.scope": "true", | |
"display.on.consent.screen": "true", | |
"consent.screen.text": "${addressScopeConsentText}" | |
}, | |
"protocolMappers": [ | |
{ | |
"id": "c12a4f69-5a14-491e-8260-9b7b17352794", | |
"name": "address", | |
"protocol": "openid-connect", | |
"protocolMapper": "oidc-address-mapper", | |
"consentRequired": false, | |
"config": { | |
"user.attribute.formatted": "formatted", | |
"user.attribute.country": "country", | |
"user.attribute.postal_code": "postal_code", | |
"userinfo.token.claim": "true", | |
"user.attribute.street": "street", | |
"id.token.claim": "true", | |
"user.attribute.region": "region", | |
"access.token.claim": "true", | |
"user.attribute.locality": "locality" | |
} | |
} | |
] | |
}, | |
{ | |
"id": "db1660f8-98f4-4075-ba43-05f6835aebea", | |
"name": "offline_access", | |
"description": "OpenID Connect built-in scope: offline_access", | |
"protocol": "openid-connect", | |
"attributes": { | |
"consent.screen.text": "${offlineAccessScopeConsentText}", | |
"display.on.consent.screen": "true" | |
} | |
}, | |
{ | |
"id": "8c19ca47-1487-42e6-ab98-183dae0852fc", | |
"name": "profile", | |
"description": "OpenID Connect built-in scope: profile", | |
"protocol": "openid-connect", | |
"attributes": { | |
"include.in.token.scope": "true", | |
"display.on.consent.screen": "true", | |
"consent.screen.text": "${profileScopeConsentText}" | |
}, | |
"protocolMappers": [ | |
{ | |
"id": "16005196-5716-4d5e-ac02-22aa18802f51", | |
"name": "picture", | |
"protocol": "openid-connect", | |
"protocolMapper": "oidc-usermodel-attribute-mapper", | |
"consentRequired": false, | |
"config": { | |
"userinfo.token.claim": "true", | |
"user.attribute": "picture", | |
"id.token.claim": "true", | |
"access.token.claim": "true", | |
"claim.name": "picture", | |
"jsonType.label": "String" | |
} | |
}, | |
{ | |
"id": "078c1e48-d945-448b-b8cc-1c98169bebe1", | |
"name": "full name", | |
"protocol": "openid-connect", | |
"protocolMapper": "oidc-full-name-mapper", | |
"consentRequired": false, | |
"config": { | |
"id.token.claim": "true", | |
"access.token.claim": "true", | |
"userinfo.token.claim": "true" | |
} | |
}, | |
{ | |
"id": "49984b96-46f6-41de-94df-7add0b5f0945", | |
"name": "given name", | |
"protocol": "openid-connect", | |
"protocolMapper": "oidc-usermodel-property-mapper", | |
"consentRequired": false, | |
"config": { | |
"userinfo.token.claim": "true", | |
"user.attribute": "firstName", | |
"id.token.claim": "true", | |
"access.token.claim": "true", | |
"claim.name": "given_name", | |
"jsonType.label": "String" | |
} | |
}, | |
{ | |
"id": "b2070199-abb5-4633-bec1-bca4d0a08b9a", | |
"name": "locale", | |
"protocol": "openid-connect", | |
"protocolMapper": "oidc-usermodel-attribute-mapper", | |
"consentRequired": false, | |
"config": { | |
"userinfo.token.claim": "true", | |
"user.attribute": "locale", | |
"id.token.claim": "true", | |
"access.token.claim": "true", | |
"claim.name": "locale", | |
"jsonType.label": "String" | |
} | |
}, | |
{ | |
"id": "5b2def90-aea6-4843-922e-61b8c9efd461", | |
"name": "birthdate", | |
"protocol": "openid-connect", | |
"protocolMapper": "oidc-usermodel-attribute-mapper", | |
"consentRequired": false, | |
"config": { | |
"userinfo.token.claim": "true", | |
"user.attribute": "birthdate", | |
"id.token.claim": "true", | |
"access.token.claim": "true", | |
"claim.name": "birthdate", | |
"jsonType.label": "String" | |
} | |
}, | |
{ | |
"id": "c7933b13-a84b-4ce5-be3a-2babd87a4cec", | |
"name": "username", | |
"protocol": "openid-connect", | |
"protocolMapper": "oidc-usermodel-property-mapper", | |
"consentRequired": false, | |
"config": { | |
"userinfo.token.claim": "true", | |
"user.attribute": "username", | |
"id.token.claim": "true", | |
"access.token.claim": "true", | |
"claim.name": "preferred_username", | |
"jsonType.label": "String" | |
} | |
}, | |
{ | |
"id": "b73e2cbe-17ca-4ff7-a6b5-2c61bd1ce38e", | |
"name": "zoneinfo", | |
"protocol": "openid-connect", | |
"protocolMapper": "oidc-usermodel-attribute-mapper", | |
"consentRequired": false, | |
"config": { | |
"userinfo.token.claim": "true", | |
"user.attribute": "zoneinfo", | |
"id.token.claim": "true", | |
"access.token.claim": "true", | |
"claim.name": "zoneinfo", | |
"jsonType.label": "String" | |
} | |
}, | |
{ | |
"id": "8ce74add-bf4b-4f7b-882c-3ed6199975ac", | |
"name": "profile", | |
"protocol": "openid-connect", | |
"protocolMapper": "oidc-usermodel-attribute-mapper", | |
"consentRequired": false, | |
"config": { | |
"userinfo.token.claim": "true", | |
"user.attribute": "profile", | |
"id.token.claim": "true", | |
"access.token.claim": "true", | |
"claim.name": "profile", | |
"jsonType.label": "String" | |
} | |
}, | |
{ | |
"id": "336a3bc3-da89-4d26-b078-5276904f9462", | |
"name": "website", | |
"protocol": "openid-connect", | |
"protocolMapper": "oidc-usermodel-attribute-mapper", | |
"consentRequired": false, | |
"config": { | |
"userinfo.token.claim": "true", | |
"user.attribute": "website", | |
"id.token.claim": "true", | |
"access.token.claim": "true", | |
"claim.name": "website", | |
"jsonType.label": "String" | |
} | |
}, | |
{ | |
"id": "db03b0c9-47cd-45be-95f9-ed47a6897a73", | |
"name": "gender", | |
"protocol": "openid-connect", | |
"protocolMapper": "oidc-usermodel-attribute-mapper", | |
"consentRequired": false, | |
"config": { | |
"userinfo.token.claim": "true", | |
"user.attribute": "gender", | |
"id.token.claim": "true", | |
