| { |
| "id": "example-app", |
| "realm": "example-app", |
| "notBefore": 1588583005, |
| "revokeRefreshToken": false, |
| "refreshTokenMaxReuse": 0, |
| "accessTokenLifespan": 300, |
| "accessTokenLifespanForImplicitFlow": 900, |
| "ssoSessionIdleTimeout": 1800, |
| "ssoSessionMaxLifespan": 36000, |
| "ssoSessionIdleTimeoutRememberMe": 0, |
| "ssoSessionMaxLifespanRememberMe": 0, |
| "offlineSessionIdleTimeout": 2592000, |
| "offlineSessionMaxLifespanEnabled": false, |
| "offlineSessionMaxLifespan": 5184000, |
| "clientSessionIdleTimeout": 0, |
| "clientSessionMaxLifespan": 0, |
| "accessCodeLifespan": 60, |
| "accessCodeLifespanUserAction": 300, |
| "accessCodeLifespanLogin": 1800, |
| "actionTokenGeneratedByAdminLifespan": 43200, |
| "actionTokenGeneratedByUserLifespan": 300, |
| "enabled": true, |
| "sslRequired": "external", |
| "registrationAllowed": false, |
| "registrationEmailAsUsername": false, |
| "rememberMe": false, |
| "verifyEmail": false, |
| "loginWithEmailAllowed": true, |
| "duplicateEmailsAllowed": false, |
| "resetPasswordAllowed": false, |
| "editUsernameAllowed": false, |
| "bruteForceProtected": false, |
| "permanentLockout": false, |
| "maxFailureWaitSeconds": 900, |
| "minimumQuickLoginWaitSeconds": 60, |
| "waitIncrementSeconds": 60, |
| "quickLoginCheckMilliSeconds": 1000, |
| "maxDeltaTimeSeconds": 43200, |
| "failureFactor": 30, |
| "roles": { |
| "realm": [ |
| { |
| "id": "ed4973b7-d534-41a0-967c-e3dfebd8207e", |
| "name": "role01", |
| "composite": false, |
| "clientRole": false, |
| "containerId": "example-app", |
| "attributes": {} |
| }, |
| { |
| "id": "736f62aa-117d-4407-b44a-d2a0284a3c91", |
| "name": "role02", |
| "composite": true, |
| "composites": { |
| "realm": [ |
| "role01" |
| ] |
| }, |
| "clientRole": false, |
| "containerId": "example-app", |
| "attributes": {} |
| } |
| ], |
| "client": { |
| "example-service": [] |
| } |
| }, |
| "groups": [], |
| "requiredCredentials": [ |
| "password" |
| ], |
| "otpPolicyType": "totp", |
| "otpPolicyAlgorithm": "HmacSHA1", |
| "otpPolicyInitialCounter": 0, |
| "otpPolicyDigits": 6, |
| "otpPolicyLookAheadWindow": 1, |
| "otpPolicyPeriod": 30, |
| "otpSupportedApplications": [ |
| "FreeOTP", |
| "Google Authenticator" |
| ], |
| "webAuthnPolicyRpEntityName": "keycloak", |
| "webAuthnPolicySignatureAlgorithms": [ |
| "ES256" |
| ], |
| "webAuthnPolicyRpId": "", |
| "webAuthnPolicyAttestationConveyancePreference": "not specified", |
| "webAuthnPolicyAuthenticatorAttachment": "not specified", |
| "webAuthnPolicyRequireResidentKey": "not specified", |
| "webAuthnPolicyUserVerificationRequirement": "not specified", |
| "webAuthnPolicyCreateTimeout": 0, |
| "webAuthnPolicyAvoidSameAuthenticatorRegister": false, |
| "webAuthnPolicyAcceptableAaguids": [], |
| "webAuthnPolicyPasswordlessRpEntityName": "keycloak", |
| "webAuthnPolicyPasswordlessSignatureAlgorithms": [ |
| "ES256" |
| ], |
| "webAuthnPolicyPasswordlessRpId": "", |
| "webAuthnPolicyPasswordlessAttestationConveyancePreference": "not specified", |
| "webAuthnPolicyPasswordlessAuthenticatorAttachment": "not specified", |
| "webAuthnPolicyPasswordlessRequireResidentKey": "not specified", |
| "webAuthnPolicyPasswordlessUserVerificationRequirement": "not specified", |
| "webAuthnPolicyPasswordlessCreateTimeout": 0, |
| "webAuthnPolicyPasswordlessAvoidSameAuthenticatorRegister": false, |
| "webAuthnPolicyPasswordlessAcceptableAaguids": [], |
| "clients": [ |
| { |
| "id": "dcbf9fae-af09-4157-9fdb-a4fcf397ef90", |
| "clientId": "example-service", |
| "rootUrl": "http://localhost:8082", |
| "adminUrl": "http://localhost:8082", |
| "surrogateAuthRequired": false, |
| "enabled": true, |
| "alwaysDisplayInConsole": false, |
| "clientAuthenticatorType": "client-secret", |
| "secret": "**********", |
| "redirectUris": [ |
| "http://localhost:8082/*" |
| ], |
| "webOrigins": [ |
| "http://localhost:8082" |
| ], |
| "notBefore": 0, |
| "bearerOnly": false, |
| "consentRequired": false, |
| "standardFlowEnabled": true, |
| "implicitFlowEnabled": false, |
| "directAccessGrantsEnabled": true, |
| "serviceAccountsEnabled": false, |
| "publicClient": false, |
| "frontchannelLogout": false, |
| "protocol": "openid-connect", |
| "attributes": { |
| "saml.assertion.signature": "false", |
| "saml.force.post.binding": "false", |
| "saml.multivalued.roles": "false", |
| "saml.encrypt": "false", |
| "saml.server.signature": "false", |
| "saml.server.signature.keyinfo.ext": "false", |
| "exclude.session.state.from.auth.response": "false", |
| "saml_force_name_id_format": "false", |
| "saml.client.signature": "false", |
| "tls.client.certificate.bound.access.tokens": "false", |
| "saml.authnstatement": "false", |
| "display.on.consent.screen": "false", |
| "saml.onetimeuse.condition": "false" |
| }, |
| "authenticationFlowBindingOverrides": {}, |
| "fullScopeAllowed": true, |
| "nodeReRegistrationTimeout": -1, |
