Skip to content
Snippets Groups Projects
Commit a139f58f authored by Yordan Kinkov's avatar Yordan Kinkov
Browse files

Add keycloak to docker-compose environment

parent 628bcfac
Branches
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
README.md
+ 18
1
View file @ a139f58f
......@@ -8,7 +8,7 @@ with environment variables which will be injected in its container.
## Prerequisites
* Install [docker](https://docs.docker.com/engine/install/) and [docker-compose](https://docs.docker.com/compose/install/).
* Install [docker](https://docs.docker.com/engine/install/) and [docker-compose version 1.27+](https://docs.docker.com/compose/install/).
* [Install Go](https://golang.org/doc/install) and set the
[`$GOPATH` variable](https://github.com/golang/go/wiki/SettingGOPATH).
......@@ -126,6 +126,23 @@ the `root` token.
> Warning: Never use Vault DEV mode in production!
### Keycloak
Keycloak is used for client authentication. Keycloak server runs in development mode and contains
preconfigured client ID and secret. The Keycloak server is available at `localhost:8086` on the host machine or
at `http://keycloak:8080` inside the docker-compose network.
Example request for JWT token acquire:
```shell
curl --location --request POST 'localhost:8086/realms/workspace/protocol/openid-connect/token' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'client_id=workspace' \
--data-urlencode 'grant_type=client_credentials' \
--data-urlencode 'client_secret=79bdTGYCKLz9wYSY61vpQF5d4CyZBpsZ'
```
Example JWKS URL for acquiring public keys for validating tokens: `localhost:8086/realms/workspace/protocol/openid-connect/certs`
### License
[Apache 2.0 license](LICENSE)
docker-compose.yml
+ 58
14
View file @ a139f58f
version: '3.4'
version: '3.8'
services:
nginx:
......@@ -28,10 +28,16 @@ services:
ports:
- "8081:8080"
depends_on:
- mongo
- cache
- task
- signer
mongo:
condition: service_started
cache:
condition: service_started
task:
condition: service_started
signer:
condition: service_started
keycloak:
condition: service_healthy
task:
container_name: task
......@@ -45,8 +51,12 @@ services:
ports:
- "8082:8080"
depends_on:
- mongo
- cache
mongo:
condition: service_started
cache:
condition: service_started
keycloak:
condition: service_healthy
cache:
container_name: cache
......@@ -60,8 +70,12 @@ services:
ports:
- "8083:8080"
depends_on:
- redis
- nats
redis:
condition: service_started
nats:
condition: service_started
keycloak:
condition: service_healthy
infohub:
container_name: infohub
......@@ -75,9 +89,14 @@ services:
ports:
- "8084:8080"
depends_on:
- mongo
- policy
- signer
mongo:
condition: service_started
policy:
condition: service_started
signer:
condition: service_started
keycloak:
condition: service_healthy
signer:
container_name: signer
......@@ -92,8 +111,12 @@ services:
- "8085:8080"
- "2112:2112"
depends_on:
- vault
- vault-init
vault:
condition: service_started
vault-init:
condition: service_started
keycloak:
condition: service_healthy
didresolver:
container_name: didresolver
......@@ -181,3 +204,24 @@ services:
- "8222:8222"
- "6222:6222"
- "4222:4222"
keycloak:
container_name: keycloak
image: quay.io/keycloak/keycloak:18.0.0
environment:
KEYCLOAK_ADMIN: admin
KEYCLOAK_ADMIN_PASSWORD: admin
command:
- start-dev
- --import-realm
- --health-enabled=true
volumes:
- ./keycloak:/opt/keycloak/data/import/
healthcheck:
test: [ "CMD-SHELL", "curl -f localhost:8080/health || exit 1" ]
interval: 3s
timeout: 2s
retries: 5
start_period: 10s
ports:
- "8086:8080"
env/cache.env
+ 4
2
View file @ a139f58f
......@@ -10,6 +10,8 @@ REDIS_PASS=""
REDIS_DB=0
REDIS_EXPIRATION="1h"
NATS_ADDR="nats:4222"
AUTH_ENABLED="true"
AUTH_JWK_URL="http://jwks:8080/key"
AUTH_ENABLED="false"
AUTH_JWK_URL="http://keycloak:8080/realms/workspace/protocol/openid-connect/certs"
AUTH_REFRESH_INTERVAL="1h"
OAUTH_CLIENT_ID="workspace"
OAUTH_CLIENT_SECRET="79bdTGYCKLz9wYSY61vpQF5d4CyZBpsZ"
env/infohub.env
+ 5
0
View file @ a139f58f
......@@ -11,3 +11,8 @@ CACHE_ADDR="http://cache:8080"
POLICY_ADDR="http://policy:8080"
SIGNER_ADDR="http://signer:8080"
ISSUER_URI="did:web:17a1-2a00-4802-2c0-9295-59ff-6a60-b735-32ea.eu.ngrok.io:policy:policy:example:returnDID:1.0:evaluation"
AUTH_ENABLED="false"
AUTH_JWK_URL="http://keycloak:8080/realms/workspace/protocol/openid-connect/certs"
AUTH_REFRESH_INTERVAL="1h"
OAUTH_CLIENT_ID="workspace"
OAUTH_CLIENT_SECRET="79bdTGYCKLz9wYSY61vpQF5d4CyZBpsZ"
\ No newline at end of file
env/policy.env
+ 5
0
View file @ a139f58f
......@@ -14,3 +14,8 @@ TASK_ADDR="http://task:8080"
SIGNER_ADDR="http://signer:8080"
DID_RESOLVER_ADDR="http://didresolver:8080"
OCM_ADDR="https://gaiax.vereign.com/ocm"
AUTH_ENABLED="false"
AUTH_JWK_URL="http://keycloak:8080/realms/workspace/protocol/openid-connect/certs"
AUTH_REFRESH_INTERVAL="1h"
OAUTH_CLIENT_ID="workspace"
OAUTH_CLIENT_SECRET="79bdTGYCKLz9wYSY61vpQF5d4CyZBpsZ"
\ No newline at end of file
env/signer.env
+ 3
0
View file @ a139f58f
......@@ -9,3 +9,6 @@ VAULT_TOKEN=root
VAULT_SIGNING_KEY="key1"
VAULT_SUPPORTED_KEYS="ed25519,ecdsa-p256,ecdsa-p384,ecdsa-p521"
CREDENTIAL_ISSUER="did:web:17a1-2a00-4802-2c0-9295-59ff-6a60-b735-32ea.eu.ngrok.io:policy:policy:example:returnDID:1.0:evaluation"
AUTH_ENABLED="false"
AUTH_JWK_URL="http://keycloak:8080/realms/workspace/protocol/openid-connect/certs"
AUTH_REFRESH_INTERVAL="1h"
\ No newline at end of file
env/task.env
+ 5
0
View file @ a139f58f
......@@ -9,4 +9,9 @@ MONGO_USER="root"
MONGO_PASS="root"
POLICY_ADDR="http://policy:8080"
CACHE_ADDR="http://cache:8080"
AUTH_ENABLED="false"
AUTH_JWK_URL="http://keycloak:8080/realms/workspace/protocol/openid-connect/certs"
AUTH_REFRESH_INTERVAL="1h"
OAUTH_CLIENT_ID="workspace"
OAUTH_CLIENT_SECRET="79bdTGYCKLz9wYSY61vpQF5d4CyZBpsZ"
keycloak/config.json 0 → 100755
+ 1885
0
View file @ a139f58f
{
"id" : "workspace",
"realm" : "workspace",
"notBefore" : 0,
"defaultSignatureAlgorithm" : "RS256",
"revokeRefreshToken" : false,
"refreshTokenMaxReuse" : 0,
"accessTokenLifespan" : 300,
"accessTokenLifespanForImplicitFlow" : 900,
"ssoSessionIdleTimeout" : 1800,
"ssoSessionMaxLifespan" : 36000,
"ssoSessionIdleTimeoutRememberMe" : 0,
"ssoSessionMaxLifespanRememberMe" : 0,
"offlineSessionIdleTimeout" : 2592000,
"offlineSessionMaxLifespanEnabled" : false,
"offlineSessionMaxLifespan" : 5184000,
"clientSessionIdleTimeout" : 0,
"clientSessionMaxLifespan" : 0,
"clientOfflineSessionIdleTimeout" : 0,
"clientOfflineSessionMaxLifespan" : 0,
"accessCodeLifespan" : 60,
"accessCodeLifespanUserAction" : 300,
"accessCodeLifespanLogin" : 1800,
"actionTokenGeneratedByAdminLifespan" : 43200,
"actionTokenGeneratedByUserLifespan" : 300,
"oauth2DeviceCodeLifespan" : 600,
"oauth2DevicePollingInterval" : 5,
"enabled" : true,
"sslRequired" : "external",
"registrationAllowed" : false,
"registrationEmailAsUsername" : false,
"rememberMe" : false,
"verifyEmail" : false,
"loginWithEmailAllowed" : true,
"duplicateEmailsAllowed" : false,
"resetPasswordAllowed" : false,
"editUsernameAllowed" : false,
"bruteForceProtected" : false,
"permanentLockout" : false,
"maxFailureWaitSeconds" : 900,
"minimumQuickLoginWaitSeconds" : 60,
"waitIncrementSeconds" : 60,
"quickLoginCheckMilliSeconds" : 1000,
"maxDeltaTimeSeconds" : 43200,
"failureFactor" : 30,
"roles" : {
"realm" : [ {
"id" : "1c526b7a-28c0-47a5-aec0-29f943075f91",
"name" : "uma_authorization",
"description" : "${role_uma_authorization}",
"composite" : false,
"clientRole" : false,
"containerId" : "workspace",
"attributes" : { }
}, {
"id" : "b26c1bab-a4d3-4ca2-ad30-dc105874ee96",
"name" : "default-roles-workspace",
"description" : "${role_default-roles}",
"composite" : true,
"composites" : {
"realm" : [ "offline_access", "uma_authorization" ],
"client" : {
"account" : [ "manage-account", "view-profile" ]
}
},
"clientRole" : false,
"containerId" : "workspace",
"attributes" : { }
}, {
"id" : "5d066a2a-170a-4e18-93c8-c41693182373",
"name" : "offline_access",
"description" : "${role_offline-access}",
"composite" : false,
"clientRole" : false,
"containerId" : "workspace",
"attributes" : { }
} ],
"client" : {
"realm-management" : [ {
"id" : "88096272-d90e-4f76-ba17-840ee69db754",
"name" : "create-client",
"description" : "${role_create-client}",
"composite" : false,
"clientRole" : true,