"access.token.claim": "true", | |
"claim.name": "gender", | |
"jsonType.label": "String" | |
} | |
}, | |
{ | |
"id": "5eb7027d-85ee-4e05-b303-a24ea71a4647", | |
"name": "updated at", | |
"protocol": "openid-connect", | |
"protocolMapper": "oidc-usermodel-attribute-mapper", | |
"consentRequired": false, | |
"config": { | |
"userinfo.token.claim": "true", | |
"user.attribute": "updatedAt", | |
"id.token.claim": "true", | |
"access.token.claim": "true", | |
"claim.name": "updated_at", | |
"jsonType.label": "String" | |
} | |
}, | |
{ | |
"id": "e9171d7c-cd63-40b2-b5b3-a41872af1012", | |
"name": "family name", | |
"protocol": "openid-connect", | |
"protocolMapper": "oidc-usermodel-property-mapper", | |
"consentRequired": false, | |
"config": { | |
"userinfo.token.claim": "true", | |
"user.attribute": "lastName", | |
"id.token.claim": "true", | |
"access.token.claim": "true", | |
"claim.name": "family_name", | |
"jsonType.label": "String" | |
} | |
}, | |
{ | |
"id": "70921904-69fd-4d89-bbdc-17b4966cde42", | |
"name": "middle name", | |
"protocol": "openid-connect", | |
"protocolMapper": "oidc-usermodel-attribute-mapper", | |
"consentRequired": false, | |
"config": { | |
"userinfo.token.claim": "true", | |
"user.attribute": "middleName", | |
"id.token.claim": "true", | |
"access.token.claim": "true", | |
"claim.name": "middle_name", | |
"jsonType.label": "String" | |
} | |
}, | |
{ | |
"id": "3ac8c70c-6b8f-4aa8-bd3a-d77e6118fefd", | |
"name": "nickname", | |
"protocol": "openid-connect", | |
"protocolMapper": "oidc-usermodel-attribute-mapper", | |
"consentRequired": false, | |
"config": { | |
"userinfo.token.claim": "true", | |
"user.attribute": "nickname", | |
"id.token.claim": "true", | |
"access.token.claim": "true", | |
"claim.name": "nickname", | |
"jsonType.label": "String" | |
} | |
} | |
] | |
}, | |
{ | |
"id": "21f5e353-0ef7-4eb1-a1db-624c2b224dde", | |
"name": "phone", | |
"description": "OpenID Connect built-in scope: phone", | |
"protocol": "openid-connect", | |
"attributes": { | |
"include.in.token.scope": "true", | |
"display.on.consent.screen": "true", | |
"consent.screen.text": "${phoneScopeConsentText}" | |
}, | |
"protocolMappers": [ | |
{ | |
"id": "d112a5cc-ee9d-4873-a6e3-d69a0f66a7f3", | |
"name": "phone number", | |
"protocol": "openid-connect", | |
"protocolMapper": "oidc-usermodel-attribute-mapper", | |
"consentRequired": false, | |
"config": { | |
"userinfo.token.claim": "true", | |
"user.attribute": "phoneNumber", | |
"id.token.claim": "true", | |
"access.token.claim": "true", | |
"claim.name": "phone_number", | |
"jsonType.label": "String" | |
} | |
}, | |
{ | |
"id": "61f0e254-3f87-40e4-a225-804b8439a51e", | |
"name": "phone number verified", | |
"protocol": "openid-connect", | |
"protocolMapper": "oidc-usermodel-attribute-mapper", | |
"consentRequired": false, | |
"config": { | |
"userinfo.token.claim": "true", | |
"user.attribute": "phoneNumberVerified", | |
"id.token.claim": "true", | |
"access.token.claim": "true", | |
"claim.name": "phone_number_verified", | |
"jsonType.label": "boolean" | |
} | |
} | |
] | |
}, | |
{ | |
"id": "585e5859-0ebf-4da0-891d-9734fcafd3a0", | |
"name": "microprofile-jwt", | |
"description": "Microprofile - JWT built-in scope", | |
"protocol": "openid-connect", | |
"attributes": { | |
"include.in.token.scope": "true", | |
"display.on.consent.screen": "false" | |
}, | |
"protocolMappers": [ | |
{ | |
"id": "8b10f5ee-28a9-4c6a-961c-4af427a7391a", | |
"name": "upn", | |
"protocol": "openid-connect", | |
"protocolMapper": "oidc-usermodel-property-mapper", | |
"consentRequired": false, | |
"config": { | |
"userinfo.token.claim": "true", | |
"user.attribute": "username", | |
"id.token.claim": "true", | |
"access.token.claim": "true", | |
"claim.name": "upn", | |
"jsonType.label": "String" | |
} | |
}, | |
{ | |
"id": "c996e7c7-c133-41db-9db1-bc4bd5f57be1", | |
"name": "groups", | |
"protocol": "openid-connect", | |
"protocolMapper": "oidc-usermodel-realm-role-mapper", | |
"consentRequired": false, | |
"config": { | |
"multivalued": "true", | |
"user.attribute": "foo", | |
"id.token.claim": "true", | |
"access.token.claim": "true", | |
"claim.name": "groups", | |
"jsonType.label": "String" | |
} | |
} | |
] | |
}, | |
{ | |
"id": "f9df73fc-4867-465b-b4a9-f591198c43cc", | |
"name": "web-origins", | |
"description": "OpenID Connect scope for add allowed web origins to the access token", | |
"protocol": "openid-connect", | |
"attributes": { | |
"include.in.token.scope": "false", | |
"display.on.consent.screen": "false", | |
"consent.screen.text": "" | |
}, | |
"protocolMappers": [ | |
{ | |
"id": "056ef7e9-c51a-4699-b812-2ec04321dd8c", | |
"name": "allowed web origins", | |
"protocol": "openid-connect", | |
"protocolMapper": "oidc-allowed-origins-mapper", | |
"consentRequired": false, | |
"config": {} | |
} | |
] | |
}, | |
{ | |
"id": "b6230936-5d9c-40c5-be71-f4b5837ea381", | |
"name": "email", | |
"description": "OpenID Connect built-in scope: email", | |
"protocol": "openid-connect", | |
"attributes": { | |
"include.in.token.scope": "true", | |
"display.on.consent.screen": "true", | |
"consent.screen.text": "${emailScopeConsentText}" | |
}, | |
"protocolMappers": [ | |
{ | |
"id": "6fc6564d-0879-4abb-9a19-cbfaa22c61b8", | |
"name": "email", | |
"protocol": "openid-connect", | |
"protocolMapper": "oidc-usermodel-property-mapper", | |
"consentRequired": false, | |
"config": { | |