| "defaultClientScopes": [ |
| "web-origins", |
| "role_list", |
| "profile", |
| "roles", |
| "email" |
| ], |
| "optionalClientScopes": [ |
| "address", |
| "phone", |
| "offline_access", |
| "microprofile-jwt" |
| ] |
| } |
| ], |
| "clientScopes": [ |
| { |
| "id": "4613b45b-43cc-4d12-9698-5998ea91f9ad", |
| "name": "offline_access", |
| "description": "OpenID Connect built-in scope: offline_access", |
| "protocol": "openid-connect", |
| "attributes": { |
| "consent.screen.text": "${offlineAccessScopeConsentText}", |
| "display.on.consent.screen": "true" |
| } |
| }, |
| { |
| "id": "115bbed1-0397-46ae-9ae0-5a811a80b069", |
| "name": "role_list", |
| "description": "SAML role list", |
| "protocol": "saml", |
| "attributes": { |
| "consent.screen.text": "${samlRoleListScopeConsentText}", |
| "display.on.consent.screen": "true" |
| }, |
| "protocolMappers": [ |
| { |
| "id": "669b328e-ae89-49b2-a8a9-1d87904d2b34", |
| "name": "role list", |
| "protocol": "saml", |
| "protocolMapper": "saml-role-list-mapper", |
| "consentRequired": false, |
| "config": { |
| "single": "false", |
| "attribute.nameformat": "Basic", |
| "attribute.name": "Role" |
| } |
| } |
| ] |
| }, |
| { |
| "id": "3d472ff0-eee5-4160-ab33-18ee54b8579c", |
| "name": "profile", |
| "description": "OpenID Connect built-in scope: profile", |
| "protocol": "openid-connect", |
| "attributes": { |
| "include.in.token.scope": "true", |
| "display.on.consent.screen": "true", |
| "consent.screen.text": "${profileScopeConsentText}" |
| }, |
| "protocolMappers": [ |
| { |
| "id": "ae351f2a-8e41-4bca-9433-8286bf3f1b13", |
| "name": "nickname", |
| "protocol": "openid-connect", |
| "protocolMapper": "oidc-usermodel-attribute-mapper", |
| "consentRequired": false, |
| "config": { |
| "userinfo.token.claim": "true", |
| "user.attribute": "nickname", |
| "id.token.claim": "true", |
| "access.token.claim": "true", |
| "claim.name": "nickname", |
| "jsonType.label": "String" |
| } |
| }, |
| { |
| "id": "fe209240-0a1c-4947-a044-3a36a742e8fc", |
| "name": "picture", |
| "protocol": "openid-connect", |
| "protocolMapper": "oidc-usermodel-attribute-mapper", |
| "consentRequired": false, |
| "config": { |
| "userinfo.token.claim": "true", |
| "user.attribute": "picture", |
| "id.token.claim": "true", |
| "access.token.claim": "true", |
| "claim.name": "picture", |
| "jsonType.label": "String" |
| } |
| }, |
| { |
| "id": "0bd9713f-e06b-4a37-a810-91b86d9cbf39", |
| "name": "given name", |
| "protocol": "openid-connect", |
| "protocolMapper": "oidc-usermodel-property-mapper", |
| "consentRequired": false, |
| "config": { |
| "userinfo.token.claim": "true", |
| "user.attribute": "firstName", |
| "id.token.claim": "true", |
| "access.token.claim": "true", |
| "claim.name": "given_name", |
| "jsonType.label": "String" |
| } |
| }, |
| { |
| "id": "f4928484-d2e2-403d-846a-d098559d1e62", |
| "name": "middle name", |
| "protocol": "openid-connect", |
| "protocolMapper": "oidc-usermodel-attribute-mapper", |
| "consentRequired": false, |
| "config": { |
| "userinfo.token.claim": "true", |
| "user.attribute": "middleName", |
| "id.token.claim": "true", |
| "access.token.claim": "true", |
| "claim.name": "middle_name", |
| "jsonType.label": "String" |
| } |
| }, |
| { |
| "id": "c1b8ed4a-ec62-44ed-80f8-32805b817e3c", |
| "name": "username", |
| "protocol": "openid-connect", |
| "protocolMapper": "oidc-usermodel-property-mapper", |
| "consentRequired": false, |
| "config": { |
| "userinfo.token.claim": "true", |
| "user.attribute": "username", |
| "id.token.claim": "true", |
| "access.token.claim": "true", |
| "claim.name": "preferred_username", |
| "jsonType.label": "String" |
| } |
| }, |
| { |
| "id": "24cd73d4-0e90-4481-93f8-30c260163fc2", |
| "name": "website", |
| "protocol": "openid-connect", |
| "protocolMapper": "oidc-usermodel-attribute-mapper", |
| "consentRequired": false, |
| "config": { |
| "userinfo.token.claim": "true", |
| "user.attribute": "website", |
| "id.token.claim": "true", |
| "access.token.claim": "true", |
| "claim.name": "website", |
| "jsonType.label": "String" |
| } |
| }, |
| { |
| "id": "2035719a-5238-4cc4-b575-1aabf8b1b176", |
| "name": "locale", |
| "protocol": "openid-connect", |
| "protocolMapper": "oidc-usermodel-attribute-mapper", |
| "consentRequired": false, |
| "config": { |
| "userinfo.token.claim": "true", |
| "user.attribute": "locale", |
| "id.token.claim": "true", |
| "access.token.claim": "true", |
| "claim.name": "locale", |
| "jsonType.label": "String" |
| } |
| }, |
| { |
| "id": "2d449944-19c4-4c02-afb3-0f1990f9004a", |
| "name": "birthdate", |
| "protocol": "openid-connect", |
| "protocolMapper": "oidc-usermodel-attribute-mapper", |
| "consentRequired": false, |
| "config": { |
| "userinfo.token.claim": "true", |
| "user.attribute": "birthdate", |
| "id.token.claim": "true", |
| "access.token.claim": "true", |
| "claim.name": "birthdate", |
| "jsonType.label": "String" |
| } |
| }, |
| { |
| "id": "fb3e961b-635c-4127-9783-44de5e826c16", |
| "name": "profile", |
| "protocol": "openid-connect", |
| "protocolMapper": "oidc-usermodel-attribute-mapper", |
| "consentRequired": false, |
| "config": { |
| "userinfo.token.claim": "true", |
| "user.attribute": "profile", |
| "id.token.claim": "true", |
| "access.token.claim": "true", |
| "claim.name": "profile", |
| "jsonType.label": "String" |
| } |
| }, |
| { |
| "id": "ff64a730-7f89-4a1b-b1b4-0e371c94baf7", |
| "name": "family name", |
| "protocol": "openid-connect", |
| "protocolMapper": "oidc-usermodel-property-mapper", |
| "consentRequired": false, |
| "config": { |
| "userinfo.token.claim": "true", |
| "user.attribute": "lastName", |
| "id.token.claim": "true", |
| "access.token.claim": "true", |
| "claim.name": "family_name", |
| "jsonType.label": "String" |
| } |
| }, |
| { |
| "id": "1dde6fae-f1d4-4632-80bd-a314acb29ddb", |
| "name": "gender", |
| "protocol": "openid-connect", |
| "protocolMapper": "oidc-usermodel-attribute-mapper", |
| "consentRequired": false, |
| "config": { |
| "userinfo.token.claim": "true", |
| "user.attribute": "gender", |
| "id.token.claim": "true", |
| "access.token.claim": "true", |
| "claim.name": "gender", |
| "jsonType.label": "String" |
| } |
| }, |
| { |
| "id": "953bc3c1-1026-4d9d-82ef-10fa3c85f58a", |
| "name": "full name", |
| "protocol": "openid-connect", |
| "protocolMapper": "oidc-full-name-mapper", |
| "consentRequired": false, |
| "config": { |
| "id.token.claim": "true", |
| "access.token.claim": "true", |
| "userinfo.token.claim": "true" |
| } |
| }, |
| { |
| "id": "f851586b-ddad-4b97-8cb0-7a844dc725ed", |
| "name": "zoneinfo", |
| "protocol": "openid-connect", |
| "protocolMapper": "oidc-usermodel-attribute-mapper", |
| "consentRequired": false, |
| "config": { |
| "userinfo.token.claim": "true", |
| "user.attribute": "zoneinfo", |
| "id.token.claim": "true", |
| "access.token.claim": "true", |
| "claim.name": "zoneinfo", |
| "jsonType.label": "String" |
| } |
| }, |
| { |
| "id": "44b9a4c5-878c-470b-be39-095fa4cbc49a", |
| "name": "updated at", |
| "protocol": "openid-connect", |
| "protocolMapper": "oidc-usermodel-attribute-mapper", |
| "consentRequired": false, |
| "config": { |
| "userinfo.token.claim": "true", |
| "user.attribute": "updatedAt", |
| "id.token.claim": "true", |
| "access.token.claim": "true", |
| "claim.name": "updated_at", |
| "jsonType.label": "String" |
| } |
| } |
| ] |
| }, |
| { |
| "id": "4ea7fd0b-6919-4b48-93ca-3663f6555f03", |
| "name": "email", |
| "description": "OpenID Connect built-in scope: email", |
| "protocol": "openid-connect", |
| "attributes": { |
| "include.in.token.scope": "true", |
| "display.on.consent.screen": "true", |
| "consent.screen.text": "${emailScopeConsentText}" |
| }, |
| "protocolMappers": [ |
| { |
| "id": "2b00516d-02d7-4351-91bd-94eb0cf74e47", |
| "name": "email", |
| "protocol": "openid-connect", |
| "protocolMapper": "oidc-usermodel-property-mapper", |
| "consentRequired": false, |
| "config": { |
| "userinfo.token.claim": "true", |
| "user.attribute": "email", |
| "id.token.claim": "true", |
| "access.token.claim": "true", |
| "claim.name": "email", |
| "jsonType.label": "String" |
| } |
| }, |
| { |
| "id": "4e1ececb-e172-4776-8890-17af40536a15", |
| "name": "email verified", |
| "protocol": "openid-connect", |
| "protocolMapper": "oidc-usermodel-property-mapper", |
| "consentRequired": false, |
| "config": { |
| "userinfo.token.claim": "true", |
| "user.attribute": "emailVerified", |
| "id.token.claim": "true", |
| "access.token.claim": "true", |
| "claim.name": "email_verified", |
| "jsonType.label": "boolean" |
| } |
| } |
| ] |
| }, |
| { |
| "id": "d0d1335b-d590-4511-8b51-5e0bbcc5b305", |
| "name": "address", |
| "description": "OpenID Connect built-in scope: address", |
| "protocol": "openid-connect", |
| "attributes": { |
| "include.in.token.scope": "true", |
| "display.on.consent.screen": "true", |
| "consent.screen.text": "${addressScopeConsentText}" |
| }, |
| "protocolMappers": [ |
| { |
| "id": "2908928a-a98d-4d18-bdd0-7c66e060d1f0", |
| "name": "address", |
| "protocol": "openid-connect", |
| "protocolMapper": "oidc-address-mapper", |
| "consentRequired": false, |
| "config": { |
| "user.attribute.formatted": "formatted", |
| "user.attribute.country": "country", |
| "user.attribute.postal_code": "postal_code", |
| "userinfo.token.claim": "true", |
| "user.attribute.street": "street", |
| "id.token.claim": "true", |
| "user.attribute.region": "region", |
| "access.token.claim": "true", |
| "user.attribute.locality": "locality" |
| } |
| } |
| ] |
| }, |
| { |
| "id": "33160aaa-f623-4ad1-9e70-61a87a40ae60", |
| "name": "phone", |
| "description": "OpenID Connect built-in scope: phone", |
| "protocol": "openid-connect", |
| "attributes": { |
| "include.in.token.scope": "true", |
| "display.on.consent.screen": "true", |
| "consent.screen.text": "${phoneScopeConsentText}" |
| }, |
| "protocolMappers": [ |
| { |
| "id": "9da20495-f5fb-4abf-8bbf-636b725a39fc", |
| "name": "phone number verified", |
| "protocol": "openid-connect", |
| "protocolMapper": "oidc-usermodel-attribute-mapper", |
| "consentRequired": false, |
| "config": { |
| "userinfo.token.claim": "true", |
| "user.attribute": "phoneNumberVerified", |
| "id.token.claim": "true", |
| "access.token.claim": "true", |
| "claim.name": "phone_number_verified", |
| "jsonType.label": "boolean" |
| } |
| }, |
| { |
| "id": "5de303e9-deff-43e5-98a8-bf03cfa5ee31", |
| "name": "phone number", |
| "protocol": "openid-connect", |
| "protocolMapper": "oidc-usermodel-attribute-mapper", |
| "consentRequired": false, |
| "config": { |
| "userinfo.token.claim": "true", |
| "user.attribute": "phoneNumber", |
| "id.token.claim": "true", |
| "access.token.claim": "true", |
| "claim.name": "phone_number", |
| "jsonType.label": "String" |
| } |
| } |
| ] |
| }, |
| { |
| "id": "6937b4c1-12af-41ee-82a6-dec89ac5f08d", |
| "name": "roles", |
| "description": "OpenID Connect scope for add user roles to the access token", |
| "protocol": "openid-connect", |
| "attributes": { |
| "include.in.token.scope": "false", |
| "display.on.consent.screen": "true", |
| "consent.screen.text": "${rolesScopeConsentText}" |
| }, |
| "protocolMappers": [ |
| { |
| "id": "cd22893f-c3f8-444a-8868-1c8e217ec882", |
| "name": "audience resolve", |
| "protocol": "openid-connect", |
| "protocolMapper": "oidc-audience-resolve-mapper", |
| "consentRequired": false, |
| "config": {} |
| }, |
| { |
| "id": "b8743e95-e570-4821-bd9b-efdfe599cf1f", |
| "name": "client roles", |
| "protocol": "openid-connect", |
| "protocolMapper": "oidc-usermodel-client-role-mapper", |
| "consentRequired": false, |
| "config": { |
| "multivalued": "true", |
| "user.attribute": "foo", |
| "access.token.claim": "true", |
| "claim.name": "resource_access.${client_id}.roles", |
| "jsonType.label": "String" |
| } |
| }, |
| { |
| "id": "ed2ec2c9-1029-43d7-92bd-1ee092b75508", |
| "name": "realm roles", |
| "protocol": "openid-connect", |
| "protocolMapper": "oidc-usermodel-realm-role-mapper", |
| "consentRequired": false, |
| "config": { |
| "multivalued": "true", |
| "user.attribute": "foo", |
| "access.token.claim": "true", |
| "claim.name": "realm_access.roles", |
| "jsonType.label": "String" |
| } |
| } |
| ] |
| }, |
| { |
| "id": "50c60ff0-8486-4e1a-af1a-169dbe842ffd", |
| "name": "web-origins", |
| "description": "OpenID Connect scope for add allowed web origins to the access token", |
| "protocol": "openid-connect", |
| "attributes": { |
| "include.in.token.scope": "false", |
| "display.on.consent.screen": "false", |
| "consent.screen.text": "" |
| }, |
| "protocolMappers": [ |
| { |
| "id": "13698360-c6c4-4e71-9f38-0104b48471a7", |
| "name": "allowed web origins", |
| "protocol": "openid-connect", |
| "protocolMapper": "oidc-allowed-origins-mapper", |
| "consentRequired": false, |
| "config": {} |
| } |
| ] |
| }, |
| { |
| "id": "ad68b903-7f72-41b7-9a76-1dc21b370f86", |
| "name": "microprofile-jwt", |
| "description": "Microprofile - JWT built-in scope", |
| "protocol": "openid-connect", |
| "attributes": { |
| "include.in.token.scope": "true", |
| "display.on.consent.screen": "false" |
| }, |
| "protocolMappers": [ |
| { |
| "id": "dd1ccfbe-87a6-49cb-b207-eca22f8cf124", |
| "name": "groups", |
| "protocol": "openid-connect", |
| "protocolMapper": "oidc-usermodel-realm-role-mapper", |
| "consentRequired": false, |
| "config": { |
| "multivalued": "true", |
| "user.attribute": "foo", |
| "id.token.claim": "true", |
| "access.token.claim": "true", |
| "claim.name": "groups", |
| "jsonType.label": "String" |
| } |
| }, |
| { |
| "id": "ea6a827b-5ca5-4a7c-8742-f06b25c41199", |
| "name": "upn", |
| "protocol": "openid-connect", |
| "protocolMapper": "oidc-usermodel-property-mapper", |
| "consentRequired": false, |
| "config": { |
| "userinfo.token.claim": "true", |
| "user.attribute": "username", |
| "id.token.claim": "true", |
| "access.token.claim": "true", |
| "claim.name": "upn", |
| "jsonType.label": "String" |
| } |
| } |
| ] |
| } |
| ], |
| "defaultDefaultClientScopes": [ |
| "role_list", |
| "profile", |
| "email", |
| "roles", |
| "web-origins" |
| ], |
| "defaultOptionalClientScopes": [ |
| "offline_access", |
| "address", |
| "phone", |
| "microprofile-jwt" |
| ], |
| "browserSecurityHeaders": { |
| "contentSecurityPolicyReportOnly": "", |
| "xContentTypeOptions": "nosniff", |
| "xRobotsTag": "none", |
| "xFrameOptions": "SAMEORIGIN", |
| "contentSecurityPolicy": "frame-src 'self'; frame-ancestors 'self'; object-src 'none';", |
| "xXSSProtection": "1; mode=block", |
| "strictTransportSecurity": "max-age=31536000; includeSubDomains" |
| }, |
| "smtpServer": {}, |
| "eventsEnabled": false, |
| "eventsListeners": [ |
| "jboss-logging" |
| ], |
| "enabledEventTypes": [], |
| "adminEventsEnabled": false, |
| "adminEventsDetailsEnabled": false, |
| "components": { |
| "org.keycloak.services.clientregistration.policy.ClientRegistrationPolicy": [ |
| { |
| "id": "ee651711-c0fc-4353-aab0-c6890e414a66", |
| "name": "Trusted Hosts", |
| "providerId": "trusted-hosts", |
| "subType": "anonymous", |
| "subComponents": {}, |
| "config": { |
| "host-sending-registration-request-must-match": [ |
| "true" |
| ], |
| "client-uris-must-match": [ |
| "true" |
| ] |
| } |
| }, |
| { |
| "id": "c4735064-a3bf-45db-8fcc-9a3e40de8b7c", |
| "name": "Allowed Client Scopes", |
| "providerId": "allowed-client-templates", |
| "subType": "anonymous", |
| "subComponents": {}, |
| "config": { |
| "allow-default-scopes": [ |
| "true" |
| ] |
| } |
| }, |
| { |
| "id": "69e737fd-2823-4bb5-9fc1-108ae83b4fee", |
| "name": "Full Scope Disabled", |
| "providerId": "scope", |
| "subType": "anonymous", |
| "subComponents": {}, |
| "config": {} |
| }, |
| { |
| "id": "9021c56f-bd41-4f4f-8b99-e74105554c5c", |
| "name": "Consent Required", |
| "providerId": "consent-required", |
| "subType": "anonymous", |
| "subComponents": {}, |
| "config": {} |
| }, |
| { |
| "id": "1dde5161-0755-4d47-b8d7-4cb1dcaa0d32", |
| "name": "Max Clients Limit", |
| "providerId": "max-clients", |
| "subType": "anonymous", |
| "subComponents": {}, |
| "config": { |
| "max-clients": [ |
| "200" |
| ] |
| } |
| }, |
| { |
| "id": "d2f0006d-05b5-4611-bd68-34caa6edc1b2", |
| "name": "Allowed Protocol Mapper Types", |
| "providerId": "allowed-protocol-mappers", |
| "subType": "anonymous", |
| "subComponents": {}, |
| "config": { |
| "allowed-protocol-mapper-types": [ |
| "oidc-address-mapper", |
| "oidc-sha256-pairwise-sub-mapper", |
| "saml-role-list-mapper", |
| "saml-user-attribute-mapper", |
| "oidc-usermodel-property-mapper", |
| "oidc-usermodel-attribute-mapper", |
| "saml-user-property-mapper", |
| "oidc-full-name-mapper" |
| ] |
| } |
| }, |
| { |
| "id": "70a2c2c2-10c1-45a4-ac02-b7cf957679af", |
| "name": "Allowed Client Scopes", |
| "providerId": "allowed-client-templates", |
| "subType": "authenticated", |
| "subComponents": {}, |
| "config": { |
| "allow-default-scopes": [ |
| "true" |
| ] |
| } |
| }, |
| { |
| "id": "84b070b5-82ff-4d38-9d2a-3f46ca2c33a1", |
| "name": "Allowed Protocol Mapper Types", |
| "providerId": "allowed-protocol-mappers", |
| "subType": "authenticated", |
| "subComponents": {}, |
| "config": { |
| "allowed-protocol-mapper-types": [ |
| "saml-user-attribute-mapper", |
| "oidc-usermodel-attribute-mapper", |
| "oidc-address-mapper", |
| "oidc-full-name-mapper", |
| "saml-user-property-mapper", |
| "oidc-sha256-pairwise-sub-mapper", |
| "saml-role-list-mapper", |
| "oidc-usermodel-property-mapper" |
| ] |
| } |
| } |
| ], |
| "org.keycloak.keys.KeyProvider": [ |
| { |
| "id": "bc04c37e-7c32-42bd-9e10-553c1c1919ca", |
| "name": "hmac-generated", |
| "providerId": "hmac-generated", |
| "subComponents": {}, |
| "config": { |
| "priority": [ |
| "100" |
| ], |
| "algorithm": [ |
| "HS256" |
| ] |
| } |
| }, |
| { |
| "id": "a649d756-4f85-4b36-9d45-b0edc2b606af", |
| "name": "rsa-generated", |
| "providerId": "rsa-generated", |
| "subComponents": {}, |
| "config": { |
| "priority": [ |
| "100" |
| ] |
| } |
| }, |
| { |
| "id": "6481565a-c7dc-45ee-8506-a07722d4ce07", |
| "name": "aes-generated", |
| "providerId": "aes-generated", |
| "subComponents": {}, |
| "config": { |
| "priority": [ |
| "100" |
| ] |
| } |
| } |
| ] |
| }, |
| "internationalizationEnabled": false, |
| "supportedLocales": [], |
| "authenticationFlows": [ |
| { |
| "id": "8bb23328-3352-4ef5-bd5d-74e2d9f296f6", |
| "alias": "Account verification options", |
| "description": "Method with which to verity the existing account", |
| "providerId": "basic-flow", |
| "topLevel": false, |
| "builtIn": true, |
| "authenticationExecutions": [ |
| { |
| "authenticator": "idp-email-verification", |
| "requirement": "ALTERNATIVE", |
| "priority": 10, |
| "userSetupAllowed": false, |
| "autheticatorFlow": false |
| }, |
| { |
| "requirement": "ALTERNATIVE", |
| "priority": 20, |
| "flowAlias": "Verify Existing Account by Re-authentication", |
| "userSetupAllowed": false, |
| "autheticatorFlow": true |
| } |
| ] |
| }, |
| { |
| "id": "0444b252-e1df-4349-9fdf-f1e5731d7ff9", |
| "alias": "Authentication Options", |
| "description": "Authentication options.", |
| "providerId": "basic-flow", |
| "topLevel": false, |
| "builtIn": true, |
| "authenticationExecutions": [ |
| { |
| "authenticator": "basic-auth", |
| "requirement": "REQUIRED", |
| "priority": 10, |
| "userSetupAllowed": false, |
| "autheticatorFlow": false |
| }, |
| { |
| "authenticator": "basic-auth-otp", |
| "requirement": "DISABLED", |
| "priority": 20, |
| "userSetupAllowed": false, |
| "autheticatorFlow": false |
| }, |
| { |
| "authenticator": "auth-spnego", |
| "requirement": "DISABLED", |
| "priority": 30, |
| "userSetupAllowed": false, |
| "autheticatorFlow": false |
| } |
| ] |
| }, |
| { |
| "id": "2a5c502d-c99f-411c-a545-b555afbc7232", |
| "alias": "Browser - Conditional OTP", |
| "description": "Flow to determine if the OTP is required for the authentication", |
| "providerId": "basic-flow", |
| "topLevel": false, |
| "builtIn": true, |
| "authenticationExecutions": [ |
| { |
| "authenticator": "conditional-user-configured", |
| "requirement": "REQUIRED", |
| "priority": 10, |
| "userSetupAllowed": false, |
| "autheticatorFlow": false |
| }, |
| { |
| "authenticator": "auth-otp-form", |
| "requirement": "REQUIRED", |
| "priority": 20, |
| "userSetupAllowed": false, |
| "autheticatorFlow": false |
| } |
| ] |
| }, |
| { |
| "id": "87dce7e2-0a21-498d-a5f5-37084f35cec4", |
| "alias": "Direct Grant - Conditional OTP", |
| "description": "Flow to determine if the OTP is required for the authentication", |
| "providerId": "basic-flow", |
| "topLevel": false, |
| "builtIn": true, |
| "authenticationExecutions": [ |
| { |
| "authenticator": "conditional-user-configured", |
| "requirement": "REQUIRED", |
| "priority": 10, |
| "userSetupAllowed": false, |
| "autheticatorFlow": false |
| }, |
| { |
| "authenticator": "direct-grant-validate-otp", |
| "requirement": "REQUIRED", |
| "priority": 20, |
| "userSetupAllowed": false, |
| "autheticatorFlow": false |
| } |
| ] |
| }, |
| { |
| "id": "5bff7c5b-22ad-4f73-9c6b-413442c78bfe", |
| "alias": "First broker login - Conditional OTP", |
| "description": "Flow to determine if the OTP is required for the authentication", |
| "providerId": "basic-flow", |
| "topLevel": false, |
| "builtIn": true, |
| "authenticationExecutions": [ |
| { |
| "authenticator": "conditional-user-configured", |
| "requirement": "REQUIRED", |
| "priority": 10, |
| "userSetupAllowed": false, |
| "autheticatorFlow": false |
| }, |
| { |
| "authenticator": "auth-otp-form", |
| "requirement": "REQUIRED", |
| "priority": 20, |
| "userSetupAllowed": false, |
| "autheticatorFlow": false |
| } |
| ] |
| }, |
| { |
| "id": "e6686ed1-7411-46d3-83c6-c188202576d6", |
| "alias": "Handle Existing Account", |
| "description": "Handle what to do if there is existing account with same email/username like authenticated identity provider", |
| "providerId": "basic-flow", |
| "topLevel": false, |
| "builtIn": true, |
| "authenticationExecutions": [ |
| { |
| "authenticator": "idp-confirm-link", |
| "requirement": "REQUIRED", |
| "priority": 10, |
| "userSetupAllowed": false, |
| "autheticatorFlow": false |
| }, |
| { |
| "requirement": "REQUIRED", |
| "priority": 20, |
| "flowAlias": "Account verification options", |
| "userSetupAllowed": false, |
| "autheticatorFlow": true |
| } |
| ] |
| }, |
| { |
| "id": "31ffdc22-9ef6-449e-acdf-4ef2c24334b1", |
| "alias": "Reset - Conditional OTP", |
| "description": "Flow to determine if the OTP should be reset or not. Set to REQUIRED to force.", |
| "providerId": "basic-flow", |
| "topLevel": false, |
| "builtIn": true, |
| "authenticationExecutions": [ |
| { |
| "authenticator": "conditional-user-configured", |
| "requirement": "REQUIRED", |
| "priority": 10, |
| "userSetupAllowed": false, |
| "autheticatorFlow": false |
| }, |
| { |
| "authenticator": "reset-otp", |
| "requirement": "REQUIRED", |
| "priority": 20, |
| "userSetupAllowed": false, |
| "autheticatorFlow": false |
| } |
| ] |
| }, |
| { |
| "id": "0ccf0e84-413e-405a-874b-64c5fd27475e", |
| "alias": "User creation or linking", |
| "description": "Flow for the existing/non-existing user alternatives", |
| "providerId": "basic-flow", |
| "topLevel": false, |
| "builtIn": true, |
| "authenticationExecutions": [ |
| { |
| "authenticatorConfig": "create unique user config", |
| "authenticator": "idp-create-user-if-unique", |
| "requirement": "ALTERNATIVE", |
| "priority": 10, |
| "userSetupAllowed": false, |
| "autheticatorFlow": false |
| }, |
| { |
| "requirement": "ALTERNATIVE", |
| "priority": 20, |
| "flowAlias": "Handle Existing Account", |
| "userSetupAllowed": false, |
| "autheticatorFlow": true |
| } |
| ] |
| }, |
| { |
| "id": "5de872f1-76ce-4b30-8196-c114bb82ba59", |
| "alias": "Verify Existing Account by Re-authentication", |
| "description": "Reauthentication of existing account", |
| "providerId": "basic-flow", |
| "topLevel": false, |
| "builtIn": true, |
| "authenticationExecutions": [ |
| { |
| "authenticator": "idp-username-password-form", |
| "requirement": "REQUIRED", |
| "priority": 10, |
| "userSetupAllowed": false, |
| "autheticatorFlow": false |
| }, |
| { |
| "requirement": "CONDITIONAL", |
| "priority": 20, |
| "flowAlias": "First broker login - Conditional OTP", |
| "userSetupAllowed": false, |
| "autheticatorFlow": true |
| } |
| ] |
| }, |
| { |
| "id": "101e204a-0a90-49ce-a8fa-b8c231543801", |
| "alias": "browser", |
| "description": "browser based authentication", |
| "providerId": "basic-flow", |
| "topLevel": true, |
| "builtIn": true, |
| "authenticationExecutions": [ |
| { |
| "authenticator": "auth-cookie", |
| "requirement": "ALTERNATIVE", |
| "priority": 10, |
| "userSetupAllowed": false, |
| "autheticatorFlow": false |
| }, |
| { |
| "authenticator": "auth-spnego", |
| "requirement": "DISABLED", |
| "priority": 20, |
| "userSetupAllowed": false, |
| "autheticatorFlow": false |
| }, |
| { |
| "authenticator": "identity-provider-redirector", |
| "requirement": "ALTERNATIVE", |
| "priority": 25, |
| "userSetupAllowed": false, |
| "autheticatorFlow": false |
| }, |
| { |
| "requirement": "ALTERNATIVE", |
| "priority": 30, |
| "flowAlias": "forms", |
| "userSetupAllowed": false, |
| "autheticatorFlow": true |
| } |
| ] |
| }, |
| { |
| "id": "8496de1d-99a7-4897-abc4-79d8e2f33b33", |
| "alias": "clients", |
| "description": "Base authentication for clients", |
| "providerId": "client-flow", |
| "topLevel": true, |
| "builtIn": true, |
| "authenticationExecutions": [ |
| { |
| "authenticator": "client-secret", |
| "requirement": "ALTERNATIVE", |
| "priority": 10, |
| "userSetupAllowed": false, |
| "autheticatorFlow": false |
| }, |
| { |
| "authenticator": "client-jwt", |
| "requirement": "ALTERNATIVE", |
| "priority": 20, |
| "userSetupAllowed": false, |
| "autheticatorFlow": false |
| }, |
| { |
| "authenticator": "client-secret-jwt", |
| "requirement": "ALTERNATIVE", |
| "priority": 30, |
| "userSetupAllowed": false, |
| "autheticatorFlow": false |
| }, |
| { |
| "authenticator": "client-x509", |
| "requirement": "ALTERNATIVE", |
| "priority": 40, |
| "userSetupAllowed": false, |
| "autheticatorFlow": false |
| } |
| ] |
| }, |
| { |
| "id": "1f88632a-f19a-4c50-888b-a98b8c832b3f", |
| "alias": "direct grant", |
| "description": "OpenID Connect Resource Owner Grant", |
| "providerId": "basic-flow", |
| "topLevel": true, |
| "builtIn": true, |
| "authenticationExecutions": [ |
| { |
| "authenticator": "direct-grant-validate-username", |
| "requirement": "REQUIRED", |
| "priority": 10, |
| "userSetupAllowed": false, |
| "autheticatorFlow": false |
| }, |
| { |
| "authenticator": "direct-grant-validate-password", |
| "requirement": "REQUIRED", |
| "priority": 20, |
| "userSetupAllowed": false, |
| "autheticatorFlow": false |
| }, |
| { |
| "requirement": "CONDITIONAL", |
| "priority": 30, |
| "flowAlias": "Direct Grant - Conditional OTP", |
| "userSetupAllowed": false, |
| "autheticatorFlow": true |
| } |
| ] |
| }, |
| { |
| "id": "e5632e64-ee46-4779-8d26-5e59254a4a55", |
| "alias": "docker auth", |
| "description": "Used by Docker clients to authenticate against the IDP", |
| "providerId": "basic-flow", |
| "topLevel": true, |
| "builtIn": true, |
| "authenticationExecutions": [ |
| { |
| "authenticator": "docker-http-basic-authenticator", |
| "requirement": "REQUIRED", |
| "priority": 10, |
| "userSetupAllowed": false, |
| "autheticatorFlow": false |
| } |
| ] |
| }, |
| { |
| "id": "03fd2502-f560-48d2-8840-adeb0b6a48a0", |
| "alias": "first broker login", |
| "description": "Actions taken after first broker login with identity provider account, which is not yet linked to any Keycloak account", |
| "providerId": "basic-flow", |
| "topLevel": true, |
| "builtIn": true, |
| "authenticationExecutions": [ |
| { |
| "authenticatorConfig": "review profile config", |
| "authenticator": "idp-review-profile", |
| "requirement": "REQUIRED", |
| "priority": 10, |
| "userSetupAllowed": false, |
| "autheticatorFlow": false |
| }, |
| { |
| "requirement": "REQUIRED", |
| "priority": 20, |
| "flowAlias": "User creation or linking", |
| "userSetupAllowed": false, |
| "autheticatorFlow": true |
| } |
| ] |
| }, |
| { |
| "id": "01082c74-4362-4244-9be6-dd2f92630fb0", |
| "alias": "forms", |
| "description": "Username, password, otp and other auth forms.", |
| "providerId": "basic-flow", |
| "topLevel": false, |
| "builtIn": true, |
| "authenticationExecutions": [ |
| { |
| "authenticator": "auth-username-password-form", |
| "requirement": "REQUIRED", |
| "priority": 10, |
| "userSetupAllowed": false, |
| "autheticatorFlow": false |
| }, |
| { |
| "requirement": "CONDITIONAL", |
| "priority": 20, |
| "flowAlias": "Browser - Conditional OTP", |
| "userSetupAllowed": false, |
| "autheticatorFlow": true |
| } |
| ] |
| }, |
| { |
| "id": "632dfbec-a295-40a7-9dd6-14093a0daaef", |
| "alias": "http challenge", |
| "description": "An authentication flow based on challenge-response HTTP Authentication Schemes", |
| "providerId": "basic-flow", |
| "topLevel": true, |
| "builtIn": true, |
| "authenticationExecutions": [ |
| { |
| "authenticator": "no-cookie-redirect", |
| "requirement": "REQUIRED", |
| "priority": 10, |
| "userSetupAllowed": false, |
| "autheticatorFlow": false |
| }, |
| { |
| "requirement": "REQUIRED", |
| "priority": 20, |
| "flowAlias": "Authentication Options", |
| "userSetupAllowed": false, |
| "autheticatorFlow": true |
| } |
| ] |
| }, |
| { |
| "id": "7225051c-3da4-4630-af66-47eb34db6c30", |
| "alias": "registration", |
| "description": "registration flow", |
| "providerId": "basic-flow", |
| "topLevel": true, |
| "builtIn": true, |
| "authenticationExecutions": [ |
| { |
| "authenticator": "registration-page-form", |
| "requirement": "REQUIRED", |
| "priority": 10, |
| "flowAlias": "registration form", |
| "userSetupAllowed": false, |
| "autheticatorFlow": true |
| } |
| ] |
| }, |
| { |
| "id": "a4804aac-e3f5-411a-8d5e-1a3142419d0b", |
| "alias": "registration form", |
| "description": "registration form", |
| "providerId": "form-flow", |
| "topLevel": false, |
| "builtIn": true, |
| "authenticationExecutions": [ |
| { |
| "authenticator": "registration-user-creation", |
| "requirement": "REQUIRED", |
| "priority": 20, |
| "userSetupAllowed": false, |
| "autheticatorFlow": false |
| }, |
| { |
| "authenticator": "registration-profile-action", |
| "requirement": "REQUIRED", |
| "priority": 40, |
| "userSetupAllowed": false, |
| "autheticatorFlow": false |
| }, |
| { |
| "authenticator": "registration-password-action", |
| "requirement": "REQUIRED", |
| "priority": 50, |
| "userSetupAllowed": false, |
| "autheticatorFlow": false |
| }, |
| { |
| "authenticator": "registration-recaptcha-action", |
| "requirement": "DISABLED", |
| "priority": 60, |
| "userSetupAllowed": false, |
| "autheticatorFlow": false |
| } |
| ] |
| }, |
| { |
| "id": "bff91bcc-84bd-433d-af2b-19301a664679", |
| "alias": "reset credentials", |
| "description": "Reset credentials for a user if they forgot their password or something", |
| "providerId": "basic-flow", |
| "topLevel": true, |
| "builtIn": true, |
| "authenticationExecutions": [ |
| { |
| "authenticator": "reset-credentials-choose-user", |
| "requirement": "REQUIRED", |
| "priority": 10, |
| "userSetupAllowed": false, |
| "autheticatorFlow": false |
| }, |
| { |
| "authenticator": "reset-credential-email", |
| "requirement": "REQUIRED", |
| "priority": 20, |
| "userSetupAllowed": false, |
| "autheticatorFlow": false |
| }, |
| { |
| "authenticator": "reset-password", |
| "requirement": "REQUIRED", |
| "priority": 30, |
| "userSetupAllowed": false, |
| "autheticatorFlow": false |
| }, |
| { |
| "requirement": "CONDITIONAL", |
| "priority": 40, |
| "flowAlias": "Reset - Conditional OTP", |
| "userSetupAllowed": false, |
| "autheticatorFlow": true |
| } |
| ] |
| }, |
| { |
| "id": "512ff803-3b88-48ca-bdf4-3724c6fda4ed", |
| "alias": "saml ecp", |
| "description": "SAML ECP Profile Authentication Flow", |
| "providerId": "basic-flow", |
| "topLevel": true, |
| "builtIn": true, |
| "authenticationExecutions": [ |
| { |
| "authenticator": "http-basic-authenticator", |
| "requirement": "REQUIRED", |
| "priority": 10, |
| "userSetupAllowed": false, |
| "autheticatorFlow": false |
| } |
| ] |
| } |
| ], |
| "authenticatorConfig": [ |
| { |
| "id": "01ca6d5e-b0d4-4832-b440-6e811f2dba20", |
| "alias": "create unique user config", |
| "config": { |
| "require.password.update.after.registration": "false" |
| } |
| }, |
| { |
| "id": "530335ce-dc2a-4c0e-92d8-35180851eb62", |
| "alias": "review profile config", |
| "config": { |
| "update.profile.on.first.login": "missing" |
| } |
| } |
| ], |
| "requiredActions": [ |
| { |
| "alias": "CONFIGURE_TOTP", |
| "name": "Configure OTP", |
| "providerId": "CONFIGURE_TOTP", |
| "enabled": true, |
| "defaultAction": false, |
| "priority": 10, |
| "config": {} |
| }, |
| { |
| "alias": "terms_and_conditions", |
| "name": "Terms and Conditions", |
| "providerId": "terms_and_conditions", |
| "enabled": false, |
| "defaultAction": false, |
| "priority": 20, |
| "config": {} |
| }, |
| { |
| "alias": "UPDATE_PASSWORD", |
| "name": "Update Password", |
| "providerId": "UPDATE_PASSWORD", |
| "enabled": true, |
| "defaultAction": false, |
| "priority": 30, |
| "config": {} |
| }, |
| { |
| "alias": "UPDATE_PROFILE", |
| "name": "Update Profile", |
| "providerId": "UPDATE_PROFILE", |
| "enabled": true, |
| "defaultAction": false, |
| "priority": 40, |
| "config": {} |
| }, |
| { |
| "alias": "VERIFY_EMAIL", |
| "name": "Verify Email", |
| "providerId": "VERIFY_EMAIL", |
| "enabled": true, |
| "defaultAction": false, |
| "priority": 50, |
| "config": {} |
| }, |
| { |
| "alias": "update_user_locale", |
| "name": "Update User Locale", |
| "providerId": "update_user_locale", |
| "enabled": true, |
| "defaultAction": false, |
| "priority": 1000, |
| "config": {} |
| } |
| ], |
| "browserFlow": "browser", |
| "registrationFlow": "registration", |
| "directGrantFlow": "direct grant", |
| "resetCredentialsFlow": "reset credentials", |
| "clientAuthenticationFlow": "clients", |
| "dockerAuthenticationFlow": "docker auth", |
| "attributes": {}, |
| "keycloakVersion": "10.0.0", |
| "userManagedAccessAllowed": false |
| } |