"containerId" : "601c29ae-ce82-452e-9b12-b408ccde392f",
"attributes" : { }
}, {
"id" : "765d436c-af28-4e14-9408-c82820f3e372",
"name" : "manage-realm",
"description" : "${role_manage-realm}",
"composite" : false,
"clientRole" : true,
"containerId" : "601c29ae-ce82-452e-9b12-b408ccde392f",
"attributes" : { }
}, {
"id" : "a4143506-925d-429c-958a-e18ecbd56c09",
"name" : "view-authorization",
"description" : "${role_view-authorization}",
"composite" : false,
"clientRole" : true,
"containerId" : "601c29ae-ce82-452e-9b12-b408ccde392f",
"attributes" : { }
}, {
"id" : "e4891fb9-e1fa-4033-a4ff-56e5352dce16",
"name" : "impersonation",
"description" : "${role_impersonation}",
"composite" : false,
"clientRole" : true,
"containerId" : "601c29ae-ce82-452e-9b12-b408ccde392f",
"attributes" : { }
}, {
"id" : "907f9311-aecd-451d-8807-80da72a99fbf",
"name" : "manage-identity-providers",
"description" : "${role_manage-identity-providers}",
"composite" : false,
"clientRole" : true,
"containerId" : "601c29ae-ce82-452e-9b12-b408ccde392f",
"attributes" : { }
}, {
"id" : "732a76cd-56e2-4fa9-957a-903b6bc44a95",
"name" : "view-users",
"description" : "${role_view-users}",
"composite" : true,
"composites" : {
"client" : {
"realm-management" : [ "query-groups", "query-users" ]
}
},
"clientRole" : true,
"containerId" : "601c29ae-ce82-452e-9b12-b408ccde392f",
"attributes" : { }
}, {
"id" : "d3eec519-c389-466e-b41f-530779ad3d59",
"name" : "manage-authorization",
"description" : "${role_manage-authorization}",
"composite" : false,
"clientRole" : true,
"containerId" : "601c29ae-ce82-452e-9b12-b408ccde392f",
"attributes" : { }
}, {
"id" : "732c2aca-c712-4a5b-8df6-5a9b5d9a9835",
"name" : "query-clients",
"description" : "${role_query-clients}",
"composite" : false,
"clientRole" : true,
"containerId" : "601c29ae-ce82-452e-9b12-b408ccde392f",
"attributes" : { }
}, {
"id" : "641a0557-6674-406c-8bc4-3a7bf279e40c",
"name" : "query-users",
"description" : "${role_query-users}",
"composite" : false,
"clientRole" : true,
"containerId" : "601c29ae-ce82-452e-9b12-b408ccde392f",
"attributes" : { }
}, {
"id" : "904cbf7c-3068-4dba-9733-18b74366e860",
"name" : "view-identity-providers",
"description" : "${role_view-identity-providers}",
"composite" : false,
"clientRole" : true,
"containerId" : "601c29ae-ce82-452e-9b12-b408ccde392f",
"attributes" : { }
}, {
"id" : "5ec30d1b-8cd3-4982-ad20-9d4650572ee6",
"name" : "view-events",
"description" : "${role_view-events}",
"composite" : false,
"clientRole" : true,
"containerId" : "601c29ae-ce82-452e-9b12-b408ccde392f",
"attributes" : { }
}, {
"id" : "a96452be-2801-4674-be18-f747f5c80f0f",
"name" : "manage-clients",
"description" : "${role_manage-clients}",
"composite" : false,
"clientRole" : true,
"containerId" : "601c29ae-ce82-452e-9b12-b408ccde392f",
"attributes" : { }
}, {
"id" : "0a7f2d45-7725-40b0-a21a-f8554341e780",
"name" : "view-clients",
"description" : "${role_view-clients}",
"composite" : true,
"composites" : {
"client" : {
"realm-management" : [ "query-clients" ]
}
},
"clientRole" : true,
"containerId" : "601c29ae-ce82-452e-9b12-b408ccde392f",
"attributes" : { }
}, {
"id" : "3dc64ab3-9b0c-4bee-b952-793966f69a93",
"name" : "realm-admin",
"description" : "${role_realm-admin}",
"composite" : true,
"composites" : {
"client" : {
"realm-management" : [ "create-client", "manage-realm", "view-authorization", "impersonation", "view-users", "manage-identity-providers", "manage-authorization", "query-users", "query-clients", "view-identity-providers", "view-events", "view-clients", "manage-clients", "view-realm", "query-groups", "manage-events", "query-realms", "manage-users" ]
}
},
"clientRole" : true,
"containerId" : "601c29ae-ce82-452e-9b12-b408ccde392f",
"attributes" : { }
}, {
"id" : "d68a606e-f4f1-4594-b7cf-4b03d88bf1d6",
"name" : "view-realm",
"description" : "${role_view-realm}",
"composite" : false,
"clientRole" : true,
"containerId" : "601c29ae-ce82-452e-9b12-b408ccde392f",
"attributes" : { }
}, {
"id" : "0badd04d-f7cd-48b4-8977-aed9dd6a7576",
"name" : "query-groups",
"description" : "${role_query-groups}",
"composite" : false,
"clientRole" : true,
"containerId" : "601c29ae-ce82-452e-9b12-b408ccde392f",
"attributes" : { }
}, {
"id" : "039099f1-0b07-4e23-bff7-059c61fb4dfa",
"name" : "manage-events",
"description" : "${role_manage-events}",
"composite" : false,
"clientRole" : true,
"containerId" : "601c29ae-ce82-452e-9b12-b408ccde392f",
"attributes" : { }
}, {
"id" : "c8876ad0-ff8b-4c07-b613-6e9ee27dffda",
"name" : "query-realms",
"description" : "${role_query-realms}",
"composite" : false,
"clientRole" : true,
"containerId" : "601c29ae-ce82-452e-9b12-b408ccde392f",
"attributes" : { }
}, {
"id" : "dab08df7-f16d-46bd-8fed-4d3af256a481",
"name" : "manage-users",
"description" : "${role_manage-users}",
"composite" : false,
"clientRole" : true,
"containerId" : "601c29ae-ce82-452e-9b12-b408ccde392f",
"attributes" : { }
} ],
"workspace" : [ ],
"security-admin-console" : [ ],
"admin-cli" : [ ],
"account-console" : [ ],
"broker" : [ {
"id" : "e8383f80-dca9-44f6-b87a-06197be407bf",
"name" : "read-token",
"description" : "${role_read-token}",
"composite" : false,
"clientRole" : true,
"containerId" : "d8ff5a88-70e9-4255-b952-c8a7ac2fe45a",
"attributes" : { }
} ],
"account" : [ {
"id" : "1d34a5b2-2f7f-4c91-bc74-71b0a06db79d",
"name" : "view-applications",
"description" : "${role_view-applications}",
"composite" : false,
"clientRole" : true,
"containerId" : "91ee30e5-b866-47f8-a85b-0d8c9a8bbd1a",
"attributes" : { }
}, {
"id" : "75d9c49a-c7ac-4d01-9aab-3a631953a81d",
"name" : "view-consent",
"description" : "${role_view-consent}",
"composite" : false,
"clientRole" : true,
"containerId" : "91ee30e5-b866-47f8-a85b-0d8c9a8bbd1a",
"attributes" : { }
}, {
"id" : "8fbbdc70-82de-4993-8728-2f12e1e47885",
"name" : "delete-account",
"description" : "${role_delete-account}",
"composite" : false,
"clientRole" : true,
"containerId" : "91ee30e5-b866-47f8-a85b-0d8c9a8bbd1a",
"attributes" : { }
}, {
"id" : "06d84f72-07a5-47fd-8c2d-0c551003328d",
"name" : "manage-account",
"description" : "${role_manage-account}",
"composite" : true,
"composites" : {
"client" : {
"account" : [ "manage-account-links" ]
}
},
"clientRole" : true,
"containerId" : "91ee30e5-b866-47f8-a85b-0d8c9a8bbd1a",
"attributes" : { }
}, {
"id" : "e9948c4f-4001-4322-bd7c-bcc53ab57b3d",
"name" : "manage-consent",
"description" : "${role_manage-consent}",
"composite" : true,
"composites" : {
"client" : {
"account" : [ "view-consent" ]
}
},
"clientRole" : true,
"containerId" : "91ee30e5-b866-47f8-a85b-0d8c9a8bbd1a",
"attributes" : { }
}, {
"id" : "aaa57ba7-a8bc-4aac-998c-889e91ba4cb2",
"name" : "view-profile",
"description" : "${role_view-profile}",
"composite" : false,
"clientRole" : true,
"containerId" : "91ee30e5-b866-47f8-a85b-0d8c9a8bbd1a",
"attributes" : { }
}, {
"id" : "b966c1e2-26c7-43ea-8a28-c87812afcfcf",
"name" : "manage-account-links",
"description" : "${role_manage-account-links}",
"composite" : false,
"clientRole" : true,
"containerId" : "91ee30e5-b866-47f8-a85b-0d8c9a8bbd1a",
"attributes" : { }
} ]
}
},
"groups" : [ ],
"defaultRole" : {
"id" : "b26c1bab-a4d3-4ca2-ad30-dc105874ee96",
"name" : "default-roles-workspace",
"description" : "${role_default-roles}",
"composite" : true,
"clientRole" : false,
"containerId" : "workspace"
},
"requiredCredentials" : [ "password" ],
"otpPolicyType" : "totp",
"otpPolicyAlgorithm" : "HmacSHA1",
"otpPolicyInitialCounter" : 0,
"otpPolicyDigits" : 6,
"otpPolicyLookAheadWindow" : 1,
"otpPolicyPeriod" : 30,
"otpSupportedApplications" : [ "FreeOTP", "Google Authenticator" ],
"webAuthnPolicyRpEntityName" : "keycloak",
"webAuthnPolicySignatureAlgorithms" : [ "ES256" ],
"webAuthnPolicyRpId" : "",
"webAuthnPolicyAttestationConveyancePreference" : "not specified",
"webAuthnPolicyAuthenticatorAttachment" : "not specified",
"webAuthnPolicyRequireResidentKey" : "not specified",
"webAuthnPolicyUserVerificationRequirement" : "not specified",
"webAuthnPolicyCreateTimeout" : 0,
"webAuthnPolicyAvoidSameAuthenticatorRegister" : false,
"webAuthnPolicyAcceptableAaguids" : [ ],
"webAuthnPolicyPasswordlessRpEntityName" : "keycloak",
"webAuthnPolicyPasswordlessSignatureAlgorithms" : [ "ES256" ],