"userinfo.token.claim": "true", | |
"user.attribute": "email", | |
"id.token.claim": "true", | |
"access.token.claim": "true", | |
"claim.name": "email", | |
"jsonType.label": "String" | |
} | |
}, | |
{ | |
"id": "ebc8736b-caf8-43db-9c5e-42d58dd114b4", | |
"name": "email verified", | |
"protocol": "openid-connect", | |
"protocolMapper": "oidc-usermodel-property-mapper", | |
"consentRequired": false, | |
"config": { | |
"userinfo.token.claim": "true", | |
"user.attribute": "emailVerified", | |
"id.token.claim": "true", | |
"access.token.claim": "true", | |
"claim.name": "email_verified", | |
"jsonType.label": "boolean" | |
} | |
} | |
] | |
} | |
], | |
"defaultDefaultClientScopes": [ | |
"role_list", | |
"profile", | |
"email", | |
"roles", | |
"web-origins" | |
], | |
"defaultOptionalClientScopes": [ | |
"offline_access", | |
"address", | |
"phone", | |
"microprofile-jwt" | |
], | |
"browserSecurityHeaders": { | |
"contentSecurityPolicyReportOnly": "", | |
"xContentTypeOptions": "nosniff", | |
"xRobotsTag": "none", | |
"xFrameOptions": "SAMEORIGIN", | |
"contentSecurityPolicy": "frame-src 'self'; frame-ancestors 'self'; object-src 'none';", | |
"xXSSProtection": "1; mode=block", | |
"strictTransportSecurity": "max-age=31536000; includeSubDomains" | |
}, | |
"smtpServer": { | |
"password": "**********", | |
"starttls": "true", | |
"auth": "true", | |
"port": "587", | |
"host": "andrea-mail-0.muellerpublic.de", | |
"replyTo": "xxx@xxx", | |
"from": "xxx@xxx", | |
"ssl": "", | |
"user": "xxx@xxx" | |
}, | |
"eventsEnabled": false, | |
"eventsListeners": [ | |
"jboss-logging" | |
], | |
"enabledEventTypes": [], | |
"adminEventsEnabled": false, | |
"adminEventsDetailsEnabled": false, | |
"identityProviders": [], | |
"identityProviderMappers": [], | |
"components": { | |
"org.keycloak.services.clientregistration.policy.ClientRegistrationPolicy": [ | |
{ | |
"id": "47bb848e-2319-4b14-997b-53b596ba641c", | |
"name": "Allowed Client Scopes", | |
"providerId": "allowed-client-templates", | |
"subType": "anonymous", | |
"subComponents": {}, | |
"config": { | |
"allow-default-scopes": [ | |
"true" | |
] | |
} | |
}, | |
{ | |
"id": "4ed7e013-b1ce-411e-befb-0de19b7a637e", | |
"name": "Max Clients Limit", | |
"providerId": "max-clients", | |
"subType": "anonymous", | |
"subComponents": {}, | |
"config": { | |
"max-clients": [ | |
"200" | |
] | |
} | |
}, | |
{ | |
"id": "45bd9ffe-837b-4719-ad4d-4658e4494da6", | |
"name": "Allowed Client Scopes", | |
"providerId": "allowed-client-templates", | |
"subType": "authenticated", | |
"subComponents": {}, | |
"config": { | |
"allow-default-scopes": [ | |
"true" | |
] | |
} | |
}, | |
{ | |
"id": "2e173eba-4cf9-4ad6-ae77-f6ca868154f6", | |
"name": "Full Scope Disabled", | |
"providerId": "scope", | |
"subType": "anonymous", | |
"subComponents": {}, | |
"config": {} | |
}, | |
{ | |
"id": "114ecd1e-0f23-49d7-bf7c-c1f90c802888", | |
"name": "Trusted Hosts", | |
"providerId": "trusted-hosts", | |
"subType": "anonymous", | |
"subComponents": {}, | |
"config": { | |
"host-sending-registration-request-must-match": [ | |
"true" | |
], | |
"client-uris-must-match": [ | |
"true" | |
] | |
} | |
}, | |
{ | |
"id": "7fbeca11-e214-4eb8-97ca-d9fd4468d926", | |
"name": "Allowed Protocol Mapper Types", | |
"providerId": "allowed-protocol-mappers", | |
"subType": "anonymous", | |
"subComponents": {}, | |
"config": { | |
"allowed-protocol-mapper-types": [ | |
"saml-role-list-mapper", | |
"oidc-usermodel-attribute-mapper", | |
"oidc-usermodel-property-mapper", | |
"saml-user-property-mapper", | |
"oidc-sha256-pairwise-sub-mapper", | |
"saml-user-attribute-mapper", | |
"oidc-full-name-mapper", | |
"oidc-address-mapper" | |
] | |
} | |
}, | |
{ | |
"id": "e088e8d8-e138-473a-99c6-310d5cadb8a7", | |
"name": "Consent Required", | |
"providerId": "consent-required", | |
"subType": "anonymous", | |
"subComponents": {}, | |
"config": {} | |
}, | |
{ | |
"id": "18232650-1cd7-400b-bc92-6926e2dcc714", | |
"name": "Allowed Protocol Mapper Types", | |
"providerId": "allowed-protocol-mappers", | |
"subType": "authenticated", | |
"subComponents": {}, | |
"config": { | |
"allowed-protocol-mapper-types": [ | |
"saml-user-attribute-mapper", | |
"oidc-usermodel-attribute-mapper", | |
"saml-role-list-mapper", | |
"saml-user-property-mapper", | |
"oidc-sha256-pairwise-sub-mapper", | |
"oidc-full-name-mapper", | |
"oidc-address-mapper", | |
"oidc-usermodel-property-mapper" | |
] | |
} | |
} | |
], | |
"org.keycloak.userprofile.UserProfileProvider": [ | |
{ | |
"id": "4f11ceeb-963a-45c5-a49b-23dff57c6693", | |
"providerId": "declarative-user-profile", | |
"subComponents": {}, | |
"config": {} | |
} | |
], | |
"org.keycloak.storage.UserStorageProvider": [ | |
{ | |
"id": "4ab648de-b480-402b-b9f3-c94e2f4b49ec", | |
"name": "ldap", | |
"providerId": "ldap", | |
"subComponents": { | |
"org.keycloak.storage.ldap.mappers.LDAPStorageMapper": [ | |
{ | |
"id": "66c76635-4f41-44fc-a2c8-5248073f3b34", | |
"name": "first name", | |
"providerId": "user-attribute-ldap-mapper", | |
"subComponents": {}, | |
"config": { | |
"ldap.attribute": [ | |
"cn" | |
], | |
"is.mandatory.in.ldap": [ | |
"true" | |
], | |
"always.read.value.from.ldap": [ | |
"true" | |
], | |
"read.only": [ | |
"false" | |
], | |
"user.model.attribute": [ | |
"firstName" | |
] | |
} | |
}, | |
{ | |
"id": "95c6bb82-22ea-4637-9c8a-adb57aad3a87", | |
"name": "username", | |
"providerId": "user-attribute-ldap-mapper", | |
"subComponents": {}, | |
"config": { | |
"ldap.attribute": [ | |
"uid" | |
], | |
"is.mandatory.in.ldap": [ | |
"true" | |
], | |
"always.read.value.from.ldap": [ | |
"false" | |
], | |
"read.only": [ | |
"false" | |
], | |
"user.model.attribute": [ | |
"username" | |
] | |
} | |
}, | |
{ | |
"id": "d1385f03-647c-4fba-93da-321c7b38ed67", | |
"name": "last name", | |
"providerId": "user-attribute-ldap-mapper", | |
"subComponents": {}, | |
"config": { | |
"ldap.attribute": [ | |
"sn" | |
], | |
"is.mandatory.in.ldap": [ | |
"true" | |
], | |
"always.read.value.from.ldap": [ | |
"true" | |
], | |
"read.only": [ | |
"false" | |
], | |
"user.model.attribute": [ | |
"lastName" | |
] | |
} | |
}, | |
{ | |
"id": "47735461-2282-4ed4-a03c-fb53b00a676c", | |
"name": "creation date", | |
"providerId": "user-attribute-ldap-mapper", | |
"subComponents": {}, | |
"config": { | |
"ldap.attribute": [ | |
"createTimestamp" | |
], | |
"is.mandatory.in.ldap": [ | |
"false" | |
], | |
"read.only": [ | |
"true" | |
], | |
"always.read.value.from.ldap": [ | |
"true" | |
], | |
"user.model.attribute": [ | |
"createTimestamp" | |
] | |
} | |
}, | |
{ | |
"id": "869e5bb9-372c-4b21-a7eb-c760995aca59", | |
"name": "jenkinsGroups", | |
"providerId": "user-attribute-ldap-mapper", | |
"subComponents": {}, | |
"config": { | |
"ldap.attribute": [ | |
"jenkinsGroups" | |
], | |
"attribute.default.value": [ | |
"visitor" | |
], | |
"is.mandatory.in.ldap": [ | |
"false" | |
], | |
"is.binary.attribute": [ | |
"false" | |
], | |
"always.read.value.from.ldap": [ | |
"false" | |
], | |
"read.only": [ | |
"false" | |
], | |
"user.model.attribute": [ | |
"jenkinsGroups" | |
] | |
} | |
}, | |
{ | |
"id": "dae9bb88-cf6d-461d-9cc3-3697f2972168", | |
"name": "matomoSuperuser", | |
"providerId": "user-attribute-ldap-mapper", | |
"subComponents": {}, | |
"config": { | |
"ldap.attribute": [ | |
"matomoSuperuser" | |
], | |
"is.mandatory.in.ldap": [ | |
"false" | |
], | |
"is.binary.attribute": [ | |
"false" | |
], | |
"always.read.value.from.ldap": [ | |
"false" | |
], | |
"read.only": [ | |
"false" | |
], | |
"user.model.attribute": [ | |
"matomoSuperuser" | |
] | |
} | |
}, | |
{ | |
"id": "fbc9ee6a-06af-42bd-8e27-4b2e24892b55", | |
"name": "ownCloudQuota", | |
"providerId": "user-attribute-ldap-mapper", | |
"subComponents": {}, | |
"config": { | |
"ldap.attribute": [ | |
"ownCloudQuota" | |
], | |
"attribute.default.value": [ | |
"1 GB" | |
], | |
"is.mandatory.in.ldap": [ | |
"false" | |
], | |
"is.binary.attribute": [ | |
"false" | |
], | |
"read.only": [ | |
"false" | |
], | |
"always.read.value.from.ldap": [ | |
"false" | |
], | |
"user.model.attribute": [ | |
"ownCloudQuota" | |
] | |
} | |
}, | |
{ | |
"id": "3072239b-1cf3-4cd2-a8d1-d54322d239ce", | |
"name": "matomoView", | |
"providerId": "user-attribute-ldap-mapper", | |
"subComponents": {}, | |
"config": { | |
"ldap.attribute": [ | |
"matomoView" | |
], | |
"is.mandatory.in.ldap": [ | |
"false" | |
], | |
"is.binary.attribute": [ | |
"false" | |
], | |
"read.only": [ | |
"false" | |
], | |
"always.read.value.from.ldap": [ | |
"false" | |
], | |
"user.model.attribute": [ | |
"matomoView" | |
] | |
} | |
}, | |
{ | |
"id": "03d4c92c-a707-4f02-a098-3f3eeb3b8f35", | |
"name": "wordpressGroups", | |
"providerId": "user-attribute-ldap-mapper", | |
"subComponents": {}, | |
"config": { | |
"ldap.attribute": [ | |
"wordpressGroups" | |
], | |
"is.mandatory.in.ldap": [ | |
"false" | |
], | |
"is.binary.attribute": [ | |
"false" | |
], | |
"always.read.value.from.ldap": [ | |
"false" | |
], | |
"read.only": [ | |
"false" | |
], | |
"user.model.attribute": [ | |
"wordpressGroups" | |
] | |
} | |
}, | |
{ | |
"id": "421378bd-63fc-4311-8ddb-363e546ff130", | |
"name": "modify date", | |
"providerId": "user-attribute-ldap-mapper", | |
"subComponents": {}, | |
"config": { | |
"ldap.attribute": [ | |
"modifyTimestamp" | |
], | |
"is.mandatory.in.ldap": [ | |
"false" | |
], | |
"read.only": [ | |
"true" | |
], | |
"always.read.value.from.ldap": [ | |
"true" | |
], | |
"user.model.attribute": [ | |
"modifyTimestamp" | |
] | |
} | |
}, | |
{ | |
"id": "2cd360a4-8d1b-418f-a2f5-c9795fbd1436", | |
"name": "minioGroups", | |
"providerId": "user-attribute-ldap-mapper", | |
"subComponents": {}, | |
"config": { | |
"ldap.attribute": [ | |
"minioGroups" | |
], | |
"is.mandatory.in.ldap": [ | |
"false" | |
], | |
"is.binary.attribute": [ | |
"false" | |
], | |
"read.only": [ | |
"false" | |
], | |
"always.read.value.from.ldap": [ | |
"false" | |
], | |
"user.model.attribute": [ | |
"minioGroups" | |
] | |
} | |
}, | |
{ | |
"id": "09178c12-23ac-456b-baed-bfd48538754b", | |
"name": "email", | |
"providerId": "user-attribute-ldap-mapper", | |
"subComponents": {}, | |
"config": { | |
"ldap.attribute": [ | |
"mail" | |
], | |
"is.mandatory.in.ldap": [ | |
"false" | |
], | |
"read.only": [ | |
"false" | |
], | |
"always.read.value.from.ldap": [ | |
"false" | |
], | |
"user.model.attribute": [ | |
"email" | |
] | |
} | |
}, | |
{ | |
"id": "79c52659-ea91-4a7d-ba6f-1ccca1fe7fa5", | |
"name": "group", | |
"providerId": "group-ldap-mapper", | |
"subComponents": {}, | |
"config": { | |
"membership.attribute.type": [ | |
"DN" | |
], | |
"group.name.ldap.attribute": [ | |
"cn" | |
], | |
"membership.user.ldap.attribute": [ | |
"uid" | |
], | |
"preserve.group.inheritance": [ | |
"true" | |
], | |
"groups.dn": [ | |
"ou=Group,dc=muellerpublic,dc=de" | |
], | |
"mode": [ | |
"LDAP_ONLY" | |
], | |
"user.roles.retrieve.strategy": [ | |
"LOAD_GROUPS_BY_MEMBER_ATTRIBUTE" | |
], | |
"ignore.missing.groups": [ | |
"false" | |
], | |
"membership.ldap.attribute": [ | |
"uniqueMember" | |
], | |
"memberof.ldap.attribute": [ | |
"memberOf" | |
], | |
"group.object.classes": [ | |
"groupOfUniqueNames" | |
], | |
"drop.non.existing.groups.during.sync": [ | |
"false" | |
], | |
"groups.path": [ | |
"/" | |
] | |
} | |
}, | |
{ | |
"id": "e61adb80-76ed-40e9-80a5-e9275f530557", | |
"name": "matomoAdmin", | |
"providerId": "user-attribute-ldap-mapper", | |
"subComponents": {}, | |
"config": { | |
"ldap.attribute": [ | |
"matomoAdmin" | |
], | |
"is.mandatory.in.ldap": [ | |
"false" | |
], | |
"is.binary.attribute": [ | |
"false" | |
], | |
"always.read.value.from.ldap": [ | |
"false" | |
], | |
"read.only": [ | |
"false" | |
], | |
"user.model.attribute": [ | |
"matomoAdmin" | |
] | |
} | |
} | |
] | |
}, | |
"config": { | |
"fullSyncPeriod": [ | |
"-1" | |
], | |
"pagination": [ | |
"true" | |
], | |
"connectionPooling": [ | |
"true" | |
], | |
"usersDn": [ | |
"ou=People,dc=muellerpublic,dc=de" | |
], | |
"cachePolicy": [ | |
"DEFAULT" | |
], | |
"useKerberosForPasswordAuthentication": [ | |
"false" | |
], | |
"importEnabled": [ | |
"true" | |
], | |
"enabled": [ | |
"true" | |
], | |
"changedSyncPeriod": [ | |
"-1" | |
], | |
"usernameLDAPAttribute": [ | |
"uid" | |
], | |
"bindCredential": [ | |
"**********" | |
], | |
"bindDn": [ | |
"cn=admin,dc=muellerpublic,dc=de" | |
], | |
"lastSync": [ | |
"1645353662" | |
], | |
"vendor": [ | |
"other" | |
], | |
"uuidLDAPAttribute": [ | |
"entryUUID" | |
], | |
"connectionUrl": [ | |
"ldap://openldap.kube-ldap.svc.cluster.local:1389" | |
], | |
"allowKerberosAuthentication": [ | |
"false" | |
], | |
"syncRegistrations": [ | |
"true" | |
], | |
"authType": [ | |
"simple" | |
], | |
"debug": [ | |
"false" | |
], | |
"searchScope": [ | |
"1" | |
], | |
"useTruststoreSpi": [ | |
"ldapsOnly" | |
], | |
"trustEmail": [ | |
"false" | |
], | |
"priority": [ | |
"0" | |
], | |
"userObjectClasses": [ | |
"inetOrgPerson, organizationalPerson, ownCloud, matomoUser, wordpressUser, minioUser" | |
], | |
"rdnLDAPAttribute": [ | |
"uid" | |
], | |
"editMode": [ | |
"WRITABLE" | |
], | |
"validatePasswordPolicy": [ | |
"false" | |
], | |
"batchSizeForSync": [ | |
"1000" | |
] | |
} | |
} | |
], | |
"org.keycloak.keys.KeyProvider": [ | |
{ | |
"id": "a75cb83e-8361-4361-9279-e0a960247dda", | |
"name": "hmac-generated", | |
"providerId": "hmac-generated", | |
"subComponents": {}, | |
"config": { | |
"priority": [ | |
"100" | |
], | |
"algorithm": [ | |
"HS256" | |
] | |
} | |
}, | |
{ | |
"id": "bdf3da9f-aca4-45e8-a397-774042c3355b", | |
"name": "aes-generated", | |
"providerId": "aes-generated", | |
"subComponents": {}, | |
"config": { | |
"priority": [ | |
"100" | |
] | |
} | |
}, | |
{ | |
"id": "c92d7d8b-8ed4-4b05-9263-f1173cc77b7e", | |
"name": "rsa-enc-generated", | |
"providerId": "rsa-enc-generated", | |
"subComponents": {}, | |
"config": { | |
"priority": [ | |
"100" | |
], | |
"algorithm": [ | |
"RSA-OAEP" | |
] | |
} | |
}, | |
{ | |
"id": "ad39a5c4-ec03-48ad-a5e3-82a984d1d531", | |
"name": "rsa-generated", | |
"providerId": "rsa-generated", | |
"subComponents": {}, | |
"config": { | |
"priority": [ | |
"100" | |
] | |
} | |
} | |
] | |
}, | |
"internationalizationEnabled": false, | |
"supportedLocales": [], | |
"authenticationFlows": [ | |
{ | |
"id": "445d6def-c8b0-4ca8-b7e2-e6453712585b", | |
"alias": "Account verification options", | |
"description": "Method with which to verity the existing account", | |
"providerId": "basic-flow", | |
"topLevel": false, | |
"builtIn": true, | |
"authenticationExecutions": [ | |
{ | |
"authenticator": "idp-email-verification", | |
"authenticatorFlow": false, | |
"requirement": "ALTERNATIVE", | |
"priority": 10, | |
"userSetupAllowed": false, | |
"autheticatorFlow": false | |
}, | |
{ | |
"authenticatorFlow": true, | |
"requirement": "ALTERNATIVE", | |
"priority": 20, | |
"flowAlias": "Verify Existing Account by Re-authentication", | |
"userSetupAllowed": false, | |
"autheticatorFlow": true | |
} | |
] | |
}, | |
{ | |
"id": "7d01bfe7-87b9-467a-bbd0-f0a2921db432", | |
"alias": "Authentication Options", | |
"description": "Authentication options.", | |
"providerId": "basic-flow", | |
"topLevel": false, | |
"builtIn": true, | |
"authenticationExecutions": [ | |
{ | |
"authenticator": "basic-auth", | |
"authenticatorFlow": false, | |
"requirement": "REQUIRED", | |
"priority": 10, | |
"userSetupAllowed": false, | |
"autheticatorFlow": false | |
}, | |
{ | |
"authenticator": "basic-auth-otp", | |
"authenticatorFlow": false, | |
"requirement": "DISABLED", | |
"priority": 20, | |
"userSetupAllowed": false, | |
"autheticatorFlow": false | |
}, | |
{ | |
"authenticator": "auth-spnego", | |
"authenticatorFlow": false, | |
"requirement": "DISABLED", | |
"priority": 30, | |
"userSetupAllowed": false, | |
"autheticatorFlow": false | |
} | |
] | |
}, | |
{ | |
"id": "7aa68dcc-b21b-4aa9-89b6-77128ef4fdd5", | |
"alias": "Browser - Conditional OTP", | |
"description": "Flow to determine if the OTP is required for the authentication", | |
"providerId": "basic-flow", | |
"topLevel": false, | |
"builtIn": true, | |
"authenticationExecutions": [ | |
{ | |
"authenticator": "conditional-user-configured", | |
"authenticatorFlow": false, | |
"requirement": "REQUIRED", | |
"priority": 10, | |
"userSetupAllowed": false, | |
"autheticatorFlow": false | |
}, | |
{ | |
"authenticator": "auth-otp-form", | |
"authenticatorFlow": false, | |
"requirement": "REQUIRED", | |
"priority": 20, | |
"userSetupAllowed": false, | |
"autheticatorFlow": false | |
} | |
] | |
}, | |
{ | |
"id": "b782f222-d257-4d31-963c-3e426e6b7d68", | |
"alias": "Direct Grant - Conditional OTP", | |
"description": "Flow to determine if the OTP is required for the authentication", | |
"providerId": "basic-flow", | |
"topLevel": false, | |
"builtIn": true, | |
"authenticationExecutions": [ | |
{ | |
"authenticator": "conditional-user-configured", | |
"authenticatorFlow": false, | |
"requirement": "REQUIRED", | |
"priority": 10, | |
"userSetupAllowed": false, | |
"autheticatorFlow": false | |
}, | |
{ | |
"authenticator": "direct-grant-validate-otp", | |
"authenticatorFlow": false, | |
"requirement": "REQUIRED", | |
"priority": 20, | |
"userSetupAllowed": false, | |
"autheticatorFlow": false | |
} | |
] | |
}, | |
{ | |
"id": "a67ac680-1db9-4e26-8d0e-ed358a50aa29", | |
"alias": "First broker login - Conditional OTP", | |
"description": "Flow to determine if the OTP is required for the authentication", | |
"providerId": "basic-flow", | |
"topLevel": false, | |
"builtIn": true, | |
"authenticationExecutions": [ | |
{ | |
"authenticator": "conditional-user-configured", | |
"authenticatorFlow": false, | |
"requirement": "REQUIRED", | |
"priority": 10, | |
"userSetupAllowed": false, | |
"autheticatorFlow": false | |
}, | |
{ | |
"authenticator": "auth-otp-form", | |
"authenticatorFlow": false, | |
"requirement": "REQUIRED", | |
"priority": 20, | |
"userSetupAllowed": false, | |
"autheticatorFlow": false | |
} | |
] | |
}, | |
{ | |
"id": "fb4c1096-d117-43b2-b782-cd0be99eedc9", | |
"alias": "Handle Existing Account", | |
"description": "Handle what to do if there is existing account with same email/username like authenticated identity provider", | |
"providerId": "basic-flow", | |
"topLevel": false, | |
"builtIn": true, | |
"authenticationExecutions": [ | |
{ | |
"authenticator": "idp-confirm-link", | |
"authenticatorFlow": false, | |
"requirement": "REQUIRED", | |
"priority": 10, | |
"userSetupAllowed": false, | |
"autheticatorFlow": false | |
}, | |
{ | |
"authenticatorFlow": true, | |
"requirement": "REQUIRED", | |
"priority": 20, | |
"flowAlias": "Account verification options", | |
"userSetupAllowed": false, | |
"autheticatorFlow": true | |
} | |
] | |
}, | |
{ | |
"id": "664e4506-2fa8-42a9-88dd-a7c281d30d3b", | |
"alias": "Reset - Conditional OTP", | |
"description": "Flow to determine if the OTP should be reset or not. Set to REQUIRED to force.", | |
"providerId": "basic-flow", | |
"topLevel": false, | |
"builtIn": true, | |
"authenticationExecutions": [ | |
{ | |
"authenticator": "conditional-user-configured", | |
"authenticatorFlow": false, | |
"requirement": "REQUIRED", | |
"priority": 10, | |
"userSetupAllowed": false, | |
"autheticatorFlow": false | |
}, | |
{ | |
"authenticator": "reset-otp", | |
"authenticatorFlow": false, | |
"requirement": "REQUIRED", | |
"priority": 20, | |
"userSetupAllowed": false, | |
"autheticatorFlow": false | |
} | |
] | |
}, | |
{ | |
"id": "a7b00b4f-2ad3-4393-bdaf-123e92e38c16", | |
"alias": "User creation or linking", | |
"description": "Flow for the existing/non-existing user alternatives", | |
"providerId": "basic-flow", | |
"topLevel": false, | |
"builtIn": true, | |
"authenticationExecutions": [ | |
{ | |
"authenticatorConfig": "create unique user config", | |
"authenticator": "idp-create-user-if-unique", | |
"authenticatorFlow": false, | |
"requirement": "ALTERNATIVE", | |
"priority": 10, | |
"userSetupAllowed": false, | |
"autheticatorFlow": false | |
}, | |
{ | |
"authenticatorFlow": true, | |
"requirement": "ALTERNATIVE", | |
"priority": 20, | |
"flowAlias": "Handle Existing Account", | |
"userSetupAllowed": false, | |
"autheticatorFlow": true | |
} | |
] | |
}, | |
{ | |
"id": "9d16bc4d-7612-435e-b7c9-ae98868f63d2", | |
"alias": "Verify Existing Account by Re-authentication", | |
"description": "Reauthentication of existing account", | |
"providerId": "basic-flow", | |
"topLevel": false, | |
"builtIn": true, | |
"authenticationExecutions": [ | |
{ | |
"authenticator": "idp-username-password-form", | |
"authenticatorFlow": false, | |
"requirement": "REQUIRED", | |
"priority": 10, | |
"userSetupAllowed": false, | |
"autheticatorFlow": false | |
}, | |
{ | |
"authenticatorFlow": true, | |
"requirement": "CONDITIONAL", | |
"priority": 20, | |
"flowAlias": "First broker login - Conditional OTP", | |
"userSetupAllowed": false, | |
"autheticatorFlow": true | |
} | |
] | |
}, | |
{ | |
"id": "da5528c6-23d4-4fc0-8cb1-aadb6b28bae9", | |
"alias": "browser", | |
"description": "browser based authentication", | |
"providerId": "basic-flow", | |
"topLevel": true, | |
"builtIn": true, | |
"authenticationExecutions": [ | |
{ | |
"authenticator": "auth-cookie", | |
"authenticatorFlow": false, | |
"requirement": "ALTERNATIVE", | |
"priority": 10, | |
"userSetupAllowed": false, | |
"autheticatorFlow": false | |
}, | |
{ | |
"authenticator": "auth-spnego", | |
"authenticatorFlow": false, | |
"requirement": "DISABLED", | |
"priority": 20, | |
"userSetupAllowed": false, | |
"autheticatorFlow": false | |
}, | |
{ | |
"authenticator": "identity-provider-redirector", | |
"authenticatorFlow": false, | |
"requirement": "ALTERNATIVE", | |
"priority": 25, | |
"userSetupAllowed": false, | |
"autheticatorFlow": false | |
}, | |
{ | |
"authenticatorFlow": true, | |
"requirement": "ALTERNATIVE", | |
"priority": 30, | |
"flowAlias": "forms", | |
"userSetupAllowed": false, | |
"autheticatorFlow": true | |
} | |
] | |
}, | |
{ | |
"id": "4613a94e-38ea-4972-a58f-3c81313d9a11", | |
"alias": "clients", | |
"description": "Base authentication for clients", | |
"providerId": "client-flow", | |
"topLevel": true, | |
"builtIn": true, | |
"authenticationExecutions": [ | |
{ | |
"authenticator": "client-secret", | |
"authenticatorFlow": false, | |
"requirement": "ALTERNATIVE", | |
"priority": 10, | |
"userSetupAllowed": false, | |
"autheticatorFlow": false | |
}, | |
{ | |
"authenticator": "client-jwt", | |
"authenticatorFlow": false, | |
"requirement": "ALTERNATIVE", | |
"priority": 20, | |
"userSetupAllowed": false, | |
"autheticatorFlow": false | |
}, | |
{ | |
"authenticator": "client-secret-jwt", | |
"authenticatorFlow": false, | |
"requirement": "ALTERNATIVE", | |
"priority": 30, | |
"userSetupAllowed": false, | |
"autheticatorFlow": false | |
}, | |
{ | |
"authenticator": "client-x509", | |
"authenticatorFlow": false, | |
"requirement": "ALTERNATIVE", | |
"priority": 40, | |
"userSetupAllowed": false, | |
"autheticatorFlow": false | |
} | |
] | |
}, | |
{ | |
"id": "94078506-9b86-44fc-b801-6e013ce76a88", | |
"alias": "direct grant", | |
"description": "OpenID Connect Resource Owner Grant", | |
"providerId": "basic-flow", | |
"topLevel": true, | |
"builtIn": true, | |
"authenticationExecutions": [ | |
{ | |
"authenticator": "direct-grant-validate-username", | |
"authenticatorFlow": false, | |
"requirement": "REQUIRED", | |
"priority": 10, | |
"userSetupAllowed": false, | |
"autheticatorFlow": false | |
}, | |
{ | |
"authenticator": "direct-grant-validate-password", | |
"authenticatorFlow": false, | |
"requirement": "REQUIRED", | |
"priority": 20, | |
"userSetupAllowed": false, | |
"autheticatorFlow": false | |
}, | |
{ | |
"authenticatorFlow": true, | |
"requirement": "CONDITIONAL", | |
"priority": 30, | |
"flowAlias": "Direct Grant - Conditional OTP", | |
"userSetupAllowed": false, | |
"autheticatorFlow": true | |
} | |
] | |
}, | |
{ | |
"id": "b777c1ef-f7ae-498a-8469-a6ac766d55c4", | |
"alias": "docker auth", | |
"description": "Used by Docker clients to authenticate against the IDP", | |
"providerId": "basic-flow", | |
"topLevel": true, | |
"builtIn": true, | |
"authenticationExecutions": [ | |
{ | |
"authenticator": "docker-http-basic-authenticator", | |
"authenticatorFlow": false, | |
"requirement": "REQUIRED", | |
"priority": 10, | |
"userSetupAllowed": false, | |
"autheticatorFlow": false | |
} | |
] | |
}, | |
{ | |
"id": "ab8d7930-699d-4567-8969-0c9c9dc13873", | |
"alias": "first broker login", | |
"description": "Actions taken after first broker login with identity provider account, which is not yet linked to any Keycloak account", | |
"providerId": "basic-flow", | |
"topLevel": true, | |
"builtIn": true, | |
"authenticationExecutions": [ | |
{ | |
"authenticatorConfig": "review profile config", | |
"authenticator": "idp-review-profile", | |
"authenticatorFlow": false, | |
"requirement": "REQUIRED", | |
"priority": 10, | |
"userSetupAllowed": false, | |
"autheticatorFlow": false | |
}, | |
{ | |
"authenticatorFlow": true, | |
"requirement": "REQUIRED", | |
"priority": 20, | |
"flowAlias": "User creation or linking", | |
"userSetupAllowed": false, | |
"autheticatorFlow": true | |
} | |
] | |
}, | |
{ | |
"id": "491c3981-45e0-46f2-874b-07d95185ec93", | |
"alias": "forms", | |
"description": "Username, password, otp and other auth forms.", | |
"providerId": "basic-flow", | |
"topLevel": false, | |
"builtIn": true, | |
"authenticationExecutions": [ | |
{ | |
"authenticator": "auth-username-password-form", | |
"authenticatorFlow": false, | |
"requirement": "REQUIRED", | |
"priority": 10, | |
"userSetupAllowed": false, | |
"autheticatorFlow": false | |
}, | |
{ | |
"authenticatorFlow": true, | |
"requirement": "CONDITIONAL", | |
"priority": 20, | |
"flowAlias": "Browser - Conditional OTP", | |
"userSetupAllowed": false, | |
"autheticatorFlow": true | |
} | |
] | |
}, | |
{ | |
"id": "6d1a2748-16ba-40d6-a2e5-1265b3fe6a0c", | |
"alias": "http challenge", | |
"description": "An authentication flow based on challenge-response HTTP Authentication Schemes", | |
"providerId": "basic-flow", | |
"topLevel": true, | |
"builtIn": true, | |
"authenticationExecutions": [ | |
{ | |
"authenticator": "no-cookie-redirect", | |
"authenticatorFlow": false, | |
"requirement": "REQUIRED", | |
"priority": 10, | |
"userSetupAllowed": false, | |
"autheticatorFlow": false | |
}, | |
{ | |
"authenticatorFlow": true, | |
"requirement": "REQUIRED", | |
"priority": 20, | |
"flowAlias": "Authentication Options", | |
"userSetupAllowed": false, | |
"autheticatorFlow": true | |
} | |
] | |
}, | |
{ | |
"id": "7582b09b-5cb7-4753-b7c6-d305c6626ff9", | |
"alias": "registration", | |
"description": "registration flow", | |
"providerId": "basic-flow", | |
"topLevel": true, | |
"builtIn": true, | |
"authenticationExecutions": [ | |
{ | |
"authenticator": "registration-page-form", | |
"authenticatorFlow": true, | |
"requirement": "REQUIRED", | |
"priority": 10, | |
"flowAlias": "registration form", | |
"userSetupAllowed": false, | |
"autheticatorFlow": true | |
} | |
] | |
}, | |
{ | |
"id": "9ef705c4-7f9d-4f5e-9bd8-4a08068863a1", | |
"alias": "registration form", | |
"description": "registration form", | |
"providerId": "form-flow", | |
"topLevel": false, | |
"builtIn": true, | |
"authenticationExecutions": [ | |
{ | |
"authenticator": "registration-user-creation", | |
"authenticatorFlow": false, | |
"requirement": "REQUIRED", | |
"priority": 20, | |
"userSetupAllowed": false, | |
"autheticatorFlow": false | |
}, | |
{ | |
"authenticator": "registration-profile-action", | |
"authenticatorFlow": false, | |
"requirement": "REQUIRED", | |
"priority": 40, | |
"userSetupAllowed": false, | |
"autheticatorFlow": false | |
}, | |
{ | |
"authenticator": "registration-password-action", | |
"authenticatorFlow": false, | |
"requirement": "REQUIRED", | |
"priority": 50, | |
"userSetupAllowed": false, | |
"autheticatorFlow": false | |
}, | |
{ | |
"authenticator": "registration-recaptcha-action", | |
"authenticatorFlow": false, | |
"requirement": "DISABLED", | |
"priority": 60, | |
"userSetupAllowed": false, | |
"autheticatorFlow": false | |
} | |
] | |
}, | |
{ | |
"id": "0dd92343-62a5-41c8-948a-7a25e84b291c", | |
"alias": "reset credentials", | |
"description": "Reset credentials for a user if they forgot their password or something", | |
"providerId": "basic-flow", | |
"topLevel": true, | |
"builtIn": true, | |
"authenticationExecutions": [ | |
{ | |
"authenticator": "reset-credentials-choose-user", | |
"authenticatorFlow": false, | |
"requirement": "REQUIRED", | |
"priority": 10, | |
"userSetupAllowed": false, | |
"autheticatorFlow": false | |
}, | |
{ | |
"authenticator": "reset-credential-email", | |
"authenticatorFlow": false, | |
"requirement": "REQUIRED", | |
"priority": 20, | |
"userSetupAllowed": false, | |
"autheticatorFlow": false | |
}, | |
{ | |
"authenticator": "reset-password", | |
"authenticatorFlow": false, | |
"requirement": "REQUIRED", | |
"priority": 30, | |
"userSetupAllowed": false, | |
"autheticatorFlow": false | |
}, | |
{ | |
"authenticatorFlow": true, | |
"requirement": "CONDITIONAL", | |
"priority": 40, | |
"flowAlias": "Reset - Conditional OTP", | |
"userSetupAllowed": false, | |
"autheticatorFlow": true | |
} | |
] | |
}, | |
{ | |
"id": "4fa8eee9-e236-4f06-a3dd-0a7cf09d2300", | |
"alias": "saml ecp", | |
"description": "SAML ECP Profile Authentication Flow", | |
"providerId": "basic-flow", | |
"topLevel": true, | |
"builtIn": true, | |
"authenticationExecutions": [ | |
{ | |
"authenticator": "http-basic-authenticator", | |
"authenticatorFlow": false, | |
"requirement": "REQUIRED", | |
"priority": 10, | |
"userSetupAllowed": false, | |
"autheticatorFlow": false | |
} | |
] | |
} | |
], | |
"authenticatorConfig": [ | |
{ | |
"id": "51de64d3-62a1-44ea-bd17-26110be65766", | |
"alias": "create unique user config", | |
"config": { | |
"require.password.update.after.registration": "false" | |
} | |
}, | |
{ | |
"id": "e402516d-bf0b-4004-a378-8a7ba2108815", | |
"alias": "review profile config", | |
"config": { | |
"update.profile.on.first.login": "missing" | |
} | |
} | |
], | |
"requiredActions": [ | |
{ | |
"alias": "CONFIGURE_TOTP", | |
"name": "Configure OTP", | |
"providerId": "CONFIGURE_TOTP", | |
"enabled": true, | |
"defaultAction": false, | |
"priority": 10, | |
"config": {} | |
}, | |
{ | |
"alias": "terms_and_conditions", | |
"name": "Terms and Conditions", | |
"providerId": "terms_and_conditions", | |
"enabled": false, | |
"defaultAction": false, | |
"priority": 20, | |
"config": {} | |
}, | |
{ | |
"alias": "UPDATE_PASSWORD", | |
"name": "Update Password", | |
"providerId": "UPDATE_PASSWORD", | |
"enabled": true, | |
"defaultAction": false, | |
"priority": 30, | |
"config": {} | |
}, | |
{ | |
"alias": "UPDATE_PROFILE", | |
"name": "Update Profile", | |
"providerId": "UPDATE_PROFILE", | |
"enabled": true, | |
"defaultAction": false, | |
"priority": 40, | |
"config": {} | |
}, | |
{ | |
"alias": "VERIFY_EMAIL", | |
"name": "Verify Email", | |
"providerId": "VERIFY_EMAIL", | |
"enabled": true, | |
"defaultAction": false, | |
"priority": 50, | |
"config": {} | |
}, | |
{ | |
"alias": "delete_account", | |
"name": "Delete Account", | |
"providerId": "delete_account", | |
"enabled": false, | |
"defaultAction": false, | |
"priority": 60, | |
"config": {} | |
}, | |
{ | |
"alias": "update_user_locale", | |
"name": "Update User Locale", | |
"providerId": "update_user_locale", | |
"enabled": true, | |
"defaultAction": false, | |
"priority": 1000, | |
"config": {} | |
} | |
], | |
"browserFlow": "browser", | |
"registrationFlow": "registration", | |
"directGrantFlow": "direct grant", | |
"resetCredentialsFlow": "reset credentials", | |
"clientAuthenticationFlow": "clients", | |
"dockerAuthenticationFlow": "docker auth", | |
"attributes": { | |
"cibaBackchannelTokenDeliveryMode": "poll", | |
"cibaExpiresIn": "120", | |
"cibaAuthRequestedUserHint": "login_hint", | |
"oauth2DeviceCodeLifespan": "600", | |
"oauth2DevicePollingInterval": "5", | |
"clientOfflineSessionMaxLifespan": "0", | |
"clientSessionIdleTimeout": "0", | |
"userProfileEnabled": "false", | |
"parRequestUriLifespan": "60", | |
"clientSessionMaxLifespan": "0", | |
"clientOfflineSessionIdleTimeout": "0", | |
"cibaInterval": "5" | |
}, | |
"keycloakVersion": "15.1.1", | |
"userManagedAccessAllowed": false, | |
"clientProfiles": { | |
"profiles": [] | |
}, | |
"clientPolicies": { | |
"policies": [] | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment