diff --git a/security-keycloak-authorization-quickstart/config/quarkus-realm.json b/security-keycloak-authorization-quickstart/config/quarkus-realm.json
index 51d814ce5f..01906593ae 100644
--- a/security-keycloak-authorization-quickstart/config/quarkus-realm.json
+++ b/security-keycloak-authorization-quickstart/config/quarkus-realm.json
@@ -1,7 +1,8 @@
{
- "id" : "11d78bf6-6d10-4484-baba-a1388379d68b",
+ "id" : "36382947-8ffa-4a8a-9881-2b7eeb84f800",
"realm" : "quarkus",
"notBefore" : 0,
+ "defaultSignatureAlgorithm" : "RS256",
"revokeRefreshToken" : false,
"refreshTokenMaxReuse" : 0,
"accessTokenLifespan" : 300,
@@ -13,11 +14,17 @@
"offlineSessionIdleTimeout" : 2592000,
"offlineSessionMaxLifespanEnabled" : false,
"offlineSessionMaxLifespan" : 5184000,
+ "clientSessionIdleTimeout" : 0,
+ "clientSessionMaxLifespan" : 0,
+ "clientOfflineSessionIdleTimeout" : 0,
+ "clientOfflineSessionMaxLifespan" : 0,
"accessCodeLifespan" : 60,
"accessCodeLifespanUserAction" : 300,
"accessCodeLifespanLogin" : 1800,
"actionTokenGeneratedByAdminLifespan" : 43200,
"actionTokenGeneratedByUserLifespan" : 300,
+ "oauth2DeviceCodeLifespan" : 600,
+ "oauth2DevicePollingInterval" : 5,
"enabled" : true,
"sslRequired" : "external",
"registrationAllowed" : false,
@@ -37,185 +44,193 @@
"maxDeltaTimeSeconds" : 43200,
"failureFactor" : 30,
"roles" : {
- "realm" : [ {
+ "realm" : [
+ {
"id" : "3fc80564-13ac-4e7b-9986-322f571e82bc",
"name" : "confidential",
"composite" : false,
"clientRole" : false,
- "containerId" : "11d78bf6-6d10-4484-baba-a1388379d68b",
- "attributes" : { }
- }, {
- "id" : "39eb64c8-66a9-4983-9c81-27ea7e2f6273",
- "name" : "uma_authorization",
- "description" : "${role_uma_authorization}",
- "composite" : false,
- "clientRole" : false,
- "containerId" : "11d78bf6-6d10-4484-baba-a1388379d68b",
+ "containerId" : "36382947-8ffa-4a8a-9881-2b7eeb84f800",
"attributes" : { }
}, {
"id" : "8c1abe12-62fe-4a06-ae0d-f5fb67dddbb0",
"name" : "admin",
"composite" : false,
"clientRole" : false,
- "containerId" : "11d78bf6-6d10-4484-baba-a1388379d68b",
+ "containerId" : "36382947-8ffa-4a8a-9881-2b7eeb84f800",
"attributes" : { }
- }, {
+ }, {
"id" : "5afce544-6a3c-495f-b805-fd737cf5081e",
"name" : "user",
"composite" : false,
+ "clientRole" : false,
+ "containerId" : "36382947-8ffa-4a8a-9881-2b7eeb84f800",
+ "attributes" : { }
+ },
+ {
+ "id" : "2b6632ed-9e3b-4e28-86ed-1d0239c7cefc",
+ "name" : "uma_authorization",
+ "description" : "${role_uma_authorization}",
+ "composite" : false,
+ "clientRole" : false,
+ "containerId" : "36382947-8ffa-4a8a-9881-2b7eeb84f800",
+ "attributes" : { }
+ }, {
+ "id" : "d70f9032-c77a-4aca-88d8-d914ee2905a4",
+ "name" : "default-roles-quarkus",
+ "description" : "${role_default-roles}",
+ "composite" : true,
+ "composites" : {
+ "realm" : [ "offline_access", "uma_authorization" ],
+ "client" : {
+ "account" : [ "manage-account", "view-profile" ]
+ }
+ },
"clientRole" : false,
- "containerId" : "11d78bf6-6d10-4484-baba-a1388379d68b",
+ "containerId" : "36382947-8ffa-4a8a-9881-2b7eeb84f800",
"attributes" : { }
}, {
- "id" : "bc431d62-a80a-425b-961a-0fb3fc59006d",
+ "id" : "5dbf8bd3-db6f-4394-94f9-b311d08baf4c",
"name" : "offline_access",
"description" : "${role_offline-access}",
"composite" : false,
"clientRole" : false,
- "containerId" : "11d78bf6-6d10-4484-baba-a1388379d68b",
+ "containerId" : "36382947-8ffa-4a8a-9881-2b7eeb84f800",
"attributes" : { }
} ],
"client" : {
"realm-management" : [ {
- "id" : "7db1f38d-d436-4725-93fd-030a3bbe628e",
- "name" : "manage-identity-providers",
- "description" : "${role_manage-identity-providers}",
- "composite" : false,
- "clientRole" : true,
- "containerId" : "376bd940-e50a-4495-80fc-9c6c07312748",
- "attributes" : { }
- }, {
- "id" : "1163b9bd-7319-4154-a25f-0101b2548d21",
- "name" : "impersonation",
- "description" : "${role_impersonation}",
+ "id" : "6c2447e9-a8ca-402b-953c-944123312933",
+ "name" : "query-clients",
+ "description" : "${role_query-clients}",
"composite" : false,
"clientRole" : true,
- "containerId" : "376bd940-e50a-4495-80fc-9c6c07312748",
+ "containerId" : "911f7ea1-5e42-4fdd-a0d9-767c62cbc41f",
"attributes" : { }
}, {
- "id" : "73d0a556-072b-404f-bf8e-10e2544c8c27",
+ "id" : "d321086a-5816-404d-bcc7-7984dd83d36b",
"name" : "view-identity-providers",
"description" : "${role_view-identity-providers}",
"composite" : false,
"clientRole" : true,
- "containerId" : "376bd940-e50a-4495-80fc-9c6c07312748",
+ "containerId" : "911f7ea1-5e42-4fdd-a0d9-767c62cbc41f",
"attributes" : { }
}, {
- "id" : "7e727e28-2095-4443-b2da-865e684f2308",
- "name" : "view-realm",
- "description" : "${role_view-realm}",
+ "id" : "6073c9f6-b1c2-4680-9d28-ab1254618b7b",
+ "name" : "manage-authorization",
+ "description" : "${role_manage-authorization}",
"composite" : false,
"clientRole" : true,
- "containerId" : "376bd940-e50a-4495-80fc-9c6c07312748",
+ "containerId" : "911f7ea1-5e42-4fdd-a0d9-767c62cbc41f",
"attributes" : { }
}, {
- "id" : "df9e5352-f835-4467-bcaf-cb1b5f55c1ec",
- "name" : "query-users",
- "description" : "${role_query-users}",
- "composite" : false,
+ "id" : "e2f20b42-23d3-4e88-a2ef-1bfeb6716020",
+ "name" : "view-users",
+ "description" : "${role_view-users}",
+ "composite" : true,
+ "composites" : {
+ "client" : {
+ "realm-management" : [ "query-groups", "query-users" ]
+ }
+ },
"clientRole" : true,
- "containerId" : "376bd940-e50a-4495-80fc-9c6c07312748",
+ "containerId" : "911f7ea1-5e42-4fdd-a0d9-767c62cbc41f",
"attributes" : { }
}, {
- "id" : "fa77909a-32a3-41ae-9983-2b92ae03080c",
- "name" : "manage-clients",
- "description" : "${role_manage-clients}",
+ "id" : "f07629cf-203d-4beb-8dbf-ec8aa1f035b3",
+ "name" : "impersonation",
+ "description" : "${role_impersonation}",
"composite" : false,
"clientRole" : true,
- "containerId" : "376bd940-e50a-4495-80fc-9c6c07312748",
+ "containerId" : "911f7ea1-5e42-4fdd-a0d9-767c62cbc41f",
"attributes" : { }
}, {
- "id" : "a8780507-dc72-4433-8b95-b8e4f3c37d0e",
- "name" : "manage-events",
- "description" : "${role_manage-events}",
+ "id" : "832b6db4-d305-4141-b56c-6e93a78a3e68",
+ "name" : "create-client",
+ "description" : "${role_create-client}",
"composite" : false,
"clientRole" : true,
- "containerId" : "376bd940-e50a-4495-80fc-9c6c07312748",
+ "containerId" : "911f7ea1-5e42-4fdd-a0d9-767c62cbc41f",
"attributes" : { }
}, {
- "id" : "f7f4697a-3977-42f6-af86-9bb006cf4d04",
+ "id" : "bfc8e0e6-341f-4355-bebb-da64f28ff13f",
"name" : "realm-admin",
"description" : "${role_realm-admin}",
"composite" : true,
"composites" : {
"client" : {
- "realm-management" : [ "impersonation", "manage-identity-providers", "view-identity-providers", "view-realm", "query-users", "manage-clients", "manage-events", "manage-realm", "view-authorization", "manage-authorization", "view-users", "create-client", "query-clients", "query-groups", "manage-users", "view-clients", "view-events", "query-realms" ]
+ "realm-management" : [ "query-clients", "view-identity-providers", "manage-authorization", "view-users", "impersonation", "create-client", "manage-events", "query-groups", "view-authorization", "query-users", "manage-realm", "manage-identity-providers", "view-realm", "view-clients", "manage-clients", "query-realms", "view-events", "manage-users" ]
}
},
"clientRole" : true,
- "containerId" : "376bd940-e50a-4495-80fc-9c6c07312748",
+ "containerId" : "911f7ea1-5e42-4fdd-a0d9-767c62cbc41f",
"attributes" : { }
}, {
- "id" : "ca7dc1ce-a981-4efe-b3f0-a7192b6d3943",
- "name" : "manage-realm",
- "description" : "${role_manage-realm}",
+ "id" : "894aaa75-29f9-452c-9ea3-429a51404575",
+ "name" : "manage-events",
+ "description" : "${role_manage-events}",
"composite" : false,
"clientRole" : true,
- "containerId" : "376bd940-e50a-4495-80fc-9c6c07312748",
+ "containerId" : "911f7ea1-5e42-4fdd-a0d9-767c62cbc41f",
"attributes" : { }
}, {
- "id" : "a0ab4faa-00a9-4f52-ac9f-8e764b6a8126",
- "name" : "view-authorization",
- "description" : "${role_view-authorization}",
+ "id" : "d6e53477-0d1f-46f6-ace8-0b81e658196a",
+ "name" : "query-groups",
+ "description" : "${role_query-groups}",
"composite" : false,
"clientRole" : true,
- "containerId" : "376bd940-e50a-4495-80fc-9c6c07312748",
+ "containerId" : "911f7ea1-5e42-4fdd-a0d9-767c62cbc41f",
"attributes" : { }
}, {
- "id" : "0b4ed5e0-eceb-4d81-ba05-fa67022abe59",
- "name" : "manage-authorization",
- "description" : "${role_manage-authorization}",
+ "id" : "d7141f22-ae51-489e-861c-9cb12f943fec",
+ "name" : "view-authorization",
+ "description" : "${role_view-authorization}",
"composite" : false,
"clientRole" : true,
- "containerId" : "376bd940-e50a-4495-80fc-9c6c07312748",
+ "containerId" : "911f7ea1-5e42-4fdd-a0d9-767c62cbc41f",
"attributes" : { }
}, {
- "id" : "c10336be-06f3-40ef-bef5-28d8c9b8a1e2",
- "name" : "create-client",
- "description" : "${role_create-client}",
+ "id" : "692bf834-049f-4f15-95cf-7b40cadf4272",
+ "name" : "query-users",
+ "description" : "${role_query-users}",
"composite" : false,
"clientRole" : true,
- "containerId" : "376bd940-e50a-4495-80fc-9c6c07312748",
+ "containerId" : "911f7ea1-5e42-4fdd-a0d9-767c62cbc41f",
"attributes" : { }
}, {
- "id" : "1a1ffadc-11d5-44ea-bac0-d94372c8ae5c",
- "name" : "view-users",
- "description" : "${role_view-users}",
- "composite" : true,
- "composites" : {
- "client" : {
- "realm-management" : [ "query-groups", "query-users" ]
- }
- },
+ "id" : "1cc2c76c-6b2f-47d0-bf0a-e260247f2e73",
+ "name" : "manage-realm",
+ "description" : "${role_manage-realm}",
+ "composite" : false,
"clientRole" : true,
- "containerId" : "376bd940-e50a-4495-80fc-9c6c07312748",
+ "containerId" : "911f7ea1-5e42-4fdd-a0d9-767c62cbc41f",
"attributes" : { }
}, {
- "id" : "5ba9a1a3-9027-4531-8253-b91f6058513c",
- "name" : "query-clients",
- "description" : "${role_query-clients}",
+ "id" : "a3f00bf1-2b0e-4127-bbd7-f2c8f9005ea9",
+ "name" : "manage-identity-providers",
+ "description" : "${role_manage-identity-providers}",
"composite" : false,
"clientRole" : true,
- "containerId" : "376bd940-e50a-4495-80fc-9c6c07312748",
+ "containerId" : "911f7ea1-5e42-4fdd-a0d9-767c62cbc41f",
"attributes" : { }
}, {
- "id" : "b4fba807-7a7e-4e3e-bd31-45703305a9e3",
- "name" : "query-groups",
- "description" : "${role_query-groups}",
+ "id" : "349db29b-1e3f-4e94-91a5-3afb1f1ce789",
+ "name" : "view-realm",
+ "description" : "${role_view-realm}",
"composite" : false,
"clientRole" : true,
- "containerId" : "376bd940-e50a-4495-80fc-9c6c07312748",
+ "containerId" : "911f7ea1-5e42-4fdd-a0d9-767c62cbc41f",
"attributes" : { }
}, {
- "id" : "c9384254-0af3-434c-b4ed-7c94f59a8247",
- "name" : "manage-users",
- "description" : "${role_manage-users}",
+ "id" : "e454c0c4-846e-4af3-8f27-2c864e30517f",
+ "name" : "manage-clients",
+ "description" : "${role_manage-clients}",
"composite" : false,
"clientRole" : true,
- "containerId" : "376bd940-e50a-4495-80fc-9c6c07312748",
+ "containerId" : "911f7ea1-5e42-4fdd-a0d9-767c62cbc41f",
"attributes" : { }
}, {
- "id" : "9a0022f2-bd58-4418-828c-a8e7abe3346b",
+ "id" : "d085f668-dae1-4908-b755-39b223c16d29",
"name" : "view-clients",
"description" : "${role_view-clients}",
"composite" : true,
@@ -225,23 +240,31 @@
}
},
"clientRole" : true,
- "containerId" : "376bd940-e50a-4495-80fc-9c6c07312748",
+ "containerId" : "911f7ea1-5e42-4fdd-a0d9-767c62cbc41f",
"attributes" : { }
}, {
- "id" : "83df8311-4366-4d22-9425-eccc343faa3f",
- "name" : "view-events",
- "description" : "${role_view-events}",
+ "id" : "ba4367d7-94bb-43d8-b175-7842dbfe3102",
+ "name" : "manage-users",
+ "description" : "${role_manage-users}",
"composite" : false,
"clientRole" : true,
- "containerId" : "376bd940-e50a-4495-80fc-9c6c07312748",
+ "containerId" : "911f7ea1-5e42-4fdd-a0d9-767c62cbc41f",
"attributes" : { }
}, {
- "id" : "e81bf277-047f-4bdd-afd6-59e2016c5066",
+ "id" : "632628d0-f783-4114-97b2-2622a76e5674",
"name" : "query-realms",
"description" : "${role_query-realms}",
"composite" : false,
"clientRole" : true,
- "containerId" : "376bd940-e50a-4495-80fc-9c6c07312748",
+ "containerId" : "911f7ea1-5e42-4fdd-a0d9-767c62cbc41f",
+ "attributes" : { }
+ }, {
+ "id" : "7ec35cf2-029b-47ac-a570-e32dfb4821e8",
+ "name" : "view-events",
+ "description" : "${role_view-events}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "911f7ea1-5e42-4fdd-a0d9-767c62cbc41f",
"attributes" : { }
} ],
"security-admin-console" : [ ],
@@ -252,51 +275,96 @@
"composite" : false,
"clientRole" : true,
"containerId" : "0ac5df91-e044-4051-bd03-106a3a5fb9cc",
- "attributes" : { }
- } ],
+ "attributes" : { }
+ } ],
+ "account-console" : [ ],
"broker" : [ {
- "id" : "d36865b0-7ade-4bcd-a7dc-1dacbd80f169",
+ "id" : "fa00b5ce-10f0-4643-91f4-4092121a55ec",
"name" : "read-token",
"description" : "${role_read-token}",
"composite" : false,
"clientRole" : true,
- "containerId" : "53d4fe53-a039-471e-886a-28eddc950e95",
+ "containerId" : "371a2b90-ebb3-4255-9d2e-bc3949d5bd2a",
"attributes" : { }
} ],
"account" : [ {
- "id" : "539325a0-d9b3-4821-97ee-d42999296b62",
- "name" : "view-profile",
- "description" : "${role_view-profile}",
+ "id" : "1b242c4a-3141-40c5-bd67-66e6c21ad91b",
+ "name" : "manage-account",
+ "description" : "${role_manage-account}",
+ "composite" : true,
+ "composites" : {
+ "client" : {
+ "account" : [ "manage-account-links" ]
+ }
+ },
+ "clientRole" : true,
+ "containerId" : "f362cd79-8596-407b-9e01-7c999e43d488",
+ "attributes" : { }
+ }, {
+ "id" : "4943cb69-5dc1-42ba-a7b4-60b841b49a92",
+ "name" : "delete-account",
+ "description" : "${role_delete-account}",
"composite" : false,
"clientRole" : true,
- "containerId" : "e55e1234-38fa-432d-8d90-39f5e024688d",
+ "containerId" : "f362cd79-8596-407b-9e01-7c999e43d488",
"attributes" : { }
}, {
- "id" : "e4af836c-c884-4a57-8b1d-fb673b0fe3a5",
- "name" : "manage-account",
- "description" : "${role_manage-account}",
+ "id" : "b910b7e5-7f8f-4c7f-ab9a-27a9df77e062",
+ "name" : "view-applications",
+ "description" : "${role_view-applications}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "f362cd79-8596-407b-9e01-7c999e43d488",
+ "attributes" : { }
+ }, {
+ "id" : "db73da06-3099-4b11-97c6-13c403dab0ae",
+ "name" : "manage-consent",
+ "description" : "${role_manage-consent}",
"composite" : true,
"composites" : {
"client" : {
- "account" : [ "manage-account-links" ]
+ "account" : [ "view-consent" ]
}
},
"clientRole" : true,
- "containerId" : "e55e1234-38fa-432d-8d90-39f5e024688d",
+ "containerId" : "f362cd79-8596-407b-9e01-7c999e43d488",
+ "attributes" : { }
+ }, {
+ "id" : "2d40ac4f-48be-47f9-bf1f-458354158de9",
+ "name" : "view-profile",
+ "description" : "${role_view-profile}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "f362cd79-8596-407b-9e01-7c999e43d488",
"attributes" : { }
}, {
- "id" : "35d1c998-bcae-4ab1-a026-4c67bff49a98",
+ "id" : "2713bb5d-2760-44f4-a276-28bcf6bdbe8e",
"name" : "manage-account-links",
"description" : "${role_manage-account-links}",
"composite" : false,
"clientRole" : true,
- "containerId" : "e55e1234-38fa-432d-8d90-39f5e024688d",
+ "containerId" : "f362cd79-8596-407b-9e01-7c999e43d488",
+ "attributes" : { }
+ }, {
+ "id" : "228b74ca-9239-4fdc-a81c-59f324a9e4e8",
+ "name" : "view-consent",
+ "description" : "${role_view-consent}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "f362cd79-8596-407b-9e01-7c999e43d488",
"attributes" : { }
} ]
}
},
"groups" : [ ],
- "defaultRoles" : [ "uma_authorization", "offline_access" ],
+ "defaultRole" : {
+ "id" : "d70f9032-c77a-4aca-88d8-d914ee2905a4",
+ "name" : "default-roles-quarkus",
+ "description" : "${role_default-roles}",
+ "composite" : true,
+ "clientRole" : false,
+ "containerId" : "36382947-8ffa-4a8a-9881-2b7eeb84f800"
+ },
"requiredCredentials" : [ "password" ],
"otpPolicyType" : "totp",
"otpPolicyAlgorithm" : "HmacSHA1",
@@ -305,21 +373,47 @@
"otpPolicyLookAheadWindow" : 1,
"otpPolicyPeriod" : 30,
"otpSupportedApplications" : [ "FreeOTP", "Google Authenticator" ],
+ "webAuthnPolicyRpEntityName" : "keycloak",
+ "webAuthnPolicySignatureAlgorithms" : [ "ES256" ],
+ "webAuthnPolicyRpId" : "",
+ "webAuthnPolicyAttestationConveyancePreference" : "not specified",
+ "webAuthnPolicyAuthenticatorAttachment" : "not specified",
+ "webAuthnPolicyRequireResidentKey" : "not specified",
+ "webAuthnPolicyUserVerificationRequirement" : "not specified",
+ "webAuthnPolicyCreateTimeout" : 0,
+ "webAuthnPolicyAvoidSameAuthenticatorRegister" : false,
+ "webAuthnPolicyAcceptableAaguids" : [ ],
+ "webAuthnPolicyPasswordlessRpEntityName" : "keycloak",
+ "webAuthnPolicyPasswordlessSignatureAlgorithms" : [ "ES256" ],
+ "webAuthnPolicyPasswordlessRpId" : "",
+ "webAuthnPolicyPasswordlessAttestationConveyancePreference" : "not specified",
+ "webAuthnPolicyPasswordlessAuthenticatorAttachment" : "not specified",
+ "webAuthnPolicyPasswordlessRequireResidentKey" : "not specified",
+ "webAuthnPolicyPasswordlessUserVerificationRequirement" : "not specified",
+ "webAuthnPolicyPasswordlessCreateTimeout" : 0,
+ "webAuthnPolicyPasswordlessAvoidSameAuthenticatorRegister" : false,
+ "webAuthnPolicyPasswordlessAcceptableAaguids" : [ ],
"scopeMappings" : [ {
"clientScope" : "offline_access",
"roles" : [ "offline_access" ]
} ],
+ "clientScopeMappings" : {
+ "account" : [ {
+ "client" : "account-console",
+ "roles" : [ "manage-account" ]
+ } ]
+ },
"clients" : [ {
- "id" : "e55e1234-38fa-432d-8d90-39f5e024688d",
+ "id" : "f362cd79-8596-407b-9e01-7c999e43d488",
"clientId" : "account",
"name" : "${client_account}",
- "baseUrl" : "/auth/realms/quarkus/account",
+ "rootUrl" : "${authBaseUrl}",
+ "baseUrl" : "/realms/quarkus/account/",
"surrogateAuthRequired" : false,
"enabled" : true,
+ "alwaysDisplayInConsole" : false,
"clientAuthenticatorType" : "client-secret",
- "secret" : "0136c3ef-0dfd-4b13-a6d0-2c8b6358edec",
- "defaultRoles" : [ "view-profile", "manage-account" ],
- "redirectUris" : [ "/auth/realms/quarkus/account/*" ],
+ "redirectUris" : [ "/realms/quarkus/account/*" ],
"webOrigins" : [ ],
"notBefore" : 0,
"bearerOnly" : false,
@@ -328,23 +422,64 @@
"implicitFlowEnabled" : false,
"directAccessGrantsEnabled" : false,
"serviceAccountsEnabled" : false,
- "publicClient" : false,
+ "publicClient" : true,
"frontchannelLogout" : false,
"protocol" : "openid-connect",
- "attributes" : { },
+ "attributes" : {
+ "post.logout.redirect.uris" : "+"
+ },
"authenticationFlowBindingOverrides" : { },
"fullScopeAllowed" : false,
"nodeReRegistrationTimeout" : 0,
- "defaultClientScopes" : [ "web-origins", "role_list", "profile", "roles", "email" ],
+ "defaultClientScopes" : [ "web-origins", "acr", "roles", "profile", "email" ],
+ "optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ]
+ }, {
+ "id" : "1148f171-a813-463d-bc3d-61b47c300a31",
+ "clientId" : "account-console",
+ "name" : "${client_account-console}",
+ "rootUrl" : "${authBaseUrl}",
+ "baseUrl" : "/realms/quarkus/account/",
+ "surrogateAuthRequired" : false,
+ "enabled" : true,
+ "alwaysDisplayInConsole" : false,
+ "clientAuthenticatorType" : "client-secret",
+ "redirectUris" : [ "/realms/quarkus/account/*" ],
+ "webOrigins" : [ ],
+ "notBefore" : 0,
+ "bearerOnly" : false,
+ "consentRequired" : false,
+ "standardFlowEnabled" : true,
+ "implicitFlowEnabled" : false,
+ "directAccessGrantsEnabled" : false,
+ "serviceAccountsEnabled" : false,
+ "publicClient" : true,
+ "frontchannelLogout" : false,
+ "protocol" : "openid-connect",
+ "attributes" : {
+ "post.logout.redirect.uris" : "+",
+ "pkce.code.challenge.method" : "S256"
+ },
+ "authenticationFlowBindingOverrides" : { },
+ "fullScopeAllowed" : false,
+ "nodeReRegistrationTimeout" : 0,
+ "protocolMappers" : [ {
+ "id" : "32fb140b-17b0-4c5c-9138-d9a9bc2d3eb1",
+ "name" : "audience resolve",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-audience-resolve-mapper",
+ "consentRequired" : false,
+ "config" : { }
+ } ],
+ "defaultClientScopes" : [ "web-origins", "acr", "roles", "profile", "email" ],
"optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ]
}, {
- "id" : "e9cc41a2-8e35-4d5e-949e-4879880c2ddb",
+ "id" : "16fb473f-45e3-40bb-81bf-4c7f69b92ae2",
"clientId" : "admin-cli",
"name" : "${client_admin-cli}",
"surrogateAuthRequired" : false,
"enabled" : true,
+ "alwaysDisplayInConsole" : false,
"clientAuthenticatorType" : "client-secret",
- "secret" : "a951803a-79c7-46a6-8197-e32835286971",
"redirectUris" : [ ],
"webOrigins" : [ ],
"notBefore" : 0,
@@ -361,20 +496,20 @@
"authenticationFlowBindingOverrides" : { },
"fullScopeAllowed" : false,
"nodeReRegistrationTimeout" : 0,
- "defaultClientScopes" : [ "web-origins", "role_list", "profile", "roles", "email" ],
+ "defaultClientScopes" : [ "web-origins", "acr", "roles", "profile", "email" ],
"optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ]
}, {
- "id" : "53d4fe53-a039-471e-886a-28eddc950e95",
+ "id" : "371a2b90-ebb3-4255-9d2e-bc3949d5bd2a",
"clientId" : "broker",
"name" : "${client_broker}",
"surrogateAuthRequired" : false,
"enabled" : true,
+ "alwaysDisplayInConsole" : false,
"clientAuthenticatorType" : "client-secret",
- "secret" : "e1f7edd7-e15c-43b4-8736-ff8204d16836",
"redirectUris" : [ ],
"webOrigins" : [ ],
"notBefore" : 0,
- "bearerOnly" : false,
+ "bearerOnly" : true,
"consentRequired" : false,
"standardFlowEnabled" : true,
"implicitFlowEnabled" : false,
@@ -387,30 +522,30 @@
"authenticationFlowBindingOverrides" : { },
"fullScopeAllowed" : false,
"nodeReRegistrationTimeout" : 0,
- "defaultClientScopes" : [ "web-origins", "role_list", "profile", "roles", "email" ],
+ "defaultClientScopes" : [ "web-origins", "acr", "roles", "profile", "email" ],
"optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ]
}, {
"id" : "0ac5df91-e044-4051-bd03-106a3a5fb9cc",
"clientId" : "backend-service",
- "surrogateAuthRequired" : false,
- "enabled" : true,
- "clientAuthenticatorType" : "client-secret",
+ "surrogateAuthRequired" : false,
+ "enabled" : true,
+ "clientAuthenticatorType" : "client-secret",
"secret" : "secret",
"redirectUris" : ["*"],
- "webOrigins" : [ ],
- "notBefore" : 0,
+ "webOrigins" : [ ],
+ "notBefore" : 0,
"bearerOnly" : false,
- "consentRequired" : false,
- "standardFlowEnabled" : true,
- "implicitFlowEnabled" : false,
+ "consentRequired" : false,
+ "standardFlowEnabled" : true,
+ "implicitFlowEnabled" : false,
"directAccessGrantsEnabled" : true,
"serviceAccountsEnabled" : true,
"authorizationServicesEnabled" : true,
- "publicClient" : false,
- "frontchannelLogout" : false,
- "protocol" : "openid-connect",
- "attributes" : { },
- "authenticationFlowBindingOverrides" : { },
+ "publicClient" : false,
+ "frontchannelLogout" : false,
+ "protocol" : "openid-connect",
+ "attributes" : { },
+ "authenticationFlowBindingOverrides" : { },
"fullScopeAllowed" : true,
"nodeReRegistrationTimeout" : -1,
"protocolMappers" : [ {
@@ -527,14 +662,14 @@
"scopes": [],
"decisionStrategy": "UNANIMOUS"
}
- }, {
- "id" : "376bd940-e50a-4495-80fc-9c6c07312748",
+ }, {
+ "id" : "911f7ea1-5e42-4fdd-a0d9-767c62cbc41f",
"clientId" : "realm-management",
"name" : "${client_realm-management}",
"surrogateAuthRequired" : false,
"enabled" : true,
+ "alwaysDisplayInConsole" : false,
"clientAuthenticatorType" : "client-secret",
- "secret" : "c41b709a-a012-4c69-89d7-4f926dba0619",
"redirectUris" : [ ],
"webOrigins" : [ ],
"notBefore" : 0,
@@ -551,19 +686,20 @@
"authenticationFlowBindingOverrides" : { },
"fullScopeAllowed" : false,
"nodeReRegistrationTimeout" : 0,
- "defaultClientScopes" : [ "web-origins", "role_list", "profile", "roles", "email" ],
+ "defaultClientScopes" : [ "web-origins", "acr", "roles", "profile", "email" ],
"optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ]
}, {
- "id" : "a8732cac-ae0f-44ec-b7f3-bd2c41eff13c",
+ "id" : "36f4981a-8b47-45ec-a24c-0d6832dce7a6",
"clientId" : "security-admin-console",
"name" : "${client_security-admin-console}",
- "baseUrl" : "/auth/admin/quarkus/console/index.html",
+ "rootUrl" : "${authAdminUrl}",
+ "baseUrl" : "/admin/quarkus/console/",
"surrogateAuthRequired" : false,
"enabled" : true,
+ "alwaysDisplayInConsole" : false,
"clientAuthenticatorType" : "client-secret",
- "secret" : "e571b211-2550-475d-b87f-116ff54091ee",
- "redirectUris" : [ "/auth/admin/quarkus/console/*" ],
- "webOrigins" : [ ],
+ "redirectUris" : [ "/admin/quarkus/console/*" ],
+ "webOrigins" : [ "+" ],
"notBefore" : 0,
"bearerOnly" : false,
"consentRequired" : false,
@@ -574,12 +710,15 @@
"publicClient" : true,
"frontchannelLogout" : false,
"protocol" : "openid-connect",
- "attributes" : { },
+ "attributes" : {
+ "post.logout.redirect.uris" : "+",
+ "pkce.code.challenge.method" : "S256"
+ },
"authenticationFlowBindingOverrides" : { },
"fullScopeAllowed" : false,
"nodeReRegistrationTimeout" : 0,
"protocolMappers" : [ {
- "id" : "280528ca-5e96-4bb9-9fc0-20311caac32d",
+ "id" : "5ae0eba8-8f29-4048-8b57-b5b3878df79c",
"name" : "locale",
"protocol" : "openid-connect",
"protocolMapper" : "oidc-usermodel-attribute-mapper",
@@ -593,101 +732,117 @@
"jsonType.label" : "String"
}
} ],
- "defaultClientScopes" : [ "web-origins", "role_list", "profile", "roles", "email" ],
+ "defaultClientScopes" : [ "web-origins", "acr", "roles", "profile", "email" ],
"optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ]
} ],
"clientScopes" : [ {
- "id" : "520cc3ef-2c6b-4d84-bcde-8c063241f4bd",
- "name" : "address",
- "description" : "OpenID Connect built-in scope: address",
- "protocol" : "openid-connect",
- "attributes" : {
- "include.in.token.scope" : "true",
- "display.on.consent.screen" : "true",
- "consent.screen.text" : "${addressScopeConsentText}"
- },
- "protocolMappers" : [ {
- "id" : "c1d3bd07-0a5f-4f4f-b381-c58a7b723029",
- "name" : "address",
- "protocol" : "openid-connect",
- "protocolMapper" : "oidc-address-mapper",
- "consentRequired" : false,
- "config" : {
- "user.attribute.formatted" : "formatted",
- "user.attribute.country" : "country",
- "user.attribute.postal_code" : "postal_code",
- "userinfo.token.claim" : "true",
- "user.attribute.street" : "street",
- "id.token.claim" : "true",
- "user.attribute.region" : "region",
- "access.token.claim" : "true",
- "user.attribute.locality" : "locality"
- }
- } ]
- }, {
- "id" : "19920c96-a383-4f35-8ee9-27833263cf03",
- "name" : "email",
- "description" : "OpenID Connect built-in scope: email",
+ "id" : "e17e3fdf-518f-44d8-9a8e-5743fe656c26",
+ "name" : "phone",
+ "description" : "OpenID Connect built-in scope: phone",
"protocol" : "openid-connect",
"attributes" : {
"include.in.token.scope" : "true",
"display.on.consent.screen" : "true",
- "consent.screen.text" : "${emailScopeConsentText}"
+ "consent.screen.text" : "${phoneScopeConsentText}"
},
"protocolMappers" : [ {
- "id" : "36a0adf0-6c25-419f-98d7-cdeada8661aa",
- "name" : "email",
+ "id" : "e12d0fe6-2aa8-4809-a8f5-69fc5d41ba0d",
+ "name" : "phone number",
"protocol" : "openid-connect",
- "protocolMapper" : "oidc-usermodel-property-mapper",
+ "protocolMapper" : "oidc-usermodel-attribute-mapper",
"consentRequired" : false,
"config" : {
"userinfo.token.claim" : "true",
- "user.attribute" : "email",
+ "user.attribute" : "phoneNumber",
"id.token.claim" : "true",
"access.token.claim" : "true",
- "claim.name" : "email",
+ "claim.name" : "phone_number",
"jsonType.label" : "String"
}
}, {
- "id" : "b0c39901-5e5d-4436-b685-908bb90ea1d9",
- "name" : "email verified",
+ "id" : "005aa9ba-7a81-49be-b14f-fecbbfc22111",
+ "name" : "phone number verified",
"protocol" : "openid-connect",
- "protocolMapper" : "oidc-usermodel-property-mapper",
+ "protocolMapper" : "oidc-usermodel-attribute-mapper",
"consentRequired" : false,
"config" : {
"userinfo.token.claim" : "true",
- "user.attribute" : "emailVerified",
+ "user.attribute" : "phoneNumberVerified",
"id.token.claim" : "true",
"access.token.claim" : "true",
- "claim.name" : "email_verified",
+ "claim.name" : "phone_number_verified",
"jsonType.label" : "boolean"
}
} ]
}, {
- "id" : "55b3ee1c-cbf9-4526-93d7-aa56a9c5f1cb",
- "name" : "microprofile-jwt",
- "description" : "Microprofile - JWT built-in scope",
+ "id" : "c0c00c6d-85fc-40ed-b15a-693825b9f3a8",
+ "name" : "roles",
+ "description" : "OpenID Connect scope for add user roles to the access token",
"protocol" : "openid-connect",
"attributes" : {
- "include.in.token.scope" : "true",
- "display.on.consent.screen" : "false"
+ "include.in.token.scope" : "false",
+ "display.on.consent.screen" : "true",
+ "consent.screen.text" : "${rolesScopeConsentText}"
},
"protocolMappers" : [ {
- "id" : "59128144-a21a-4744-bb55-e66ff0503b18",
- "name" : "upn",
+ "id" : "9c4af8e8-d303-4520-ae81-f87190c2bbc6",
+ "name" : "realm roles",
"protocol" : "openid-connect",
- "protocolMapper" : "oidc-usermodel-property-mapper",
+ "protocolMapper" : "oidc-usermodel-realm-role-mapper",
"consentRequired" : false,
"config" : {
- "userinfo.token.claim" : "true",
- "user.attribute" : "username",
- "id.token.claim" : "true",
+ "user.attribute" : "foo",
"access.token.claim" : "true",
- "claim.name" : "upn",
- "jsonType.label" : "String"
+ "claim.name" : "realm_access.roles",
+ "jsonType.label" : "String",
+ "multivalued" : "true"
+ }
+ }, {
+ "id" : "03a3006b-c808-4b19-a5ec-b01a14b3b00e",
+ "name" : "client roles",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usermodel-client-role-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "user.attribute" : "foo",
+ "access.token.claim" : "true",
+ "claim.name" : "resource_access.${client_id}.roles",
+ "jsonType.label" : "String",
+ "multivalued" : "true"
+ }
+ }, {
+ "id" : "e606f224-24c8-46e3-ac5a-01e7fadb1562",
+ "name" : "audience resolve",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-audience-resolve-mapper",
+ "consentRequired" : false,
+ "config" : { }
+ } ]
+ }, {
+ "id" : "74626818-9744-416e-ae77-d13be8940fee",
+ "name" : "microprofile-jwt",
+ "description" : "Microprofile - JWT built-in scope",
+ "protocol" : "openid-connect",
+ "attributes" : {
+ "include.in.token.scope" : "true",
+ "display.on.consent.screen" : "false"
+ },
+ "protocolMappers" : [ {
+ "id" : "13e76b05-7d24-43f4-ad4e-1d7655853512",
+ "name" : "upn",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usermodel-property-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "userinfo.token.claim" : "true",
+ "user.attribute" : "username",
+ "id.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "upn",
+ "jsonType.label" : "String"
}
}, {
- "id" : "69351a63-7d6e-45d0-be47-088c83b20fdb",
+ "id" : "0adad4c2-dbea-4105-a0c0-a6062c60a3f6",
"name" : "groups",
"protocol" : "openid-connect",
"protocolMapper" : "oidc-usermodel-realm-role-mapper",
@@ -702,55 +857,84 @@
}
} ]
}, {
- "id" : "3f190f54-8e3a-4c82-a799-bd12ddc475b2",
- "name" : "offline_access",
- "description" : "OpenID Connect built-in scope: offline_access",
+ "id" : "bd050b86-7be1-42a0-b2f6-b681183e560a",
+ "name" : "web-origins",
+ "description" : "OpenID Connect scope for add allowed web origins to the access token",
"protocol" : "openid-connect",
"attributes" : {
- "consent.screen.text" : "${offlineAccessScopeConsentText}",
- "display.on.consent.screen" : "true"
- }
+ "include.in.token.scope" : "false",
+ "display.on.consent.screen" : "false",
+ "consent.screen.text" : ""
+ },
+ "protocolMappers" : [ {
+ "id" : "cc7f1c4e-c15b-425a-b2c4-c21e180f882f",
+ "name" : "allowed web origins",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-allowed-origins-mapper",
+ "consentRequired" : false,
+ "config" : { }
+ } ]
}, {
- "id" : "defa3480-5368-4f34-8075-49fb982b71b3",
- "name" : "phone",
- "description" : "OpenID Connect built-in scope: phone",
+ "id" : "47595a41-97d2-48b9-84e9-f66d9820ea9d",
+ "name" : "email",
+ "description" : "OpenID Connect built-in scope: email",
"protocol" : "openid-connect",
"attributes" : {
"include.in.token.scope" : "true",
"display.on.consent.screen" : "true",
- "consent.screen.text" : "${phoneScopeConsentText}"
+ "consent.screen.text" : "${emailScopeConsentText}"
},
"protocolMappers" : [ {
- "id" : "069ae414-9e98-4612-a3d6-e8b5a1fa841d",
- "name" : "phone number verified",
+ "id" : "9150603e-ebc9-467e-a254-72d910622fa7",
+ "name" : "email verified",
"protocol" : "openid-connect",
- "protocolMapper" : "oidc-usermodel-attribute-mapper",
+ "protocolMapper" : "oidc-usermodel-property-mapper",
"consentRequired" : false,
"config" : {
"userinfo.token.claim" : "true",
- "user.attribute" : "phoneNumberVerified",
+ "user.attribute" : "emailVerified",
"id.token.claim" : "true",
"access.token.claim" : "true",
- "claim.name" : "phone_number_verified",
+ "claim.name" : "email_verified",
"jsonType.label" : "boolean"
}
}, {
- "id" : "cea58e24-d0e0-4cc6-9e34-7b3bf7d6d85b",
- "name" : "phone number",
+ "id" : "4f028250-4036-498d-894a-d356d251110a",
+ "name" : "email",
"protocol" : "openid-connect",
- "protocolMapper" : "oidc-usermodel-attribute-mapper",
+ "protocolMapper" : "oidc-usermodel-property-mapper",
"consentRequired" : false,
"config" : {
"userinfo.token.claim" : "true",
- "user.attribute" : "phoneNumber",
+ "user.attribute" : "email",
"id.token.claim" : "true",
"access.token.claim" : "true",
- "claim.name" : "phone_number",
+ "claim.name" : "email",
"jsonType.label" : "String"
}
} ]
}, {
- "id" : "b7321e2e-dd8e-41cf-a527-c765155c3f78",
+ "id" : "e7401ec2-c877-4522-b390-d7ac13abfd22",
+ "name" : "acr",
+ "description" : "OpenID Connect scope for add acr (authentication context class reference) to the token",
+ "protocol" : "openid-connect",
+ "attributes" : {
+ "include.in.token.scope" : "false",
+ "display.on.consent.screen" : "false"
+ },
+ "protocolMappers" : [ {
+ "id" : "90848608-3013-47dc-b6bd-e7d16e150cdd",
+ "name" : "acr loa level",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-acr-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "id.token.claim" : "true",
+ "access.token.claim" : "true"
+ }
+ } ]
+ }, {
+ "id" : "dad89a6f-c6d3-485c-87c0-79bf304310dd",
"name" : "profile",
"description" : "OpenID Connect built-in scope: profile",
"protocol" : "openid-connect",
@@ -760,292 +944,267 @@
"consent.screen.text" : "${profileScopeConsentText}"
},
"protocolMappers" : [ {
- "id" : "1d4d3df5-7af5-488e-8477-0ad7cb74d50a",
- "name" : "nickname",
+ "id" : "8070e658-3ed6-444c-b117-372b0d3e76bc",
+ "name" : "birthdate",
"protocol" : "openid-connect",
"protocolMapper" : "oidc-usermodel-attribute-mapper",
"consentRequired" : false,
"config" : {
"userinfo.token.claim" : "true",
- "user.attribute" : "nickname",
+ "user.attribute" : "birthdate",
"id.token.claim" : "true",
"access.token.claim" : "true",
- "claim.name" : "nickname",
+ "claim.name" : "birthdate",
"jsonType.label" : "String"
}
}, {
- "id" : "1a5e26d6-211e-4f8a-b696-0ea9577db25a",
- "name" : "zoneinfo",
+ "id" : "861faee7-38c1-4040-9bae-a1f9d24c4f60",
+ "name" : "middle name",
"protocol" : "openid-connect",
"protocolMapper" : "oidc-usermodel-attribute-mapper",
"consentRequired" : false,
"config" : {
"userinfo.token.claim" : "true",
- "user.attribute" : "zoneinfo",
+ "user.attribute" : "middleName",
"id.token.claim" : "true",
"access.token.claim" : "true",
- "claim.name" : "zoneinfo",
+ "claim.name" : "middle_name",
"jsonType.label" : "String"
}
}, {
- "id" : "18971685-6dd7-420f-9c09-879c4f2d54d8",
- "name" : "updated at",
+ "id" : "7b1b5c7e-45ff-4052-b937-73b5a3689498",
+ "name" : "picture",
"protocol" : "openid-connect",
"protocolMapper" : "oidc-usermodel-attribute-mapper",
"consentRequired" : false,
"config" : {
"userinfo.token.claim" : "true",
- "user.attribute" : "updatedAt",
+ "user.attribute" : "picture",
"id.token.claim" : "true",
"access.token.claim" : "true",
- "claim.name" : "updated_at",
+ "claim.name" : "picture",
"jsonType.label" : "String"
}
}, {
- "id" : "b970d96b-0156-4db0-9beb-9c84c173e619",
- "name" : "birthdate",
+ "id" : "ef20556e-624d-4c08-9aac-3e8ef9cb5c57",
+ "name" : "gender",
"protocol" : "openid-connect",
"protocolMapper" : "oidc-usermodel-attribute-mapper",
"consentRequired" : false,
"config" : {
"userinfo.token.claim" : "true",
- "user.attribute" : "birthdate",
+ "user.attribute" : "gender",
"id.token.claim" : "true",
"access.token.claim" : "true",
- "claim.name" : "birthdate",
+ "claim.name" : "gender",
"jsonType.label" : "String"
}
}, {
- "id" : "50287033-df21-45c6-aa46-c3060e6f9855",
- "name" : "given name",
+ "id" : "03a03973-8d8d-495a-99af-f483e31eafcb",
+ "name" : "website",
"protocol" : "openid-connect",
- "protocolMapper" : "oidc-usermodel-property-mapper",
+ "protocolMapper" : "oidc-usermodel-attribute-mapper",
"consentRequired" : false,
"config" : {
"userinfo.token.claim" : "true",
- "user.attribute" : "firstName",
+ "user.attribute" : "website",
"id.token.claim" : "true",
"access.token.claim" : "true",
- "claim.name" : "given_name",
+ "claim.name" : "website",
"jsonType.label" : "String"
}
}, {
- "id" : "3dc6b97e-7063-4077-98d1-0cacf9029c7b",
- "name" : "full name",
+ "id" : "a64f2a47-50b6-4c55-9d0f-b5971ae63992",
+ "name" : "given name",
"protocol" : "openid-connect",
- "protocolMapper" : "oidc-full-name-mapper",
+ "protocolMapper" : "oidc-usermodel-property-mapper",
"consentRequired" : false,
"config" : {
+ "userinfo.token.claim" : "true",
+ "user.attribute" : "firstName",
"id.token.claim" : "true",
"access.token.claim" : "true",
- "userinfo.token.claim" : "true"
+ "claim.name" : "given_name",
+ "jsonType.label" : "String"
}
}, {
- "id" : "3fb9391b-376c-42ef-b012-4df461c617cc",
- "name" : "middle name",
+ "id" : "75f1df3a-0843-4786-ab2b-49c3b719eb92",
+ "name" : "locale",
"protocol" : "openid-connect",
"protocolMapper" : "oidc-usermodel-attribute-mapper",
"consentRequired" : false,
"config" : {
"userinfo.token.claim" : "true",
- "user.attribute" : "middleName",
+ "user.attribute" : "locale",
"id.token.claim" : "true",
"access.token.claim" : "true",
- "claim.name" : "middle_name",
+ "claim.name" : "locale",
"jsonType.label" : "String"
}
}, {
- "id" : "83f7fc4a-5386-4f86-a103-6585e138b61d",
- "name" : "username",
+ "id" : "1b582634-b01b-4900-a7d4-9ee95fb4012c",
+ "name" : "updated at",
"protocol" : "openid-connect",
- "protocolMapper" : "oidc-usermodel-property-mapper",
+ "protocolMapper" : "oidc-usermodel-attribute-mapper",
"consentRequired" : false,
"config" : {
"userinfo.token.claim" : "true",
- "user.attribute" : "username",
+ "user.attribute" : "updatedAt",
"id.token.claim" : "true",
"access.token.claim" : "true",
- "claim.name" : "preferred_username",
- "jsonType.label" : "String"
+ "claim.name" : "updated_at",
+ "jsonType.label" : "long"
}
}, {
- "id" : "8ef177b3-f485-44b1-afee-1901393b00c7",
- "name" : "family name",
+ "id" : "0c4f4ea2-2d31-4ab1-bf97-e46344ff4336",
+ "name" : "nickname",
"protocol" : "openid-connect",
- "protocolMapper" : "oidc-usermodel-property-mapper",
+ "protocolMapper" : "oidc-usermodel-attribute-mapper",
"consentRequired" : false,
"config" : {
"userinfo.token.claim" : "true",
- "user.attribute" : "lastName",
+ "user.attribute" : "nickname",
"id.token.claim" : "true",
"access.token.claim" : "true",
- "claim.name" : "family_name",
+ "claim.name" : "nickname",
"jsonType.label" : "String"
}
}, {
- "id" : "e994cbc7-2a1a-4465-b7b7-12b35b4fe49e",
- "name" : "gender",
+ "id" : "55b83e07-ed5b-4441-980e-01b9234db5fe",
+ "name" : "profile",
"protocol" : "openid-connect",
"protocolMapper" : "oidc-usermodel-attribute-mapper",
"consentRequired" : false,
"config" : {
"userinfo.token.claim" : "true",
- "user.attribute" : "gender",
+ "user.attribute" : "profile",
"id.token.claim" : "true",
"access.token.claim" : "true",
- "claim.name" : "gender",
+ "claim.name" : "profile",
"jsonType.label" : "String"
}
}, {
- "id" : "abaa4c9e-1fa2-4b45-a1bb-b3d650de9aca",
- "name" : "picture",
+ "id" : "e8e2523e-5044-47d4-863f-50b46e32307b",
+ "name" : "family name",
"protocol" : "openid-connect",
- "protocolMapper" : "oidc-usermodel-attribute-mapper",
+ "protocolMapper" : "oidc-usermodel-property-mapper",
"consentRequired" : false,
"config" : {
"userinfo.token.claim" : "true",
- "user.attribute" : "picture",
+ "user.attribute" : "lastName",
"id.token.claim" : "true",
"access.token.claim" : "true",
- "claim.name" : "picture",
+ "claim.name" : "family_name",
"jsonType.label" : "String"
}
}, {
- "id" : "bf21b514-81fd-4bbe-9236-bab5fcf54561",
- "name" : "locale",
+ "id" : "233f533d-40a4-4df2-b5a7-4536c8fdc3b8",
+ "name" : "zoneinfo",
"protocol" : "openid-connect",
"protocolMapper" : "oidc-usermodel-attribute-mapper",
"consentRequired" : false,
"config" : {
"userinfo.token.claim" : "true",
- "user.attribute" : "locale",
+ "user.attribute" : "zoneinfo",
"id.token.claim" : "true",
"access.token.claim" : "true",
- "claim.name" : "locale",
+ "claim.name" : "zoneinfo",
"jsonType.label" : "String"
}
}, {
- "id" : "254f8de4-08e7-4d3d-a87f-4b238f0f922b",
- "name" : "profile",
+ "id" : "ec6d80f6-3093-4b8f-b4a4-97b0ce8567b6",
+ "name" : "username",
"protocol" : "openid-connect",
- "protocolMapper" : "oidc-usermodel-attribute-mapper",
+ "protocolMapper" : "oidc-usermodel-property-mapper",
"consentRequired" : false,
"config" : {
"userinfo.token.claim" : "true",
- "user.attribute" : "profile",
+ "user.attribute" : "username",
"id.token.claim" : "true",
"access.token.claim" : "true",
- "claim.name" : "profile",
+ "claim.name" : "preferred_username",
"jsonType.label" : "String"
}
}, {
- "id" : "7934bf2a-cfc3-4b2d-a5cb-287f3ed2a977",
- "name" : "website",
+ "id" : "aae53b7f-83fb-4aff-85f4-93fc5f69b213",
+ "name" : "full name",
"protocol" : "openid-connect",
- "protocolMapper" : "oidc-usermodel-attribute-mapper",
+ "protocolMapper" : "oidc-full-name-mapper",
"consentRequired" : false,
"config" : {
- "userinfo.token.claim" : "true",
- "user.attribute" : "website",
"id.token.claim" : "true",
"access.token.claim" : "true",
- "claim.name" : "website",
- "jsonType.label" : "String"
+ "userinfo.token.claim" : "true"
}
} ]
}, {
- "id" : "f3dc793d-6011-4861-b538-399dde5434c0",
- "name" : "role_list",
- "description" : "SAML role list",
- "protocol" : "saml",
+ "id" : "08d32803-c052-4b0a-98c4-538e627857b3",
+ "name" : "offline_access",
+ "description" : "OpenID Connect built-in scope: offline_access",
+ "protocol" : "openid-connect",
"attributes" : {
- "consent.screen.text" : "${samlRoleListScopeConsentText}",
+ "consent.screen.text" : "${offlineAccessScopeConsentText}",
"display.on.consent.screen" : "true"
- },
- "protocolMappers" : [ {
- "id" : "22eeabf8-a3c3-4026-a351-367f8ace7927",
- "name" : "role list",
- "protocol" : "saml",
- "protocolMapper" : "saml-role-list-mapper",
- "consentRequired" : false,
- "config" : {
- "single" : "false",
- "attribute.nameformat" : "Basic",
- "attribute.name" : "Role"
- }
- } ]
+ }
}, {
- "id" : "f72c1acd-c367-41b1-8646-b6bd5fff3e3f",
- "name" : "roles",
- "description" : "OpenID Connect scope for add user roles to the access token",
+ "id" : "8cd9bda9-eff5-42e7-8e62-b9d2e0f37416",
+ "name" : "address",
+ "description" : "OpenID Connect built-in scope: address",
"protocol" : "openid-connect",
"attributes" : {
- "include.in.token.scope" : "false",
+ "include.in.token.scope" : "true",
"display.on.consent.screen" : "true",
- "consent.screen.text" : "${rolesScopeConsentText}"
+ "consent.screen.text" : "${addressScopeConsentText}"
},
"protocolMappers" : [ {
- "id" : "cd8e589e-5fa7-4dae-bf6e-e8f6a3fd3cff",
- "name" : "realm roles",
- "protocol" : "openid-connect",
- "protocolMapper" : "oidc-usermodel-realm-role-mapper",
- "consentRequired" : false,
- "config" : {
- "user.attribute" : "foo",
- "access.token.claim" : "true",
- "claim.name" : "realm_access.roles",
- "jsonType.label" : "String",
- "multivalued" : "true"
- }
- }, {
- "id" : "708b19d1-0709-4278-b5a1-bcbeec11f51a",
- "name" : "audience resolve",
- "protocol" : "openid-connect",
- "protocolMapper" : "oidc-audience-resolve-mapper",
- "consentRequired" : false,
- "config" : { }
- }, {
- "id" : "25e97210-30c7-4f35-be11-407f1fa674cb",
- "name" : "client roles",
+ "id" : "3bf71763-9a1f-413c-b52d-bf99f611a211",
+ "name" : "address",
"protocol" : "openid-connect",
- "protocolMapper" : "oidc-usermodel-client-role-mapper",
+ "protocolMapper" : "oidc-address-mapper",
"consentRequired" : false,
"config" : {
- "user.attribute" : "foo",
+ "user.attribute.formatted" : "formatted",
+ "user.attribute.country" : "country",
+ "user.attribute.postal_code" : "postal_code",
+ "userinfo.token.claim" : "true",
+ "user.attribute.street" : "street",
+ "id.token.claim" : "true",
+ "user.attribute.region" : "region",
"access.token.claim" : "true",
- "claim.name" : "resource_access.${client_id}.roles",
- "jsonType.label" : "String",
- "multivalued" : "true"
+ "user.attribute.locality" : "locality"
}
} ]
}, {
- "id" : "52618957-a4e8-4c6f-a902-217f2c41a2fd",
- "name" : "web-origins",
- "description" : "OpenID Connect scope for add allowed web origins to the access token",
- "protocol" : "openid-connect",
+ "id" : "1a4f1401-2b80-47c9-922a-80f0d1537507",
+ "name" : "role_list",
+ "description" : "SAML role list",
+ "protocol" : "saml",
"attributes" : {
- "include.in.token.scope" : "false",
- "display.on.consent.screen" : "false",
- "consent.screen.text" : ""
+ "consent.screen.text" : "${samlRoleListScopeConsentText}",
+ "display.on.consent.screen" : "true"
},
"protocolMappers" : [ {
- "id" : "a66ddadf-312f-491f-993c-fa58685815c6",
- "name" : "allowed web origins",
- "protocol" : "openid-connect",
- "protocolMapper" : "oidc-allowed-origins-mapper",
+ "id" : "e80cfa11-e49b-46e5-a61d-633cc0e27e07",
+ "name" : "role list",
+ "protocol" : "saml",
+ "protocolMapper" : "saml-role-list-mapper",
"consentRequired" : false,
- "config" : { }
+ "config" : {
+ "single" : "false",
+ "attribute.nameformat" : "Basic",
+ "attribute.name" : "Role"
+ }
} ]
} ],
- "defaultDefaultClientScopes" : [ "role_list", "profile", "email", "roles", "web-origins" ],
+ "defaultDefaultClientScopes" : [ "role_list", "profile", "email", "roles", "web-origins", "acr" ],
"defaultOptionalClientScopes" : [ "offline_access", "address", "phone", "microprofile-jwt" ],
"browserSecurityHeaders" : {
"contentSecurityPolicyReportOnly" : "",
"xContentTypeOptions" : "nosniff",
"xRobotsTag" : "none",
"xFrameOptions" : "SAMEORIGIN",
- "xXSSProtection" : "1; mode=block",
"contentSecurityPolicy" : "frame-src 'self'; frame-ancestors 'self'; object-src 'none';",
+ "xXSSProtection" : "1; mode=block",
"strictTransportSecurity" : "max-age=31536000; includeSubDomains"
},
"smtpServer" : { },
@@ -1054,106 +1213,121 @@
"enabledEventTypes" : [ ],
"adminEventsEnabled" : false,
"adminEventsDetailsEnabled" : false,
+ "identityProviders" : [ ],
+ "identityProviderMappers" : [ ],
"components" : {
"org.keycloak.services.clientregistration.policy.ClientRegistrationPolicy" : [ {
- "id" : "a7679218-373d-48ca-88f8-429985faeae3",
- "name" : "Allowed Protocol Mapper Types",
- "providerId" : "allowed-protocol-mappers",
+ "id" : "486bf667-5362-4333-82e8-6057d5b3c37a",
+ "name" : "Trusted Hosts",
+ "providerId" : "trusted-hosts",
"subType" : "anonymous",
"subComponents" : { },
"config" : {
- "allowed-protocol-mapper-types" : [ "oidc-full-name-mapper", "saml-user-attribute-mapper", "saml-user-property-mapper", "oidc-address-mapper", "saml-role-list-mapper", "oidc-sha256-pairwise-sub-mapper", "oidc-usermodel-attribute-mapper", "oidc-usermodel-property-mapper" ]
- }
- }, {
- "id" : "2ebf6f9f-4bfc-44b9-ad7c-282f2274d35b",
- "name" : "Allowed Client Scopes",
- "providerId" : "allowed-client-templates",
- "subType" : "authenticated",
- "subComponents" : { },
- "config" : {
- "allow-default-scopes" : [ "true" ]
+ "host-sending-registration-request-must-match" : [ "true" ],
+ "client-uris-must-match" : [ "true" ]
}
}, {
- "id" : "552093c3-0a0a-4234-ad7c-ae660f0f0db1",
- "name" : "Allowed Client Scopes",
- "providerId" : "allowed-client-templates",
+ "id" : "c4b992b7-5969-4dab-845b-87b7f876f571",
+ "name" : "Max Clients Limit",
+ "providerId" : "max-clients",
"subType" : "anonymous",
"subComponents" : { },
"config" : {
- "allow-default-scopes" : [ "true" ]
+ "max-clients" : [ "200" ]
}
}, {
- "id" : "8f27cf74-cee7-4a73-851f-982ee45157ca",
- "name" : "Trusted Hosts",
- "providerId" : "trusted-hosts",
- "subType" : "anonymous",
+ "id" : "6844e33b-6421-4633-a808-d06856bda363",
+ "name" : "Allowed Protocol Mapper Types",
+ "providerId" : "allowed-protocol-mappers",
+ "subType" : "authenticated",
"subComponents" : { },
"config" : {
- "host-sending-registration-request-must-match" : [ "true" ],
- "client-uris-must-match" : [ "true" ]
+ "allowed-protocol-mapper-types" : [ "oidc-full-name-mapper", "saml-user-property-mapper", "oidc-address-mapper", "saml-user-attribute-mapper", "oidc-usermodel-property-mapper", "oidc-sha256-pairwise-sub-mapper", "oidc-usermodel-attribute-mapper", "saml-role-list-mapper" ]
}
}, {
- "id" : "ff570525-6c96-4500-9d73-c02e708b39de",
+ "id" : "8b7dd0da-a538-49db-b120-5386fc3846cf",
"name" : "Full Scope Disabled",
"providerId" : "scope",
"subType" : "anonymous",
"subComponents" : { },
"config" : { }
}, {
- "id" : "b52284eb-123a-4718-aac9-857530a24a9b",
- "name" : "Max Clients Limit",
- "providerId" : "max-clients",
- "subType" : "anonymous",
- "subComponents" : { },
- "config" : {
- "max-clients" : [ "200" ]
- }
- }, {
- "id" : "2b8c0a6d-d5c0-4ea2-8a9c-4843d3e04ec6",
+ "id" : "d5a9a762-12a0-445f-b460-511d04e11445",
"name" : "Consent Required",
"providerId" : "consent-required",
"subType" : "anonymous",
"subComponents" : { },
"config" : { }
}, {
- "id" : "bf59de5a-2c93-43cc-a9aa-03be0129fe53",
+ "id" : "cb11bd78-941b-4596-99e5-5ce4a41d6dc1",
"name" : "Allowed Protocol Mapper Types",
"providerId" : "allowed-protocol-mappers",
- "subType" : "authenticated",
+ "subType" : "anonymous",
"subComponents" : { },
"config" : {
- "allowed-protocol-mapper-types" : [ "saml-user-attribute-mapper", "oidc-full-name-mapper", "saml-role-list-mapper", "saml-user-property-mapper", "oidc-usermodel-attribute-mapper", "oidc-address-mapper", "oidc-usermodel-property-mapper", "oidc-sha256-pairwise-sub-mapper" ]
+ "allowed-protocol-mapper-types" : [ "oidc-full-name-mapper", "saml-role-list-mapper", "saml-user-attribute-mapper", "oidc-sha256-pairwise-sub-mapper", "oidc-usermodel-property-mapper", "saml-user-property-mapper", "oidc-usermodel-attribute-mapper", "oidc-address-mapper" ]
}
- } ],
- "org.keycloak.keys.KeyProvider" : [ {
- "id" : "b3efd9cc-28b6-4404-82af-8a48a966b8ff",
- "name" : "rsa-generated",
- "providerId" : "rsa-generated",
+ }, {
+ "id" : "174400f3-6a13-4818-99a2-cf0f1a5ece0f",
+ "name" : "Allowed Client Scopes",
+ "providerId" : "allowed-client-templates",
+ "subType" : "anonymous",
"subComponents" : { },
"config" : {
- "privateKey" : [ "MIIEowIBAAKCAQEAn5T13suF8mlS+pJXp0U1bto41nW55wpcs+Rps8ZVCRyJKWqzwSCYnI7lm0rB2wBpAAO4OPoj1zlmVoFmBPsDU9Xf7rjsJb5LIzIQDCZY44aSDZt6RR+gakPiQvlzHyW/RozYpngDJF7TsTD7rdRF1xQ4RprfBF8fwK/xsU7pxbeom5xDHZhz3fiw8s+7UdbmnazDHfAjU58aUrLGgVRfUsuoHjtsptYlOIXEifaeMetXZE+HhqLYRHQPDap5fbBJl773Trosn7N9nmzN4x1xxGj9So21WC5UboQs9sAIVgizc4omjZ5Y4RN9HLH7G4YwJctNntzmnJhDui9zAO+zSQIDAQABAoIBADi+F7rTtVoft0Cfnok8o6Y58/HVxHdxiMryUd95iy0FN4RBi48FTx6D9QKFz25Ws/8sU2n3D51srIXf1u24b1N0/f39RQKaqk7mcyxOylaEuBQcj5pah4ihgKd92UBfBKdKV5LBo6RgD3e2yhbiHr8+UlBQqzH7vOef6Bm6zIbfmi3N88swAJhP0YizRZFklsbmLsK6nkwyro00CHJvPVKSBbM+ad+/zIBsLw56MvNngB5TuFguUgoljd6M1T2z4utmZGlTUqrfE1onAVLJZoGnRohyIr7dJEg6YxWR70PxsgmkDKyeRvet9P1trO0n+OSprusfrC3cHJStabap1V0CgYEA1A/CtsqTnjdYYsB19eumZgdpzUgNc/YEAzZ/OWb8yTLoB2ncci+63A1rXHUXAqJFY7vtjn5mxv7SuASNbUrzq+6KfZvC1x9XEtnczqT/ypunNfxmIZuj8Nuu6vtURguZ8kPPwdkI8toTizRFeRE5ZDBvoQryiEVYugfHaHT5vzsCgYEAwKWODwquI0Lv9BuwdNVrBXQpkKh3ZfYOA7i9xvhxlM7xUu8OMCwwCPn3r7vrW5APjTqX4h330mJ44SLEs+7gbCUs4BbJBLA6g0ChlHa9PTkxp6tk2nDF/B34fxiZSRkE85L+d+at0Dc3hnlzLCJCzJawGpoPniPU9e4w0p4dN0sCgYAsGnMGjS8SUrRhJWHjGXVr9tK8TOXvXhULjgP7rj2Yoqu7Dvs4DFEyft/7RKbad2EzEtyfLA64CDtO5jN7rYDsGxpWcVSeZPg5BXJ0z8AbJTArfCjJiJMZ/rZsTIUEZFlKF2xYBolj6JLz+pUQTtK+0YwF1D8ItFN1rTR9twZSDQKBgQC6sPXNX+VH6LuPTjIf1x8CxwLs3EXxOpV0R9kp9GRl+HJnk6GlT30xhcThufQo5KAdllXQXIhoiuNoEoCbevhj9Vbax1oBQCNERSMRNEzKAx46xd9TzYwgeo7x5E3QR/3DaoVOfu+cY5ZcrF/PulgP2kxJS1mtQD5GIpGP2oinpwKBgGqiqTFPqRcelx76vBvTU+Jp1zM62T4AotbMrSQR/oUvqHe5Ytj/SbZx+wbbHAiyGgV700Mosyviik83YEAbR3kdOPjgYvAJJW2Y3jEMdQ7MwriXz8XLh5BGmYfVjkSOJXed9ua9WlYLKOJeXXv191BbDvrx5NXuJyVVU4vJx3YZ" ],
- "certificate" : [ "MIICnTCCAYUCBgFp4EYIrjANBgkqhkiG9w0BAQsFADASMRAwDgYDVQQDDAdwcm90ZWFuMB4XDTE5MDQwMjIyNTYxOVoXDTI5MDQwMjIyNTc1OVowEjEQMA4GA1UEAwwHcHJvdGVhbjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJ+U9d7LhfJpUvqSV6dFNW7aONZ1uecKXLPkabPGVQkciSlqs8EgmJyO5ZtKwdsAaQADuDj6I9c5ZlaBZgT7A1PV3+647CW+SyMyEAwmWOOGkg2bekUfoGpD4kL5cx8lv0aM2KZ4AyRe07Ew+63URdcUOEaa3wRfH8Cv8bFO6cW3qJucQx2Yc934sPLPu1HW5p2swx3wI1OfGlKyxoFUX1LLqB47bKbWJTiFxIn2njHrV2RPh4ai2ER0Dw2qeX2wSZe+9066LJ+zfZ5szeMdccRo/UqNtVguVG6ELPbACFYIs3OKJo2eWOETfRyx+xuGMCXLTZ7c5pyYQ7ovcwDvs0kCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAVtmRKDb4OK5iSA46tagMBkp6L7WuPpCWuHGWwobEP+BecYsShW7zP3s12oA8SNSwbhvu0CRqgzxhuypgf3hKQFVU153Erv4hzkj+8S0s5LR/ZE7tDNY2lzJ3yQKXy3Md7EkuzzvOZ50MTrcSKAanWq/ZW1OTnrtGymj5zGJnTg7mMnJzEIGePxkvPu/QdchiPBLqxfZYm1jsFGY25djOC3N/KmVcRVmPRGuu6D8tBFHlKoPfZYPdbMvsvs24aupHKRcZ+ofTCpK+2Qo8c0pSSqeEYHGmuGqC6lC6ozxtxSABPO9Q1R1tZBU7Kg5HvXUwwmoVS3EGub46YbHqbmWMLg==" ],
- "priority" : [ "100" ]
+ "allow-default-scopes" : [ "true" ]
}
}, {
- "id" : "20460ca5-ec24-4a9b-839a-457743d3f841",
+ "id" : "d4455215-c88c-47a5-8527-9c21fef02a98",
+ "name" : "Allowed Client Scopes",
+ "providerId" : "allowed-client-templates",
+ "subType" : "authenticated",
+ "subComponents" : { },
+ "config" : {
+ "allow-default-scopes" : [ "true" ]
+ }
+ } ],
+ "org.keycloak.keys.KeyProvider" : [ {
+ "id" : "620e8030-7114-450c-b188-f2307fa9eaac",
"name" : "hmac-generated",
"providerId" : "hmac-generated",
"subComponents" : { },
"config" : {
- "kid" : [ "96afd00e-85cf-4d35-b18e-061d3813d8b2" ],
- "secret" : [ "qBFGKdUGf6xDgKphnRfoFzIzaFHJW4bYnZ9MinPFzN38X5_ctq-2u1q5RdZzeJukXvk2biHB8_s3DxWmmLZFsA" ],
+ "kid" : [ "6b97cca4-f3d2-41f6-a225-ba846090df11" ],
+ "secret" : [ "7cJw81x86C-kGsDRw3mJzd_M6pPO3fecUlXlL1TYRUlUR7lK6hngmkxK05LiG6swheQIZYs6UkTM1nLORncEJA" ],
"priority" : [ "100" ],
"algorithm" : [ "HS256" ]
}
}, {
- "id" : "4f02d984-7a23-4ce1-8591-848a71390efe",
+ "id" : "e4432af5-5db8-4e30-8a0d-150a5ed675b5",
+ "name" : "rsa-enc-generated",
+ "providerId" : "rsa-enc-generated",
+ "subComponents" : { },
+ "config" : {
+ "privateKey" : [ "MIIEowIBAAKCAQEAwVW0ULkeQ4JidUfS6+AWndVr9YqFd5zIO8iM0UXfyOesPfvwccmdJdSVTtEJTe99TujfUARRRdl3uIXr+q0E+mQyVWf0v+nzFfcQpVYq29XtfwXQK0JzvGUbWki+JnCcvXvSRnc/fjLy20psaupBT6YxYyIcvHi1JCaA7dk5iyi6FPLFkJrF0i605z+PfeWfdm07uZl4ZZ9D/+dKM4V7dnYwg8kB3x32rcIevujGs621a5ZYyl8QzJM9LMyehe3t3whNX/86vJxpg63YZyk7uhZRBvSXHZWru6Je+PEN+9rq5GYPZjg1GhCf9ty5YQ1rihAKInE1hmGIkPSUqAfXbQIDAQABAoIBABWmzvxRVwHResxOoGD5Jh9D9QS5ICxemxAS7C5NqHu78k64xdtAbIB9l8ENaQDY5swtCUFRUnbDnYRFP0HCGbIfAYIOE9tgTHBzzGHvzfnzsdbNZFxL42FAY3lPdzgf2XXhBZINrcco1ojXg1/P30OXxaUn/1beH88uHrdEYgzi719VRuoB73gyIF9P7jrl1n8UTE6wlPAOi5ZD2ERRM2bs2AW2v+dNB38CmhkWqpvjWkEEQl7JSaFDxm9mkdUopL2CPKTOM6YW3k/IVU9nMuRy1/xKDZyPO1AvNqzfMqTqDRVphAJRL+EIY6NAa6uv32g0AT1zCc3FrOuoDRvhOwMCgYEA6GkNOtu8+qqnTUdgBWUnmbcpTgw0g7tBjEzZcI4KpZfXt8IdnNBnuOtI7/Gv3fhSP9yyp60Kzl/M+JwzxbDYNuQZh9ETMFOUrdtdcyIftanttf/HhXv8yA15My3gZXSo4Zk5R15KfEAUPQyYbIY3QZkl/f3koenl2kc6/5Ncps8CgYEA1PVQNoOoAoEG7D1PU91W9NnMby+xCp4SUejS2ZajveKoEMKwYOM4Gw2Mczql+KKYDs6UU7ACrbsMSC+qgWX1b+PTXkuXkEBOt4BjnHDzVHEHZwAPKbY3dQttqZEQgDQEkhNvANseY9MNipGH2PsC+yWwvfGmXIIClsjuselIrQMCgYA0PHhWxFDDXlvgCKzSSZwO9pX4DtI20X24FQXCQIqwEWLQ0HZraoQFkgyAsae/kjKaW/ZjrYcCP5IIRsN0KX1PSRFb72gKsp52PRnR6NeLszfUcjrcC7QTGsQk9qi65O+YVSIEonLHXneuCQixS7FbsxpQ7iHXKoUY/G2MSAjJDQKBgHCHJ9mGfBLGpyfRxcck4DwFklb2NnDL0hZiFnhPdzpxOCmTFqw7pHv3Ds4coXLeR8cbNZl7Gg8/FWBXf5tcivKSyi+7dd0NfgrM1tXlgU6PYz/z8g8yb99zKIE/XB7CXd/qUO982XQaI7+i4suu54ZaBih4NlYPhNq0VhzAjlyNAoGBAKb3SZqb3wHSE+cR8fDP8hs3v7HPhPbPIpdFyzV3RKvW+3cLtSABImwcxPbk/P0CoFWkIq9kxYOVLSJNFA5ptWuG49kTpJFaYiPDu3UHOKGl2tmPLjOLp6aBVvnQb+1rfLYtNxyK8tneBaG0lSoamqoGgXuhiEeoCjgVxkSUA9dd" ],
+ "keyUse" : [ "ENC" ],
+ "certificate" : [ "MIICnTCCAYUCBgGCxUsqLDANBgkqhkiG9w0BAQsFADASMRAwDgYDVQQDDAdxdWFya3VzMB4XDTIyMDgyMjExMjE1M1oXDTMyMDgyMjExMjMzM1owEjEQMA4GA1UEAwwHcXVhcmt1czCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMFVtFC5HkOCYnVH0uvgFp3Va/WKhXecyDvIjNFF38jnrD378HHJnSXUlU7RCU3vfU7o31AEUUXZd7iF6/qtBPpkMlVn9L/p8xX3EKVWKtvV7X8F0CtCc7xlG1pIviZwnL170kZ3P34y8ttKbGrqQU+mMWMiHLx4tSQmgO3ZOYsouhTyxZCaxdIutOc/j33ln3ZtO7mZeGWfQ//nSjOFe3Z2MIPJAd8d9q3CHr7oxrOttWuWWMpfEMyTPSzMnoXt7d8ITV//OrycaYOt2GcpO7oWUQb0lx2Vq7uiXvjxDfva6uRmD2Y4NRoQn/bcuWENa4oQCiJxNYZhiJD0lKgH120CAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAUPXLzC6jIMVNboJeMo5THOLKqAIihwyfyESQWduZeiuSbX7fFxGRBM6oLNOnAbd08yuQnBlyNcfvTTN5vTc9LADy0bn9ukS4ZPwTNOSXWa6FcopzoKALwlVAY3JzGxoFOHK9bImlUNAbpel1xkJt0z+/yGdUWvYsRYRhLuMidb34Spi8Kt5gbbY+EQcgkHK99GNamSOqrUR1pEKOWCpncFUqXhSSSOzZlv+pbXUwEbQwUYVhS1n8kRfzkXMjuN+Ke++YFOfB314MT0pSgCtSDEboOrXIAm4HmPMyek7YZdrQqGAIWEYUafx132D954JNytzQEElKeyvbmdQJWapoWA==" ],
+ "priority" : [ "100" ],
+ "algorithm" : [ "RSA-OAEP" ]
+ }
+ }, {
+ "id" : "fdb97a8d-439a-4ead-adf9-a80696fbceab",
"name" : "aes-generated",
"providerId" : "aes-generated",
"subComponents" : { },
"config" : {
- "kid" : [ "b04473d3-8395-4016-b455-19a9e951106b" ],
- "secret" : [ "x68mMOVdz3qKWzltzReV0g" ],
+ "kid" : [ "15eca0bc-c3dd-48b9-a184-374691b3f1b2" ],
+ "secret" : [ "qQMFjvi_x6lbFNJBiyJV6Q" ],
+ "priority" : [ "100" ]
+ }
+ }, {
+ "id" : "b6090ad3-b34f-4bc9-b331-ca0e734bfc09",
+ "name" : "rsa-generated",
+ "providerId" : "rsa-generated",
+ "subComponents" : { },
+ "config" : {
+ "privateKey" : [ "MIIEpQIBAAKCAQEApBKpDmj7d6UubF1b1NUnrRYKKDaJQDitv/7cGP2Erq7apdDdT2qdtRAhyAgBlNHT8mOL3fR0NM5/s+TNE7jtD07pSffcWpsyemILvoxfNxlqHVRjzbkW6qsrwjoVcAjVuKTdfZu3Egpcn53piiRbbOjcACuTQ4MN6B51s7indLWEjDMXMXcA4QsGoOr8Gcsj1azucz+JXrettgKlwmmjf4ciiSm+zvYtcXzj1TlM9tKji9G1vxRgc8vFVj7wgqtr0XU3sEQtHJsKuxQpmzOW7kfwD9+tOQdQs+zG3YAftsdM5xdCG2d98dxTMFekH+zyCTphjqw9nBJyZxgpNPQQNQIDAQABAoIBAALaE5x4y9GbJbMj7W2PDu7rjAI4pQYXUYuLXRiX0crfggu2FWdE1tzsQW6iqY/NgnS/1aNmTBSCU4HsH1WRSHRv8vxrlaXMYxSDyFbDRdxp49FwaBOyfMRYBwr5gleZCyTTVoCIJBR7VsTQoiUjIKTWjQxnIzYnM5SuJ24qShNsXk3FsqD3xGMAy5yEaezk/PwqnCI2x6n1rY+6nUGcjMgrBiAd1PloiNVUGPkfOS4A765/1SStivlD0sLZf4Hx385JUwNpXlo3B+NxYYig2nvjg99wCJL8rv/bzNMxtSPSakRRmchAjI5Ibl8Bu+Q7P6GSbaVIyQtd01skzlNW7sECgYEA1GzWQCCrUKb6cld3UrzMGafjfyZBgaavR+Mv26RW/5f/G9cCkpqreTUurS4XhPmmQ+VLge6eVqzRv4Ym0P+gOpmhtjyVRswckrHfXlyAsxDDEVWCqd+55TVaP58xXfwDmvM2cNX3VV8GBWz3CpxRjg39POqS9V5XYENckZcv+20CgYEAxbqu33St+fU5aAJNjPIj7DDU3FWl1boK8f71oERSDeFIVFMiPYTKnh1Gso7yAaEi4JR2W+Tq+e3Fr9CMtcHJPeUxR3+rKhV/FnXygPQQxSKblttjPRmU4x8r1VrCxV3j6G3niWP9v+tJmp5vCZDmGJvPtvkUElX/rQzGHQJa4ukCgYEAp6ZaFXRzII0YPeOwBbmBb4IkNvZvXq65yYeQ/s0d6E0ChutTWXb+fAOwGfe1kjohsZYm2J4FkyyDwZ9TxUDqKTWU/imkOqLerhv5yRRCcpB5E5YkMIOkyDQqTOoL4TwDcGghAD6uHE+JhgCwnEwwxWdfBJOxdjuFxDCFv1XOBaUCgYEAk9YIebpbedAHo+RU51UD1syL2lGPNEVteZIPREzQrOALnECsESL/+0gYW9jUyLMZyKA3/m0h4swMSm+7RQom1MhQGA00hLqd0sVNE21oPHyrqBdQE5bU4xujQloh1j9k75t8yhSg3KWm2pwqmRRldXDJ1RxWDX+PMmuilH32RkECgYEAuf1N0W7MKWNbnM/0elcdm+IIYI0kg4qRUKNyLg2vrmOTxwGTFzh1qeJK5x8vUMonnLW5vP7wIX7cTrgh79fz+W7gxXoNeuljnoZiFdk1Qu4qLFFk+c7MOGTDZZiKXTdYSgGutWptcGtgYli+x7TetFXVOxS3ppszgGdZ61onCSI=" ],
+ "keyUse" : [ "SIG" ],
+ "certificate" : [ "MIICnTCCAYUCBgGCxUspezANBgkqhkiG9w0BAQsFADASMRAwDgYDVQQDDAdxdWFya3VzMB4XDTIyMDgyMjExMjE1M1oXDTMyMDgyMjExMjMzM1owEjEQMA4GA1UEAwwHcXVhcmt1czCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKQSqQ5o+3elLmxdW9TVJ60WCig2iUA4rb/+3Bj9hK6u2qXQ3U9qnbUQIcgIAZTR0/Jji930dDTOf7PkzRO47Q9O6Un33FqbMnpiC76MXzcZah1UY825FuqrK8I6FXAI1bik3X2btxIKXJ+d6YokW2zo3AArk0ODDegedbO4p3S1hIwzFzF3AOELBqDq/BnLI9Ws7nM/iV63rbYCpcJpo3+HIokpvs72LXF849U5TPbSo4vRtb8UYHPLxVY+8IKra9F1N7BELRybCrsUKZszlu5H8A/frTkHULPsxt2AH7bHTOcXQhtnffHcUzBXpB/s8gk6YY6sPZwScmcYKTT0EDUCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAiscT2FdZOg4rWVvL2IuDsDI6hzLJaoImDKfzSD00eY9SbqxjjUpVJlXkj+KUkJtgk+wh01gSY5s0ePW/S54T5kSAL8GNbfnRr/d6X7TmfQPgZ/+BvVwjdl5PKMtN4ISoLZqdMqjCXEXsYgrd3t+2TUfXD66DoUMRUqaQ8mqsfa1kpZOgXaJKZveiOPer4Y/SsJmp2p7CKoaSCRFMEjv2N98PiYx3TQxWtNx8BOs/3NKmIQiW5IM7PfSTV3Zxutd+LQkii0xLh5heOHHi7WP166n5Mq31OBRcm/u6k9GdPAMxPXh0JGqzKrRZPiXw3Mip9v4VXyQvo9xjrtIThQn5uQ==" ],
"priority" : [ "100" ]
}
} ]
@@ -1161,7 +1335,124 @@
"internationalizationEnabled" : false,
"supportedLocales" : [ ],
"authenticationFlows" : [ {
- "id" : "d6c3e282-a738-4b8b-98c2-378b9faf8344",
+ "id" : "aa90914c-d3f2-41b7-a3db-31bf9d56f159",
+ "alias" : "Account verification options",
+ "description" : "Method with which to verity the existing account",
+ "providerId" : "basic-flow",
+ "topLevel" : false,
+ "builtIn" : true,
+ "authenticationExecutions" : [ {
+ "authenticator" : "idp-email-verification",
+ "authenticatorFlow" : false,
+ "requirement" : "ALTERNATIVE",
+ "priority" : 10,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticatorFlow" : true,
+ "requirement" : "ALTERNATIVE",
+ "priority" : 20,
+ "autheticatorFlow" : true,
+ "flowAlias" : "Verify Existing Account by Re-authentication",
+ "userSetupAllowed" : false
+ } ]
+ }, {
+ "id" : "8f9aca4e-1af0-4d3a-acc0-3dea78658f3f",
+ "alias" : "Authentication Options",
+ "description" : "Authentication options.",
+ "providerId" : "basic-flow",
+ "topLevel" : false,
+ "builtIn" : true,
+ "authenticationExecutions" : [ {
+ "authenticator" : "basic-auth",
+ "authenticatorFlow" : false,
+ "requirement" : "REQUIRED",
+ "priority" : 10,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticator" : "basic-auth-otp",
+ "authenticatorFlow" : false,
+ "requirement" : "DISABLED",
+ "priority" : 20,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticator" : "auth-spnego",
+ "authenticatorFlow" : false,
+ "requirement" : "DISABLED",
+ "priority" : 30,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ } ]
+ }, {
+ "id" : "2f6b23b9-2c59-4b65-ab00-2789b296f300",
+ "alias" : "Browser - Conditional OTP",
+ "description" : "Flow to determine if the OTP is required for the authentication",
+ "providerId" : "basic-flow",
+ "topLevel" : false,
+ "builtIn" : true,
+ "authenticationExecutions" : [ {
+ "authenticator" : "conditional-user-configured",
+ "authenticatorFlow" : false,
+ "requirement" : "REQUIRED",
+ "priority" : 10,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticator" : "auth-otp-form",
+ "authenticatorFlow" : false,
+ "requirement" : "REQUIRED",
+ "priority" : 20,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ } ]
+ }, {
+ "id" : "e53b15a7-5bf9-4064-8db6-8a82e8320f47",
+ "alias" : "Direct Grant - Conditional OTP",
+ "description" : "Flow to determine if the OTP is required for the authentication",
+ "providerId" : "basic-flow",
+ "topLevel" : false,
+ "builtIn" : true,
+ "authenticationExecutions" : [ {
+ "authenticator" : "conditional-user-configured",
+ "authenticatorFlow" : false,
+ "requirement" : "REQUIRED",
+ "priority" : 10,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticator" : "direct-grant-validate-otp",
+ "authenticatorFlow" : false,
+ "requirement" : "REQUIRED",
+ "priority" : 20,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ } ]
+ }, {
+ "id" : "898b7008-e384-4df8-bca4-add09c5551d3",
+ "alias" : "First broker login - Conditional OTP",
+ "description" : "Flow to determine if the OTP is required for the authentication",
+ "providerId" : "basic-flow",
+ "topLevel" : false,
+ "builtIn" : true,
+ "authenticationExecutions" : [ {
+ "authenticator" : "conditional-user-configured",
+ "authenticatorFlow" : false,
+ "requirement" : "REQUIRED",
+ "priority" : 10,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticator" : "auth-otp-form",
+ "authenticatorFlow" : false,
+ "requirement" : "REQUIRED",
+ "priority" : 20,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ } ]
+ }, {
+ "id" : "31fb288c-b29e-4370-93cf-ae6eca103063",
"alias" : "Handle Existing Account",
"description" : "Handle what to do if there is existing account with same email/username like authenticated identity provider",
"providerId" : "basic-flow",
@@ -1169,25 +1460,66 @@
"builtIn" : true,
"authenticationExecutions" : [ {
"authenticator" : "idp-confirm-link",
+ "authenticatorFlow" : false,
"requirement" : "REQUIRED",
"priority" : 10,
- "userSetupAllowed" : false,
- "autheticatorFlow" : false
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
}, {
- "authenticator" : "idp-email-verification",
- "requirement" : "ALTERNATIVE",
+ "authenticatorFlow" : true,
+ "requirement" : "REQUIRED",
+ "priority" : 20,
+ "autheticatorFlow" : true,
+ "flowAlias" : "Account verification options",
+ "userSetupAllowed" : false
+ } ]
+ }, {
+ "id" : "0fc26a54-e662-4bfc-8bad-b16e4f9702a3",
+ "alias" : "Reset - Conditional OTP",
+ "description" : "Flow to determine if the OTP should be reset or not. Set to REQUIRED to force.",
+ "providerId" : "basic-flow",
+ "topLevel" : false,
+ "builtIn" : true,
+ "authenticationExecutions" : [ {
+ "authenticator" : "conditional-user-configured",
+ "authenticatorFlow" : false,
+ "requirement" : "REQUIRED",
+ "priority" : 10,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticator" : "reset-otp",
+ "authenticatorFlow" : false,
+ "requirement" : "REQUIRED",
"priority" : 20,
- "userSetupAllowed" : false,
- "autheticatorFlow" : false
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ } ]
+ }, {
+ "id" : "fed7521d-4732-4959-84f8-cff994343b90",
+ "alias" : "User creation or linking",
+ "description" : "Flow for the existing/non-existing user alternatives",
+ "providerId" : "basic-flow",
+ "topLevel" : false,
+ "builtIn" : true,
+ "authenticationExecutions" : [ {
+ "authenticatorConfig" : "create unique user config",
+ "authenticator" : "idp-create-user-if-unique",
+ "authenticatorFlow" : false,
+ "requirement" : "ALTERNATIVE",
+ "priority" : 10,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
}, {
+ "authenticatorFlow" : true,
"requirement" : "ALTERNATIVE",
- "priority" : 30,
- "flowAlias" : "Verify Existing Account by Re-authentication",
- "userSetupAllowed" : false,
- "autheticatorFlow" : true
+ "priority" : 20,
+ "autheticatorFlow" : true,
+ "flowAlias" : "Handle Existing Account",
+ "userSetupAllowed" : false
} ]
}, {
- "id" : "4855860b-4009-4f1b-ba6b-60581618ea62",
+ "id" : "e7013c43-177c-48ce-bcc8-b1d3e6f57280",
"alias" : "Verify Existing Account by Re-authentication",
"description" : "Reauthentication of existing account",
"providerId" : "basic-flow",
@@ -1195,19 +1527,21 @@
"builtIn" : true,
"authenticationExecutions" : [ {
"authenticator" : "idp-username-password-form",
+ "authenticatorFlow" : false,
"requirement" : "REQUIRED",
"priority" : 10,
- "userSetupAllowed" : false,
- "autheticatorFlow" : false
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
}, {
- "authenticator" : "auth-otp-form",
- "requirement" : "OPTIONAL",
+ "authenticatorFlow" : true,
+ "requirement" : "CONDITIONAL",
"priority" : 20,
- "userSetupAllowed" : false,
- "autheticatorFlow" : false
+ "autheticatorFlow" : true,
+ "flowAlias" : "First broker login - Conditional OTP",
+ "userSetupAllowed" : false
} ]
}, {
- "id" : "8a9872b0-65f1-47ff-9565-fa826ac64cd4",
+ "id" : "497b288a-1cf1-4974-bbed-747b0ee5c1f8",
"alias" : "browser",
"description" : "browser based authentication",
"providerId" : "basic-flow",
@@ -1215,31 +1549,35 @@
"builtIn" : true,
"authenticationExecutions" : [ {
"authenticator" : "auth-cookie",
+ "authenticatorFlow" : false,
"requirement" : "ALTERNATIVE",
"priority" : 10,
- "userSetupAllowed" : false,
- "autheticatorFlow" : false
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
}, {
"authenticator" : "auth-spnego",
+ "authenticatorFlow" : false,
"requirement" : "DISABLED",
"priority" : 20,
- "userSetupAllowed" : false,
- "autheticatorFlow" : false
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
}, {
"authenticator" : "identity-provider-redirector",
+ "authenticatorFlow" : false,
"requirement" : "ALTERNATIVE",
"priority" : 25,
- "userSetupAllowed" : false,
- "autheticatorFlow" : false
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
}, {
+ "authenticatorFlow" : true,
"requirement" : "ALTERNATIVE",
"priority" : 30,
+ "autheticatorFlow" : true,
"flowAlias" : "forms",
- "userSetupAllowed" : false,
- "autheticatorFlow" : true
+ "userSetupAllowed" : false
} ]
}, {
- "id" : "51b8ed14-62b6-49b3-b602-0b51508349e0",
+ "id" : "27505ab1-6d4c-43a0-aede-d21ea45cb785",
"alias" : "clients",
"description" : "Base authentication for clients",
"providerId" : "client-flow",
@@ -1247,31 +1585,35 @@
"builtIn" : true,
"authenticationExecutions" : [ {
"authenticator" : "client-secret",
+ "authenticatorFlow" : false,
"requirement" : "ALTERNATIVE",
"priority" : 10,
- "userSetupAllowed" : false,
- "autheticatorFlow" : false
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
}, {
"authenticator" : "client-jwt",
+ "authenticatorFlow" : false,
"requirement" : "ALTERNATIVE",
"priority" : 20,
- "userSetupAllowed" : false,
- "autheticatorFlow" : false
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
}, {
"authenticator" : "client-secret-jwt",
+ "authenticatorFlow" : false,
"requirement" : "ALTERNATIVE",
"priority" : 30,
- "userSetupAllowed" : false,
- "autheticatorFlow" : false
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
}, {
"authenticator" : "client-x509",
+ "authenticatorFlow" : false,
"requirement" : "ALTERNATIVE",
"priority" : 40,
- "userSetupAllowed" : false,
- "autheticatorFlow" : false
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
} ]
}, {
- "id" : "9b65133a-ee71-494a-a659-6804513fc30b",
+ "id" : "6bfb83ac-b5de-47f9-bc4f-9f27b44d05fb",
"alias" : "direct grant",
"description" : "OpenID Connect Resource Owner Grant",
"providerId" : "basic-flow",
@@ -1279,25 +1621,28 @@
"builtIn" : true,
"authenticationExecutions" : [ {
"authenticator" : "direct-grant-validate-username",
+ "authenticatorFlow" : false,
"requirement" : "REQUIRED",
"priority" : 10,
- "userSetupAllowed" : false,
- "autheticatorFlow" : false
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
}, {
"authenticator" : "direct-grant-validate-password",
+ "authenticatorFlow" : false,
"requirement" : "REQUIRED",
"priority" : 20,
- "userSetupAllowed" : false,
- "autheticatorFlow" : false
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
}, {
- "authenticator" : "direct-grant-validate-otp",
- "requirement" : "OPTIONAL",
+ "authenticatorFlow" : true,
+ "requirement" : "CONDITIONAL",
"priority" : 30,
- "userSetupAllowed" : false,
- "autheticatorFlow" : false
+ "autheticatorFlow" : true,
+ "flowAlias" : "Direct Grant - Conditional OTP",
+ "userSetupAllowed" : false
} ]
}, {
- "id" : "f62bc4ad-25ac-4f83-963b-32820af3a683",
+ "id" : "228dbd4d-831b-486e-900b-294b9b82766c",
"alias" : "docker auth",
"description" : "Used by Docker clients to authenticate against the IDP",
"providerId" : "basic-flow",
@@ -1305,13 +1650,14 @@
"builtIn" : true,
"authenticationExecutions" : [ {
"authenticator" : "docker-http-basic-authenticator",
+ "authenticatorFlow" : false,
"requirement" : "REQUIRED",
"priority" : 10,
- "userSetupAllowed" : false,
- "autheticatorFlow" : false
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
} ]
}, {
- "id" : "1b423fe7-f312-404c-903b-f1260a77259b",
+ "id" : "f4eab5c7-a717-4646-9b3d-751e72ebbea6",
"alias" : "first broker login",
"description" : "Actions taken after first broker login with identity provider account, which is not yet linked to any Keycloak account",
"providerId" : "basic-flow",
@@ -1320,26 +1666,21 @@
"authenticationExecutions" : [ {
"authenticatorConfig" : "review profile config",
"authenticator" : "idp-review-profile",
+ "authenticatorFlow" : false,
"requirement" : "REQUIRED",
"priority" : 10,
- "userSetupAllowed" : false,
- "autheticatorFlow" : false
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
}, {
- "authenticatorConfig" : "create unique user config",
- "authenticator" : "idp-create-user-if-unique",
- "requirement" : "ALTERNATIVE",
+ "authenticatorFlow" : true,
+ "requirement" : "REQUIRED",
"priority" : 20,
- "userSetupAllowed" : false,
- "autheticatorFlow" : false
- }, {
- "requirement" : "ALTERNATIVE",
- "priority" : 30,
- "flowAlias" : "Handle Existing Account",
- "userSetupAllowed" : false,
- "autheticatorFlow" : true
+ "autheticatorFlow" : true,
+ "flowAlias" : "User creation or linking",
+ "userSetupAllowed" : false
} ]
}, {
- "id" : "9c9530b3-e3c6-481b-99e8-1461a9752e8e",
+ "id" : "e63a23e9-60f0-4d94-8481-3a3355d36ac3",
"alias" : "forms",
"description" : "Username, password, otp and other auth forms.",
"providerId" : "basic-flow",
@@ -1347,19 +1688,21 @@
"builtIn" : true,
"authenticationExecutions" : [ {
"authenticator" : "auth-username-password-form",
+ "authenticatorFlow" : false,
"requirement" : "REQUIRED",
"priority" : 10,
- "userSetupAllowed" : false,
- "autheticatorFlow" : false
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
}, {
- "authenticator" : "auth-otp-form",
- "requirement" : "OPTIONAL",
+ "authenticatorFlow" : true,
+ "requirement" : "CONDITIONAL",
"priority" : 20,
- "userSetupAllowed" : false,
- "autheticatorFlow" : false
+ "autheticatorFlow" : true,
+ "flowAlias" : "Browser - Conditional OTP",
+ "userSetupAllowed" : false
} ]
}, {
- "id" : "70fb94ac-354c-4629-a5fe-5135d0137964",
+ "id" : "0e1f6a40-583d-4db5-8516-bf1f7b2f1656",
"alias" : "http challenge",
"description" : "An authentication flow based on challenge-response HTTP Authentication Schemes",
"providerId" : "basic-flow",
@@ -1367,31 +1710,21 @@
"builtIn" : true,
"authenticationExecutions" : [ {
"authenticator" : "no-cookie-redirect",
+ "authenticatorFlow" : false,
"requirement" : "REQUIRED",
"priority" : 10,
- "userSetupAllowed" : false,
- "autheticatorFlow" : false
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
}, {
- "authenticator" : "basic-auth",
+ "authenticatorFlow" : true,
"requirement" : "REQUIRED",
"priority" : 20,
- "userSetupAllowed" : false,
- "autheticatorFlow" : false
- }, {
- "authenticator" : "basic-auth-otp",
- "requirement" : "DISABLED",
- "priority" : 30,
- "userSetupAllowed" : false,
- "autheticatorFlow" : false
- }, {
- "authenticator" : "auth-spnego",
- "requirement" : "DISABLED",
- "priority" : 40,
- "userSetupAllowed" : false,
- "autheticatorFlow" : false
+ "autheticatorFlow" : true,
+ "flowAlias" : "Authentication Options",
+ "userSetupAllowed" : false
} ]
}, {
- "id" : "08292a4a-6722-4e33-a5d9-354c2628f567",
+ "id" : "5380b8c5-e19f-4cca-9c66-383f05385136",
"alias" : "registration",
"description" : "registration flow",
"providerId" : "basic-flow",
@@ -1399,14 +1732,15 @@
"builtIn" : true,
"authenticationExecutions" : [ {
"authenticator" : "registration-page-form",
+ "authenticatorFlow" : true,
"requirement" : "REQUIRED",
"priority" : 10,
+ "autheticatorFlow" : true,
"flowAlias" : "registration form",
- "userSetupAllowed" : false,
- "autheticatorFlow" : true
+ "userSetupAllowed" : false
} ]
}, {
- "id" : "668dc4b6-fe1a-4d24-ab5b-bc76e20ac390",
+ "id" : "1a7bcec3-694c-4934-b164-09754f9eb926",
"alias" : "registration form",
"description" : "registration form",
"providerId" : "form-flow",
@@ -1414,31 +1748,35 @@
"builtIn" : true,
"authenticationExecutions" : [ {
"authenticator" : "registration-user-creation",
+ "authenticatorFlow" : false,
"requirement" : "REQUIRED",
"priority" : 20,
- "userSetupAllowed" : false,
- "autheticatorFlow" : false
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
}, {
"authenticator" : "registration-profile-action",
+ "authenticatorFlow" : false,
"requirement" : "REQUIRED",
"priority" : 40,
- "userSetupAllowed" : false,
- "autheticatorFlow" : false
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
}, {
"authenticator" : "registration-password-action",
+ "authenticatorFlow" : false,
"requirement" : "REQUIRED",
"priority" : 50,
- "userSetupAllowed" : false,
- "autheticatorFlow" : false
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
}, {
"authenticator" : "registration-recaptcha-action",
+ "authenticatorFlow" : false,
"requirement" : "DISABLED",
"priority" : 60,
- "userSetupAllowed" : false,
- "autheticatorFlow" : false
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
} ]
}, {
- "id" : "a0e191f0-ce9a-4a75-b6e4-97332b05f7e5",
+ "id" : "57b0d393-33ff-46cc-bba0-ea476ce09b36",
"alias" : "reset credentials",
"description" : "Reset credentials for a user if they forgot their password or something",
"providerId" : "basic-flow",
@@ -1446,31 +1784,35 @@
"builtIn" : true,
"authenticationExecutions" : [ {
"authenticator" : "reset-credentials-choose-user",
+ "authenticatorFlow" : false,
"requirement" : "REQUIRED",
"priority" : 10,
- "userSetupAllowed" : false,
- "autheticatorFlow" : false
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
}, {
"authenticator" : "reset-credential-email",
+ "authenticatorFlow" : false,
"requirement" : "REQUIRED",
"priority" : 20,
- "userSetupAllowed" : false,
- "autheticatorFlow" : false
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
}, {
"authenticator" : "reset-password",
+ "authenticatorFlow" : false,
"requirement" : "REQUIRED",
"priority" : 30,
- "userSetupAllowed" : false,
- "autheticatorFlow" : false
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
}, {
- "authenticator" : "reset-otp",
- "requirement" : "OPTIONAL",
+ "authenticatorFlow" : true,
+ "requirement" : "CONDITIONAL",
"priority" : 40,
- "userSetupAllowed" : false,
- "autheticatorFlow" : false
+ "autheticatorFlow" : true,
+ "flowAlias" : "Reset - Conditional OTP",
+ "userSetupAllowed" : false
} ]
}, {
- "id" : "ad4beb21-8e9a-4fca-af41-0f757169f26c",
+ "id" : "35a457ca-fb99-4d62-9020-0c3bda5452ab",
"alias" : "saml ecp",
"description" : "SAML ECP Profile Authentication Flow",
"providerId" : "basic-flow",
@@ -1478,20 +1820,21 @@
"builtIn" : true,
"authenticationExecutions" : [ {
"authenticator" : "http-basic-authenticator",
+ "authenticatorFlow" : false,
"requirement" : "REQUIRED",
"priority" : 10,
- "userSetupAllowed" : false,
- "autheticatorFlow" : false
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
} ]
} ],
"authenticatorConfig" : [ {
- "id" : "25632f91-6071-423a-8e9c-7322cdc1b011",
+ "id" : "19668cee-4ea3-4045-9b56-a8c1ff191de9",
"alias" : "create unique user config",
"config" : {
"require.password.update.after.registration" : "false"
}
}, {
- "id" : "02d7f70b-1ebc-4e72-a65c-d94a600895ac",
+ "id" : "70a075e5-e708-4da9-8ae8-d6ea0c87b144",
"alias" : "review profile config",
"config" : {
"update.profile.on.first.login" : "missing"
@@ -1537,6 +1880,38 @@
"defaultAction" : false,
"priority" : 50,
"config" : { }
+ }, {
+ "alias" : "delete_account",
+ "name" : "Delete Account",
+ "providerId" : "delete_account",
+ "enabled" : false,
+ "defaultAction" : false,
+ "priority" : 60,
+ "config" : { }
+ }, {
+ "alias" : "webauthn-register",
+ "name" : "Webauthn Register",
+ "providerId" : "webauthn-register",
+ "enabled" : true,
+ "defaultAction" : false,
+ "priority" : 70,
+ "config" : { }
+ }, {
+ "alias" : "webauthn-register-passwordless",
+ "name" : "Webauthn Register Passwordless",
+ "providerId" : "webauthn-register-passwordless",
+ "enabled" : true,
+ "defaultAction" : false,
+ "priority" : 80,
+ "config" : { }
+ }, {
+ "alias" : "update_user_locale",
+ "name" : "Update User Locale",
+ "providerId" : "update_user_locale",
+ "enabled" : true,
+ "defaultAction" : false,
+ "priority" : 1000,
+ "config" : { }
} ],
"browserFlow" : "browser",
"registrationFlow" : "registration",
@@ -1545,25 +1920,13 @@
"clientAuthenticationFlow" : "clients",
"dockerAuthenticationFlow" : "docker auth",
"attributes" : {
- "_browser_header.xXSSProtection" : "1; mode=block",
- "_browser_header.xFrameOptions" : "SAMEORIGIN",
- "_browser_header.strictTransportSecurity" : "max-age=31536000; includeSubDomains",
- "permanentLockout" : "false",
- "quickLoginCheckMilliSeconds" : "1000",
- "_browser_header.xRobotsTag" : "none",
- "maxFailureWaitSeconds" : "900",
- "minimumQuickLoginWaitSeconds" : "60",
- "failureFactor" : "30",
- "actionTokenGeneratedByUserLifespan" : "300",
- "maxDeltaTimeSeconds" : "43200",
- "_browser_header.xContentTypeOptions" : "nosniff",
- "offlineSessionMaxLifespan" : "5184000",
- "actionTokenGeneratedByAdminLifespan" : "43200",
- "_browser_header.contentSecurityPolicyReportOnly" : "",
- "bruteForceProtected" : "false",
- "_browser_header.contentSecurityPolicy" : "frame-src 'self'; frame-ancestors 'self'; object-src 'none';",
- "waitIncrementSeconds" : "60",
- "offlineSessionMaxLifespanEnabled" : "false"
+ "cibaBackchannelTokenDeliveryMode" : "poll",
+ "cibaExpiresIn" : "120",
+ "cibaAuthRequestedUserHint" : "login_hint",
+ "oauth2DeviceCodeLifespan" : "600",
+ "oauth2DevicePollingInterval" : "5",
+ "parRequestUriLifespan" : "60",
+ "cibaInterval" : "5"
},
"users" : [ {
"id" : "af134cab-f41c-4675-b141-205f975db679",
@@ -1634,26 +1997,13 @@
"realmRoles" : [ "confidential", "user" ],
"notBefore" : 0,
"groups" : [ ]
- }, {
- "id" : "948c59ec-46ed-4d99-aa43-02900029b930",
- "createdTimestamp" : 1554245880023,
- "username" : "service-account-backend-service",
- "enabled" : true,
- "totp" : false,
- "emailVerified" : false,
- "email" : "service-account-backend-service@placeholder.org",
- "serviceAccountClientId" : "backend-service",
- "credentials" : [ ],
- "disableableCredentialTypes" : [ ],
- "requiredActions" : [ ],
- "realmRoles" : [ "offline_access" ],
- "clientRoles" : {
- "backend-service" : [ "uma_protection" ],
- "account" : [ "view-profile", "manage-account" ]
- },
- "notBefore" : 0,
- "groups" : [ ]
- } ],
- "keycloakVersion" : "6.0.0",
- "userManagedAccessAllowed" : false
+ }],
+ "keycloakVersion" : "19.0.1",
+ "userManagedAccessAllowed" : false,
+ "clientProfiles" : {
+ "profiles" : [ ]
+ },
+ "clientPolicies" : {
+ "policies" : [ ]
+ }
}
diff --git a/security-openid-connect-multi-tenancy-quickstart/pom.xml b/security-openid-connect-multi-tenancy-quickstart/pom.xml
index 129942ff0c..8ca94dea7b 100644
--- a/security-openid-connect-multi-tenancy-quickstart/pom.xml
+++ b/security-openid-connect-multi-tenancy-quickstart/pom.xml
@@ -13,7 +13,7 @@
quarkus-bom
io.quarkus
999-SNAPSHOT
- 18.0.2-legacy
+ 19.0.1-legacy
3.0.0-M7
11
11
diff --git a/security-openid-connect-multi-tenancy-quickstart/src/main/resources/application.properties b/security-openid-connect-multi-tenancy-quickstart/src/main/resources/application.properties
index 14278ae5bf..06a43b1a34 100644
--- a/security-openid-connect-multi-tenancy-quickstart/src/main/resources/application.properties
+++ b/security-openid-connect-multi-tenancy-quickstart/src/main/resources/application.properties
@@ -1,10 +1,11 @@
# Default Tenant Configuration
-quarkus.oidc.auth-server-url=http://localhost:8180/auth/realms/quarkus
+%prod.keycloak.url=http://localhost:8081
+quarkus.oidc.auth-server-url=${keycloak.url}/realms/quarkus
quarkus.oidc.client-id=multi-tenant-client
quarkus.oidc.application-type=web-app
# Tenant A Configuration
-quarkus.oidc.tenant-a.auth-server-url=http://localhost:8180/auth/realms/tenant-a
+quarkus.oidc.tenant-a.auth-server-url=${keycloak.url}/realms/tenant-a
quarkus.oidc.tenant-a.client-id=multi-tenant-client
quarkus.oidc.tenant-a.application-type=web-app
@@ -12,4 +13,4 @@ quarkus.oidc.tenant-a.application-type=web-app
quarkus.http.auth.permission.authenticated.paths=/*
quarkus.http.auth.permission.authenticated.policy=authenticated
-quarkus.log.category."com.gargoylesoftware.htmlunit".level=ERROR
\ No newline at end of file
+quarkus.log.category."com.gargoylesoftware.htmlunit".level=ERROR
diff --git a/security-openid-connect-multi-tenancy-quickstart/src/test/java/org/acme/quickstart/oidc/KeycloakServer.java b/security-openid-connect-multi-tenancy-quickstart/src/test/java/org/acme/quickstart/oidc/KeycloakServer.java
index 31323774cb..3b723bc891 100644
--- a/security-openid-connect-multi-tenancy-quickstart/src/test/java/org/acme/quickstart/oidc/KeycloakServer.java
+++ b/security-openid-connect-multi-tenancy-quickstart/src/test/java/org/acme/quickstart/oidc/KeycloakServer.java
@@ -17,7 +17,7 @@ public class KeycloakServer implements QuarkusTestResourceLifecycleManager {
@Override
public Map start() {
keycloak = new FixedHostPortGenericContainer("quay.io/keycloak/keycloak:" + System.getProperty("keycloak.image.version"))
- .withFixedExposedPort(8180, 8080)
+ .withExposedPorts(8080)
.withEnv("DB_VENDOR", "H2")
.withEnv("KEYCLOAK_USER", "admin")
.withEnv("KEYCLOAK_PASSWORD", "admin")
@@ -26,7 +26,7 @@ public Map start() {
.withClasspathResourceMapping("tenant-a-realm.json", "/tmp/tenant-a-realm.json", BindMode.READ_ONLY, SelinuxContext.SINGLE)
.waitingFor(Wait.forHttp("/auth"));
keycloak.start();
- return Collections.emptyMap();
+ return Map.of("keycloak.url", "http://localhost:" + keycloak.getMappedPort(8080) + "/auth");
}
@Override
diff --git a/security-openid-connect-web-authentication-quickstart/config/quarkus-realm.json b/security-openid-connect-web-authentication-quickstart/config/quarkus-realm.json
index 67a5064281..1bdb7847f7 100644
--- a/security-openid-connect-web-authentication-quickstart/config/quarkus-realm.json
+++ b/security-openid-connect-web-authentication-quickstart/config/quarkus-realm.json
@@ -1,10 +1,11 @@
{
- "id" : "11d78bf6-6d10-4484-baba-a1388379d68b",
+ "id" : "0395efe3-db9a-4daa-ab6a-d374f16216c7",
"realm" : "quarkus",
"notBefore" : 0,
+ "defaultSignatureAlgorithm" : "RS256",
"revokeRefreshToken" : false,
"refreshTokenMaxReuse" : 0,
- "accessTokenLifespan" : 3,
+ "accessTokenLifespan" : 300,
"accessTokenLifespanForImplicitFlow" : 900,
"ssoSessionIdleTimeout" : 1800,
"ssoSessionMaxLifespan" : 2,
@@ -13,11 +14,17 @@
"offlineSessionIdleTimeout" : 2592000,
"offlineSessionMaxLifespanEnabled" : false,
"offlineSessionMaxLifespan" : 5184000,
+ "clientSessionIdleTimeout" : 0,
+ "clientSessionMaxLifespan" : 0,
+ "clientOfflineSessionIdleTimeout" : 0,
+ "clientOfflineSessionMaxLifespan" : 0,
"accessCodeLifespan" : 60,
"accessCodeLifespanUserAction" : 300,
"accessCodeLifespanLogin" : 1800,
"actionTokenGeneratedByAdminLifespan" : 43200,
"actionTokenGeneratedByUserLifespan" : 300,
+ "oauth2DeviceCodeLifespan" : 600,
+ "oauth2DevicePollingInterval" : 5,
"enabled" : true,
"sslRequired" : "external",
"registrationAllowed" : false,
@@ -37,148 +44,170 @@
"maxDeltaTimeSeconds" : 43200,
"failureFactor" : 30,
"roles" : {
- "realm" : [ {
- "id" : "3fc80564-13ac-4e7b-9986-322f571e82bc",
- "name" : "confidential",
- "composite" : false,
- "clientRole" : false,
- "containerId" : "11d78bf6-6d10-4484-baba-a1388379d68b",
- "attributes" : { }
- }, {
- "id" : "39eb64c8-66a9-4983-9c81-27ea7e2f6273",
- "name" : "uma_authorization",
- "description" : "${role_uma_authorization}",
- "composite" : false,
- "clientRole" : false,
- "containerId" : "11d78bf6-6d10-4484-baba-a1388379d68b",
- "attributes" : { }
- }, {
+ "realm" : [
+ {
"id" : "8c1abe12-62fe-4a06-ae0d-f5fb67dddbb0",
"name" : "admin",
+ "composite" : false,
+ "clientRole" : false,
+ "containerId" : "0395efe3-db9a-4daa-ab6a-d374f16216c7",
+ "attributes" : { }
+ }, {
+ "id" : "5afce544-6a3c-495f-b805-fd737cf5081e",
+ "name" : "user",
+ "composite" : false,
+ "clientRole" : false,
+ "containerId" : "0395efe3-db9a-4daa-ab6a-d374f16216c7",
+ "attributes" : { }
+ },
+ {
+ "id" : "ea359555-0e61-4f96-a8de-f1091e6d39ac",
+ "name" : "offline_access",
+ "description" : "${role_offline-access}",
"composite" : false,
"clientRole" : false,
- "containerId" : "11d78bf6-6d10-4484-baba-a1388379d68b",
+ "containerId" : "0395efe3-db9a-4daa-ab6a-d374f16216c7",
"attributes" : { }
}, {
- "id" : "5afce544-6a3c-495f-b805-fd737cf5081e",
- "name" : "user",
- "composite" : false,
+ "id" : "8dd738a8-fde2-4867-b0b3-24ccaa320b6d",
+ "name" : "default-roles-quarkus",
+ "description" : "${role_default-roles}",
+ "composite" : true,
+ "composites" : {
+ "realm" : [ "offline_access", "uma_authorization" ],
+ "client" : {
+ "account" : [ "manage-account", "view-profile" ]
+ }
+ },
"clientRole" : false,
- "containerId" : "11d78bf6-6d10-4484-baba-a1388379d68b",
+ "containerId" : "0395efe3-db9a-4daa-ab6a-d374f16216c7",
"attributes" : { }
}, {
- "id" : "bc431d62-a80a-425b-961a-0fb3fc59006d",
- "name" : "offline_access",
- "description" : "${role_offline-access}",
+ "id" : "d1a873c8-2cf1-4161-8175-1229bc0aae01",
+ "name" : "uma_authorization",
+ "description" : "${role_uma_authorization}",
"composite" : false,
"clientRole" : false,
- "containerId" : "11d78bf6-6d10-4484-baba-a1388379d68b",
+ "containerId" : "0395efe3-db9a-4daa-ab6a-d374f16216c7",
"attributes" : { }
} ],
"client" : {
"realm-management" : [ {
- "id" : "7db1f38d-d436-4725-93fd-030a3bbe628e",
- "name" : "manage-identity-providers",
- "description" : "${role_manage-identity-providers}",
+ "id" : "f832cbf4-8028-4596-8282-89e8f8316473",
+ "name" : "query-clients",
+ "description" : "${role_query-clients}",
"composite" : false,
"clientRole" : true,
- "containerId" : "376bd940-e50a-4495-80fc-9c6c07312748",
+ "containerId" : "8b32e08f-2632-4f98-a895-ce13bcd25da3",
"attributes" : { }
}, {
- "id" : "1163b9bd-7319-4154-a25f-0101b2548d21",
- "name" : "impersonation",
- "description" : "${role_impersonation}",
+ "id" : "f8279353-4cce-4d80-9de0-e891a3deff3a",
+ "name" : "realm-admin",
+ "description" : "${role_realm-admin}",
+ "composite" : true,
+ "composites" : {
+ "client" : {
+ "realm-management" : [ "view-authorization", "query-clients", "manage-realm", "manage-authorization", "manage-users", "query-groups", "view-events", "view-clients", "manage-events", "view-realm", "manage-identity-providers", "query-realms", "view-users", "view-identity-providers", "query-users", "manage-clients", "impersonation", "create-client" ]
+ }
+ },
+ "clientRole" : true,
+ "containerId" : "8b32e08f-2632-4f98-a895-ce13bcd25da3",
+ "attributes" : { }
+ }, {
+ "id" : "8ab22283-4a45-46d8-b135-d5593234fffc",
+ "name" : "view-authorization",
+ "description" : "${role_view-authorization}",
"composite" : false,
"clientRole" : true,
- "containerId" : "376bd940-e50a-4495-80fc-9c6c07312748",
+ "containerId" : "8b32e08f-2632-4f98-a895-ce13bcd25da3",
"attributes" : { }
}, {
- "id" : "73d0a556-072b-404f-bf8e-10e2544c8c27",
- "name" : "view-identity-providers",
- "description" : "${role_view-identity-providers}",
+ "id" : "e7789c00-bc53-4931-b569-49068030c258",
+ "name" : "manage-realm",
+ "description" : "${role_manage-realm}",
"composite" : false,
"clientRole" : true,
- "containerId" : "376bd940-e50a-4495-80fc-9c6c07312748",
+ "containerId" : "8b32e08f-2632-4f98-a895-ce13bcd25da3",
"attributes" : { }
}, {
- "id" : "7e727e28-2095-4443-b2da-865e684f2308",
- "name" : "view-realm",
- "description" : "${role_view-realm}",
+ "id" : "1df0b4e1-a2a2-42ef-a651-ffe14561a823",
+ "name" : "manage-authorization",
+ "description" : "${role_manage-authorization}",
"composite" : false,
"clientRole" : true,
- "containerId" : "376bd940-e50a-4495-80fc-9c6c07312748",
+ "containerId" : "8b32e08f-2632-4f98-a895-ce13bcd25da3",
"attributes" : { }
}, {
- "id" : "df9e5352-f835-4467-bcaf-cb1b5f55c1ec",
- "name" : "query-users",
- "description" : "${role_query-users}",
+ "id" : "c688ae00-fa6b-4d91-9d81-1f5b0b98277e",
+ "name" : "manage-users",
+ "description" : "${role_manage-users}",
"composite" : false,
"clientRole" : true,
- "containerId" : "376bd940-e50a-4495-80fc-9c6c07312748",
+ "containerId" : "8b32e08f-2632-4f98-a895-ce13bcd25da3",
"attributes" : { }
}, {
- "id" : "fa77909a-32a3-41ae-9983-2b92ae03080c",
- "name" : "manage-clients",
- "description" : "${role_manage-clients}",
+ "id" : "9c9f2b7d-c7d8-4d77-bd51-9fe9cfca3940",
+ "name" : "query-groups",
+ "description" : "${role_query-groups}",
"composite" : false,
"clientRole" : true,
- "containerId" : "376bd940-e50a-4495-80fc-9c6c07312748",
+ "containerId" : "8b32e08f-2632-4f98-a895-ce13bcd25da3",
"attributes" : { }
}, {
- "id" : "a8780507-dc72-4433-8b95-b8e4f3c37d0e",
- "name" : "manage-events",
- "description" : "${role_manage-events}",
+ "id" : "c0d2d109-55be-4b82-ae1f-02b578eb7858",
+ "name" : "view-events",
+ "description" : "${role_view-events}",
"composite" : false,
"clientRole" : true,
- "containerId" : "376bd940-e50a-4495-80fc-9c6c07312748",
+ "containerId" : "8b32e08f-2632-4f98-a895-ce13bcd25da3",
"attributes" : { }
}, {
- "id" : "f7f4697a-3977-42f6-af86-9bb006cf4d04",
- "name" : "realm-admin",
- "description" : "${role_realm-admin}",
+ "id" : "dbe0e3e3-dd09-4074-ab95-e34ab7d854e4",
+ "name" : "view-clients",
+ "description" : "${role_view-clients}",
"composite" : true,
"composites" : {
"client" : {
- "realm-management" : [ "impersonation", "manage-identity-providers", "view-identity-providers", "view-realm", "query-users", "manage-clients", "manage-events", "manage-realm", "view-authorization", "manage-authorization", "view-users", "create-client", "query-clients", "query-groups", "manage-users", "view-clients", "view-events", "query-realms" ]
+ "realm-management" : [ "query-clients" ]
}
},
"clientRole" : true,
- "containerId" : "376bd940-e50a-4495-80fc-9c6c07312748",
+ "containerId" : "8b32e08f-2632-4f98-a895-ce13bcd25da3",
"attributes" : { }
}, {
- "id" : "ca7dc1ce-a981-4efe-b3f0-a7192b6d3943",
- "name" : "manage-realm",
- "description" : "${role_manage-realm}",
+ "id" : "474e8054-2f97-41a3-a93b-e5d02b6c7334",
+ "name" : "manage-events",
+ "description" : "${role_manage-events}",
"composite" : false,
"clientRole" : true,
- "containerId" : "376bd940-e50a-4495-80fc-9c6c07312748",
+ "containerId" : "8b32e08f-2632-4f98-a895-ce13bcd25da3",
"attributes" : { }
}, {
- "id" : "a0ab4faa-00a9-4f52-ac9f-8e764b6a8126",
- "name" : "view-authorization",
- "description" : "${role_view-authorization}",
+ "id" : "bb97a499-d817-42d5-bd3f-0bba54be96b4",
+ "name" : "view-realm",
+ "description" : "${role_view-realm}",
"composite" : false,
"clientRole" : true,
- "containerId" : "376bd940-e50a-4495-80fc-9c6c07312748",
+ "containerId" : "8b32e08f-2632-4f98-a895-ce13bcd25da3",
"attributes" : { }
}, {
- "id" : "0b4ed5e0-eceb-4d81-ba05-fa67022abe59",
- "name" : "manage-authorization",
- "description" : "${role_manage-authorization}",
+ "id" : "4acb952b-140f-4136-9b53-4d1aad72cb78",
+ "name" : "manage-identity-providers",
+ "description" : "${role_manage-identity-providers}",
"composite" : false,
"clientRole" : true,
- "containerId" : "376bd940-e50a-4495-80fc-9c6c07312748",
+ "containerId" : "8b32e08f-2632-4f98-a895-ce13bcd25da3",
"attributes" : { }
}, {
- "id" : "c10336be-06f3-40ef-bef5-28d8c9b8a1e2",
- "name" : "create-client",
- "description" : "${role_create-client}",
+ "id" : "f1a57cf7-8a65-4c0d-98c3-c262cfc0b84e",
+ "name" : "query-realms",
+ "description" : "${role_query-realms}",
"composite" : false,
"clientRole" : true,
- "containerId" : "376bd940-e50a-4495-80fc-9c6c07312748",
+ "containerId" : "8b32e08f-2632-4f98-a895-ce13bcd25da3",
"attributes" : { }
}, {
- "id" : "1a1ffadc-11d5-44ea-bac0-d94372c8ae5c",
+ "id" : "3b074f9a-95a1-4e77-b790-865d9ad4e429",
"name" : "view-users",
"description" : "${role_view-users}",
"composite" : true,
@@ -188,64 +217,52 @@
}
},
"clientRole" : true,
- "containerId" : "376bd940-e50a-4495-80fc-9c6c07312748",
+ "containerId" : "8b32e08f-2632-4f98-a895-ce13bcd25da3",
"attributes" : { }
}, {
- "id" : "5ba9a1a3-9027-4531-8253-b91f6058513c",
- "name" : "query-clients",
- "description" : "${role_query-clients}",
+ "id" : "39de6608-d322-4abd-99e1-955ac8a43388",
+ "name" : "view-identity-providers",
+ "description" : "${role_view-identity-providers}",
"composite" : false,
"clientRole" : true,
- "containerId" : "376bd940-e50a-4495-80fc-9c6c07312748",
+ "containerId" : "8b32e08f-2632-4f98-a895-ce13bcd25da3",
"attributes" : { }
}, {
- "id" : "b4fba807-7a7e-4e3e-bd31-45703305a9e3",
- "name" : "query-groups",
- "description" : "${role_query-groups}",
+ "id" : "cbe1bad7-18e2-4c49-8080-628c2596552a",
+ "name" : "query-users",
+ "description" : "${role_query-users}",
"composite" : false,
"clientRole" : true,
- "containerId" : "376bd940-e50a-4495-80fc-9c6c07312748",
+ "containerId" : "8b32e08f-2632-4f98-a895-ce13bcd25da3",
"attributes" : { }
}, {
- "id" : "c9384254-0af3-434c-b4ed-7c94f59a8247",
- "name" : "manage-users",
- "description" : "${role_manage-users}",
+ "id" : "e0fe80c5-2f31-415c-bfaf-b6f3e843eb96",
+ "name" : "impersonation",
+ "description" : "${role_impersonation}",
"composite" : false,
"clientRole" : true,
- "containerId" : "376bd940-e50a-4495-80fc-9c6c07312748",
- "attributes" : { }
- }, {
- "id" : "9a0022f2-bd58-4418-828c-a8e7abe3346b",
- "name" : "view-clients",
- "description" : "${role_view-clients}",
- "composite" : true,
- "composites" : {
- "client" : {
- "realm-management" : [ "query-clients" ]
- }
- },
- "clientRole" : true,
- "containerId" : "376bd940-e50a-4495-80fc-9c6c07312748",
+ "containerId" : "8b32e08f-2632-4f98-a895-ce13bcd25da3",
"attributes" : { }
}, {
- "id" : "83df8311-4366-4d22-9425-eccc343faa3f",
- "name" : "view-events",
- "description" : "${role_view-events}",
+ "id" : "8e65283c-046a-4706-8927-ef32cc5ca4d5",
+ "name" : "manage-clients",
+ "description" : "${role_manage-clients}",
"composite" : false,
"clientRole" : true,
- "containerId" : "376bd940-e50a-4495-80fc-9c6c07312748",
+ "containerId" : "8b32e08f-2632-4f98-a895-ce13bcd25da3",
"attributes" : { }
}, {
- "id" : "e81bf277-047f-4bdd-afd6-59e2016c5066",
- "name" : "query-realms",
- "description" : "${role_query-realms}",
+ "id" : "3c837e32-7727-4f5b-ab46-7fab7f3a03e1",
+ "name" : "create-client",
+ "description" : "${role_create-client}",
"composite" : false,
"clientRole" : true,
- "containerId" : "376bd940-e50a-4495-80fc-9c6c07312748",
+ "containerId" : "8b32e08f-2632-4f98-a895-ce13bcd25da3",
"attributes" : { }
} ],
"security-admin-console" : [ ],
"admin-cli" : [ ],
+ "account-console" : [ ],
"frontend" : [ {
"id" : "df147a91-6da7-4bbc-866c-f30cf99b2637",
"name" : "uma_protection",
@@ -255,24 +272,61 @@
"attributes" : { }
} ],
"broker" : [ {
- "id" : "d36865b0-7ade-4bcd-a7dc-1dacbd80f169",
+ "id" : "d0536a0c-3c9a-4cd9-8e16-cfa49c873224",
"name" : "read-token",
"description" : "${role_read-token}",
"composite" : false,
"clientRole" : true,
- "containerId" : "53d4fe53-a039-471e-886a-28eddc950e95",
+ "containerId" : "35d1a8b5-c7d1-4cf8-9899-4883bd7466ca",
"attributes" : { }
} ],
"account" : [ {
- "id" : "539325a0-d9b3-4821-97ee-d42999296b62",
- "name" : "view-profile",
- "description" : "${role_view-profile}",
+ "id" : "2f6d52a4-18a9-437b-ad5f-403ea4314f47",
+ "name" : "manage-consent",
+ "description" : "${role_manage-consent}",
+ "composite" : true,
+ "composites" : {
+ "client" : {
+ "account" : [ "view-consent" ]
+ }
+ },
+ "clientRole" : true,
+ "containerId" : "ef71b3ce-06f8-4576-9d92-59fdba1c0ba8",
+ "attributes" : { }
+ }, {
+ "id" : "b12ff323-839b-44fd-ba56-fad1c7b756aa",
+ "name" : "manage-account-links",
+ "description" : "${role_manage-account-links}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "ef71b3ce-06f8-4576-9d92-59fdba1c0ba8",
+ "attributes" : { }
+ }, {
+ "id" : "b9440700-bc37-41b2-9ec5-45ad983e871a",
+ "name" : "view-applications",
+ "description" : "${role_view-applications}",
"composite" : false,
"clientRole" : true,
- "containerId" : "e55e1234-38fa-432d-8d90-39f5e024688d",
+ "containerId" : "ef71b3ce-06f8-4576-9d92-59fdba1c0ba8",
"attributes" : { }
}, {
- "id" : "e4af836c-c884-4a57-8b1d-fb673b0fe3a5",
+ "id" : "1e325982-3b41-48a3-8d7f-c50bc7b78d2f",
+ "name" : "view-consent",
+ "description" : "${role_view-consent}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "ef71b3ce-06f8-4576-9d92-59fdba1c0ba8",
+ "attributes" : { }
+ }, {
+ "id" : "32a64f73-4b8d-47b0-aef2-b5932dec1530",
+ "name" : "delete-account",
+ "description" : "${role_delete-account}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "ef71b3ce-06f8-4576-9d92-59fdba1c0ba8",
+ "attributes" : { }
+ }, {
+ "id" : "d45f699b-c955-4740-bd6f-2d403a1965fc",
"name" : "manage-account",
"description" : "${role_manage-account}",
"composite" : true,
@@ -282,21 +336,28 @@
}
},
"clientRole" : true,
- "containerId" : "e55e1234-38fa-432d-8d90-39f5e024688d",
+ "containerId" : "ef71b3ce-06f8-4576-9d92-59fdba1c0ba8",
"attributes" : { }
}, {
- "id" : "35d1c998-bcae-4ab1-a026-4c67bff49a98",
- "name" : "manage-account-links",
- "description" : "${role_manage-account-links}",
+ "id" : "017724a2-595a-4963-aeaf-569b57f6fb8e",
+ "name" : "view-profile",
+ "description" : "${role_view-profile}",
"composite" : false,
"clientRole" : true,
- "containerId" : "e55e1234-38fa-432d-8d90-39f5e024688d",
+ "containerId" : "ef71b3ce-06f8-4576-9d92-59fdba1c0ba8",
"attributes" : { }
} ]
}
},
"groups" : [ ],
- "defaultRoles" : [ "uma_authorization", "offline_access" ],
+ "defaultRole" : {
+ "id" : "8dd738a8-fde2-4867-b0b3-24ccaa320b6d",
+ "name" : "default-roles-quarkus",
+ "description" : "${role_default-roles}",
+ "composite" : true,
+ "clientRole" : false,
+ "containerId" : "0395efe3-db9a-4daa-ab6a-d374f16216c7"
+ },
"requiredCredentials" : [ "password" ],
"otpPolicyType" : "totp",
"otpPolicyAlgorithm" : "HmacSHA1",
@@ -305,21 +366,47 @@
"otpPolicyLookAheadWindow" : 1,
"otpPolicyPeriod" : 30,
"otpSupportedApplications" : [ "FreeOTP", "Google Authenticator" ],
+ "webAuthnPolicyRpEntityName" : "keycloak",
+ "webAuthnPolicySignatureAlgorithms" : [ "ES256" ],
+ "webAuthnPolicyRpId" : "",
+ "webAuthnPolicyAttestationConveyancePreference" : "not specified",
+ "webAuthnPolicyAuthenticatorAttachment" : "not specified",
+ "webAuthnPolicyRequireResidentKey" : "not specified",
+ "webAuthnPolicyUserVerificationRequirement" : "not specified",
+ "webAuthnPolicyCreateTimeout" : 0,
+ "webAuthnPolicyAvoidSameAuthenticatorRegister" : false,
+ "webAuthnPolicyAcceptableAaguids" : [ ],
+ "webAuthnPolicyPasswordlessRpEntityName" : "keycloak",
+ "webAuthnPolicyPasswordlessSignatureAlgorithms" : [ "ES256" ],
+ "webAuthnPolicyPasswordlessRpId" : "",
+ "webAuthnPolicyPasswordlessAttestationConveyancePreference" : "not specified",
+ "webAuthnPolicyPasswordlessAuthenticatorAttachment" : "not specified",
+ "webAuthnPolicyPasswordlessRequireResidentKey" : "not specified",
+ "webAuthnPolicyPasswordlessUserVerificationRequirement" : "not specified",
+ "webAuthnPolicyPasswordlessCreateTimeout" : 0,
+ "webAuthnPolicyPasswordlessAvoidSameAuthenticatorRegister" : false,
+ "webAuthnPolicyPasswordlessAcceptableAaguids" : [ ],
"scopeMappings" : [ {
"clientScope" : "offline_access",
"roles" : [ "offline_access" ]
} ],
+ "clientScopeMappings" : {
+ "account" : [ {
+ "client" : "account-console",
+ "roles" : [ "manage-account" ]
+ } ]
+ },
"clients" : [ {
- "id" : "e55e1234-38fa-432d-8d90-39f5e024688d",
+ "id" : "ef71b3ce-06f8-4576-9d92-59fdba1c0ba8",
"clientId" : "account",
"name" : "${client_account}",
- "baseUrl" : "/auth/realms/quarkus/account",
+ "rootUrl" : "${authBaseUrl}",
+ "baseUrl" : "/realms/quarkus/account/",
"surrogateAuthRequired" : false,
"enabled" : true,
+ "alwaysDisplayInConsole" : false,
"clientAuthenticatorType" : "client-secret",
- "secret" : "0136c3ef-0dfd-4b13-a6d0-2c8b6358edec",
- "defaultRoles" : [ "view-profile", "manage-account" ],
- "redirectUris" : [ "/auth/realms/quarkus/account/*" ],
+ "redirectUris" : [ "/realms/quarkus/account/*" ],
"webOrigins" : [ ],
"notBefore" : 0,
"bearerOnly" : false,
@@ -328,23 +415,64 @@
"implicitFlowEnabled" : false,
"directAccessGrantsEnabled" : false,
"serviceAccountsEnabled" : false,
- "publicClient" : false,
+ "publicClient" : true,
"frontchannelLogout" : false,
"protocol" : "openid-connect",
- "attributes" : { },
+ "attributes" : {
+ "post.logout.redirect.uris" : "+"
+ },
+ "authenticationFlowBindingOverrides" : { },
+ "fullScopeAllowed" : false,
+ "nodeReRegistrationTimeout" : 0,
+ "defaultClientScopes" : [ "web-origins", "acr", "profile", "roles", "email" ],
+ "optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ]
+ }, {
+ "id" : "4468ef11-09d6-4392-bd5a-8d8d94dd64cf",
+ "clientId" : "account-console",
+ "name" : "${client_account-console}",
+ "rootUrl" : "${authBaseUrl}",
+ "baseUrl" : "/realms/quarkus/account/",
+ "surrogateAuthRequired" : false,
+ "enabled" : true,
+ "alwaysDisplayInConsole" : false,
+ "clientAuthenticatorType" : "client-secret",
+ "redirectUris" : [ "/realms/quarkus/account/*" ],
+ "webOrigins" : [ ],
+ "notBefore" : 0,
+ "bearerOnly" : false,
+ "consentRequired" : false,
+ "standardFlowEnabled" : true,
+ "implicitFlowEnabled" : false,
+ "directAccessGrantsEnabled" : false,
+ "serviceAccountsEnabled" : false,
+ "publicClient" : true,
+ "frontchannelLogout" : false,
+ "protocol" : "openid-connect",
+ "attributes" : {
+ "post.logout.redirect.uris" : "+",
+ "pkce.code.challenge.method" : "S256"
+ },
"authenticationFlowBindingOverrides" : { },
"fullScopeAllowed" : false,
"nodeReRegistrationTimeout" : 0,
- "defaultClientScopes" : [ "web-origins", "role_list", "profile", "roles", "email" ],
+ "protocolMappers" : [ {
+ "id" : "0f9abe95-e20d-4a1e-9016-27544279543f",
+ "name" : "audience resolve",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-audience-resolve-mapper",
+ "consentRequired" : false,
+ "config" : { }
+ } ],
+ "defaultClientScopes" : [ "web-origins", "acr", "profile", "roles", "email" ],
"optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ]
}, {
- "id" : "e9cc41a2-8e35-4d5e-949e-4879880c2ddb",
+ "id" : "4a3e3010-ee9d-4b88-9c21-42558823cfd4",
"clientId" : "admin-cli",
"name" : "${client_admin-cli}",
"surrogateAuthRequired" : false,
"enabled" : true,
+ "alwaysDisplayInConsole" : false,
"clientAuthenticatorType" : "client-secret",
- "secret" : "a951803a-79c7-46a6-8197-e32835286971",
"redirectUris" : [ ],
"webOrigins" : [ ],
"notBefore" : 0,
@@ -361,20 +489,20 @@
"authenticationFlowBindingOverrides" : { },
"fullScopeAllowed" : false,
"nodeReRegistrationTimeout" : 0,
- "defaultClientScopes" : [ "web-origins", "role_list", "profile", "roles", "email" ],
+ "defaultClientScopes" : [ "web-origins", "acr", "profile", "roles", "email" ],
"optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ]
}, {
- "id" : "53d4fe53-a039-471e-886a-28eddc950e95",
+ "id" : "35d1a8b5-c7d1-4cf8-9899-4883bd7466ca",
"clientId" : "broker",
"name" : "${client_broker}",
"surrogateAuthRequired" : false,
"enabled" : true,
+ "alwaysDisplayInConsole" : false,
"clientAuthenticatorType" : "client-secret",
- "secret" : "e1f7edd7-e15c-43b4-8736-ff8204d16836",
"redirectUris" : [ ],
"webOrigins" : [ ],
"notBefore" : 0,
- "bearerOnly" : false,
+ "bearerOnly" : true,
"consentRequired" : false,
"standardFlowEnabled" : true,
"implicitFlowEnabled" : false,
@@ -387,28 +515,29 @@
"authenticationFlowBindingOverrides" : { },
"fullScopeAllowed" : false,
"nodeReRegistrationTimeout" : 0,
- "defaultClientScopes" : [ "web-origins", "role_list", "profile", "roles", "email" ],
+ "defaultClientScopes" : [ "web-origins", "acr", "profile", "roles", "email" ],
"optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ]
- }, {
+ },
+ {
"id" : "0ac5df91-e044-4051-bd03-106a3a5fb9cc",
"clientId" : "frontend",
- "surrogateAuthRequired" : false,
- "enabled" : true,
+ "surrogateAuthRequired" : false,
+ "enabled" : true,
"clientAuthenticatorType": "client-secret",
"secret": "secret",
"redirectUris" : ["*"],
- "webOrigins" : [ ],
- "notBefore" : 0,
+ "webOrigins" : [ ],
+ "notBefore" : 0,
"bearerOnly" : false,
- "consentRequired" : false,
- "standardFlowEnabled" : true,
- "implicitFlowEnabled" : false,
+ "consentRequired" : false,
+ "standardFlowEnabled" : true,
+ "implicitFlowEnabled" : false,
"directAccessGrantsEnabled" : true,
- "publicClient" : false,
- "frontchannelLogout" : false,
- "protocol" : "openid-connect",
- "attributes" : { },
- "authenticationFlowBindingOverrides" : { },
+ "publicClient" : false,
+ "frontchannelLogout" : false,
+ "protocol" : "openid-connect",
+ "attributes" : { },
+ "authenticationFlowBindingOverrides" : { },
"fullScopeAllowed" : true,
"nodeReRegistrationTimeout" : -1,
"protocolMappers" : [ {
@@ -424,43 +553,16 @@
"claim.name" : "clientId",
"jsonType.label" : "String"
}
- }, {
- "id" : "8422cefe-7f42-4f3b-abad-5f06f7d4b748",
- "name" : "Client IP Address",
- "protocol" : "openid-connect",
- "protocolMapper" : "oidc-usersessionmodel-note-mapper",
- "consentRequired" : false,
- "config" : {
- "user.session.note" : "clientAddress",
- "id.token.claim" : "true",
- "access.token.claim" : "true",
- "claim.name" : "clientAddress",
- "jsonType.label" : "String"
- }
- }, {
- "id" : "988e47d6-2055-45eb-82d6-0b8b25c629fc",
- "name" : "Client Host",
- "protocol" : "openid-connect",
- "protocolMapper" : "oidc-usersessionmodel-note-mapper",
- "consentRequired" : false,
- "config" : {
- "user.session.note" : "clientHost",
- "id.token.claim" : "true",
- "access.token.claim" : "true",
- "claim.name" : "clientHost",
- "jsonType.label" : "String"
- }
- } ],
- "defaultClientScopes" : [ "web-origins", "role_list", "profile", "roles", "email" ],
- "optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ]
- }, {
- "id" : "376bd940-e50a-4495-80fc-9c6c07312748",
+ }]
+ },
+ {
+ "id" : "8b32e08f-2632-4f98-a895-ce13bcd25da3",
"clientId" : "realm-management",
"name" : "${client_realm-management}",
"surrogateAuthRequired" : false,
"enabled" : true,
+ "alwaysDisplayInConsole" : false,
"clientAuthenticatorType" : "client-secret",
- "secret" : "c41b709a-a012-4c69-89d7-4f926dba0619",
"redirectUris" : [ ],
"webOrigins" : [ ],
"notBefore" : 0,
@@ -477,19 +579,20 @@
"authenticationFlowBindingOverrides" : { },
"fullScopeAllowed" : false,
"nodeReRegistrationTimeout" : 0,
- "defaultClientScopes" : [ "web-origins", "role_list", "profile", "roles", "email" ],
+ "defaultClientScopes" : [ "web-origins", "acr", "profile", "roles", "email" ],
"optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ]
}, {
- "id" : "a8732cac-ae0f-44ec-b7f3-bd2c41eff13c",
+ "id" : "1d07ab95-bd0c-47f1-9fe9-cdf3a454b6e6",
"clientId" : "security-admin-console",
"name" : "${client_security-admin-console}",
- "baseUrl" : "/auth/admin/quarkus/console/index.html",
+ "rootUrl" : "${authAdminUrl}",
+ "baseUrl" : "/admin/quarkus/console/",
"surrogateAuthRequired" : false,
"enabled" : true,
+ "alwaysDisplayInConsole" : false,
"clientAuthenticatorType" : "client-secret",
- "secret" : "e571b211-2550-475d-b87f-116ff54091ee",
- "redirectUris" : [ "/auth/admin/quarkus/console/*" ],
- "webOrigins" : [ ],
+ "redirectUris" : [ "/admin/quarkus/console/*" ],
+ "webOrigins" : [ "+" ],
"notBefore" : 0,
"bearerOnly" : false,
"consentRequired" : false,
@@ -500,12 +603,15 @@
"publicClient" : true,
"frontchannelLogout" : false,
"protocol" : "openid-connect",
- "attributes" : { },
+ "attributes" : {
+ "post.logout.redirect.uris" : "+",
+ "pkce.code.challenge.method" : "S256"
+ },
"authenticationFlowBindingOverrides" : { },
"fullScopeAllowed" : false,
"nodeReRegistrationTimeout" : 0,
"protocolMappers" : [ {
- "id" : "280528ca-5e96-4bb9-9fc0-20311caac32d",
+ "id" : "76c9c4fe-a601-42f0-8ddf-555f2a608f6e",
"name" : "locale",
"protocol" : "openid-connect",
"protocolMapper" : "oidc-usermodel-attribute-mapper",
@@ -519,78 +625,11 @@
"jsonType.label" : "String"
}
} ],
- "defaultClientScopes" : [ "web-origins", "role_list", "profile", "roles", "email" ],
+ "defaultClientScopes" : [ "web-origins", "acr", "profile", "roles", "email" ],
"optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ]
} ],
"clientScopes" : [ {
- "id" : "520cc3ef-2c6b-4d84-bcde-8c063241f4bd",
- "name" : "address",
- "description" : "OpenID Connect built-in scope: address",
- "protocol" : "openid-connect",
- "attributes" : {
- "include.in.token.scope" : "true",
- "display.on.consent.screen" : "true",
- "consent.screen.text" : "${addressScopeConsentText}"
- },
- "protocolMappers" : [ {
- "id" : "c1d3bd07-0a5f-4f4f-b381-c58a7b723029",
- "name" : "address",
- "protocol" : "openid-connect",
- "protocolMapper" : "oidc-address-mapper",
- "consentRequired" : false,
- "config" : {
- "user.attribute.formatted" : "formatted",
- "user.attribute.country" : "country",
- "user.attribute.postal_code" : "postal_code",
- "userinfo.token.claim" : "true",
- "user.attribute.street" : "street",
- "id.token.claim" : "true",
- "user.attribute.region" : "region",
- "access.token.claim" : "true",
- "user.attribute.locality" : "locality"
- }
- } ]
- }, {
- "id" : "19920c96-a383-4f35-8ee9-27833263cf03",
- "name" : "email",
- "description" : "OpenID Connect built-in scope: email",
- "protocol" : "openid-connect",
- "attributes" : {
- "include.in.token.scope" : "true",
- "display.on.consent.screen" : "true",
- "consent.screen.text" : "${emailScopeConsentText}"
- },
- "protocolMappers" : [ {
- "id" : "36a0adf0-6c25-419f-98d7-cdeada8661aa",
- "name" : "email",
- "protocol" : "openid-connect",
- "protocolMapper" : "oidc-usermodel-property-mapper",
- "consentRequired" : false,
- "config" : {
- "userinfo.token.claim" : "true",
- "user.attribute" : "email",
- "id.token.claim" : "true",
- "access.token.claim" : "true",
- "claim.name" : "email",
- "jsonType.label" : "String"
- }
- }, {
- "id" : "b0c39901-5e5d-4436-b685-908bb90ea1d9",
- "name" : "email verified",
- "protocol" : "openid-connect",
- "protocolMapper" : "oidc-usermodel-property-mapper",
- "consentRequired" : false,
- "config" : {
- "userinfo.token.claim" : "true",
- "user.attribute" : "emailVerified",
- "id.token.claim" : "true",
- "access.token.claim" : "true",
- "claim.name" : "email_verified",
- "jsonType.label" : "boolean"
- }
- } ]
- }, {
- "id" : "55b3ee1c-cbf9-4526-93d7-aa56a9c5f1cb",
+ "id" : "74dc68ce-3ac6-43ea-a567-457b0820418f",
"name" : "microprofile-jwt",
"description" : "Microprofile - JWT built-in scope",
"protocol" : "openid-connect",
@@ -599,7 +638,7 @@
"display.on.consent.screen" : "false"
},
"protocolMappers" : [ {
- "id" : "59128144-a21a-4744-bb55-e66ff0503b18",
+ "id" : "9b2a07f4-bbd9-4a95-a30d-00e99c490750",
"name" : "upn",
"protocol" : "openid-connect",
"protocolMapper" : "oidc-usermodel-property-mapper",
@@ -613,7 +652,7 @@
"jsonType.label" : "String"
}
}, {
- "id" : "69351a63-7d6e-45d0-be47-088c83b20fdb",
+ "id" : "b7d103f0-85df-46bb-aded-092393e95b84",
"name" : "groups",
"protocol" : "openid-connect",
"protocolMapper" : "oidc-usermodel-realm-role-mapper",
@@ -628,79 +667,59 @@
}
} ]
}, {
- "id" : "3f190f54-8e3a-4c82-a799-bd12ddc475b2",
- "name" : "offline_access",
- "description" : "OpenID Connect built-in scope: offline_access",
- "protocol" : "openid-connect",
- "attributes" : {
- "consent.screen.text" : "${offlineAccessScopeConsentText}",
- "display.on.consent.screen" : "true"
- }
- }, {
- "id" : "defa3480-5368-4f34-8075-49fb982b71b3",
- "name" : "phone",
- "description" : "OpenID Connect built-in scope: phone",
+ "id" : "22f44eb8-2462-4ea6-a33b-738c1b0608f5",
+ "name" : "profile",
+ "description" : "OpenID Connect built-in scope: profile",
"protocol" : "openid-connect",
"attributes" : {
"include.in.token.scope" : "true",
"display.on.consent.screen" : "true",
- "consent.screen.text" : "${phoneScopeConsentText}"
+ "consent.screen.text" : "${profileScopeConsentText}"
},
"protocolMappers" : [ {
- "id" : "069ae414-9e98-4612-a3d6-e8b5a1fa841d",
- "name" : "phone number verified",
+ "id" : "8675a14d-9a42-40a2-a9a8-1857925b4af1",
+ "name" : "given name",
"protocol" : "openid-connect",
- "protocolMapper" : "oidc-usermodel-attribute-mapper",
+ "protocolMapper" : "oidc-usermodel-property-mapper",
"consentRequired" : false,
"config" : {
"userinfo.token.claim" : "true",
- "user.attribute" : "phoneNumberVerified",
+ "user.attribute" : "firstName",
"id.token.claim" : "true",
"access.token.claim" : "true",
- "claim.name" : "phone_number_verified",
- "jsonType.label" : "boolean"
+ "claim.name" : "given_name",
+ "jsonType.label" : "String"
}
}, {
- "id" : "cea58e24-d0e0-4cc6-9e34-7b3bf7d6d85b",
- "name" : "phone number",
+ "id" : "225ff68e-1a3e-4be3-91a3-d29f08b6dfb3",
+ "name" : "middle name",
"protocol" : "openid-connect",
"protocolMapper" : "oidc-usermodel-attribute-mapper",
"consentRequired" : false,
"config" : {
"userinfo.token.claim" : "true",
- "user.attribute" : "phoneNumber",
+ "user.attribute" : "middleName",
"id.token.claim" : "true",
"access.token.claim" : "true",
- "claim.name" : "phone_number",
+ "claim.name" : "middle_name",
"jsonType.label" : "String"
}
- } ]
- }, {
- "id" : "b7321e2e-dd8e-41cf-a527-c765155c3f78",
- "name" : "profile",
- "description" : "OpenID Connect built-in scope: profile",
- "protocol" : "openid-connect",
- "attributes" : {
- "include.in.token.scope" : "true",
- "display.on.consent.screen" : "true",
- "consent.screen.text" : "${profileScopeConsentText}"
- },
- "protocolMappers" : [ {
- "id" : "1d4d3df5-7af5-488e-8477-0ad7cb74d50a",
- "name" : "nickname",
+ }, {
+ "id" : "46f329be-4563-49f8-bfc7-5b815db901ad",
+ "name" : "profile",
"protocol" : "openid-connect",
"protocolMapper" : "oidc-usermodel-attribute-mapper",
"consentRequired" : false,
"config" : {
"userinfo.token.claim" : "true",
- "user.attribute" : "nickname",
+ "user.attribute" : "profile",
"id.token.claim" : "true",
"access.token.claim" : "true",
- "claim.name" : "nickname",
+ "claim.name" : "profile",
"jsonType.label" : "String"
}
}, {
- "id" : "1a5e26d6-211e-4f8a-b696-0ea9577db25a",
+ "id" : "902af13b-2d15-4a7b-93d0-6e4e602c759b",
"name" : "zoneinfo",
"protocol" : "openid-connect",
"protocolMapper" : "oidc-usermodel-attribute-mapper",
@@ -714,74 +733,74 @@
"jsonType.label" : "String"
}
}, {
- "id" : "18971685-6dd7-420f-9c09-879c4f2d54d8",
- "name" : "updated at",
+ "id" : "14940ea5-3373-43eb-a9da-5c2bfa779115",
+ "name" : "locale",
"protocol" : "openid-connect",
"protocolMapper" : "oidc-usermodel-attribute-mapper",
"consentRequired" : false,
"config" : {
"userinfo.token.claim" : "true",
- "user.attribute" : "updatedAt",
+ "user.attribute" : "locale",
"id.token.claim" : "true",
"access.token.claim" : "true",
- "claim.name" : "updated_at",
+ "claim.name" : "locale",
"jsonType.label" : "String"
}
}, {
- "id" : "b970d96b-0156-4db0-9beb-9c84c173e619",
- "name" : "birthdate",
+ "id" : "1f978dd4-7986-45fe-959d-bc2878faac82",
+ "name" : "full name",
"protocol" : "openid-connect",
- "protocolMapper" : "oidc-usermodel-attribute-mapper",
+ "protocolMapper" : "oidc-full-name-mapper",
"consentRequired" : false,
"config" : {
- "userinfo.token.claim" : "true",
- "user.attribute" : "birthdate",
"id.token.claim" : "true",
"access.token.claim" : "true",
- "claim.name" : "birthdate",
- "jsonType.label" : "String"
+ "userinfo.token.claim" : "true"
}
}, {
- "id" : "50287033-df21-45c6-aa46-c3060e6f9855",
- "name" : "given name",
+ "id" : "f09bf306-af87-4701-8fcc-888af6551194",
+ "name" : "website",
"protocol" : "openid-connect",
- "protocolMapper" : "oidc-usermodel-property-mapper",
+ "protocolMapper" : "oidc-usermodel-attribute-mapper",
"consentRequired" : false,
"config" : {
"userinfo.token.claim" : "true",
- "user.attribute" : "firstName",
+ "user.attribute" : "website",
"id.token.claim" : "true",
"access.token.claim" : "true",
- "claim.name" : "given_name",
+ "claim.name" : "website",
"jsonType.label" : "String"
}
}, {
- "id" : "3dc6b97e-7063-4077-98d1-0cacf9029c7b",
- "name" : "full name",
+ "id" : "6344d5ba-4df6-48ba-a235-08788bdf9bc8",
+ "name" : "gender",
"protocol" : "openid-connect",
- "protocolMapper" : "oidc-full-name-mapper",
+ "protocolMapper" : "oidc-usermodel-attribute-mapper",
"consentRequired" : false,
"config" : {
+ "userinfo.token.claim" : "true",
+ "user.attribute" : "gender",
"id.token.claim" : "true",
"access.token.claim" : "true",
- "userinfo.token.claim" : "true"
+ "claim.name" : "gender",
+ "jsonType.label" : "String"
}
}, {
- "id" : "3fb9391b-376c-42ef-b012-4df461c617cc",
- "name" : "middle name",
+ "id" : "df8227d8-7e3f-4f13-ad06-c6d8e1106b55",
+ "name" : "updated at",
"protocol" : "openid-connect",
"protocolMapper" : "oidc-usermodel-attribute-mapper",
"consentRequired" : false,
"config" : {
"userinfo.token.claim" : "true",
- "user.attribute" : "middleName",
+ "user.attribute" : "updatedAt",
"id.token.claim" : "true",
"access.token.claim" : "true",
- "claim.name" : "middle_name",
- "jsonType.label" : "String"
+ "claim.name" : "updated_at",
+ "jsonType.label" : "long"
}
}, {
- "id" : "83f7fc4a-5386-4f86-a103-6585e138b61d",
+ "id" : "b8bba950-1043-4ae4-bde6-55cf5b3b60db",
"name" : "username",
"protocol" : "openid-connect",
"protocolMapper" : "oidc-usermodel-property-mapper",
@@ -795,157 +814,236 @@
"jsonType.label" : "String"
}
}, {
- "id" : "8ef177b3-f485-44b1-afee-1901393b00c7",
- "name" : "family name",
+ "id" : "56db3b5c-e060-4864-9334-10d249990e67",
+ "name" : "picture",
"protocol" : "openid-connect",
- "protocolMapper" : "oidc-usermodel-property-mapper",
+ "protocolMapper" : "oidc-usermodel-attribute-mapper",
"consentRequired" : false,
"config" : {
"userinfo.token.claim" : "true",
- "user.attribute" : "lastName",
+ "user.attribute" : "picture",
"id.token.claim" : "true",
"access.token.claim" : "true",
- "claim.name" : "family_name",
+ "claim.name" : "picture",
"jsonType.label" : "String"
}
}, {
- "id" : "e994cbc7-2a1a-4465-b7b7-12b35b4fe49e",
- "name" : "gender",
+ "id" : "0ed0c5aa-7f57-44ea-b1ea-71808a07fcf0",
+ "name" : "family name",
"protocol" : "openid-connect",
- "protocolMapper" : "oidc-usermodel-attribute-mapper",
+ "protocolMapper" : "oidc-usermodel-property-mapper",
"consentRequired" : false,
"config" : {
"userinfo.token.claim" : "true",
- "user.attribute" : "gender",
+ "user.attribute" : "lastName",
"id.token.claim" : "true",
"access.token.claim" : "true",
- "claim.name" : "gender",
+ "claim.name" : "family_name",
"jsonType.label" : "String"
}
}, {
- "id" : "abaa4c9e-1fa2-4b45-a1bb-b3d650de9aca",
- "name" : "picture",
+ "id" : "5f259c77-ce7f-48fc-8441-d1b655f55dc7",
+ "name" : "nickname",
"protocol" : "openid-connect",
"protocolMapper" : "oidc-usermodel-attribute-mapper",
"consentRequired" : false,
"config" : {
"userinfo.token.claim" : "true",
- "user.attribute" : "picture",
+ "user.attribute" : "nickname",
"id.token.claim" : "true",
"access.token.claim" : "true",
- "claim.name" : "picture",
+ "claim.name" : "nickname",
"jsonType.label" : "String"
}
}, {
- "id" : "bf21b514-81fd-4bbe-9236-bab5fcf54561",
- "name" : "locale",
+ "id" : "6e7d78e6-19dc-47ec-ac13-938845f74b92",
+ "name" : "birthdate",
"protocol" : "openid-connect",
"protocolMapper" : "oidc-usermodel-attribute-mapper",
"consentRequired" : false,
"config" : {
"userinfo.token.claim" : "true",
- "user.attribute" : "locale",
+ "user.attribute" : "birthdate",
"id.token.claim" : "true",
"access.token.claim" : "true",
- "claim.name" : "locale",
+ "claim.name" : "birthdate",
"jsonType.label" : "String"
}
+ } ]
+ }, {
+ "id" : "1cbef836-6f50-4828-aac1-09291bd4d16c",
+ "name" : "roles",
+ "description" : "OpenID Connect scope for add user roles to the access token",
+ "protocol" : "openid-connect",
+ "attributes" : {
+ "include.in.token.scope" : "false",
+ "display.on.consent.screen" : "true",
+ "consent.screen.text" : "${rolesScopeConsentText}"
+ },
+ "protocolMappers" : [ {
+ "id" : "07cf5ff2-eceb-4ce3-9383-b731108ea93c",
+ "name" : "client roles",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usermodel-client-role-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "user.attribute" : "foo",
+ "access.token.claim" : "true",
+ "claim.name" : "resource_access.${client_id}.roles",
+ "jsonType.label" : "String",
+ "multivalued" : "true"
+ }
}, {
- "id" : "254f8de4-08e7-4d3d-a87f-4b238f0f922b",
- "name" : "profile",
+ "id" : "3d74ee3e-6dd7-4bb6-93a9-639da3d09bfa",
+ "name" : "audience resolve",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-audience-resolve-mapper",
+ "consentRequired" : false,
+ "config" : { }
+ }, {
+ "id" : "08ccc430-e99f-4bd7-85c7-07b0543a1415",
+ "name" : "realm roles",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usermodel-realm-role-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "user.attribute" : "foo",
+ "access.token.claim" : "true",
+ "claim.name" : "realm_access.roles",
+ "jsonType.label" : "String",
+ "multivalued" : "true"
+ }
+ } ]
+ }, {
+ "id" : "25c01f28-9625-4e76-bc46-5bf5082f2a09",
+ "name" : "offline_access",
+ "description" : "OpenID Connect built-in scope: offline_access",
+ "protocol" : "openid-connect",
+ "attributes" : {
+ "consent.screen.text" : "${offlineAccessScopeConsentText}",
+ "display.on.consent.screen" : "true"
+ }
+ }, {
+ "id" : "e88633f3-7cb5-4b29-a944-8e623bf451fe",
+ "name" : "phone",
+ "description" : "OpenID Connect built-in scope: phone",
+ "protocol" : "openid-connect",
+ "attributes" : {
+ "include.in.token.scope" : "true",
+ "display.on.consent.screen" : "true",
+ "consent.screen.text" : "${phoneScopeConsentText}"
+ },
+ "protocolMappers" : [ {
+ "id" : "ee3bab3e-d8c2-4ab8-8b28-dbfb401b8f1a",
+ "name" : "phone number verified",
"protocol" : "openid-connect",
"protocolMapper" : "oidc-usermodel-attribute-mapper",
"consentRequired" : false,
"config" : {
"userinfo.token.claim" : "true",
- "user.attribute" : "profile",
+ "user.attribute" : "phoneNumberVerified",
"id.token.claim" : "true",
"access.token.claim" : "true",
- "claim.name" : "profile",
- "jsonType.label" : "String"
+ "claim.name" : "phone_number_verified",
+ "jsonType.label" : "boolean"
}
}, {
- "id" : "7934bf2a-cfc3-4b2d-a5cb-287f3ed2a977",
- "name" : "website",
+ "id" : "89493bd0-e4ac-4aa9-a621-afe27f4aa23d",
+ "name" : "phone number",
"protocol" : "openid-connect",
"protocolMapper" : "oidc-usermodel-attribute-mapper",
"consentRequired" : false,
"config" : {
"userinfo.token.claim" : "true",
- "user.attribute" : "website",
+ "user.attribute" : "phoneNumber",
"id.token.claim" : "true",
"access.token.claim" : "true",
- "claim.name" : "website",
+ "claim.name" : "phone_number",
"jsonType.label" : "String"
}
} ]
}, {
- "id" : "f3dc793d-6011-4861-b538-399dde5434c0",
- "name" : "role_list",
- "description" : "SAML role list",
- "protocol" : "saml",
+ "id" : "a08a2719-3b1c-46b9-88dc-6eea1a74491a",
+ "name" : "acr",
+ "description" : "OpenID Connect scope for add acr (authentication context class reference) to the token",
+ "protocol" : "openid-connect",
"attributes" : {
- "consent.screen.text" : "${samlRoleListScopeConsentText}",
- "display.on.consent.screen" : "true"
+ "include.in.token.scope" : "false",
+ "display.on.consent.screen" : "false"
},
"protocolMappers" : [ {
- "id" : "22eeabf8-a3c3-4026-a351-367f8ace7927",
- "name" : "role list",
- "protocol" : "saml",
- "protocolMapper" : "saml-role-list-mapper",
+ "id" : "d7e4a778-8538-4c80-a5be-4217a1274513",
+ "name" : "acr loa level",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-acr-mapper",
"consentRequired" : false,
"config" : {
- "single" : "false",
- "attribute.nameformat" : "Basic",
- "attribute.name" : "Role"
+ "id.token.claim" : "true",
+ "access.token.claim" : "true"
}
} ]
}, {
- "id" : "f72c1acd-c367-41b1-8646-b6bd5fff3e3f",
- "name" : "roles",
- "description" : "OpenID Connect scope for add user roles to the access token",
+ "id" : "e8a1f505-df34-4d30-bcee-5c1dfe81bda4",
+ "name" : "email",
+ "description" : "OpenID Connect built-in scope: email",
"protocol" : "openid-connect",
"attributes" : {
- "include.in.token.scope" : "false",
+ "include.in.token.scope" : "true",
"display.on.consent.screen" : "true",
- "consent.screen.text" : "${rolesScopeConsentText}"
+ "consent.screen.text" : "${emailScopeConsentText}"
},
"protocolMappers" : [ {
- "id" : "cd8e589e-5fa7-4dae-bf6e-e8f6a3fd3cff",
- "name" : "realm roles",
+ "id" : "227e5311-26c7-4308-b74f-6ddf6f1ff4d3",
+ "name" : "email verified",
"protocol" : "openid-connect",
- "protocolMapper" : "oidc-usermodel-realm-role-mapper",
+ "protocolMapper" : "oidc-usermodel-property-mapper",
"consentRequired" : false,
"config" : {
- "user.attribute" : "foo",
+ "userinfo.token.claim" : "true",
+ "user.attribute" : "emailVerified",
+ "id.token.claim" : "true",
"access.token.claim" : "true",
- "claim.name" : "realm_access.roles",
- "jsonType.label" : "String",
- "multivalued" : "true"
+ "claim.name" : "email_verified",
+ "jsonType.label" : "boolean"
}
}, {
- "id" : "708b19d1-0709-4278-b5a1-bcbeec11f51a",
- "name" : "audience resolve",
- "protocol" : "openid-connect",
- "protocolMapper" : "oidc-audience-resolve-mapper",
- "consentRequired" : false,
- "config" : { }
- }, {
- "id" : "25e97210-30c7-4f35-be11-407f1fa674cb",
- "name" : "client roles",
+ "id" : "d6b97a93-af9a-4b57-bef1-52d96ee949fb",
+ "name" : "email",
"protocol" : "openid-connect",
- "protocolMapper" : "oidc-usermodel-client-role-mapper",
+ "protocolMapper" : "oidc-usermodel-property-mapper",
"consentRequired" : false,
"config" : {
- "user.attribute" : "foo",
+ "userinfo.token.claim" : "true",
+ "user.attribute" : "email",
+ "id.token.claim" : "true",
"access.token.claim" : "true",
- "claim.name" : "resource_access.${client_id}.roles",
- "jsonType.label" : "String",
- "multivalued" : "true"
+ "claim.name" : "email",
+ "jsonType.label" : "String"
+ }
+ } ]
+ }, {
+ "id" : "ee2857c9-11a6-44a8-9e27-7655e01003c3",
+ "name" : "role_list",
+ "description" : "SAML role list",
+ "protocol" : "saml",
+ "attributes" : {
+ "consent.screen.text" : "${samlRoleListScopeConsentText}",
+ "display.on.consent.screen" : "true"
+ },
+ "protocolMappers" : [ {
+ "id" : "e6d19dfe-4477-4d25-b4ab-7aa0a9471920",
+ "name" : "role list",
+ "protocol" : "saml",
+ "protocolMapper" : "saml-role-list-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "single" : "false",
+ "attribute.nameformat" : "Basic",
+ "attribute.name" : "Role"
}
} ]
}, {
- "id" : "52618957-a4e8-4c6f-a902-217f2c41a2fd",
+ "id" : "7e829769-0606-4c36-8866-61e857035e24",
"name" : "web-origins",
"description" : "OpenID Connect scope for add allowed web origins to the access token",
"protocol" : "openid-connect",
@@ -955,23 +1053,51 @@
"consent.screen.text" : ""
},
"protocolMappers" : [ {
- "id" : "a66ddadf-312f-491f-993c-fa58685815c6",
+ "id" : "fc0208ff-529f-4357-9ac7-9d67327156a7",
"name" : "allowed web origins",
"protocol" : "openid-connect",
"protocolMapper" : "oidc-allowed-origins-mapper",
"consentRequired" : false,
"config" : { }
} ]
+ }, {
+ "id" : "0b8e1216-27f9-447d-9737-3737106f65cb",
+ "name" : "address",
+ "description" : "OpenID Connect built-in scope: address",
+ "protocol" : "openid-connect",
+ "attributes" : {
+ "include.in.token.scope" : "true",
+ "display.on.consent.screen" : "true",
+ "consent.screen.text" : "${addressScopeConsentText}"
+ },
+ "protocolMappers" : [ {
+ "id" : "9a175133-73f8-4779-a8d3-db456249de2f",
+ "name" : "address",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-address-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "user.attribute.formatted" : "formatted",
+ "user.attribute.country" : "country",
+ "user.attribute.postal_code" : "postal_code",
+ "userinfo.token.claim" : "true",
+ "user.attribute.street" : "street",
+ "id.token.claim" : "true",
+ "user.attribute.region" : "region",
+ "access.token.claim" : "true",
+ "user.attribute.locality" : "locality"
+ }
+ } ]
} ],
- "defaultDefaultClientScopes" : [ "role_list", "profile", "email", "roles", "web-origins" ],
+ "defaultDefaultClientScopes" : [ "role_list", "profile", "email", "roles", "web-origins", "acr" ],
"defaultOptionalClientScopes" : [ "offline_access", "address", "phone", "microprofile-jwt" ],
"browserSecurityHeaders" : {
"contentSecurityPolicyReportOnly" : "",
"xContentTypeOptions" : "nosniff",
"xRobotsTag" : "none",
"xFrameOptions" : "SAMEORIGIN",
- "xXSSProtection" : "1; mode=block",
"contentSecurityPolicy" : "frame-src 'self'; frame-ancestors 'self'; object-src 'none';",
+ "xXSSProtection" : "1; mode=block",
"strictTransportSecurity" : "max-age=31536000; includeSubDomains"
},
"smtpServer" : { },
@@ -980,27 +1106,39 @@
"enabledEventTypes" : [ ],
"adminEventsEnabled" : false,
"adminEventsDetailsEnabled" : false,
+ "identityProviders" : [ ],
+ "identityProviderMappers" : [ ],
"components" : {
"org.keycloak.services.clientregistration.policy.ClientRegistrationPolicy" : [ {
- "id" : "a7679218-373d-48ca-88f8-429985faeae3",
+ "id" : "59ee49a2-351c-4236-926c-c77ac83d23c7",
+ "name" : "Trusted Hosts",
+ "providerId" : "trusted-hosts",
+ "subType" : "anonymous",
+ "subComponents" : { },
+ "config" : {
+ "host-sending-registration-request-must-match" : [ "true" ],
+ "client-uris-must-match" : [ "true" ]
+ }
+ }, {
+ "id" : "dac3f4e0-4b15-401e-b815-e0b0dec7de0e",
"name" : "Allowed Protocol Mapper Types",
"providerId" : "allowed-protocol-mappers",
"subType" : "anonymous",
"subComponents" : { },
"config" : {
- "allowed-protocol-mapper-types" : [ "oidc-full-name-mapper", "saml-user-attribute-mapper", "saml-user-property-mapper", "oidc-address-mapper", "saml-role-list-mapper", "oidc-sha256-pairwise-sub-mapper", "oidc-usermodel-attribute-mapper", "oidc-usermodel-property-mapper" ]
+ "allowed-protocol-mapper-types" : [ "oidc-usermodel-attribute-mapper", "oidc-address-mapper", "saml-user-attribute-mapper", "oidc-usermodel-property-mapper", "saml-user-property-mapper", "oidc-sha256-pairwise-sub-mapper", "oidc-full-name-mapper", "saml-role-list-mapper" ]
}
}, {
- "id" : "2ebf6f9f-4bfc-44b9-ad7c-282f2274d35b",
- "name" : "Allowed Client Scopes",
- "providerId" : "allowed-client-templates",
+ "id" : "3412fbcf-a470-4447-9fbc-b68f1c25a381",
+ "name" : "Allowed Protocol Mapper Types",
+ "providerId" : "allowed-protocol-mappers",
"subType" : "authenticated",
"subComponents" : { },
"config" : {
- "allow-default-scopes" : [ "true" ]
+ "allowed-protocol-mapper-types" : [ "saml-user-attribute-mapper", "oidc-usermodel-attribute-mapper", "oidc-address-mapper", "oidc-sha256-pairwise-sub-mapper", "oidc-full-name-mapper", "oidc-usermodel-property-mapper", "saml-user-property-mapper", "saml-role-list-mapper" ]
}
}, {
- "id" : "552093c3-0a0a-4234-ad7c-ae660f0f0db1",
+ "id" : "9a945cc3-12ab-480d-abc2-4dc2a83671af",
"name" : "Allowed Client Scopes",
"providerId" : "allowed-client-templates",
"subType" : "anonymous",
@@ -1009,77 +1147,80 @@
"allow-default-scopes" : [ "true" ]
}
}, {
- "id" : "8f27cf74-cee7-4a73-851f-982ee45157ca",
- "name" : "Trusted Hosts",
- "providerId" : "trusted-hosts",
+ "id" : "8dd3a163-851e-4d95-928d-5cfabd50d2e7",
+ "name" : "Max Clients Limit",
+ "providerId" : "max-clients",
"subType" : "anonymous",
"subComponents" : { },
"config" : {
- "host-sending-registration-request-must-match" : [ "true" ],
- "client-uris-must-match" : [ "true" ]
+ "max-clients" : [ "200" ]
}
}, {
- "id" : "ff570525-6c96-4500-9d73-c02e708b39de",
+ "id" : "b28958b6-cd80-41c5-959c-11cdc263afd7",
"name" : "Full Scope Disabled",
"providerId" : "scope",
"subType" : "anonymous",
"subComponents" : { },
"config" : { }
}, {
- "id" : "b52284eb-123a-4718-aac9-857530a24a9b",
- "name" : "Max Clients Limit",
- "providerId" : "max-clients",
- "subType" : "anonymous",
- "subComponents" : { },
- "config" : {
- "max-clients" : [ "200" ]
- }
- }, {
- "id" : "2b8c0a6d-d5c0-4ea2-8a9c-4843d3e04ec6",
+ "id" : "8fab1e68-de29-4e8c-aa31-a8093b370afc",
"name" : "Consent Required",
"providerId" : "consent-required",
"subType" : "anonymous",
"subComponents" : { },
"config" : { }
}, {
- "id" : "bf59de5a-2c93-43cc-a9aa-03be0129fe53",
- "name" : "Allowed Protocol Mapper Types",
- "providerId" : "allowed-protocol-mappers",
+ "id" : "17a02fd3-9468-4411-a607-7a50f6731ef1",
+ "name" : "Allowed Client Scopes",
+ "providerId" : "allowed-client-templates",
"subType" : "authenticated",
"subComponents" : { },
"config" : {
- "allowed-protocol-mapper-types" : [ "saml-user-attribute-mapper", "oidc-full-name-mapper", "saml-role-list-mapper", "saml-user-property-mapper", "oidc-usermodel-attribute-mapper", "oidc-address-mapper", "oidc-usermodel-property-mapper", "oidc-sha256-pairwise-sub-mapper" ]
+ "allow-default-scopes" : [ "true" ]
}
} ],
"org.keycloak.keys.KeyProvider" : [ {
- "id" : "b3efd9cc-28b6-4404-82af-8a48a966b8ff",
- "name" : "rsa-generated",
- "providerId" : "rsa-generated",
+ "id" : "d44192d3-3a3c-4e88-a545-e949c31aa86a",
+ "name" : "aes-generated",
+ "providerId" : "aes-generated",
"subComponents" : { },
"config" : {
- "privateKey" : [ "MIIEowIBAAKCAQEAn5T13suF8mlS+pJXp0U1bto41nW55wpcs+Rps8ZVCRyJKWqzwSCYnI7lm0rB2wBpAAO4OPoj1zlmVoFmBPsDU9Xf7rjsJb5LIzIQDCZY44aSDZt6RR+gakPiQvlzHyW/RozYpngDJF7TsTD7rdRF1xQ4RprfBF8fwK/xsU7pxbeom5xDHZhz3fiw8s+7UdbmnazDHfAjU58aUrLGgVRfUsuoHjtsptYlOIXEifaeMetXZE+HhqLYRHQPDap5fbBJl773Trosn7N9nmzN4x1xxGj9So21WC5UboQs9sAIVgizc4omjZ5Y4RN9HLH7G4YwJctNntzmnJhDui9zAO+zSQIDAQABAoIBADi+F7rTtVoft0Cfnok8o6Y58/HVxHdxiMryUd95iy0FN4RBi48FTx6D9QKFz25Ws/8sU2n3D51srIXf1u24b1N0/f39RQKaqk7mcyxOylaEuBQcj5pah4ihgKd92UBfBKdKV5LBo6RgD3e2yhbiHr8+UlBQqzH7vOef6Bm6zIbfmi3N88swAJhP0YizRZFklsbmLsK6nkwyro00CHJvPVKSBbM+ad+/zIBsLw56MvNngB5TuFguUgoljd6M1T2z4utmZGlTUqrfE1onAVLJZoGnRohyIr7dJEg6YxWR70PxsgmkDKyeRvet9P1trO0n+OSprusfrC3cHJStabap1V0CgYEA1A/CtsqTnjdYYsB19eumZgdpzUgNc/YEAzZ/OWb8yTLoB2ncci+63A1rXHUXAqJFY7vtjn5mxv7SuASNbUrzq+6KfZvC1x9XEtnczqT/ypunNfxmIZuj8Nuu6vtURguZ8kPPwdkI8toTizRFeRE5ZDBvoQryiEVYugfHaHT5vzsCgYEAwKWODwquI0Lv9BuwdNVrBXQpkKh3ZfYOA7i9xvhxlM7xUu8OMCwwCPn3r7vrW5APjTqX4h330mJ44SLEs+7gbCUs4BbJBLA6g0ChlHa9PTkxp6tk2nDF/B34fxiZSRkE85L+d+at0Dc3hnlzLCJCzJawGpoPniPU9e4w0p4dN0sCgYAsGnMGjS8SUrRhJWHjGXVr9tK8TOXvXhULjgP7rj2Yoqu7Dvs4DFEyft/7RKbad2EzEtyfLA64CDtO5jN7rYDsGxpWcVSeZPg5BXJ0z8AbJTArfCjJiJMZ/rZsTIUEZFlKF2xYBolj6JLz+pUQTtK+0YwF1D8ItFN1rTR9twZSDQKBgQC6sPXNX+VH6LuPTjIf1x8CxwLs3EXxOpV0R9kp9GRl+HJnk6GlT30xhcThufQo5KAdllXQXIhoiuNoEoCbevhj9Vbax1oBQCNERSMRNEzKAx46xd9TzYwgeo7x5E3QR/3DaoVOfu+cY5ZcrF/PulgP2kxJS1mtQD5GIpGP2oinpwKBgGqiqTFPqRcelx76vBvTU+Jp1zM62T4AotbMrSQR/oUvqHe5Ytj/SbZx+wbbHAiyGgV700Mosyviik83YEAbR3kdOPjgYvAJJW2Y3jEMdQ7MwriXz8XLh5BGmYfVjkSOJXed9ua9WlYLKOJeXXv191BbDvrx5NXuJyVVU4vJx3YZ" ],
- "certificate" : [ "MIICnTCCAYUCBgFp4EYIrjANBgkqhkiG9w0BAQsFADASMRAwDgYDVQQDDAdwcm90ZWFuMB4XDTE5MDQwMjIyNTYxOVoXDTI5MDQwMjIyNTc1OVowEjEQMA4GA1UEAwwHcHJvdGVhbjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJ+U9d7LhfJpUvqSV6dFNW7aONZ1uecKXLPkabPGVQkciSlqs8EgmJyO5ZtKwdsAaQADuDj6I9c5ZlaBZgT7A1PV3+647CW+SyMyEAwmWOOGkg2bekUfoGpD4kL5cx8lv0aM2KZ4AyRe07Ew+63URdcUOEaa3wRfH8Cv8bFO6cW3qJucQx2Yc934sPLPu1HW5p2swx3wI1OfGlKyxoFUX1LLqB47bKbWJTiFxIn2njHrV2RPh4ai2ER0Dw2qeX2wSZe+9066LJ+zfZ5szeMdccRo/UqNtVguVG6ELPbACFYIs3OKJo2eWOETfRyx+xuGMCXLTZ7c5pyYQ7ovcwDvs0kCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAVtmRKDb4OK5iSA46tagMBkp6L7WuPpCWuHGWwobEP+BecYsShW7zP3s12oA8SNSwbhvu0CRqgzxhuypgf3hKQFVU153Erv4hzkj+8S0s5LR/ZE7tDNY2lzJ3yQKXy3Md7EkuzzvOZ50MTrcSKAanWq/ZW1OTnrtGymj5zGJnTg7mMnJzEIGePxkvPu/QdchiPBLqxfZYm1jsFGY25djOC3N/KmVcRVmPRGuu6D8tBFHlKoPfZYPdbMvsvs24aupHKRcZ+ofTCpK+2Qo8c0pSSqeEYHGmuGqC6lC6ozxtxSABPO9Q1R1tZBU7Kg5HvXUwwmoVS3EGub46YbHqbmWMLg==" ],
+ "kid" : [ "e5093b21-193e-4870-8704-da2e95624636" ],
+ "secret" : [ "gyHnYiP_hZm7e98viCL4Ww" ],
"priority" : [ "100" ]
}
}, {
- "id" : "20460ca5-ec24-4a9b-839a-457743d3f841",
+ "id" : "2cef76ac-9884-40c8-93e0-56b4990e0c7c",
"name" : "hmac-generated",
"providerId" : "hmac-generated",
"subComponents" : { },
"config" : {
- "kid" : [ "96afd00e-85cf-4d35-b18e-061d3813d8b2" ],
- "secret" : [ "qBFGKdUGf6xDgKphnRfoFzIzaFHJW4bYnZ9MinPFzN38X5_ctq-2u1q5RdZzeJukXvk2biHB8_s3DxWmmLZFsA" ],
+ "kid" : [ "9a2ed006-ab72-4332-9e10-e90ffb402175" ],
+ "secret" : [ "Ky_l9LZOjTABVy8l-MRnyLuMMQHzYFoJ5yB4xo_YIaMFrJ9cT4Kinzq1bCIiu0j8adQF1xL8sh9rM2BRYu5cjA" ],
"priority" : [ "100" ],
"algorithm" : [ "HS256" ]
}
}, {
- "id" : "4f02d984-7a23-4ce1-8591-848a71390efe",
- "name" : "aes-generated",
- "providerId" : "aes-generated",
+ "id" : "9b5c5506-a979-4d97-b3a1-7875b7e26baf",
+ "name" : "rsa-enc-generated",
+ "providerId" : "rsa-enc-generated",
+ "subComponents" : { },
+ "config" : {
+ "privateKey" : [ "MIIEowIBAAKCAQEArM0cRQdpn00Vk/VLMyKZaoeRmFMIMr/7UJO5hlUuQa7DMDPQgyCl0opfhxUmhmkJcKrOV9Y9JeXLspvTI5Y/0WkI+NstQzbTgqFuW6TMocVMp1OZMjAePt6do96HyZLk4YXlUlScEE6QO4a2L6ZqjAkO/5H4jdV76dLFrsdq56OiAFfT13Tdxun8xz4B5knzjCpNWMzAqWW4rjjpFatiNPbUvV2Y/bd2v+DJvesrkF3BLaumhA8yRv/gYsu+D4fIXEJTsXO192aKE3UW0PJ23ThNjLHvJNf7AUpqbo/Iy3WDWEdIKzlCpLWN0FaMmuKNtU8XFM9Cx2OSxQgesiD2SwIDAQABAoIBAA3Q50IHpsspvSA6CQiuHmkOxmlqhINjDfalaqLe1aN2LYoBlcBrA4cZZCwacoMyciKtej3T1cpdaXnYc26ErInGpZ5/QhexK89/SIhDdwI2+OGAa1InC1jVSli+fP0OmLk4kBsskHI0IQ95V/PoXaitPFZ0kKE6elbs8LxNANmpsRKPUWy6ZEIwehhSZRVWrJnKRf/iB9DRLSkFXy9NCqURzGs0YAqJbXAmNC14m98EjTTbw9PgfvgQQwCRfWku6DM3rd2J4WXagAFZECDWCc6UFdJGTdhAsjW5B1fcpC6/rD9rONKVqmKf5N2oreHXnSxLHVwTX3H/o3IdgwYyLPECgYEA7DeZaXdonKSZEHuT5x3wyE6Asj+xfvH8sURvcat6XmgUZtD5uYdARr+MtyBJWwGDonzheaJ8yCHovuPS0nvbab0vizokzdLuxk70ehwujdCMowSygorF3Y38z6+Fk/ur8Jto3DCozS2qfRndPw9+joWJzskmQmsuOt/vf0IoDhsCgYEAu0Xl/pPJFAa9d4jwpbtmEKA8RZF05IbBTEpXfYIrLKDvvkHKYA5G60qfG/LNoGeDHHoXktEheiMsd8dmztOTcbQLGA+rANZi7gBMdapYj+Q84Wm8M9QZjD/wZhv/rPklZeSymJV45am985yT+KlFZIrtMzC1rHEa1jvOxTKee5ECgYAA1SVWSNR2kOH1O+pGi0V4/0XW2wCeKO4yFcKqzObuhEFmJ2Bp9f8VAMHXN2bqyjOTlAsbaaY08mGmopjwov0f/0m2nOraSt8Kleaos4a6ezyzqmWSrjiKUmDMvpqi7eUqQPH6rLU7m+iY7kloWn6gs/nLX8whucz86iMm+K25dwKBgECMZirqS2uAqzuRUsj9H7/pSvz7ltvR6rxd/2v+Ot1mF1xvls6m/SDKlq7ucJuyMgnVt1xegvhzOTeL3k65tF+DnDNN6zYdrvmz1qbT8TSfibB0Xm9K0wd5XmYDjovTUGWff0OCeapHaHaYaJRT29w82mdDicsHLSXcdXeY6/FRAoGBAJbnAYgoTWfTblyoXRjQwz9lhQoXaS3c8d0GAm3Ceamagtx+FSjRVuNB4rpSRgMLwbdI6yeEkcgeZHKrglW2psxHyu2FmDQsSx+oYnF/WYV/0wQjIxzzbSCZLckdiThT0G7VrAOC4hah/U3g5BVoPRFpmPr2OhDO/hY1sPYcisiI" ],
+ "keyUse" : [ "ENC" ],
+ "certificate" : [ "MIICnTCCAYUCBgGCxQ67czANBgkqhkiG9w0BAQsFADASMRAwDgYDVQQDDAdxdWFya3VzMB4XDTIyMDgyMjEwMTU1M1oXDTMyMDgyMjEwMTczM1owEjEQMA4GA1UEAwwHcXVhcmt1czCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKzNHEUHaZ9NFZP1SzMimWqHkZhTCDK/+1CTuYZVLkGuwzAz0IMgpdKKX4cVJoZpCXCqzlfWPSXly7Kb0yOWP9FpCPjbLUM204KhblukzKHFTKdTmTIwHj7enaPeh8mS5OGF5VJUnBBOkDuGti+maowJDv+R+I3Ve+nSxa7HauejogBX09d03cbp/Mc+AeZJ84wqTVjMwKlluK446RWrYjT21L1dmP23dr/gyb3rK5BdwS2rpoQPMkb/4GLLvg+HyFxCU7FztfdmihN1FtDydt04TYyx7yTX+wFKam6PyMt1g1hHSCs5QqS1jdBWjJrijbVPFxTPQsdjksUIHrIg9ksCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAZ5Y7Yl2fDw2CHJnbxV/r5l9xtCWcpMnvfaaDF1ZdksjZ6XjsItQ3ok7Cok0rGgVdUEeUUDVT2qR7dgKP7JK8hQi2Mjb9IerJjCyp/RdwsTOUocORRTA9/Xj86ftoSqCiiT8sEGDnKqLRn2TVXT1qC5jxEgmGjEL1RacC3D1cIReadNuGjGyqEpLooBlp8+oBR1p4uVG2JS1MVOiHp3HLqP2rRAp8Yj2eDVQQk8pgrZWgxzTHir9RoQdgz6xT4nAYqahZccfchkFGkO4SKFtI9g85oPn6jvY6VTrCbh1hfZwnUyz2+mOBgIP4vtPKNj9XQojORO5jHB1ARxln1b4MVA==" ],
+ "priority" : [ "100" ],
+ "algorithm" : [ "RSA-OAEP" ]
+ }
+ }, {
+ "id" : "7027377c-4203-4f9d-b272-a5c9fc178e2b",
+ "name" : "rsa-generated",
+ "providerId" : "rsa-generated",
"subComponents" : { },
"config" : {
- "kid" : [ "b04473d3-8395-4016-b455-19a9e951106b" ],
- "secret" : [ "x68mMOVdz3qKWzltzReV0g" ],
+ "privateKey" : [ "MIIEpAIBAAKCAQEA6i23lPm42omvehwgZbGbA1bgrbzj3t2y91Kr0fxmCg4Xs8xLA0iDFNFqnl7KOTTYLRSbLNIVrxv2PQxSWRDYYlaAGMzMyhwR6RZmiLM1PsXLhIvEnQLNAHhAIpSgbX2MG2lwMV/falX0zOouz/+KxOrOgLlED6F+rM9Lr02lPFAm8ZkKqipIgvDVwVFm0VeFRxu5Q8Yg8W7qyHDzVGOVzbiGt95wjpvssw8bl1RxHZWw6itpoGAG88dftC9gkDnAES//5xBnY8HzS7+4fcnGN7NbsClEvkYWAGLREbBZy1fbSE/yfUCOJ+WZSRDtG/NH7DZVPMnfXXLFfCtppowkrwIDAQABAoIBABdO45XdYSvHRoL157eXfOFRNV21jkyxbk21mcp1v8ZCbtODgvfZsMpSqbUHpEMbYmTiRyun4WajdtfOsSeSSKdJCsjtIXkAYDv98cirZaJQ15fivXgPPk5Mqb2HY4xiUZ6s2PDhJQCVe58ls/EZ8zr0UAd56S9RGKWkoFjbdpXRB7njpK0HfNUevp/0tmY6u1jtkW4LgXb/k2PDgSYRvTStjEyg2VGkOGkLRvyrEkCFm5kKwWHTCRc7xLPTwsNWdVHX1WH0+JxuoXk2izT1xRYIUFmoWS+YxOOABl0TrY8kPpg1bpwCDlhkoQwYRsTIeQJfSecT6e5nm/ivm9WNspkCgYEA/aavaeRlIt+peg0tAGjmik0igS66Zv/+seYdgBTLtMBOlSvPnqkI7gXBDHDnPLlRt80ysUrd6GIkUKI0xjU+RzwsRt/1266t4Mwg+zSzzHYZMvAaHXmz7x6w1gWWBZMm818aXe98s7Q7g/SvQ68Ylko5TAlTfKUXQVQkaLz208MCgYEA7FjenfWuyEmealCaC3pVDdPokJi3wnqZxKoDMjIY3nwszLA8lSAHeWNWxUCj9KIfUBhxxsr+X/EWj8Xc/Q35NY2UzjB+e3unAxTA09T/cl2+zLhW8KPSdOQ/5gv7xVUzi7R2Q7C09x9xq36i7s8x09xz8JReDYtcU1zAORshOKUCgYEAx0y/K27f4ITovxO3Nkk2S5jL8cDriZ6/Wry6lTbB0GYB2MexvLKIZ61xv/q+VkIuaUL7/74ZmkvyyMCKwup24rXu/Elg/pnD2YvKplcEpzRsHE/31Q0ZSltNCv0coYi75CHnr8NKslB9KvOI+p+LrBrp5kq1pIx7N0OL0BgZwM0CgYEA4gPaX5QioMZGB8Usiu1hiOes7xocII69naQ3ijj+L0TwUo32YWVPwHWO9PLr13VyHFZD96cHuxgCS1scCaLjPqM2OjeFvPByti+SdwCph+S+IWfnPBhtmfrsYEH1crAXqvHYZsMFS412Vlmz1kutiry24sn/Z1Rt5go8iF+5VUECgYBQEzxjjGwh1Y+HRKR8lYNg/nMA8d+wLdb0DoWSjuvXTZ7gaueifBmdpjj2LLfuh75DCpxOsNtJ/7p+B+bNru6Y9AbOi0oOaXFpka6N1pkU4IsrtDsZz3UjMfR43IilPMBi9XPvAA/XhYXmU54+8vPCWpisYCP8ipDkb5rdTI5R5A==" ],
+ "keyUse" : [ "SIG" ],
+ "certificate" : [ "MIICnTCCAYUCBgGCxQ66zzANBgkqhkiG9w0BAQsFADASMRAwDgYDVQQDDAdxdWFya3VzMB4XDTIyMDgyMjEwMTU1M1oXDTMyMDgyMjEwMTczM1owEjEQMA4GA1UEAwwHcXVhcmt1czCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOott5T5uNqJr3ocIGWxmwNW4K28497dsvdSq9H8ZgoOF7PMSwNIgxTRap5eyjk02C0UmyzSFa8b9j0MUlkQ2GJWgBjMzMocEekWZoizNT7Fy4SLxJ0CzQB4QCKUoG19jBtpcDFf32pV9MzqLs//isTqzoC5RA+hfqzPS69NpTxQJvGZCqoqSILw1cFRZtFXhUcbuUPGIPFu6shw81Rjlc24hrfecI6b7LMPG5dUcR2VsOoraaBgBvPHX7QvYJA5wBEv/+cQZ2PB80u/uH3JxjezW7ApRL5GFgBi0RGwWctX20hP8n1AjiflmUkQ7RvzR+w2VTzJ311yxXwraaaMJK8CAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAxmTlI3muToPlXrN/RZbfklFlCiIeUGDC2OMR5liZGhNVipOcIJYcQQA0U197uR+lGtHD+Shj3BBVpgKLQ+oh5Im9YNlrK8fOK6BYFAS7+KYSh/j3wiFKvQztxf+lyuoSQlmWCy4My4L/LnWD38ObAvgCeP9vY1nC1hfUW5L4KuXQQJqtr9nan3ByjHK67dyryUiSBTZICzF6EVn6uXBNsjpDzPdJ6Dc0eyoWjoUuQEiMDeuY8z4JaQtXXPFOeMPgKZ/d9kNMXvnv6JycpxWg6MunVP3iTpKVqaX2occAgpFqvJycxA9HNj8N0olBLLsVCNL5YHqoT3NB0wdZ2cboXw==" ],
"priority" : [ "100" ]
}
} ]
@@ -1087,7 +1228,124 @@
"internationalizationEnabled" : false,
"supportedLocales" : [ ],
"authenticationFlows" : [ {
- "id" : "d6c3e282-a738-4b8b-98c2-378b9faf8344",
+ "id" : "880303ec-c883-4149-b104-ee590d73367c",
+ "alias" : "Account verification options",
+ "description" : "Method with which to verity the existing account",
+ "providerId" : "basic-flow",
+ "topLevel" : false,
+ "builtIn" : true,
+ "authenticationExecutions" : [ {
+ "authenticator" : "idp-email-verification",
+ "authenticatorFlow" : false,
+ "requirement" : "ALTERNATIVE",
+ "priority" : 10,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticatorFlow" : true,
+ "requirement" : "ALTERNATIVE",
+ "priority" : 20,
+ "autheticatorFlow" : true,
+ "flowAlias" : "Verify Existing Account by Re-authentication",
+ "userSetupAllowed" : false
+ } ]
+ }, {
+ "id" : "184a1a17-135d-4c65-a4c9-686d944c9df0",
+ "alias" : "Authentication Options",
+ "description" : "Authentication options.",
+ "providerId" : "basic-flow",
+ "topLevel" : false,
+ "builtIn" : true,
+ "authenticationExecutions" : [ {
+ "authenticator" : "basic-auth",
+ "authenticatorFlow" : false,
+ "requirement" : "REQUIRED",
+ "priority" : 10,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticator" : "basic-auth-otp",
+ "authenticatorFlow" : false,
+ "requirement" : "DISABLED",
+ "priority" : 20,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticator" : "auth-spnego",
+ "authenticatorFlow" : false,
+ "requirement" : "DISABLED",
+ "priority" : 30,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ } ]
+ }, {
+ "id" : "21f384bc-b470-4c4a-9bd4-d92475c8a467",
+ "alias" : "Browser - Conditional OTP",
+ "description" : "Flow to determine if the OTP is required for the authentication",
+ "providerId" : "basic-flow",
+ "topLevel" : false,
+ "builtIn" : true,
+ "authenticationExecutions" : [ {
+ "authenticator" : "conditional-user-configured",
+ "authenticatorFlow" : false,
+ "requirement" : "REQUIRED",
+ "priority" : 10,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticator" : "auth-otp-form",
+ "authenticatorFlow" : false,
+ "requirement" : "REQUIRED",
+ "priority" : 20,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ } ]
+ }, {
+ "id" : "c509b72b-02b1-4983-9ccf-13cb61a897a1",
+ "alias" : "Direct Grant - Conditional OTP",
+ "description" : "Flow to determine if the OTP is required for the authentication",
+ "providerId" : "basic-flow",
+ "topLevel" : false,
+ "builtIn" : true,
+ "authenticationExecutions" : [ {
+ "authenticator" : "conditional-user-configured",
+ "authenticatorFlow" : false,
+ "requirement" : "REQUIRED",
+ "priority" : 10,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticator" : "direct-grant-validate-otp",
+ "authenticatorFlow" : false,
+ "requirement" : "REQUIRED",
+ "priority" : 20,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ } ]
+ }, {
+ "id" : "bd1485ba-940d-418b-b14e-140d1f0febd6",
+ "alias" : "First broker login - Conditional OTP",
+ "description" : "Flow to determine if the OTP is required for the authentication",
+ "providerId" : "basic-flow",
+ "topLevel" : false,
+ "builtIn" : true,
+ "authenticationExecutions" : [ {
+ "authenticator" : "conditional-user-configured",
+ "authenticatorFlow" : false,
+ "requirement" : "REQUIRED",
+ "priority" : 10,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticator" : "auth-otp-form",
+ "authenticatorFlow" : false,
+ "requirement" : "REQUIRED",
+ "priority" : 20,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ } ]
+ }, {
+ "id" : "4c8d142e-24b0-4389-8eed-21b7f6cea382",
"alias" : "Handle Existing Account",
"description" : "Handle what to do if there is existing account with same email/username like authenticated identity provider",
"providerId" : "basic-flow",
@@ -1095,25 +1353,66 @@
"builtIn" : true,
"authenticationExecutions" : [ {
"authenticator" : "idp-confirm-link",
+ "authenticatorFlow" : false,
"requirement" : "REQUIRED",
"priority" : 10,
- "userSetupAllowed" : false,
- "autheticatorFlow" : false
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
}, {
- "authenticator" : "idp-email-verification",
- "requirement" : "ALTERNATIVE",
+ "authenticatorFlow" : true,
+ "requirement" : "REQUIRED",
+ "priority" : 20,
+ "autheticatorFlow" : true,
+ "flowAlias" : "Account verification options",
+ "userSetupAllowed" : false
+ } ]
+ }, {
+ "id" : "c3d38b32-7489-42e1-9f2f-ab3ab44a4b20",
+ "alias" : "Reset - Conditional OTP",
+ "description" : "Flow to determine if the OTP should be reset or not. Set to REQUIRED to force.",
+ "providerId" : "basic-flow",
+ "topLevel" : false,
+ "builtIn" : true,
+ "authenticationExecutions" : [ {
+ "authenticator" : "conditional-user-configured",
+ "authenticatorFlow" : false,
+ "requirement" : "REQUIRED",
+ "priority" : 10,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticator" : "reset-otp",
+ "authenticatorFlow" : false,
+ "requirement" : "REQUIRED",
"priority" : 20,
- "userSetupAllowed" : false,
- "autheticatorFlow" : false
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ } ]
+ }, {
+ "id" : "cdf5ccf3-f5ee-42fe-ac1e-87ebd883cd87",
+ "alias" : "User creation or linking",
+ "description" : "Flow for the existing/non-existing user alternatives",
+ "providerId" : "basic-flow",
+ "topLevel" : false,
+ "builtIn" : true,
+ "authenticationExecutions" : [ {
+ "authenticatorConfig" : "create unique user config",
+ "authenticator" : "idp-create-user-if-unique",
+ "authenticatorFlow" : false,
+ "requirement" : "ALTERNATIVE",
+ "priority" : 10,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
}, {
+ "authenticatorFlow" : true,
"requirement" : "ALTERNATIVE",
- "priority" : 30,
- "flowAlias" : "Verify Existing Account by Re-authentication",
- "userSetupAllowed" : false,
- "autheticatorFlow" : true
+ "priority" : 20,
+ "autheticatorFlow" : true,
+ "flowAlias" : "Handle Existing Account",
+ "userSetupAllowed" : false
} ]
}, {
- "id" : "4855860b-4009-4f1b-ba6b-60581618ea62",
+ "id" : "91db7259-f548-40a4-b79a-11e75c6e4b38",
"alias" : "Verify Existing Account by Re-authentication",
"description" : "Reauthentication of existing account",
"providerId" : "basic-flow",
@@ -1121,19 +1420,21 @@
"builtIn" : true,
"authenticationExecutions" : [ {
"authenticator" : "idp-username-password-form",
+ "authenticatorFlow" : false,
"requirement" : "REQUIRED",
"priority" : 10,
- "userSetupAllowed" : false,
- "autheticatorFlow" : false
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
}, {
- "authenticator" : "auth-otp-form",
- "requirement" : "OPTIONAL",
+ "authenticatorFlow" : true,
+ "requirement" : "CONDITIONAL",
"priority" : 20,
- "userSetupAllowed" : false,
- "autheticatorFlow" : false
+ "autheticatorFlow" : true,
+ "flowAlias" : "First broker login - Conditional OTP",
+ "userSetupAllowed" : false
} ]
}, {
- "id" : "8a9872b0-65f1-47ff-9565-fa826ac64cd4",
+ "id" : "f97ff74d-b37d-4c53-8597-344d8aafba04",
"alias" : "browser",
"description" : "browser based authentication",
"providerId" : "basic-flow",
@@ -1141,31 +1442,35 @@
"builtIn" : true,
"authenticationExecutions" : [ {
"authenticator" : "auth-cookie",
+ "authenticatorFlow" : false,
"requirement" : "ALTERNATIVE",
"priority" : 10,
- "userSetupAllowed" : false,
- "autheticatorFlow" : false
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
}, {
"authenticator" : "auth-spnego",
+ "authenticatorFlow" : false,
"requirement" : "DISABLED",
"priority" : 20,
- "userSetupAllowed" : false,
- "autheticatorFlow" : false
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
}, {
"authenticator" : "identity-provider-redirector",
+ "authenticatorFlow" : false,
"requirement" : "ALTERNATIVE",
"priority" : 25,
- "userSetupAllowed" : false,
- "autheticatorFlow" : false
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
}, {
+ "authenticatorFlow" : true,
"requirement" : "ALTERNATIVE",
"priority" : 30,
+ "autheticatorFlow" : true,
"flowAlias" : "forms",
- "userSetupAllowed" : false,
- "autheticatorFlow" : true
+ "userSetupAllowed" : false
} ]
}, {
- "id" : "51b8ed14-62b6-49b3-b602-0b51508349e0",
+ "id" : "dce6e6fe-71f8-471f-a846-5474b9bf6079",
"alias" : "clients",
"description" : "Base authentication for clients",
"providerId" : "client-flow",
@@ -1173,31 +1478,35 @@
"builtIn" : true,
"authenticationExecutions" : [ {
"authenticator" : "client-secret",
+ "authenticatorFlow" : false,
"requirement" : "ALTERNATIVE",
"priority" : 10,
- "userSetupAllowed" : false,
- "autheticatorFlow" : false
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
}, {
"authenticator" : "client-jwt",
+ "authenticatorFlow" : false,
"requirement" : "ALTERNATIVE",
"priority" : 20,
- "userSetupAllowed" : false,
- "autheticatorFlow" : false
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
}, {
"authenticator" : "client-secret-jwt",
+ "authenticatorFlow" : false,
"requirement" : "ALTERNATIVE",
"priority" : 30,
- "userSetupAllowed" : false,
- "autheticatorFlow" : false
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
}, {
"authenticator" : "client-x509",
+ "authenticatorFlow" : false,
"requirement" : "ALTERNATIVE",
"priority" : 40,
- "userSetupAllowed" : false,
- "autheticatorFlow" : false
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
} ]
}, {
- "id" : "9b65133a-ee71-494a-a659-6804513fc30b",
+ "id" : "1834508b-29a6-4fd9-ae53-2facb69b0272",
"alias" : "direct grant",
"description" : "OpenID Connect Resource Owner Grant",
"providerId" : "basic-flow",
@@ -1205,25 +1514,28 @@
"builtIn" : true,
"authenticationExecutions" : [ {
"authenticator" : "direct-grant-validate-username",
+ "authenticatorFlow" : false,
"requirement" : "REQUIRED",
"priority" : 10,
- "userSetupAllowed" : false,
- "autheticatorFlow" : false
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
}, {
"authenticator" : "direct-grant-validate-password",
+ "authenticatorFlow" : false,
"requirement" : "REQUIRED",
"priority" : 20,
- "userSetupAllowed" : false,
- "autheticatorFlow" : false
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
}, {
- "authenticator" : "direct-grant-validate-otp",
- "requirement" : "OPTIONAL",
+ "authenticatorFlow" : true,
+ "requirement" : "CONDITIONAL",
"priority" : 30,
- "userSetupAllowed" : false,
- "autheticatorFlow" : false
+ "autheticatorFlow" : true,
+ "flowAlias" : "Direct Grant - Conditional OTP",
+ "userSetupAllowed" : false
} ]
}, {
- "id" : "f62bc4ad-25ac-4f83-963b-32820af3a683",
+ "id" : "45fa9807-f3b6-4828-8205-74b5472b1896",
"alias" : "docker auth",
"description" : "Used by Docker clients to authenticate against the IDP",
"providerId" : "basic-flow",
@@ -1231,13 +1543,14 @@
"builtIn" : true,
"authenticationExecutions" : [ {
"authenticator" : "docker-http-basic-authenticator",
+ "authenticatorFlow" : false,
"requirement" : "REQUIRED",
"priority" : 10,
- "userSetupAllowed" : false,
- "autheticatorFlow" : false
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
} ]
}, {
- "id" : "1b423fe7-f312-404c-903b-f1260a77259b",
+ "id" : "de577162-5071-41a8-8938-d6ae882cb63c",
"alias" : "first broker login",
"description" : "Actions taken after first broker login with identity provider account, which is not yet linked to any Keycloak account",
"providerId" : "basic-flow",
@@ -1246,26 +1559,21 @@
"authenticationExecutions" : [ {
"authenticatorConfig" : "review profile config",
"authenticator" : "idp-review-profile",
+ "authenticatorFlow" : false,
"requirement" : "REQUIRED",
"priority" : 10,
- "userSetupAllowed" : false,
- "autheticatorFlow" : false
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
}, {
- "authenticatorConfig" : "create unique user config",
- "authenticator" : "idp-create-user-if-unique",
- "requirement" : "ALTERNATIVE",
+ "authenticatorFlow" : true,
+ "requirement" : "REQUIRED",
"priority" : 20,
- "userSetupAllowed" : false,
- "autheticatorFlow" : false
- }, {
- "requirement" : "ALTERNATIVE",
- "priority" : 30,
- "flowAlias" : "Handle Existing Account",
- "userSetupAllowed" : false,
- "autheticatorFlow" : true
+ "autheticatorFlow" : true,
+ "flowAlias" : "User creation or linking",
+ "userSetupAllowed" : false
} ]
}, {
- "id" : "9c9530b3-e3c6-481b-99e8-1461a9752e8e",
+ "id" : "98b5750d-9cd4-4f44-870e-9f38f8e0fb40",
"alias" : "forms",
"description" : "Username, password, otp and other auth forms.",
"providerId" : "basic-flow",
@@ -1273,19 +1581,21 @@
"builtIn" : true,
"authenticationExecutions" : [ {
"authenticator" : "auth-username-password-form",
+ "authenticatorFlow" : false,
"requirement" : "REQUIRED",
"priority" : 10,
- "userSetupAllowed" : false,
- "autheticatorFlow" : false
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
}, {
- "authenticator" : "auth-otp-form",
- "requirement" : "OPTIONAL",
+ "authenticatorFlow" : true,
+ "requirement" : "CONDITIONAL",
"priority" : 20,
- "userSetupAllowed" : false,
- "autheticatorFlow" : false
+ "autheticatorFlow" : true,
+ "flowAlias" : "Browser - Conditional OTP",
+ "userSetupAllowed" : false
} ]
}, {
- "id" : "70fb94ac-354c-4629-a5fe-5135d0137964",
+ "id" : "c6475f89-2c26-41ad-9b5c-5a1861a246d6",
"alias" : "http challenge",
"description" : "An authentication flow based on challenge-response HTTP Authentication Schemes",
"providerId" : "basic-flow",
@@ -1293,31 +1603,21 @@
"builtIn" : true,
"authenticationExecutions" : [ {
"authenticator" : "no-cookie-redirect",
+ "authenticatorFlow" : false,
"requirement" : "REQUIRED",
"priority" : 10,
- "userSetupAllowed" : false,
- "autheticatorFlow" : false
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
}, {
- "authenticator" : "basic-auth",
+ "authenticatorFlow" : true,
"requirement" : "REQUIRED",
"priority" : 20,
- "userSetupAllowed" : false,
- "autheticatorFlow" : false
- }, {
- "authenticator" : "basic-auth-otp",
- "requirement" : "DISABLED",
- "priority" : 30,
- "userSetupAllowed" : false,
- "autheticatorFlow" : false
- }, {
- "authenticator" : "auth-spnego",
- "requirement" : "DISABLED",
- "priority" : 40,
- "userSetupAllowed" : false,
- "autheticatorFlow" : false
+ "autheticatorFlow" : true,
+ "flowAlias" : "Authentication Options",
+ "userSetupAllowed" : false
} ]
}, {
- "id" : "08292a4a-6722-4e33-a5d9-354c2628f567",
+ "id" : "d4c78410-40e6-44da-8e64-3aa93da7bf2e",
"alias" : "registration",
"description" : "registration flow",
"providerId" : "basic-flow",
@@ -1325,14 +1625,15 @@
"builtIn" : true,
"authenticationExecutions" : [ {
"authenticator" : "registration-page-form",
+ "authenticatorFlow" : true,
"requirement" : "REQUIRED",
"priority" : 10,
+ "autheticatorFlow" : true,
"flowAlias" : "registration form",
- "userSetupAllowed" : false,
- "autheticatorFlow" : true
+ "userSetupAllowed" : false
} ]
}, {
- "id" : "668dc4b6-fe1a-4d24-ab5b-bc76e20ac390",
+ "id" : "e574f67a-f073-44a6-a8dd-8981295ce42d",
"alias" : "registration form",
"description" : "registration form",
"providerId" : "form-flow",
@@ -1340,31 +1641,35 @@
"builtIn" : true,
"authenticationExecutions" : [ {
"authenticator" : "registration-user-creation",
+ "authenticatorFlow" : false,
"requirement" : "REQUIRED",
"priority" : 20,
- "userSetupAllowed" : false,
- "autheticatorFlow" : false
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
}, {
"authenticator" : "registration-profile-action",
+ "authenticatorFlow" : false,
"requirement" : "REQUIRED",
"priority" : 40,
- "userSetupAllowed" : false,
- "autheticatorFlow" : false
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
}, {
"authenticator" : "registration-password-action",
+ "authenticatorFlow" : false,
"requirement" : "REQUIRED",
"priority" : 50,
- "userSetupAllowed" : false,
- "autheticatorFlow" : false
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
}, {
"authenticator" : "registration-recaptcha-action",
+ "authenticatorFlow" : false,
"requirement" : "DISABLED",
"priority" : 60,
- "userSetupAllowed" : false,
- "autheticatorFlow" : false
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
} ]
}, {
- "id" : "a0e191f0-ce9a-4a75-b6e4-97332b05f7e5",
+ "id" : "ee48ba58-5c24-4c99-b866-4896c35b6f08",
"alias" : "reset credentials",
"description" : "Reset credentials for a user if they forgot their password or something",
"providerId" : "basic-flow",
@@ -1372,31 +1677,35 @@
"builtIn" : true,
"authenticationExecutions" : [ {
"authenticator" : "reset-credentials-choose-user",
+ "authenticatorFlow" : false,
"requirement" : "REQUIRED",
"priority" : 10,
- "userSetupAllowed" : false,
- "autheticatorFlow" : false
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
}, {
"authenticator" : "reset-credential-email",
+ "authenticatorFlow" : false,
"requirement" : "REQUIRED",
"priority" : 20,
- "userSetupAllowed" : false,
- "autheticatorFlow" : false
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
}, {
"authenticator" : "reset-password",
+ "authenticatorFlow" : false,
"requirement" : "REQUIRED",
"priority" : 30,
- "userSetupAllowed" : false,
- "autheticatorFlow" : false
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
}, {
- "authenticator" : "reset-otp",
- "requirement" : "OPTIONAL",
+ "authenticatorFlow" : true,
+ "requirement" : "CONDITIONAL",
"priority" : 40,
- "userSetupAllowed" : false,
- "autheticatorFlow" : false
+ "autheticatorFlow" : true,
+ "flowAlias" : "Reset - Conditional OTP",
+ "userSetupAllowed" : false
} ]
}, {
- "id" : "ad4beb21-8e9a-4fca-af41-0f757169f26c",
+ "id" : "d3922b2b-abb0-4afd-9c5e-6616af0e6ab9",
"alias" : "saml ecp",
"description" : "SAML ECP Profile Authentication Flow",
"providerId" : "basic-flow",
@@ -1404,20 +1713,21 @@
"builtIn" : true,
"authenticationExecutions" : [ {
"authenticator" : "http-basic-authenticator",
+ "authenticatorFlow" : false,
"requirement" : "REQUIRED",
"priority" : 10,
- "userSetupAllowed" : false,
- "autheticatorFlow" : false
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
} ]
} ],
"authenticatorConfig" : [ {
- "id" : "25632f91-6071-423a-8e9c-7322cdc1b011",
+ "id" : "1e7e9e2a-5a86-4663-90e0-dca022dd3f60",
"alias" : "create unique user config",
"config" : {
"require.password.update.after.registration" : "false"
}
}, {
- "id" : "02d7f70b-1ebc-4e72-a65c-d94a600895ac",
+ "id" : "755cc868-c0b3-41a0-bc6d-51839ed86fc5",
"alias" : "review profile config",
"config" : {
"update.profile.on.first.login" : "missing"
@@ -1463,6 +1773,38 @@
"defaultAction" : false,
"priority" : 50,
"config" : { }
+ }, {
+ "alias" : "delete_account",
+ "name" : "Delete Account",
+ "providerId" : "delete_account",
+ "enabled" : false,
+ "defaultAction" : false,
+ "priority" : 60,
+ "config" : { }
+ }, {
+ "alias" : "webauthn-register",
+ "name" : "Webauthn Register",
+ "providerId" : "webauthn-register",
+ "enabled" : true,
+ "defaultAction" : false,
+ "priority" : 70,
+ "config" : { }
+ }, {
+ "alias" : "webauthn-register-passwordless",
+ "name" : "Webauthn Register Passwordless",
+ "providerId" : "webauthn-register-passwordless",
+ "enabled" : true,
+ "defaultAction" : false,
+ "priority" : 80,
+ "config" : { }
+ }, {
+ "alias" : "update_user_locale",
+ "name" : "Update User Locale",
+ "providerId" : "update_user_locale",
+ "enabled" : true,
+ "defaultAction" : false,
+ "priority" : 1000,
+ "config" : { }
} ],
"browserFlow" : "browser",
"registrationFlow" : "registration",
@@ -1471,25 +1813,13 @@
"clientAuthenticationFlow" : "clients",
"dockerAuthenticationFlow" : "docker auth",
"attributes" : {
- "_browser_header.xXSSProtection" : "1; mode=block",
- "_browser_header.xFrameOptions" : "SAMEORIGIN",
- "_browser_header.strictTransportSecurity" : "max-age=31536000; includeSubDomains",
- "permanentLockout" : "false",
- "quickLoginCheckMilliSeconds" : "1000",
- "_browser_header.xRobotsTag" : "none",
- "maxFailureWaitSeconds" : "900",
- "minimumQuickLoginWaitSeconds" : "60",
- "failureFactor" : "30",
- "actionTokenGeneratedByUserLifespan" : "300",
- "maxDeltaTimeSeconds" : "43200",
- "_browser_header.xContentTypeOptions" : "nosniff",
- "offlineSessionMaxLifespan" : "5184000",
- "actionTokenGeneratedByAdminLifespan" : "43200",
- "_browser_header.contentSecurityPolicyReportOnly" : "",
- "bruteForceProtected" : "false",
- "_browser_header.contentSecurityPolicy" : "frame-src 'self'; frame-ancestors 'self'; object-src 'none';",
- "waitIncrementSeconds" : "60",
- "offlineSessionMaxLifespanEnabled" : "false"
+ "cibaBackchannelTokenDeliveryMode" : "poll",
+ "cibaExpiresIn" : "120",
+ "cibaAuthRequestedUserHint" : "login_hint",
+ "oauth2DeviceCodeLifespan" : "600",
+ "oauth2DevicePollingInterval" : "5",
+ "parRequestUriLifespan" : "60",
+ "cibaInterval" : "5"
},
"users" : [ {
"id" : "af134cab-f41c-4675-b141-205f975db679",
@@ -1537,30 +1867,13 @@
"realmRoles" : [ "user" ],
"notBefore" : 0,
"groups" : [ ]
- }, {
- "id" : "1eed6a8e-a853-4597-b4c6-c4c2533546a0",
- "username" : "jdoe",
- "enabled" : true,
- "totp" : false,
- "emailVerified" : false,
- "credentials" : [ {
- "type" : "password",
- "hashedSaltedValue" : "JV3DUNLjqOadjbBOtC4rvacQI553CGaDGAzBS8MR5ReCr7SwF3E6CsW3T7/XO8ITZAsch8+A/6loeuCoVLLJrg==",
- "salt" : "uCbOH7HZtyDtMd0E9DG/nw==",
- "hashIterations" : 27500,
- "counter" : 0,
- "algorithm" : "pbkdf2-sha256",
- "digits" : 0,
- "period" : 0,
- "createdDate" : 1554245879227,
- "config" : { }
- } ],
- "disableableCredentialTypes" : [ "password" ],
- "requiredActions" : [ ],
- "realmRoles" : [ "confidential", "user" ],
- "notBefore" : 0,
- "groups" : [ ]
- } ],
- "keycloakVersion" : "6.0.0",
- "userManagedAccessAllowed" : false
+ }],
+ "keycloakVersion" : "19.0.1",
+ "userManagedAccessAllowed" : false,
+ "clientProfiles" : {
+ "profiles" : [ ]
+ },
+ "clientPolicies" : {
+ "policies" : [ ]
+ }
}