"webAuthnPolicyPasswordlessRpId" : "",
"webAuthnPolicyPasswordlessAttestationConveyancePreference" : "not specified",
"webAuthnPolicyPasswordlessAuthenticatorAttachment" : "not specified",
"webAuthnPolicyPasswordlessRequireResidentKey" : "not specified",
"webAuthnPolicyPasswordlessUserVerificationRequirement" : "not specified",
"webAuthnPolicyPasswordlessCreateTimeout" : 0,
"webAuthnPolicyPasswordlessAvoidSameAuthenticatorRegister" : false,
"webAuthnPolicyPasswordlessAcceptableAaguids" : [ ],
"users" : [ {
"id" : "1c9732e6-1a50-43aa-a21b-9218f1ce1003",
"createdTimestamp" : 1666785775228,
"username" : "service-account-workspace",
"enabled" : true,
"totp" : false,
"emailVerified" : false,
"serviceAccountClientId" : "workspace",
"credentials" : [ ],
"disableableCredentialTypes" : [ ],
"requiredActions" : [ ],
"realmRoles" : [ "default-roles-workspace" ],
"notBefore" : 0,
"groups" : [ ]
}, {
"id" : "e95d61a5-a3f3-498c-8de8-ed2907c4839f",
"createdTimestamp" : 1666784357923,
"username" : "signer",
"enabled" : true,
"totp" : false,
"emailVerified" : false,
"credentials" : [ {
"id" : "38f10b1e-bdc5-458d-b25a-99e70b49853d",
"type" : "password",
"createdDate" : 1666784368658,
"secretData" : "{\"value\":\"Z4nmpZQdCIud4I+OBH9HolRiyyc42ne51BbGmNitTH6twSZCe+qd25riOAkVBilphHzEUrbVYOmh7QeRNVmLWg==\",\"salt\":\"gEJ5XnTMnevuZPk6wZIUvQ==\",\"additionalParameters\":{}}",
"credentialData" : "{\"hashIterations\":27500,\"algorithm\":\"pbkdf2-sha256\",\"additionalParameters\":{}}"
} ],
"disableableCredentialTypes" : [ ],
"requiredActions" : [ ],
"realmRoles" : [ "default-roles-workspace" ],
"notBefore" : 0,
"groups" : [ ]
} ],
"scopeMappings" : [ {
"clientScope" : "offline_access",
"roles" : [ "offline_access" ]
} ],
"clientScopeMappings" : {
"account" : [ {
"client" : "account-console",
"roles" : [ "manage-account" ]
} ]
},
"clients" : [ {
"id" : "91ee30e5-b866-47f8-a85b-0d8c9a8bbd1a",
"clientId" : "account",
"name" : "${client_account}",
"rootUrl" : "${authBaseUrl}",
"baseUrl" : "/realms/workspace/account/",
"surrogateAuthRequired" : false,
"enabled" : true,
"alwaysDisplayInConsole" : false,
"clientAuthenticatorType" : "client-secret",
"redirectUris" : [ "/realms/workspace/account/*" ],
"webOrigins" : [ ],
"notBefore" : 0,
"bearerOnly" : false,
"consentRequired" : false,
"standardFlowEnabled" : true,
"implicitFlowEnabled" : false,
"directAccessGrantsEnabled" : false,
"serviceAccountsEnabled" : false,
"publicClient" : true,
"frontchannelLogout" : false,
"protocol" : "openid-connect",
"attributes" : { },
"authenticationFlowBindingOverrides" : { },
"fullScopeAllowed" : false,
"nodeReRegistrationTimeout" : 0,
"defaultClientScopes" : [ "web-origins", "acr", "roles", "profile", "email" ],
"optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ]
}, {
"id" : "684d6aa5-714e-4c29-b195-4f2d2dcc5593",
"clientId" : "account-console",
"name" : "${client_account-console}",
"rootUrl" : "${authBaseUrl}",
"baseUrl" : "/realms/workspace/account/",
"surrogateAuthRequired" : false,
"enabled" : true,
"alwaysDisplayInConsole" : false,
"clientAuthenticatorType" : "client-secret",
"redirectUris" : [ "/realms/workspace/account/*" ],
"webOrigins" : [ ],
"notBefore" : 0,
"bearerOnly" : false,
"consentRequired" : false,
"standardFlowEnabled" : true,
"implicitFlowEnabled" : false,
"directAccessGrantsEnabled" : false,
"serviceAccountsEnabled" : false,
"publicClient" : true,
"frontchannelLogout" : false,
"protocol" : "openid-connect",
"attributes" : {
"pkce.code.challenge.method" : "S256"
},
"authenticationFlowBindingOverrides" : { },
"fullScopeAllowed" : false,
"nodeReRegistrationTimeout" : 0,
"protocolMappers" : [ {
"id" : "a23f97e6-2f46-4a2c-8506-dc837f1c116d",
"name" : "audience resolve",
"protocol" : "openid-connect",
"protocolMapper" : "oidc-audience-resolve-mapper",
"consentRequired" : false,
"config" : { }
} ],
"defaultClientScopes" : [ "web-origins", "acr", "roles", "profile", "email" ],
"optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ]
}, {
"id" : "6ba2bf58-3032-4f5e-bbdc-b1b55b3cafcf",
"clientId" : "admin-cli",
"name" : "${client_admin-cli}",
"surrogateAuthRequired" : false,
"enabled" : true,
"alwaysDisplayInConsole" : false,
"clientAuthenticatorType" : "client-secret",
"redirectUris" : [ ],
"webOrigins" : [ ],
"notBefore" : 0,
"bearerOnly" : false,
"consentRequired" : false,
"standardFlowEnabled" : false,
"implicitFlowEnabled" : false,
"directAccessGrantsEnabled" : true,
"serviceAccountsEnabled" : false,
"publicClient" : true,
"frontchannelLogout" : false,
"protocol" : "openid-connect",
"attributes" : { },
"authenticationFlowBindingOverrides" : { },
"fullScopeAllowed" : false,
"nodeReRegistrationTimeout" : 0,
"defaultClientScopes" : [ "web-origins", "acr", "roles", "profile", "email" ],
"optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ]
}, {
"id" : "d8ff5a88-70e9-4255-b952-c8a7ac2fe45a",
"clientId" : "broker",
"name" : "${client_broker}",
"surrogateAuthRequired" : false,
"enabled" : true,
"alwaysDisplayInConsole" : false,
"clientAuthenticatorType" : "client-secret",
"redirectUris" : [ ],
"webOrigins" : [ ],
"notBefore" : 0,
"bearerOnly" : true,
"consentRequired" : false,
"standardFlowEnabled" : true,
"implicitFlowEnabled" : false,
"directAccessGrantsEnabled" : false,
"serviceAccountsEnabled" : false,
"publicClient" : false,
"frontchannelLogout" : false,
"protocol" : "openid-connect",
"attributes" : { },
"authenticationFlowBindingOverrides" : { },
"fullScopeAllowed" : false,
"nodeReRegistrationTimeout" : 0,
"defaultClientScopes" : [ "web-origins", "acr", "roles", "profile", "email" ],
"optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ]
}, {
"id" : "601c29ae-ce82-452e-9b12-b408ccde392f",
"clientId" : "realm-management",
"name" : "${client_realm-management}",
"surrogateAuthRequired" : false,
"enabled" : true,
"alwaysDisplayInConsole" : false,
"clientAuthenticatorType" : "client-secret",
"redirectUris" : [ ],
"webOrigins" : [ ],
"notBefore" : 0,
"bearerOnly" : true,
"consentRequired" : false,
"standardFlowEnabled" : true,
"implicitFlowEnabled" : false,
"directAccessGrantsEnabled" : false,
"serviceAccountsEnabled" : false,
"publicClient" : false,
"frontchannelLogout" : false,
"protocol" : "openid-connect",
"attributes" : { },
"authenticationFlowBindingOverrides" : { },
"fullScopeAllowed" : false,
"nodeReRegistrationTimeout" : 0,
"defaultClientScopes" : [ "web-origins", "acr", "roles", "profile", "email" ],
"optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ]
}, {
"id" : "0769b24b-b997-40ea-a4ec-4c017d3bc89c",
"clientId" : "security-admin-console",
"name" : "${client_security-admin-console}",
"rootUrl" : "${authAdminUrl}",
"baseUrl" : "/admin/workspace/console/",
"surrogateAuthRequired" : false,
"enabled" : true,
"alwaysDisplayInConsole" : false,
"clientAuthenticatorType" : "client-secret",
"redirectUris" : [ "/admin/workspace/console/*" ],
"webOrigins" : [ "+" ],
"notBefore" : 0,
"bearerOnly" : false,
"consentRequired" : false,
"standardFlowEnabled" : true,
"implicitFlowEnabled" : false,
"directAccessGrantsEnabled" : false,
"serviceAccountsEnabled" : false,
"publicClient" : true,
"frontchannelLogout" : false,
"protocol" : "openid-connect",
"attributes" : {
"pkce.code.challenge.method" : "S256"
},
"authenticationFlowBindingOverrides" : { },
"fullScopeAllowed" : false,
"nodeReRegistrationTimeout" : 0,
"protocolMappers" : [ {
"id" : "2522f1da-d381-47e9-910c-17e1fc9341cc",
"name" : "locale",
"protocol" : "openid-connect",
"protocolMapper" : "oidc-usermodel-attribute-mapper",
"consentRequired" : false,
"config" : {
"userinfo.token.claim" : "true",
"user.attribute" : "locale",
"id.token.claim" : "true",
"access.token.claim" : "true",
"claim.name" : "locale",
"jsonType.label" : "String"
}
} ],
"defaultClientScopes" : [ "web-origins", "acr", "roles", "profile", "email" ],
"optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ]
}, {
"id" : "3bf9b7e9-cb9d-408c-97e0-1a22f9c6ac53",
"clientId" : "workspace",
"rootUrl" : "http://localhost:8086/",
"adminUrl" : "http://localhost:8086/",
"surrogateAuthRequired" : false,
"enabled" : true,
"alwaysDisplayInConsole" : false,
"clientAuthenticatorType" : "client-secret",
"secret" : "79bdTGYCKLz9wYSY61vpQF5d4CyZBpsZ",
"redirectUris" : [ "http://localhost:8086/*" ],
"webOrigins" : [ "http://localhost:8086" ],
"notBefore" : 0,
"bearerOnly" : false,
"consentRequired" : false,
"standardFlowEnabled" : false,
"implicitFlowEnabled" : false,
"directAccessGrantsEnabled" : false,
"serviceAccountsEnabled" : true,
"publicClient" : false,
"frontchannelLogout" : false,
"protocol" : "openid-connect",
"attributes" : {
"access.token.lifespan" : "3600",
"saml.force.post.binding" : "false",
"saml.multivalued.roles" : "false",
"frontchannel.logout.session.required" : "false",
"oauth2.device.authorization.grant.enabled" : "false",
"backchannel.logout.revoke.offline.tokens" : "false",
"saml.server.signature.keyinfo.ext" : "false",
"use.refresh.tokens" : "false",
"oidc.ciba.grant.enabled" : "false",
"backchannel.logout.session.required" : "true",
"client_credentials.use_refresh_token" : "false",
"require.pushed.authorization.requests" : "false",
"saml.client.signature" : "false",
"saml.allow.ecp.flow" : "false",
"id.token.as.detached.signature" : "false",
"saml.assertion.signature" : "false",
"client.secret.creation.time" : "1666783980",
"saml.encrypt" : "false",
"saml.server.signature" : "false",
"exclude.session.state.from.auth.response" : "false",
"saml.artifact.binding" : "false",
"saml_force_name_id_format" : "false",
"acr.loa.map" : "{}",
"tls.client.certificate.bound.access.tokens" : "false",
"saml.authnstatement" : "false",
"display.on.consent.screen" : "false",
"token.response.type.bearer.lower-case" : "false",
"saml.onetimeuse.condition" : "false"
},
"authenticationFlowBindingOverrides" : {
"direct_grant" : "4a4ecd57-0047-4916-89d1-a8b86850d648",
"browser" : "43e280fc-b6d6-4eed-906f-6e312abdb664"
},
"fullScopeAllowed" : true,
"nodeReRegistrationTimeout" : -1,
"protocolMappers" : [ {
"id" : "6b09eee9-d37c-4d25-879a-c0e9d79a2b1c",
"name" : "Client ID",
"protocol" : "openid-connect",
"protocolMapper" : "oidc-usersessionmodel-note-mapper",
"consentRequired" : false,
"config" : {
"user.session.note" : "clientId",
"id.token.claim" : "true",
"access.token.claim" : "true",
"claim.name" : "clientId",
"jsonType.label" : "String"
}
}, {
"id" : "c033ad91-09ed-4a12-b560-9ea70b9e000f",
"name" : "Client Host",
"protocol" : "openid-connect",
"protocolMapper" : "oidc-usersessionmodel-note-mapper",
"consentRequired" : false,
"config" : {
"user.session.note" : "clientHost",
"id.token.claim" : "true",
"access.token.claim" : "true",
"claim.name" : "clientHost",
"jsonType.label" : "String"
}
}, {
"id" : "b900d147-9753-49b0-8afd-00269e064936",
"name" : "Client IP Address",
"protocol" : "openid-connect",
"protocolMapper" : "oidc-usersessionmodel-note-mapper",
"consentRequired" : false,
"config" : {
"user.session.note" : "clientAddress",
"id.token.claim" : "true",
"access.token.claim" : "true",
"claim.name" : "clientAddress",
"jsonType.label" : "String"
}
} ],
"defaultClientScopes" : [ "web-origins", "acr", "roles", "profile", "email" ],
"optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ]
} ],
"clientScopes" : [ {
"id" : "940b2557-8009-48f7-b856-5f4396df463b",
"name" : "web-origins",
"description" : "OpenID Connect scope for add allowed web origins to the access token",
"protocol" : "openid-connect",
"attributes" : {
"include.in.token.scope" : "false",
"display.on.consent.screen" : "false",
"consent.screen.text" : ""
},
"protocolMappers" : [ {
"id" : "adfcd344-6c9c-4923-ad80-c7a71a920428",
"name" : "allowed web origins",
"protocol" : "openid-connect",
"protocolMapper" : "oidc-allowed-origins-mapper",
"consentRequired" : false,
"config" : { }
} ]
}, {
"id" : "dccea698-7706-4f4e-af80-3b0b7aed0df4",
"name" : "roles",
"description" : "OpenID Connect scope for add user roles to the access token",
"protocol" : "openid-connect",
"attributes" : {
"include.in.token.scope" : "false",
"display.on.consent.screen" : "true",
"consent.screen.text" : "${rolesScopeConsentText}"
},
"protocolMappers" : [ {
"id" : "03de2044-d565-4dad-97c7-bb127cbf5c87",
"name" : "client roles",
"protocol" : "openid-connect",
"protocolMapper" : "oidc-usermodel-client-role-mapper",
"consentRequired" : false,
"config" : {
"user.attribute" : "foo",
"access.token.claim" : "true",
"claim.name" : "resource_access.${client_id}.roles",
"jsonType.label" : "String",
"multivalued" : "true"
}
}, {
"id" : "085c7590-822f-46ef-a2d5-bae5665d06b1",
"name" : "audience resolve",
"protocol" : "openid-connect",
"protocolMapper" : "oidc-audience-resolve-mapper",
"consentRequired" : false,
"config" : { }
}, {
"id" : "818d871e-abc9-408c-992c-33cd9445467f",
"name" : "realm roles",
"protocol" : "openid-connect",
"protocolMapper" : "oidc-usermodel-realm-role-mapper",
"consentRequired" : false,
"config" : {
"user.attribute" : "foo",
"access.token.claim" : "true",
"claim.name" : "realm_access.roles",
"jsonType.label" : "String",
"multivalued" : "true"
}
} ]
}, {
"id" : "3e932ca1-1169-4b98-b5e8-821e1678a8c2",
"name" : "role_list",
"description" : "SAML role list",
"protocol" : "saml",
"attributes" : {
"consent.screen.text" : "${samlRoleListScopeConsentText}",
"display.on.consent.screen" : "true"
},
"protocolMappers" : [ {
"id" : "4db78a1a-5eff-427c-a729-3811b33fa2d8",
"name" : "role list",
"protocol" : "saml",
"protocolMapper" : "saml-role-list-mapper",
"consentRequired" : false,
"config" : {
"single" : "false",
"attribute.nameformat" : "Basic",
"attribute.name" : "Role"
}
} ]
}, {
"id" : "ff8d7148-3b1c-434f-82e5-2a06639a594d",
"name" : "microprofile-jwt",
"description" : "Microprofile - JWT built-in scope",
"protocol" : "openid-connect",
"attributes" : {
"include.in.token.scope" : "true",
"display.on.consent.screen" : "false"
},
"protocolMappers" : [ {
"id" : "581331a9-f58c-44af-8871-40c9db911175",
"name" : "upn",
"protocol" : "openid-connect",
"protocolMapper" : "oidc-usermodel-property-mapper",
"consentRequired" : false,
"config" : {
"userinfo.token.claim" : "true",
"user.attribute" : "username",
"id.token.claim" : "true",
"access.token.claim" : "true",
"claim.name" : "upn",
"jsonType.label" : "String"
}
}, {
"id" : "3a5a3cdf-98ca-4297-a610-f20d6596f6ea",
"name" : "groups",
"protocol" : "openid-connect",
"protocolMapper" : "oidc-usermodel-realm-role-mapper",
"consentRequired" : false,
"config" : {
"multivalued" : "true",
"user.attribute" : "foo",
"id.token.claim" : "true",
"access.token.claim" : "true",
"claim.name" : "groups",
"jsonType.label" : "String"
}
} ]
}, {
"id" : "e7c4c3d2-8ae9-469d-bd67-262171d3aec8",
"name" : "address",
"description" : "OpenID Connect built-in scope: address",
"protocol" : "openid-connect",
"attributes" : {
"include.in.token.scope" : "true",
"display.on.consent.screen" : "true",
"consent.screen.text" : "${addressScopeConsentText}"
},
"protocolMappers" : [ {
"id" : "f9aa0066-0101-4429-9364-4f1a1d4222c6",
"name" : "address",
"protocol" : "openid-connect",
"protocolMapper" : "oidc-address-mapper",
"consentRequired" : false,
"config" : {
"user.attribute.formatted" : "formatted",
"user.attribute.country" : "country",
"user.attribute.postal_code" : "postal_code",
"userinfo.token.claim" : "true",
"user.attribute.street" : "street",
"id.token.claim" : "true",
"user.attribute.region" : "region",
"access.token.claim" : "true",
"user.attribute.locality" : "locality"
}
} ]
}, {
"id" : "116d668b-c651-45e8-bf86-4eeeb5f15ab8",
"name" : "profile",
"description" : "OpenID Connect built-in scope: profile",
"protocol" : "openid-connect",
"attributes" : {
"include.in.token.scope" : "true",
"display.on.consent.screen" : "true",
"consent.screen.text" : "${profileScopeConsentText}"
},
"protocolMappers" : [ {
"id" : "8f2d9d2c-f4e4-4a4e-85c7-467009799c27",
"name" : "middle name",
"protocol" : "openid-connect",
"protocolMapper" : "oidc-usermodel-attribute-mapper",
"consentRequired" : false,
"config" : {
"userinfo.token.claim" : "true",
"user.attribute" : "middleName",
"id.token.claim" : "true",
"access.token.claim" : "true",
"claim.name" : "middle_name",
"jsonType.label" : "String"
}
}, {
"id" : "31acc2d9-f2db-4954-ad59-3df731c2ef0b",
"name" : "nickname",
"protocol" : "openid-connect",
"protocolMapper" : "oidc-usermodel-attribute-mapper",
"consentRequired" : false,
"config" : {
"userinfo.token.claim" : "true",
"user.attribute" : "nickname",
"id.token.claim" : "true",
"access.token.claim" : "true",
"claim.name" : "nickname",
"jsonType.label" : "String"
}
}, {
"id" : "cac418c2-beaf-4476-9f3e-fe4bacc325c9",
"name" : "zoneinfo",
"protocol" : "openid-connect",
"protocolMapper" : "oidc-usermodel-attribute-mapper",
"consentRequired" : false,
"config" : {
"userinfo.token.claim" : "true",
"user.attribute" : "zoneinfo",
"id.token.claim" : "true",
"access.token.claim" : "true",
"claim.name" : "zoneinfo",
"jsonType.label" : "String"
}
}, {
"id" : "1408f824-2e67-459b-aea7-264b65906fe7",
"name" : "locale",
"protocol" : "openid-connect",
"protocolMapper" : "oidc-usermodel-attribute-mapper",
"consentRequired" : false,
"config" : {
"userinfo.token.claim" : "true",
"user.attribute" : "locale",
"id.token.claim" : "true",
"access.token.claim" : "true",
"claim.name" : "locale",
"jsonType.label" : "String"
}
}, {
"id" : "5e02164d-f50c-4b45-9e35-e02f5cd04cea",
"name" : "family name",
"protocol" : "openid-connect",
"protocolMapper" : "oidc-usermodel-property-mapper",
"consentRequired" : false,
"config" : {
"userinfo.token.claim" : "true",
"user.attribute" : "lastName",
"id.token.claim" : "true",
"access.token.claim" : "true",
"claim.name" : "family_name",
"jsonType.label" : "String"
}
}, {
"id" : "ece559ef-6dd7-41e5-adfe-07cd8d4792c6",
"name" : "gender",
"protocol" : "openid-connect",
"protocolMapper" : "oidc-usermodel-attribute-mapper",
"consentRequired" : false,
"config" : {
"userinfo.token.claim" : "true",
"user.attribute" : "gender",
"id.token.claim" : "true",
"access.token.claim" : "true",
"claim.name" : "gender",
"jsonType.label" : "String"
}
}, {
"id" : "3f1ea1f0-ea30-486c-8735-38b7a890478f",
"name" : "given name",
"protocol" : "openid-connect",
"protocolMapper" : "oidc-usermodel-property-mapper",
"consentRequired" : false,
"config" : {
"userinfo.token.claim" : "true",
"user.attribute" : "firstName",
"id.token.claim" : "true",
"access.token.claim" : "true",
"claim.name" : "given_name",
"jsonType.label" : "String"
}
}, {
"id" : "9281d2ea-b77e-4be6-851e-3bcf72851de4",
"name" : "full name",
"protocol" : "openid-connect",
"protocolMapper" : "oidc-full-name-mapper",
"consentRequired" : false,
"config" : {
"id.token.claim" : "true",
"access.token.claim" : "true",
"userinfo.token.claim" : "true"
}
}, {
"id" : "b0701d18-9ebe-4ac0-bd6c-f0dcbdcd8440",
"name" : "username",
"protocol" : "openid-connect",
"protocolMapper" : "oidc-usermodel-property-mapper",
"consentRequired" : false,
"config" : {
"userinfo.token.claim" : "true",
"user.attribute" : "username",
"id.token.claim" : "true",
"access.token.claim" : "true",
"claim.name" : "preferred_username",
"jsonType.label" : "String"
}
}, {
"id" : "6d250a51-da6b-4c89-a9d5-350be8542718",
"name" : "website",
"protocol" : "openid-connect",
"protocolMapper" : "oidc-usermodel-attribute-mapper",
"consentRequired" : false,
"config" : {
"userinfo.token.claim" : "true",
"user.attribute" : "website",
"id.token.claim" : "true",
"access.token.claim" : "true",
"claim.name" : "website",
"jsonType.label" : "String"
}
}, {
"id" : "fa0111d1-10ca-4915-a58f-10348dbc6ad3",
"name" : "picture",
"protocol" : "openid-connect",
"protocolMapper" : "oidc-usermodel-attribute-mapper",
"consentRequired" : false,
"config" : {
"userinfo.token.claim" : "true",
"user.attribute" : "picture",
"id.token.claim" : "true",
"access.token.claim" : "true",
"claim.name" : "picture",
"jsonType.label" : "String"
}
}, {
"id" : "a7b30dbd-82a4-4be4-88c0-9b256910399c",
"name" : "updated at",
"protocol" : "openid-connect",
"protocolMapper" : "oidc-usermodel-attribute-mapper",
"consentRequired" : false,
"config" : {
"userinfo.token.claim" : "true",
"user.attribute" : "updatedAt",
"id.token.claim" : "true",
"access.token.claim" : "true",
"claim.name" : "updated_at",
"jsonType.label" : "long"
}
}, {
"id" : "0c771fb7-9c49-4358-a9f8-d636db6d2a2a",
"name" : "birthdate",
"protocol" : "openid-connect",
"protocolMapper" : "oidc-usermodel-attribute-mapper",
"consentRequired" : false,
"config" : {
"userinfo.token.claim" : "true",
"user.attribute" : "birthdate",
"id.token.claim" : "true",
"access.token.claim" : "true",
"claim.name" : "birthdate",
"jsonType.label" : "String"
}
}, {
"id" : "0f67d221-254c-454e-8148-832a089a772f",
"name" : "profile",
"protocol" : "openid-connect",
"protocolMapper" : "oidc-usermodel-attribute-mapper",
"consentRequired" : false,
"config" : {
"userinfo.token.claim" : "true",
"user.attribute" : "profile",
"id.token.claim" : "true",
"access.token.claim" : "true",
"claim.name" : "profile",
"jsonType.label" : "String"
}
} ]
}, {
"id" : "29363996-9330-4536-9c87-bff67af5882e",
"name" : "acr",
"description" : "OpenID Connect scope for add acr (authentication context class reference) to the token",
"protocol" : "openid-connect",
"attributes" : {
"include.in.token.scope" : "false",
"display.on.consent.screen" : "false"
},
"protocolMappers" : [ {
"id" : "aaa4a9dc-4d62-4941-8afc-d25d7539908d",
"name" : "acr loa level",
"protocol" : "openid-connect",
"protocolMapper" : "oidc-acr-mapper",
"consentRequired" : false,
"config" : {
"id.token.claim" : "true",
"access.token.claim" : "true"
}
} ]
}, {
"id" : "23c17eda-4e0c-479d-ab8e-c38672241c76",
"name" : "email",
"description" : "OpenID Connect built-in scope: email",
"protocol" : "openid-connect",
"attributes" : {
"include.in.token.scope" : "true",
"display.on.consent.screen" : "true",
"consent.screen.text" : "${emailScopeConsentText}"
},
"protocolMappers" : [ {
"id" : "eaa32e7e-693f-44be-9178-243d5cab3db5",
"name" : "email",
"protocol" : "openid-connect",
"protocolMapper" : "oidc-usermodel-property-mapper",
"consentRequired" : false,
"config" : {
"userinfo.token.claim" : "true",
"user.attribute" : "email",
"id.token.claim" : "true",
"access.token.claim" : "true",
"claim.name" : "email",
"jsonType.label" : "String"
}
}, {
"id" : "fc3190df-a543-43d9-bcc3-c0ed1726fb74",
"name" : "email verified",
"protocol" : "openid-connect",
"protocolMapper" : "oidc-usermodel-property-mapper",
"consentRequired" : false,
"config" : {
"userinfo.token.claim" : "true",
"user.attribute" : "emailVerified",
"id.token.claim" : "true",
"access.token.claim" : "true",
"claim.name" : "email_verified",
"jsonType.label" : "boolean"
}
} ]
}, {
"id" : "1ee99458-3ff2-4742-b008-5685646d8016",
"name" : "offline_access",
"description" : "OpenID Connect built-in scope: offline_access",
"protocol" : "openid-connect",
"attributes" : {
"consent.screen.text" : "${offlineAccessScopeConsentText}",
"display.on.consent.screen" : "true"
}
}, {
"id" : "7976bdeb-8636-47e3-a8c0-58eafbfdb63c",
"name" : "phone",
"description" : "OpenID Connect built-in scope: phone",
"protocol" : "openid-connect",
"attributes" : {
"include.in.token.scope" : "true",
"display.on.consent.screen" : "true",
"consent.screen.text" : "${phoneScopeConsentText}"
},
"protocolMappers" : [ {
"id" : "b30fdd74-4ee8-42d1-9d4a-2b140559c403",
"name" : "phone number verified",
"protocol" : "openid-connect",
"protocolMapper" : "oidc-usermodel-attribute-mapper",
"consentRequired" : false,
"config" : {
"userinfo.token.claim" : "true",
"user.attribute" : "phoneNumberVerified",
"id.token.claim" : "true",
"access.token.claim" : "true",
"claim.name" : "phone_number_verified",
"jsonType.label" : "boolean"
}
}, {
"id" : "b12022f3-403d-48e2-a05c-39ece78e94c7",
"name" : "phone number",
"protocol" : "openid-connect",
"protocolMapper" : "oidc-usermodel-attribute-mapper",
"consentRequired" : false,
"config" : {
"userinfo.token.claim" : "true",
"user.attribute" : "phoneNumber",
"id.token.claim" : "true",
"access.token.claim" : "true",
"claim.name" : "phone_number",
"jsonType.label" : "String"
}
} ]
} ],
"defaultDefaultClientScopes" : [ "role_list", "profile", "email", "roles", "web-origins", "acr" ],
"defaultOptionalClientScopes" : [ "offline_access", "address", "phone", "microprofile-jwt" ],
"browserSecurityHeaders" : {
"contentSecurityPolicyReportOnly" : "",
"xContentTypeOptions" : "nosniff",
"xRobotsTag" : "none",
"xFrameOptions" : "SAMEORIGIN",
"contentSecurityPolicy" : "frame-src 'self'; frame-ancestors 'self'; object-src 'none';",
"xXSSProtection" : "1; mode=block",
"strictTransportSecurity" : "max-age=31536000; includeSubDomains"
},
"smtpServer" : { },
"eventsEnabled" : false,
"eventsListeners" : [ "jboss-logging" ],
"enabledEventTypes" : [ ],
"adminEventsEnabled" : false,
"adminEventsDetailsEnabled" : false,
"identityProviders" : [ ],
"identityProviderMappers" : [ ],
"components" : {
"org.keycloak.services.clientregistration.policy.ClientRegistrationPolicy" : [ {
"id" : "e0066bd7-e9fe-450a-8445-2a1d566b4ce0",
"name" : "Allowed Client Scopes",
"providerId" : "allowed-client-templates",
"subType" : "anonymous",
"subComponents" : { },
"config" : {
"allow-default-scopes" : [ "true" ]
}
}, {
"id" : "b13748f7-f1ed-491a-a7bd-e025199b5077",
"name" : "Full Scope Disabled",
"providerId" : "scope",
"subType" : "anonymous",
"subComponents" : { },
"config" : { }
}, {
"id" : "9c441c99-9602-4917-b5c1-59b6cf5ecd35",
"name" : "Allowed Protocol Mapper Types",
"providerId" : "allowed-protocol-mappers",
"subType" : "anonymous",
"subComponents" : { },
"config" : {
"allowed-protocol-mapper-types" : [ "oidc-full-name-mapper", "oidc-usermodel-attribute-mapper", "oidc-sha256-pairwise-sub-mapper", "oidc-usermodel-property-mapper", "oidc-address-mapper", "saml-user-attribute-mapper", "saml-user-property-mapper", "saml-role-list-mapper" ]
}
}, {
"id" : "18028b17-78ac-476c-b7f2-691540c5fc51",
"name" : "Allowed Client Scopes",
"providerId" : "allowed-client-templates",
"subType" : "authenticated",
"subComponents" : { },
"config" : {
"allow-default-scopes" : [ "true" ]
}
}, {
"id" : "bb0a56dc-98bb-4369-ab58-3a7af6431737",
"name" : "Consent Required",
"providerId" : "consent-required",
"subType" : "anonymous",
"subComponents" : { },
"config" : { }
}, {
"id" : "5f88c6ec-1267-476f-882d-81ce3f1b34a3",
"name" : "Max Clients Limit",
"providerId" : "max-clients",
"subType" : "anonymous",
"subComponents" : { },
"config" : {
"max-clients" : [ "200" ]
}
}, {
"id" : "46ba84aa-79f0-4bd6-878e-f6b12c1ece68",
"name" : "Allowed Protocol Mapper Types",
"providerId" : "allowed-protocol-mappers",
"subType" : "authenticated",
"subComponents" : { },
"config" : {
"allowed-protocol-mapper-types" : [ "saml-user-attribute-mapper", "oidc-address-mapper", "saml-role-list-mapper", "oidc-sha256-pairwise-sub-mapper", "oidc-full-name-mapper", "oidc-usermodel-property-mapper", "oidc-usermodel-attribute-mapper", "saml-user-property-mapper" ]
}
}, {
"id" : "0ec2625b-e6e2-4f74-8a97-96365f14591f",
"name" : "Trusted Hosts",
"providerId" : "trusted-hosts",
"subType" : "anonymous",
"subComponents" : { },
"config" : {
"host-sending-registration-request-must-match" : [ "true" ],
"client-uris-must-match" : [ "true" ]
}
} ],
"org.keycloak.keys.KeyProvider" : [ {
"id" : "f99df0e5-f7f8-4efc-b148-64c4443085e2",
"name" : "rsa-enc-generated",
"providerId" : "rsa-enc-generated",
"subComponents" : { },
"config" : {
"privateKey" : [ "MIIEowIBAAKCAQEAkpCN6rfjcPfVOX1G7TBVOVTH/oTijxrXdFrUc3TW28xvTHnnDnlHMhjl96IGuveMnktapvmxx5J/9KpRKtZLRGzpDScHyEwYw/eX/b5jfmI86MvcprH40qUV6G20VNNHneK5RHLBFgqaBbK+ov8HEKuGCFOdDtKcmynCa5CLEetGXvFXpAne5oMa+dOJJ+6RsnrsVYfj317LF90uAHSfwtu3C9XL682uh6jPtChwNNP8PQzOjTLl8h8NOJNJE2kZphgvBwTAOidABUMUXD2h7raLas7jTl181TbH8p5b5XeqihBn/EXaEuAGrPFnDBcJv57r9trJbHRV6FxV1PR06wIDAQABAoIBAGJHgIKGMINODLLyKJ9gK6W4DivDm9BuJU+moJOTI4hb+74CeEeiV3VmcL6u7WhuGuMCkJUrFmVG/XpowujArdQCW/wv0e4j6O9vlYHXKwxSf5lzKlC1Qq6teJVVCvlee8WJhMY7VPKcxU9Q3riZ3nj1K3ll6AlKfS0mwXIziK3IXFCqk0IvwmDQbKFXfF2TrSTosXcEIQE1B3NZ0lFT2Jn7yVjPQmIjFXkAcQP8EX2cg7agorZIK8/zK/fAitxPgXbfDd043WBDf5/bl78aIa/MnMnqtXxQVULW94sET6wPr+kWX5078kRVcTqU6v8FDmJH0q8V6cH+Wy/yuPDFgOECgYEAzELbikF1royhlaaPJAji1fls7psJDXOtPaYbY7gXu7zveETVDdaco1KmxGa7/W19r+mOg2L1k4Q54uLCB/304kVX1JYw55tCzr0Pn7QSiKp/6RcbzeHiPwziM11tidK7y2Jyi7YnqR3Aa/Q3XzrmyzU9rsg9WtFZbfGsXoxaR2MCgYEAt7BqjLUzDdOsGxKU/vlGLjLo7Z4JBqWJ9bE47ohn1MMCxRUs4UJ4GnsHaj2/RqXXZy+YefvRcq13lGi8L680o9Ttw2ZiYHvvbgMPEq60gIPY+45pACfEUReuhXLbZ9Qgf6ZW2HdnHZqoYr1xwJXZ8I4McJpSZZm3z3LoQbv55tkCgYBJILqGoe7m4fRLpojipsfHQXgtaJXyGfLw+lId/l+I2BiH32TDgo0rr8CC2iD9l0CDRUO/aCNxf8pVn0dGIzaT9619L5Qspxpg97DrRUXJZflLUvmiWPduCUfGifFYgXi4VPObb0h9tGgafiGA146fO91sgMXuiLrSsM48P1Vm7wKBgEUNp/B/idLP2SpQQPzdPtnNP61cNK5v+r4HQozBcK8WJGtse3OvJjFmQLJaxhZL7/8VcG+jD+jZd1OuT9hpOBPCzyMe0SrOTIMB2V+/l5GcfyyKK8ToLjACBBScyghtQU5bfNhhgr0pT9XWu/WXH9gDvn9yNDmHoQb2foN/pAF5AoGBAIgbqGX1En34P24eVm1hKABxFJBB2kAAh4O7Uf3eN29AjE31nxjmoSMk+8cqTIgYmCn8/cpddddskriBvozycvc63bVKQKKamKyhg0jlwNXPJbFW91lGoi/dLrP3efbNTMaWLAUSkDurajw6jrqBUZFcx/zz9s0+4YhauzPY7juh" ],
"keyUse" : [ "ENC" ],
"certificate" : [ "MIICoTCCAYkCBgGEFBCzazANBgkqhkiG9w0BAQsFADAUMRIwEAYDVQQDDAl3b3Jrc3BhY2UwHhcNMjIxMDI2MTEzMDQ5WhcNMzIxMDI2MTEzMjI5WjAUMRIwEAYDVQQDDAl3b3Jrc3BhY2UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCSkI3qt+Nw99U5fUbtMFU5VMf+hOKPGtd0WtRzdNbbzG9MeecOeUcyGOX3oga694yeS1qm+bHHkn/0qlEq1ktEbOkNJwfITBjD95f9vmN+Yjzoy9ymsfjSpRXobbRU00ed4rlEcsEWCpoFsr6i/wcQq4YIU50O0pybKcJrkIsR60Ze8VekCd7mgxr504kn7pGyeuxVh+PfXssX3S4AdJ/C27cL1cvrza6HqM+0KHA00/w9DM6NMuXyHw04k0kTaRmmGC8HBMA6J0AFQxRcPaHutotqzuNOXXzVNsfynlvld6qKEGf8RdoS4Aas8WcMFwm/nuv22slsdFXoXFXU9HTrAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAEA9oSzfIM1KQO3lDDj+cBFVAlFd4iZsmYQVkYxlPu7ipRGJfve3I7hSTVUisy499ybVWpZuhAgNASwD0Tf4dwJeRer8c5EuK7yhbkLQ4PiAb3Um75G7zwQhHEGG8Mb+N+cpSVyI3P4gNcEBIND9ilO/nj4qDpB9AaDal2rALG9tC1Rh/0rgmbv0Y1Bm5n5quGem4kwZl0SvVfuPc7TAi1bY5fwK0eEQSLWsoT/+ZWc/eqDPWZMihF+lKjXHdWwPW9hGwbgHQTP8c+35au7x5H30subU1UqzhpqzJF8fkGyd4QiAdD0hbfPRNf2MIy2aKeP1afWnBcH15teMo+eQ7Vo=" ],
"priority" : [ "100" ],
"algorithm" : [ "RSA-OAEP" ]
}
}, {
"id" : "a5915b2a-8b94-446d-8209-05a6a1993442",
"name" : "rsa-generated",
"providerId" : "rsa-generated",
"subComponents" : { },
"config" : {
"privateKey" : [ "MIIEogIBAAKCAQEAlKbQCmhCAS3tCnth6DkcmNyz3SMe5AxVrX8KZuC9du35o7LqUe3Uec09KxA0YXmppcnm2rahe0PhWpOyK53NZcnyVaDBVfKa3QDtx+6ROWWHGdTMKEvaZQ+zRF8TKMstNA83OxQdxAFQykfWz6tWHmoS9pb3XQ/gGWhrWlK4z4/NhddeVlAl3vkAhVKa/7npE/c5T8VPNRnB3f2tbPfZZlTTDZIm3cxXYDR5IRGy5wGqHUhcpAfg4G4D6s6D9mMESuEWWQnVSYUWpOr6ugOISq8Xp2ys1ds7aQD/fako89iUtodCkYyUJpHzw4OlAqrhE63RR4lAmN76wyGcAnLtoQIDAQABAoIBAG5HLnF6FPVhB8hN7j1kGSYCHWFBi8osqGcUpzfZJFWViCx8L79mC8nsi6Nl2yYxJrz6gsvgzv1uR0F17qjS4azQ23nQz30ehOrNpJk9D/mfq1Frf6WpWDS/KAPh8InD6R4E57lpXAer3i6iiub3OeVIVhcfuhUNEPhocbPJSJeZ+p2D+NsrJjw2lnG2C2RiFg/ae0BaAk72YafDTbrXySc+xohIp/7oYQAiFJ7gYxUSS94UzDma9PvlGJaBmor7vNZpruAPYjVMmvARSPavmWQ3rV/0SKqR/MG20hOBh00faKxefvO2rQ5RZRQPrKAVoiCFPY7QUMyf0Es3FhqpfF0CgYEAx8UizVR/tS4/IihvaBxSTxc6pyl5UGRmIfHqrsrtES5L0u8G6BLLI3lRu6Y0fd0F/Spz7e8m5BulisdmI56fh6sreBDxAtslE3rMrBLWl9fY4Ur3fJZsN4+761PL3tqJYCRkx8KDvaGOh9ba71sdngrHyUE+PIhM/S1D3JRpjasCgYEAvn455qdiu5mHCbYpCfaOzODCLZNSTh44kX0lx3SsJYL6eWyLhzSbMNWwOZNqsIV/YqlvzZ0kLoRrBRBgoBf0pVSC1kKA8yLsIoA2WAEsslapPLfuPiOF/zYgwO+4Z/daqfxhMdAdq1JvwB8ec5h9xm1x/yLhNYXzBbnCNpEZ7eMCgYAHYsN5ofEiyrXs1l/gEoP8hphVi9P/Y+bexGnv0nLXWsXU4592vxMhmZ+q92cjbCOHi6VDm77tWhRRwDOHh5rQUkTGKKIwf9esE7MzfXLPpFxRYAssYQdZOogxGCUGdT/0/QN42zkxrqJtZUUs6kp7CF0AlNfvNv7ZsW273wTUBwKBgEAYMp00JtleX/xZiVdr2UKAQXWaQzA7pOb3B9YjoKSCfIqMhin4/lqhG8lTm6tHT8Q/pHm3bOwl6+hpSUm0pcFXPSqgd8jXMEKvhxl3U7WxyQHAFW5c/4IOkVi5j/+TT7MwUveywbjaZPVsww87+N3iB2BEOSiMKGf9x6YajnHnAoGAa5dfz7t8mB/0mMyzqk9a5sWNY5+3OtONBe8LCLVc49MZZCMWNIsM9V9Pb2KtbptPy8tKkgzCHLnLgFhfKSv+ArB39PyH2UFYZWZOBOfU8iZIJQ860YXyK4KXmdO43cqTXREnFL1LWRHNo3lWX0mOq3MXc7JvaTTt6Urlkau7poc=" ],
"keyUse" : [ "SIG" ],
"certificate" : [ "MIICoTCCAYkCBgGEFBCy0jANBgkqhkiG9w0BAQsFADAUMRIwEAYDVQQDDAl3b3Jrc3BhY2UwHhcNMjIxMDI2MTEzMDQ5WhcNMzIxMDI2MTEzMjI5WjAUMRIwEAYDVQQDDAl3b3Jrc3BhY2UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCUptAKaEIBLe0Ke2HoORyY3LPdIx7kDFWtfwpm4L127fmjsupR7dR5zT0rEDRheamlyebatqF7Q+Fak7Irnc1lyfJVoMFV8prdAO3H7pE5ZYcZ1MwoS9plD7NEXxMoyy00Dzc7FB3EAVDKR9bPq1YeahL2lvddD+AZaGtaUrjPj82F115WUCXe+QCFUpr/uekT9zlPxU81GcHd/a1s99lmVNMNkibdzFdgNHkhEbLnAaodSFykB+DgbgPqzoP2YwRK4RZZCdVJhRak6vq6A4hKrxenbKzV2ztpAP99qSjz2JS2h0KRjJQmkfPDg6UCquETrdFHiUCY3vrDIZwCcu2hAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAGftTJ9CvjZnkOgKx8QZuDwmT5FfSUQMSsVmWDML8+HUGT/t/ZYYebLXqSVu1ig6G+LL96wxAWeWhZegB3cIkbpCJy6Fr0GRVMpbagB5/hHyF+mHJ4rRV/b/N5+cCcxFEllp2KUW9wLSJPoHKwL66Xias9MMr+AyaHKvWU5oA5tNPl1ljeu/kIYVCB03r/KsAjyGW4dC7zsbdMMVpKNhZI5KfydwSH40zHZCOSXXutaBYefare2MhrV0juX+yoCeuAJLK7dHNqeeDZOHo/Vqip+XFSDR5UkjmpjTrLquiVnFwvKG1yk9AO8rM/PwKR/t5L60cpsW3+96hVjjOkkMrZ8=" ],
"priority" : [ "100" ]
}
}, {
"id" : "a6fdf757-aaf5-4996-ac42-a161505b5b8b",
"name" : "hmac-generated",
"providerId" : "hmac-generated",
"subComponents" : { },
"config" : {
"kid" : [ "3b241b88-b87f-4d01-bfd0-4c4bf8da41b5" ],
"secret" : [ "xfFIz9tJIM2BFlnvEfFg1ZcNCJJh14LYKGWQIFW-fHNKrHv18MnCWzb4xAEe2IGK2diRUE7BifyZYGppAc2Cig" ],
"priority" : [ "100" ],
"algorithm" : [ "HS256" ]
}
}, {
"id" : "b51a7097-8ceb-4775-bbb0-8415c19b02b1",
"name" : "aes-generated",
"providerId" : "aes-generated",
"subComponents" : { },
"config" : {
"kid" : [ "1925490f-36b6-404e-8ae8-1f92d4f0425e" ],
"secret" : [ "oIx5m32a854CgZ7ZFPtIJA" ],
"priority" : [ "100" ]
}
} ]
},
"internationalizationEnabled" : false,
"supportedLocales" : [ ],
"authenticationFlows" : [ {
"id" : "7631336c-e417-4ecc-a59d-122821b3ce81",
"alias" : "Account verification options",
"description" : "Method with which to verity the existing account",
"providerId" : "basic-flow",
"topLevel" : false,
"builtIn" : true,
"authenticationExecutions" : [ {
"authenticator" : "idp-email-verification",
"authenticatorFlow" : false,
"requirement" : "ALTERNATIVE",
"priority" : 10,
"autheticatorFlow" : false,
"userSetupAllowed" : false
}, {
"authenticatorFlow" : true,
"requirement" : "ALTERNATIVE",
"priority" : 20,
"autheticatorFlow" : true,
"flowAlias" : "Verify Existing Account by Re-authentication",
"userSetupAllowed" : false
} ]
}, {
"id" : "258c2127-3a30-4bab-853f-a587530c3b9b",
"alias" : "Authentication Options",
"description" : "Authentication options.",
"providerId" : "basic-flow",
"topLevel" : false,
"builtIn" : true,
"authenticationExecutions" : [ {
"authenticator" : "basic-auth",
"authenticatorFlow" : false,
"requirement" : "REQUIRED",
"priority" : 10,
"autheticatorFlow" : false,
"userSetupAllowed" : false
}, {
"authenticator" : "basic-auth-otp",
"authenticatorFlow" : false,
"requirement" : "DISABLED",
"priority" : 20,
"autheticatorFlow" : false,
"userSetupAllowed" : false
}, {
"authenticator" : "auth-spnego",
"authenticatorFlow" : false,
"requirement" : "DISABLED",
"priority" : 30,
"autheticatorFlow" : false,
"userSetupAllowed" : false
} ]
}, {
"id" : "7d81a6d9-4d03-4e62-b88f-1120567c2011",
"alias" : "Browser - Conditional OTP",
"description" : "Flow to determine if the OTP is required for the authentication",
"providerId" : "basic-flow",
"topLevel" : false,
"builtIn" : true,
"authenticationExecutions" : [ {
"authenticator" : "conditional-user-configured",
"authenticatorFlow" : false,
"requirement" : "REQUIRED",
"priority" : 10,
"autheticatorFlow" : false,
"userSetupAllowed" : false
}, {
"authenticator" : "auth-otp-form",
"authenticatorFlow" : false,
"requirement" : "REQUIRED",
"priority" : 20,
"autheticatorFlow" : false,
"userSetupAllowed" : false
} ]
}, {
"id" : "11faf1fe-3295-49a1-930f-ba3325a660ab",
"alias" : "Direct Grant - Conditional OTP",
"description" : "Flow to determine if the OTP is required for the authentication",
"providerId" : "basic-flow",
"topLevel" : false,
"builtIn" : true,
"authenticationExecutions" : [ {
"authenticator" : "conditional-user-configured",
"authenticatorFlow" : false,
"requirement" : "REQUIRED",
"priority" : 10,
"autheticatorFlow" : false,
"userSetupAllowed" : false
}, {
"authenticator" : "direct-grant-validate-otp",
"authenticatorFlow" : false,
"requirement" : "REQUIRED",
"priority" : 20,
"autheticatorFlow" : false,
"userSetupAllowed" : false
} ]
}, {
"id" : "15650875-afc5-453f-93a0-d583128f3290",
"alias" : "First broker login - Conditional OTP",
"description" : "Flow to determine if the OTP is required for the authentication",
"providerId" : "basic-flow",
"topLevel" : false,
"builtIn" : true,
"authenticationExecutions" : [ {
"authenticator" : "conditional-user-configured",
"authenticatorFlow" : false,
"requirement" : "REQUIRED",
"priority" : 10,
"autheticatorFlow" : false,
"userSetupAllowed" : false
}, {
"authenticator" : "auth-otp-form",
"authenticatorFlow" : false,
"requirement" : "REQUIRED",
"priority" : 20,
"autheticatorFlow" : false,
"userSetupAllowed" : false
} ]
}, {
"id" : "f0b232a5-e235-4f22-be36-143e6481a2dc",
"alias" : "Handle Existing Account",
"description" : "Handle what to do if there is existing account with same email/username like authenticated identity provider",
"providerId" : "basic-flow",
"topLevel" : false,
"builtIn" : true,
"authenticationExecutions" : [ {
"authenticator" : "idp-confirm-link",
"authenticatorFlow" : false,
"requirement" : "REQUIRED",
"priority" : 10,
"autheticatorFlow" : false,
"userSetupAllowed" : false
}, {
"authenticatorFlow" : true,
"requirement" : "REQUIRED",
"priority" : 20,
"autheticatorFlow" : true,
"flowAlias" : "Account verification options",
"userSetupAllowed" : false
} ]
}, {
"id" : "7603e3d5-c254-4540-a9f0-df264476848f",
"alias" : "Reset - Conditional OTP",
"description" : "Flow to determine if the OTP should be reset or not. Set to REQUIRED to force.",
"providerId" : "basic-flow",
"topLevel" : false,
"builtIn" : true,
"authenticationExecutions" : [ {
"authenticator" : "conditional-user-configured",
"authenticatorFlow" : false,
"requirement" : "REQUIRED",
"priority" : 10,
"autheticatorFlow" : false,
"userSetupAllowed" : false
}, {
"authenticator" : "reset-otp",
"authenticatorFlow" : false,
"requirement" : "REQUIRED",
"priority" : 20,
"autheticatorFlow" : false,
"userSetupAllowed" : false
} ]
}, {
"id" : "59742bbc-7b18-41d5-8c86-c7c8004fd608",
"alias" : "User creation or linking",
"description" : "Flow for the existing/non-existing user alternatives",
"providerId" : "basic-flow",
"topLevel" : false,
"builtIn" : true,
"authenticationExecutions" : [ {
"authenticatorConfig" : "create unique user config",
"authenticator" : "idp-create-user-if-unique",
"authenticatorFlow" : false,
"requirement" : "ALTERNATIVE",
"priority" : 10,
"autheticatorFlow" : false,
"userSetupAllowed" : false
}, {
"authenticatorFlow" : true,
"requirement" : "ALTERNATIVE",
"priority" : 20,
"autheticatorFlow" : true,
"flowAlias" : "Handle Existing Account",
"userSetupAllowed" : false
} ]
}, {
"id" : "14d3d5f1-d181-4265-b921-b573d80d3a6e",
"alias" : "Verify Existing Account by Re-authentication",
"description" : "Reauthentication of existing account",
"providerId" : "basic-flow",
"topLevel" : false,
"builtIn" : true,
"authenticationExecutions" : [ {
"authenticator" : "idp-username-password-form",
"authenticatorFlow" : false,
"requirement" : "REQUIRED",
"priority" : 10,
"autheticatorFlow" : false,
"userSetupAllowed" : false
}, {
"authenticatorFlow" : true,
"requirement" : "CONDITIONAL",
"priority" : 20,
"autheticatorFlow" : true,
"flowAlias" : "First broker login - Conditional OTP",
"userSetupAllowed" : false
} ]
}, {
"id" : "43e280fc-b6d6-4eed-906f-6e312abdb664",
"alias" : "browser",
"description" : "browser based authentication",
"providerId" : "basic-flow",
"topLevel" : true,
"builtIn" : true,
"authenticationExecutions" : [ {
"authenticator" : "auth-cookie",
"authenticatorFlow" : false,
"requirement" : "ALTERNATIVE",
"priority" : 10,
"autheticatorFlow" : false,
"userSetupAllowed" : false
}, {
"authenticator" : "auth-spnego",
"authenticatorFlow" : false,
"requirement" : "DISABLED",
"priority" : 20,
"autheticatorFlow" : false,
"userSetupAllowed" : false
}, {
"authenticator" : "identity-provider-redirector",
"authenticatorFlow" : false,
"requirement" : "ALTERNATIVE",
"priority" : 25,
"autheticatorFlow" : false,
"userSetupAllowed" : false
}, {
"authenticatorFlow" : true,
"requirement" : "ALTERNATIVE",
"priority" : 30,
"autheticatorFlow" : true,
"flowAlias" : "forms",
"userSetupAllowed" : false
} ]
}, {
"id" : "50c732b5-f9de-4d1d-ad6f-b502ad85fcd0",
"alias" : "clients",
"description" : "Base authentication for clients",
"providerId" : "client-flow",
"topLevel" : true,
"builtIn" : true,
"authenticationExecutions" : [ {
"authenticator" : "client-secret",
"authenticatorFlow" : false,
"requirement" : "ALTERNATIVE",
"priority" : 10,
"autheticatorFlow" : false,
"userSetupAllowed" : false
}, {
"authenticator" : "client-jwt",
"authenticatorFlow" : false,
"requirement" : "ALTERNATIVE",
"priority" : 20,
"autheticatorFlow" : false,
"userSetupAllowed" : false
}, {
"authenticator" : "client-secret-jwt",
"authenticatorFlow" : false,
"requirement" : "ALTERNATIVE",
"priority" : 30,
"autheticatorFlow" : false,
"userSetupAllowed" : false
}, {
"authenticator" : "client-x509",
"authenticatorFlow" : false,
"requirement" : "ALTERNATIVE",
"priority" : 40,
"autheticatorFlow" : false,
"userSetupAllowed" : false
} ]
}, {
"id" : "4a4ecd57-0047-4916-89d1-a8b86850d648",
"alias" : "direct grant",
"description" : "OpenID Connect Resource Owner Grant",
"providerId" : "basic-flow",
"topLevel" : true,
"builtIn" : true,
"authenticationExecutions" : [ {
"authenticator" : "direct-grant-validate-username",
"authenticatorFlow" : false,
"requirement" : "REQUIRED",
"priority" : 10,
"autheticatorFlow" : false,
"userSetupAllowed" : false
}, {
"authenticator" : "direct-grant-validate-password",
"authenticatorFlow" : false,
"requirement" : "REQUIRED",
"priority" : 20,
"autheticatorFlow" : false,
"userSetupAllowed" : false
}, {
"authenticatorFlow" : true,
"requirement" : "CONDITIONAL",
"priority" : 30,
"autheticatorFlow" : true,
"flowAlias" : "Direct Grant - Conditional OTP",
"userSetupAllowed" : false
} ]
}, {
"id" : "ca557f1e-8863-4f62-aa3f-b5ee357b1bfb",
"alias" : "docker auth",
"description" : "Used by Docker clients to authenticate against the IDP",
"providerId" : "basic-flow",
"topLevel" : true,
"builtIn" : true,
"authenticationExecutions" : [ {
"authenticator" : "docker-http-basic-authenticator",
"authenticatorFlow" : false,
"requirement" : "REQUIRED",
"priority" : 10,
"autheticatorFlow" : false,
"userSetupAllowed" : false
} ]
}, {
"id" : "12c8619b-953e-47cb-be0c-91c23104e11a",
"alias" : "first broker login",
"description" : "Actions taken after first broker login with identity provider account, which is not yet linked to any Keycloak account",
"providerId" : "basic-flow",
"topLevel" : true,
"builtIn" : true,
"authenticationExecutions" : [ {
"authenticatorConfig" : "review profile config",
"authenticator" : "idp-review-profile",
"authenticatorFlow" : false,
"requirement" : "REQUIRED",
"priority" : 10,
"autheticatorFlow" : false,
"userSetupAllowed" : false
}, {
"authenticatorFlow" : true,
"requirement" : "REQUIRED",
"priority" : 20,
"autheticatorFlow" : true,
"flowAlias" : "User creation or linking",
"userSetupAllowed" : false
} ]
}, {
"id" : "ced73c79-5847-49ec-abb6-0c2481d65d76",
"alias" : "forms",
"description" : "Username, password, otp and other auth forms.",
"providerId" : "basic-flow",
"topLevel" : false,
"builtIn" : true,
"authenticationExecutions" : [ {
"authenticator" : "auth-username-password-form",
"authenticatorFlow" : false,
"requirement" : "REQUIRED",
"priority" : 10,
"autheticatorFlow" : false,
"userSetupAllowed" : false
}, {
"authenticatorFlow" : true,
"requirement" : "CONDITIONAL",
"priority" : 20,
"autheticatorFlow" : true,
"flowAlias" : "Browser - Conditional OTP",
"userSetupAllowed" : false
} ]
}, {
"id" : "5f7fe35f-a018-483b-9501-c7fafeb6cd69",
"alias" : "http challenge",
"description" : "An authentication flow based on challenge-response HTTP Authentication Schemes",
"providerId" : "basic-flow",
"topLevel" : true,
"builtIn" : true,
"authenticationExecutions" : [ {
"authenticator" : "no-cookie-redirect",
"authenticatorFlow" : false,
"requirement" : "REQUIRED",
"priority" : 10,
"autheticatorFlow" : false,
"userSetupAllowed" : false
}, {
"authenticatorFlow" : true,
"requirement" : "REQUIRED",
"priority" : 20,
"autheticatorFlow" : true,
"flowAlias" : "Authentication Options",
"userSetupAllowed" : false
} ]
}, {
"id" : "9a37cda7-731f-448b-87ee-7700080ac7a2",
"alias" : "registration",
"description" : "registration flow",
"providerId" : "basic-flow",
"topLevel" : true,
"builtIn" : true,
"authenticationExecutions" : [ {
"authenticator" : "registration-page-form",
"authenticatorFlow" : true,
"requirement" : "REQUIRED",
"priority" : 10,
"autheticatorFlow" : true,
"flowAlias" : "registration form",
"userSetupAllowed" : false
} ]
}, {
"id" : "719fbc94-8477-4e26-b383-dbe06780d14e",
"alias" : "registration form",
"description" : "registration form",
"providerId" : "form-flow",
"topLevel" : false,
"builtIn" : true,
"authenticationExecutions" : [ {
"authenticator" : "registration-user-creation",
"authenticatorFlow" : false,
"requirement" : "REQUIRED",
"priority" : 20,
"autheticatorFlow" : false,
"userSetupAllowed" : false
}, {
"authenticator" : "registration-profile-action",
"authenticatorFlow" : false,
"requirement" : "REQUIRED",
"priority" : 40,
"autheticatorFlow" : false,
"userSetupAllowed" : false
}, {
"authenticator" : "registration-password-action",
"authenticatorFlow" : false,
"requirement" : "REQUIRED",
"priority" : 50,
"autheticatorFlow" : false,
"userSetupAllowed" : false
}, {
"authenticator" : "registration-recaptcha-action",
"authenticatorFlow" : false,
"requirement" : "DISABLED",
"priority" : 60,
"autheticatorFlow" : false,
"userSetupAllowed" : false
} ]
}, {
"id" : "3d9f5eeb-752c-4720-935e-8e810eec6aaf",
"alias" : "reset credentials",
"description" : "Reset credentials for a user if they forgot their password or something",
"providerId" : "basic-flow",
"topLevel" : true,
"builtIn" : true,
"authenticationExecutions" : [ {
"authenticator" : "reset-credentials-choose-user",
"authenticatorFlow" : false,
"requirement" : "REQUIRED",
"priority" : 10,
"autheticatorFlow" : false,
"userSetupAllowed" : false
}, {
"authenticator" : "reset-credential-email",
"authenticatorFlow" : false,
"requirement" : "REQUIRED",
"priority" : 20,
"autheticatorFlow" : false,
"userSetupAllowed" : false
}, {
"authenticator" : "reset-password",
"authenticatorFlow" : false,
"requirement" : "REQUIRED",
"priority" : 30,
"autheticatorFlow" : false,
"userSetupAllowed" : false
}, {
"authenticatorFlow" : true,
"requirement" : "CONDITIONAL",
"priority" : 40,
"autheticatorFlow" : true,
"flowAlias" : "Reset - Conditional OTP",
"userSetupAllowed" : false
} ]
}, {
"id" : "57386993-0407-43eb-8994-cb9b50a6386a",
"alias" : "saml ecp",
"description" : "SAML ECP Profile Authentication Flow",
"providerId" : "basic-flow",
"topLevel" : true,
"builtIn" : true,
"authenticationExecutions" : [ {
"authenticator" : "http-basic-authenticator",
"authenticatorFlow" : false,
"requirement" : "REQUIRED",
"priority" : 10,
"autheticatorFlow" : false,
"userSetupAllowed" : false
} ]
} ],
"authenticatorConfig" : [ {
"id" : "377719f3-5189-411a-8900-791c5323f058",
"alias" : "create unique user config",
"config" : {
"require.password.update.after.registration" : "false"
}
}, {
"id" : "2cf372e5-ad11-402c-a4b7-ce4c59dd44e1",
"alias" : "review profile config",
"config" : {
"update.profile.on.first.login" : "missing"
}
} ],
"requiredActions" : [ {
"alias" : "CONFIGURE_TOTP",
"name" : "Configure OTP",
"providerId" : "CONFIGURE_TOTP",
"enabled" : true,
"defaultAction" : false,
"priority" : 10,
"config" : { }
}, {
"alias" : "terms_and_conditions",
"name" : "Terms and Conditions",
"providerId" : "terms_and_conditions",
"enabled" : false,
"defaultAction" : false,
"priority" : 20,
"config" : { }
}, {
"alias" : "UPDATE_PASSWORD",
"name" : "Update Password",
"providerId" : "UPDATE_PASSWORD",
"enabled" : true,
"defaultAction" : false,
"priority" : 30,
"config" : { }
}, {
"alias" : "UPDATE_PROFILE",
"name" : "Update Profile",
"providerId" : "UPDATE_PROFILE",
"enabled" : true,
"defaultAction" : false,
"priority" : 40,
"config" : { }
}, {
"alias" : "VERIFY_EMAIL",
"name" : "Verify Email",
"providerId" : "VERIFY_EMAIL",
"enabled" : true,
"defaultAction" : false,
"priority" : 50,
"config" : { }
}, {
"alias" : "delete_account",
"name" : "Delete Account",
"providerId" : "delete_account",
"enabled" : false,
"defaultAction" : false,
"priority" : 60,
"config" : { }
}, {
"alias" : "update_user_locale",
"name" : "Update User Locale",
"providerId" : "update_user_locale",
"enabled" : true,
"defaultAction" : false,
"priority" : 1000,
"config" : { }
} ],
"browserFlow" : "browser",
"registrationFlow" : "registration",
"directGrantFlow" : "direct grant",
"resetCredentialsFlow" : "reset credentials",
"clientAuthenticationFlow" : "clients",
"dockerAuthenticationFlow" : "docker auth",
"attributes" : {
"cibaBackchannelTokenDeliveryMode" : "poll",
"cibaExpiresIn" : "120",
"cibaAuthRequestedUserHint" : "login_hint",
"oauth2DeviceCodeLifespan" : "600",
"oauth2DevicePollingInterval" : "5",
"parRequestUriLifespan" : "60",
"cibaInterval" : "5"
},
"keycloakVersion" : "18.0.0",
"userManagedAccessAllowed" : false,
"clientProfiles" : {
"profiles" : [ ]
},
"clientPolicies" : {
"policies" : [ ]
}
}
\ No newline at end of file
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment