{ "id": "6034e1e8-0743-406c-bc55-d14c830835d6", "realm": "speckle", "notBefore": 0, "defaultSignatureAlgorithm": "RS256", "revokeRefreshToken": false, "refreshTokenMaxReuse": 0, "accessTokenLifespan": 300, "accessTokenLifespanForImplicitFlow": 900, "ssoSessionIdleTimeout": 1800, "ssoSessionMaxLifespan": 36000, "ssoSessionIdleTimeoutRememberMe": 0, "ssoSessionMaxLifespanRememberMe": 0, "offlineSessionIdleTimeout": 2592000, "offlineSessionMaxLifespanEnabled": false, "offlineSessionMaxLifespan": 5184000, "clientSessionIdleTimeout": 0, "clientSessionMaxLifespan": 0, "clientOfflineSessionIdleTimeout": 0, "clientOfflineSessionMaxLifespan": 0, "accessCodeLifespan": 60, "accessCodeLifespanUserAction": 300, "accessCodeLifespanLogin": 1800, "actionTokenGeneratedByAdminLifespan": 43200, "actionTokenGeneratedByUserLifespan": 300, "oauth2DeviceCodeLifespan": 600, "oauth2DevicePollingInterval": 5, "enabled": true, "sslRequired": "external", "registrationAllowed": true, "registrationEmailAsUsername": false, "rememberMe": true, "verifyEmail": false, "loginWithEmailAllowed": true, "duplicateEmailsAllowed": false, "resetPasswordAllowed": true, "editUsernameAllowed": false, "bruteForceProtected": false, "permanentLockout": false, "maxTemporaryLockouts": 0, "maxFailureWaitSeconds": 900, "minimumQuickLoginWaitSeconds": 60, "waitIncrementSeconds": 60, "quickLoginCheckMilliSeconds": 1000, "maxDeltaTimeSeconds": 43200, "failureFactor": 30, "roles": { "realm": [ { "id": "b29a31e1-a1b3-478e-af8b-9d26ab12dc65", "name": "offline_access", "description": "${role_offline-access}", "composite": false, "clientRole": false, "containerId": "6034e1e8-0743-406c-bc55-d14c830835d6", "attributes": {} }, { "id": "0a184e5d-449a-4513-b616-6b67887c49b2", "name": "default-roles-speckle", "description": "${role_default-roles}", "composite": true, "composites": { "realm": ["offline_access", "uma_authorization"], "client": { "account": ["view-profile", "manage-account"] } }, "clientRole": false, "containerId": "6034e1e8-0743-406c-bc55-d14c830835d6", "attributes": {} }, { "id": "581282ce-a065-45a7-aada-684be6183e7f", "name": "uma_authorization", "description": "${role_uma_authorization}", "composite": false, "clientRole": false, "containerId": "6034e1e8-0743-406c-bc55-d14c830835d6", "attributes": {} } ], "client": { "realm-management": [ { "id": "99e3369c-1413-4db4-9f60-0a45c8ce2975", "name": "view-events", "description": "${role_view-events}", "composite": false, "clientRole": true, "containerId": "93f01f1a-14eb-48c4-b303-61f20284dc50", "attributes": {} }, { "id": "d70b09c1-04d0-4e4d-ab1f-5af0d085d9d0", "name": "manage-users", "description": "${role_manage-users}", "composite": false, "clientRole": true, "containerId": "93f01f1a-14eb-48c4-b303-61f20284dc50", "attributes": {} }, { "id": "1f8d1c0b-b67d-4b84-8c02-7875846fab0f", "name": "manage-events", "description": "${role_manage-events}", "composite": false, "clientRole": true, "containerId": "93f01f1a-14eb-48c4-b303-61f20284dc50", "attributes": {} }, { "id": "ac5bdcce-f5ae-4285-affe-7906b7e01e3b", "name": "query-groups", "description": "${role_query-groups}", "composite": false, "clientRole": true, "containerId": "93f01f1a-14eb-48c4-b303-61f20284dc50", "attributes": {} }, { "id": "7b597598-abd9-4bb9-a5b0-bf7f9228c7ac", "name": "manage-realm", "description": "${role_manage-realm}", "composite": false, "clientRole": true, "containerId": "93f01f1a-14eb-48c4-b303-61f20284dc50", "attributes": {} }, { "id": "afa15b75-dfbc-4d8f-ae49-10c923f346a1", "name": "view-clients", "description": "${role_view-clients}", "composite": true, "composites": { "client": { "realm-management": ["query-clients"] } }, "clientRole": true, "containerId": "93f01f1a-14eb-48c4-b303-61f20284dc50", "attributes": {} }, { "id": "5dd24615-a482-4ad5-b01b-e704f56dcf92", "name": "query-clients", "description": "${role_query-clients}", "composite": false, "clientRole": true, "containerId": "93f01f1a-14eb-48c4-b303-61f20284dc50", "attributes": {} }, { "id": "93885446-deef-436e-9155-bf032a18eb11", "name": "manage-identity-providers", "description": "${role_manage-identity-providers}", "composite": false, "clientRole": true, "containerId": "93f01f1a-14eb-48c4-b303-61f20284dc50", "attributes": {} }, { "id": "323e8d2a-2c7b-4dc5-94c8-82a588ca342f", "name": "view-realm", "description": "${role_view-realm}", "composite": false, "clientRole": true, "containerId": "93f01f1a-14eb-48c4-b303-61f20284dc50", "attributes": {} }, { "id": "3a6a3495-fd9f-489e-ba1b-8c801e7b354d", "name": "create-client", "description": "${role_create-client}", "composite": false, "clientRole": true, "containerId": "93f01f1a-14eb-48c4-b303-61f20284dc50", "attributes": {} }, { "id": "01dca7bd-d593-45ef-8d2c-5c211c879781", "name": "manage-authorization", "description": "${role_manage-authorization}", "composite": false, "clientRole": true, "containerId": "93f01f1a-14eb-48c4-b303-61f20284dc50", "attributes": {} }, { "id": "cfd2392c-6fb9-4551-970c-fa0948cf26dc", "name": "query-users", "description": "${role_query-users}", "composite": false, "clientRole": true, "containerId": "93f01f1a-14eb-48c4-b303-61f20284dc50", "attributes": {} }, { "id": "a5ee9049-af12-4722-9383-e5ae4de46267", "name": "view-users", "description": "${role_view-users}", "composite": true, "composites": { "client": { "realm-management": ["query-users", "query-groups"] } }, "clientRole": true, "containerId": "93f01f1a-14eb-48c4-b303-61f20284dc50", "attributes": {} }, { "id": "c6352eda-d7b1-4709-a548-823736a14cd2", "name": "manage-clients", "description": "${role_manage-clients}", "composite": false, "clientRole": true, "containerId": "93f01f1a-14eb-48c4-b303-61f20284dc50", "attributes": {} }, { "id": "b1834365-a7be-4af7-b5ab-476b27c7fa67", "name": "view-authorization", "description": "${role_view-authorization}", "composite": false, "clientRole": true, "containerId": "93f01f1a-14eb-48c4-b303-61f20284dc50", "attributes": {} }, { "id": "1d3e6252-d2c8-4d6a-a705-9bd8b8ea8105", "name": "realm-admin", "description": "${role_realm-admin}", "composite": true, "composites": { "client": { "realm-management": [ "view-events", "manage-users", "manage-events", "query-groups", "view-clients", "manage-realm", "query-clients", "manage-identity-providers", "view-realm", "create-client", "manage-authorization", "query-users", "view-users", "manage-clients", "view-authorization", "view-identity-providers", "query-realms", "impersonation" ] } }, "clientRole": true, "containerId": "93f01f1a-14eb-48c4-b303-61f20284dc50", "attributes": {} }, { "id": "ea80b141-c2e4-4e82-a5cd-ece3af6db0e2", "name": "impersonation", "description": "${role_impersonation}", "composite": false, "clientRole": true, "containerId": "93f01f1a-14eb-48c4-b303-61f20284dc50", "attributes": {} }, { "id": "c614b68d-1c7a-4921-b0d4-5434139b8451", "name": "query-realms", "description": "${role_query-realms}", "composite": false, "clientRole": true, "containerId": "93f01f1a-14eb-48c4-b303-61f20284dc50", "attributes": {} }, { "id": "86309bc1-d1ba-414d-a782-735ad8e9f669", "name": "view-identity-providers", "description": "${role_view-identity-providers}", "composite": false, "clientRole": true, "containerId": "93f01f1a-14eb-48c4-b303-61f20284dc50", "attributes": {} } ], "security-admin-console": [], "admin-cli": [], "account-console": [], "broker": [ { "id": "ae9969ea-3438-483c-bf62-145a503cd68c", "name": "read-token", "description": "${role_read-token}", "composite": false, "clientRole": true, "containerId": "3a395141-f99a-443e-801e-c42d1a8cb4cc", "attributes": {} } ], "account": [ { "id": "21fc370f-51a0-4245-bbca-0161892035f9", "name": "manage-account-links", "description": "${role_manage-account-links}", "composite": false, "clientRole": true, "containerId": "e48f6e6b-b7c4-4a7d-bd56-ed4ccc3bbe61", "attributes": {} }, { "id": "1a689fdc-feab-4a56-81b0-d4569c4da77a", "name": "view-profile", "description": "${role_view-profile}", "composite": false, "clientRole": true, "containerId": "e48f6e6b-b7c4-4a7d-bd56-ed4ccc3bbe61", "attributes": {} }, { "id": "fe0596ce-fb80-48a5-bcc1-08599abe4439", "name": "manage-account", "description": "${role_manage-account}", "composite": true, "composites": { "client": { "account": ["manage-account-links"] } }, "clientRole": true, "containerId": "e48f6e6b-b7c4-4a7d-bd56-ed4ccc3bbe61", "attributes": {} }, { "id": "3d3d46f5-5123-4eaf-bc3f-6dd625d79120", "name": "view-groups", "description": "${role_view-groups}", "composite": false, "clientRole": true, "containerId": "e48f6e6b-b7c4-4a7d-bd56-ed4ccc3bbe61", "attributes": {} }, { "id": "d23eb406-7de1-4ff2-a843-9cf57d85ebda", "name": "view-applications", "description": "${role_view-applications}", "composite": false, "clientRole": true, "containerId": "e48f6e6b-b7c4-4a7d-bd56-ed4ccc3bbe61", "attributes": {} }, { "id": "b6e0b2d7-24ae-4509-8189-857b680900f8", "name": "delete-account", "description": "${role_delete-account}", "composite": false, "clientRole": true, "containerId": "e48f6e6b-b7c4-4a7d-bd56-ed4ccc3bbe61", "attributes": {} }, { "id": "88c6f498-7459-46fa-90b5-e13f7bd3c87a", "name": "view-consent", "description": "${role_view-consent}", "composite": false, "clientRole": true, "containerId": "e48f6e6b-b7c4-4a7d-bd56-ed4ccc3bbe61", "attributes": {} }, { "id": "d8fdb873-d424-43a4-abe6-47678242d2a2", "name": "manage-consent", "description": "${role_manage-consent}", "composite": true, "composites": { "client": { "account": ["view-consent"] } }, "clientRole": true, "containerId": "e48f6e6b-b7c4-4a7d-bd56-ed4ccc3bbe61", "attributes": {} } ] } }, "groups": [], "defaultRole": { "id": "0a184e5d-449a-4513-b616-6b67887c49b2", "name": "default-roles-speckle", "description": "${role_default-roles}", "composite": true, "clientRole": false, "containerId": "6034e1e8-0743-406c-bc55-d14c830835d6" }, "requiredCredentials": ["password"], "otpPolicyType": "totp", "otpPolicyAlgorithm": "HmacSHA1", "otpPolicyInitialCounter": 0, "otpPolicyDigits": 6, "otpPolicyLookAheadWindow": 1, "otpPolicyPeriod": 30, "otpPolicyCodeReusable": false, "otpSupportedApplications": [ "totpAppFreeOTPName", "totpAppGoogleName", "totpAppMicrosoftAuthenticatorName" ], "localizationTexts": {}, "webAuthnPolicyRpEntityName": "keycloak", "webAuthnPolicySignatureAlgorithms": ["ES256"], "webAuthnPolicyRpId": "", "webAuthnPolicyAttestationConveyancePreference": "not specified", "webAuthnPolicyAuthenticatorAttachment": "not specified", "webAuthnPolicyRequireResidentKey": "not specified", "webAuthnPolicyUserVerificationRequirement": "not specified", "webAuthnPolicyCreateTimeout": 0, "webAuthnPolicyAvoidSameAuthenticatorRegister": false, "webAuthnPolicyAcceptableAaguids": [], "webAuthnPolicyExtraOrigins": [], "webAuthnPolicyPasswordlessRpEntityName": "keycloak", "webAuthnPolicyPasswordlessSignatureAlgorithms": ["ES256"], "webAuthnPolicyPasswordlessRpId": "", "webAuthnPolicyPasswordlessAttestationConveyancePreference": "not specified", "webAuthnPolicyPasswordlessAuthenticatorAttachment": "not specified", "webAuthnPolicyPasswordlessRequireResidentKey": "not specified", "webAuthnPolicyPasswordlessUserVerificationRequirement": "not specified", "webAuthnPolicyPasswordlessCreateTimeout": 0, "webAuthnPolicyPasswordlessAvoidSameAuthenticatorRegister": false, "webAuthnPolicyPasswordlessAcceptableAaguids": [], "webAuthnPolicyPasswordlessExtraOrigins": [], "scopeMappings": [ { "clientScope": "offline_access", "roles": ["offline_access"] } ], "clientScopeMappings": { "account": [ { "client": "account-console", "roles": ["manage-account", "view-groups"] } ] }, "clients": [ { "id": "e48f6e6b-b7c4-4a7d-bd56-ed4ccc3bbe61", "clientId": "account", "name": "${client_account}", "description": "", "rootUrl": "${authBaseUrl}", "adminUrl": "", "baseUrl": "/realms/speckle/account/", "surrogateAuthRequired": false, "enabled": true, "alwaysDisplayInConsole": false, "clientAuthenticatorType": "client-secret", "secret": "gLb9IEutYQ0npyvA8iHxPsObY3duGB0w", "redirectUris": [ "http://localhost:8080/*", "http://localhost:3000/*", "http://127.0.0.1:8080/*", "http://127.0.0.1:3000/*", "http://speckle.internal/*", "http://speckle.internal:3000/*", "/realms/speckle/account/*" ], "webOrigins": [], "notBefore": 0, "bearerOnly": false, "consentRequired": false, "standardFlowEnabled": true, "implicitFlowEnabled": false, "directAccessGrantsEnabled": false, "serviceAccountsEnabled": false, "publicClient": false, "frontchannelLogout": false, "protocol": "openid-connect", "attributes": { "oidc.ciba.grant.enabled": "false", "client.secret.creation.time": "1723104861", "backchannel.logout.session.required": "true", "post.logout.redirect.uris": "+", "display.on.consent.screen": "false", "oauth2.device.authorization.grant.enabled": "false", "backchannel.logout.revoke.offline.tokens": "false" }, "authenticationFlowBindingOverrides": {}, "fullScopeAllowed": false, "nodeReRegistrationTimeout": 0, "defaultClientScopes": [ "web-origins", "acr", "roles", "profile", "basic", "email" ], "optionalClientScopes": ["address", "phone", "offline_access", "microprofile-jwt"] }, { "id": "21a48de6-ef1d-4750-8368-343e335f9542", "clientId": "account-console", "name": "${client_account-console}", "rootUrl": "${authBaseUrl}", "baseUrl": "/realms/speckle/account/", "surrogateAuthRequired": false, "enabled": true, "alwaysDisplayInConsole": false, "clientAuthenticatorType": "client-secret", "redirectUris": ["/realms/speckle/account/*"], "webOrigins": [], "notBefore": 0, "bearerOnly": false, "consentRequired": false, "standardFlowEnabled": true, "implicitFlowEnabled": false, "directAccessGrantsEnabled": false, "serviceAccountsEnabled": false, "publicClient": true, "frontchannelLogout": false, "protocol": "openid-connect", "attributes": { "post.logout.redirect.uris": "+", "pkce.code.challenge.method": "S256" }, "authenticationFlowBindingOverrides": {}, "fullScopeAllowed": false, "nodeReRegistrationTimeout": 0, "protocolMappers": [ { "id": "30552494-17eb-45b3-b7d0-d49777848511", "name": "audience resolve", "protocol": "openid-connect", "protocolMapper": "oidc-audience-resolve-mapper", "consentRequired": false, "config": {} } ], "defaultClientScopes": [ "web-origins", "acr", "roles", "profile", "basic", "email" ], "optionalClientScopes": ["address", "phone", "offline_access", "microprofile-jwt"] }, { "id": "f4c36733-7dce-43ee-b0a1-44390b87f0bd", "clientId": "admin-cli", "name": "${client_admin-cli}", "surrogateAuthRequired": false, "enabled": true, "alwaysDisplayInConsole": false, "clientAuthenticatorType": "client-secret", "redirectUris": [], "webOrigins": [], "notBefore": 0, "bearerOnly": false, "consentRequired": false, "standardFlowEnabled": false, "implicitFlowEnabled": false, "directAccessGrantsEnabled": true, "serviceAccountsEnabled": false, "publicClient": true, "frontchannelLogout": false, "protocol": "openid-connect", "attributes": {}, "authenticationFlowBindingOverrides": {}, "fullScopeAllowed": false, "nodeReRegistrationTimeout": 0, "defaultClientScopes": [ "web-origins", "acr", "roles", "profile", "basic", "email" ], "optionalClientScopes": ["address", "phone", "offline_access", "microprofile-jwt"] }, { "id": "3a395141-f99a-443e-801e-c42d1a8cb4cc", "clientId": "broker", "name": "${client_broker}", "surrogateAuthRequired": false, "enabled": true, "alwaysDisplayInConsole": false, "clientAuthenticatorType": "client-secret", "redirectUris": [], "webOrigins": [], "notBefore": 0, "bearerOnly": true, "consentRequired": false, "standardFlowEnabled": true, "implicitFlowEnabled": false, "directAccessGrantsEnabled": false, "serviceAccountsEnabled": false, "publicClient": false, "frontchannelLogout": false, "protocol": "openid-connect", "attributes": {}, "authenticationFlowBindingOverrides": {}, "fullScopeAllowed": false, "nodeReRegistrationTimeout": 0, "defaultClientScopes": [ "web-origins", "acr", "roles", "profile", "basic", "email" ], "optionalClientScopes": ["address", "phone", "offline_access", "microprofile-jwt"] }, { "id": "93f01f1a-14eb-48c4-b303-61f20284dc50", "clientId": "realm-management", "name": "${client_realm-management}", "surrogateAuthRequired": false, "enabled": true, "alwaysDisplayInConsole": false, "clientAuthenticatorType": "client-secret", "redirectUris": [], "webOrigins": [], "notBefore": 0, "bearerOnly": true, "consentRequired": false, "standardFlowEnabled": true, "implicitFlowEnabled": false, "directAccessGrantsEnabled": false, "serviceAccountsEnabled": false, "publicClient": false, "frontchannelLogout": false, "protocol": "openid-connect", "attributes": {}, "authenticationFlowBindingOverrides": {}, "fullScopeAllowed": false, "nodeReRegistrationTimeout": 0, "defaultClientScopes": [ "web-origins", "acr", "roles", "profile", "basic", "email" ], "optionalClientScopes": ["address", "phone", "offline_access", "microprofile-jwt"] }, { "id": "800e724b-c44b-475b-9d6a-f8499228f952", "clientId": "security-admin-console", "name": "${client_security-admin-console}", "rootUrl": "${authAdminUrl}", "baseUrl": "/admin/speckle/console/", "surrogateAuthRequired": false, "enabled": true, "alwaysDisplayInConsole": false, "clientAuthenticatorType": "client-secret", "redirectUris": ["/admin/speckle/console/*"], "webOrigins": ["+"], "notBefore": 0, "bearerOnly": false, "consentRequired": false, "standardFlowEnabled": true, "implicitFlowEnabled": false, "directAccessGrantsEnabled": false, "serviceAccountsEnabled": false, "publicClient": true, "frontchannelLogout": false, "protocol": "openid-connect", "attributes": { "post.logout.redirect.uris": "+", "pkce.code.challenge.method": "S256" }, "authenticationFlowBindingOverrides": {}, "fullScopeAllowed": false, "nodeReRegistrationTimeout": 0, "protocolMappers": [ { "id": "5dc0e1c7-0b10-4158-a6d1-1c225ff54269", "name": "locale", "protocol": "openid-connect", "protocolMapper": "oidc-usermodel-attribute-mapper", "consentRequired": false, "config": { "introspection.token.claim": "true", "userinfo.token.claim": "true", "user.attribute": "locale", "id.token.claim": "true", "access.token.claim": "true", "claim.name": "locale", "jsonType.label": "String" } } ], "defaultClientScopes": [ "web-origins", "acr", "roles", "profile", "basic", "email" ], "optionalClientScopes": ["address", "phone", "offline_access", "microprofile-jwt"] } ], "clientScopes": [ { "id": "dff1aa94-9051-49f8-8070-663c37bf810c", "name": "acr", "description": "OpenID Connect scope for add acr (authentication context class reference) to the token", "protocol": "openid-connect", "attributes": { "include.in.token.scope": "false", "display.on.consent.screen": "false" }, "protocolMappers": [ { "id": "7f7f55dc-bf33-4ee8-b6e2-9fd0272d158b", "name": "acr loa level", "protocol": "openid-connect", "protocolMapper": "oidc-acr-mapper", "consentRequired": false, "config": { "id.token.claim": "true", "introspection.token.claim": "true", "access.token.claim": "true" } } ] }, { "id": "0a472739-b440-4bea-b4e9-bd931bdff25d", "name": "basic", "description": "OpenID Connect scope for add all basic claims to the token", "protocol": "openid-connect", "attributes": { "include.in.token.scope": "false", "display.on.consent.screen": "false" }, "protocolMappers": [ { "id": "93179872-b4e0-45e9-91b5-ec42c5b8d7d4", "name": "auth_time", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { "user.session.note": "AUTH_TIME", "id.token.claim": "true", "introspection.token.claim": "true", "access.token.claim": "true", "claim.name": "auth_time", "jsonType.label": "long" } }, { "id": "8d80d05b-7a19-4731-a562-f88fc2a3ce5a", "name": "sub", "protocol": "openid-connect", "protocolMapper": "oidc-sub-mapper", "consentRequired": false, "config": { "introspection.token.claim": "true", "access.token.claim": "true" } } ] }, { "id": "f8c2f73b-3258-4cc1-a656-ef4ee7e326d3", "name": "roles", "description": "OpenID Connect scope for add user roles to the access token", "protocol": "openid-connect", "attributes": { "include.in.token.scope": "false", "consent.screen.text": "${rolesScopeConsentText}", "display.on.consent.screen": "true" }, "protocolMappers": [ { "id": "65cf30f8-79d9-48f1-bdaa-25c94c08b0a7", "name": "client roles", "protocol": "openid-connect", "protocolMapper": "oidc-usermodel-client-role-mapper", "consentRequired": false, "config": { "user.attribute": "foo", "introspection.token.claim": "true", "access.token.claim": "true", "claim.name": "resource_access.${client_id}.roles", "jsonType.label": "String", "multivalued": "true" } }, { "id": "bdf46036-3e02-444c-83b9-6c4515edcf18", "name": "realm roles", "protocol": "openid-connect", "protocolMapper": "oidc-usermodel-realm-role-mapper", "consentRequired": false, "config": { "user.attribute": "foo", "introspection.token.claim": "true", "access.token.claim": "true", "claim.name": "realm_access.roles", "jsonType.label": "String", "multivalued": "true" } }, { "id": "e4259cb1-1cfa-420a-b328-bdc1d249b908", "name": "audience resolve", "protocol": "openid-connect", "protocolMapper": "oidc-audience-resolve-mapper", "consentRequired": false, "config": { "introspection.token.claim": "true", "access.token.claim": "true" } } ] }, { "id": "89a9af13-5610-4919-b221-7b65d594554a", "name": "microprofile-jwt", "description": "Microprofile - JWT built-in scope", "protocol": "openid-connect", "attributes": { "include.in.token.scope": "true", "display.on.consent.screen": "false" }, "protocolMappers": [ { "id": "4e422d39-9f63-403d-ba6d-f8bda9c9c1c8", "name": "upn", "protocol": "openid-connect", "protocolMapper": "oidc-usermodel-attribute-mapper", "consentRequired": false, "config": { "introspection.token.claim": "true", "userinfo.token.claim": "true", "user.attribute": "username", "id.token.claim": "true", "access.token.claim": "true", "claim.name": "upn", "jsonType.label": "String" } }, { "id": "254d50d0-4109-40c3-9f57-00e30d8448c3", "name": "groups", "protocol": "openid-connect", "protocolMapper": "oidc-usermodel-realm-role-mapper", "consentRequired": false, "config": { "introspection.token.claim": "true", "multivalued": "true", "user.attribute": "foo", "id.token.claim": "true", "access.token.claim": "true", "claim.name": "groups", "jsonType.label": "String" } } ] }, { "id": "a1bd108d-2dc5-4c91-823e-e6e9aeab471b", "name": "profile", "description": "OpenID Connect built-in scope: profile", "protocol": "openid-connect", "attributes": { "include.in.token.scope": "true", "consent.screen.text": "${profileScopeConsentText}", "display.on.consent.screen": "true" }, "protocolMappers": [ { "id": "af3d8c27-38ba-44c0-b6f1-146d34bc8bcf", "name": "gender", "protocol": "openid-connect", "protocolMapper": "oidc-usermodel-attribute-mapper", "consentRequired": false, "config": { "introspection.token.claim": "true", "userinfo.token.claim": "true", "user.attribute": "gender", "id.token.claim": "true", "access.token.claim": "true", "claim.name": "gender", "jsonType.label": "String" } }, { "id": "9c88153a-6498-4740-bcd8-f171ba339db9", "name": "updated at", "protocol": "openid-connect", "protocolMapper": "oidc-usermodel-attribute-mapper", "consentRequired": false, "config": { "introspection.token.claim": "true", "userinfo.token.claim": "true", "user.attribute": "updatedAt", "id.token.claim": "true", "access.token.claim": "true", "claim.name": "updated_at", "jsonType.label": "long" } }, { "id": "649338c1-e16c-49ab-ad78-86fc26f1fdcb", "name": "family name", "protocol": "openid-connect", "protocolMapper": "oidc-usermodel-attribute-mapper", "consentRequired": false, "config": { "introspection.token.claim": "true", "userinfo.token.claim": "true", "user.attribute": "lastName", "id.token.claim": "true", "access.token.claim": "true", "claim.name": "family_name", "jsonType.label": "String" } }, { "id": "a4480056-a269-4bf6-ba18-558ad0430ca0", "name": "full name", "protocol": "openid-connect", "protocolMapper": "oidc-full-name-mapper", "consentRequired": false, "config": { "id.token.claim": "true", "introspection.token.claim": "true", "access.token.claim": "true", "userinfo.token.claim": "true" } }, { "id": "ec38535b-901d-421d-b536-416073a26d59", "name": "nickname", "protocol": "openid-connect", "protocolMapper": "oidc-usermodel-attribute-mapper", "consentRequired": false, "config": { "introspection.token.claim": "true", "userinfo.token.claim": "true", "user.attribute": "nickname", "id.token.claim": "true", "access.token.claim": "true", "claim.name": "nickname", "jsonType.label": "String" } }, { "id": "d915323f-122e-44ae-9c1f-e55e24690bd7", "name": "website", "protocol": "openid-connect", "protocolMapper": "oidc-usermodel-attribute-mapper", "consentRequired": false, "config": { "introspection.token.claim": "true", "userinfo.token.claim": "true", "user.attribute": "website", "id.token.claim": "true", "access.token.claim": "true", "claim.name": "website", "jsonType.label": "String" } }, { "id": "af8a0a74-b4e4-40d8-b457-46d797b70c64", "name": "username", "protocol": "openid-connect", "protocolMapper": "oidc-usermodel-attribute-mapper", "consentRequired": false, "config": { "introspection.token.claim": "true", "userinfo.token.claim": "true", "user.attribute": "username", "id.token.claim": "true", "access.token.claim": "true", "claim.name": "preferred_username", "jsonType.label": "String" } }, { "id": "edc2a72e-3729-489b-af44-4461351cc57f", "name": "profile", "protocol": "openid-connect", "protocolMapper": "oidc-usermodel-attribute-mapper", "consentRequired": false, "config": { "introspection.token.claim": "true", "userinfo.token.claim": "true", "user.attribute": "profile", "id.token.claim": "true", "access.token.claim": "true", "claim.name": "profile", "jsonType.label": "String" } }, { "id": "9de9ca4d-681d-4110-8cd0-efb61224b8be", "name": "birthdate", "protocol": "openid-connect", "protocolMapper": "oidc-usermodel-attribute-mapper", "consentRequired": false, "config": { "introspection.token.claim": "true", "userinfo.token.claim": "true", "user.attribute": "birthdate", "id.token.claim": "true", "access.token.claim": "true", "claim.name": "birthdate", "jsonType.label": "String" } }, { "id": "cae906d7-8c61-42cd-b21b-844a7594e013", "name": "given name", "protocol": "openid-connect", "protocolMapper": "oidc-usermodel-attribute-mapper", "consentRequired": false, "config": { "introspection.token.claim": "true", "userinfo.token.claim": "true", "user.attribute": "firstName", "id.token.claim": "true", "access.token.claim": "true", "claim.name": "given_name", "jsonType.label": "String" } }, { "id": "25d9a9dd-0091-4da5-938f-726a5342f469", "name": "picture", "protocol": "openid-connect", "protocolMapper": "oidc-usermodel-attribute-mapper", "consentRequired": false, "config": { "introspection.token.claim": "true", "userinfo.token.claim": "true", "user.attribute": "picture", "id.token.claim": "true", "access.token.claim": "true", "claim.name": "picture", "jsonType.label": "String" } }, { "id": "6c12a820-a13d-4bed-8984-5ea90d036977", "name": "locale", "protocol": "openid-connect", "protocolMapper": "oidc-usermodel-attribute-mapper", "consentRequired": false, "config": { "introspection.token.claim": "true", "userinfo.token.claim": "true", "user.attribute": "locale", "id.token.claim": "true", "access.token.claim": "true", "claim.name": "locale", "jsonType.label": "String" } }, { "id": "1efe7a7c-7060-4403-bde6-e84c32d515f2", "name": "zoneinfo", "protocol": "openid-connect", "protocolMapper": "oidc-usermodel-attribute-mapper", "consentRequired": false, "config": { "introspection.token.claim": "true", "userinfo.token.claim": "true", "user.attribute": "zoneinfo", "id.token.claim": "true", "access.token.claim": "true", "claim.name": "zoneinfo", "jsonType.label": "String" } }, { "id": "d273e320-50c8-449d-b064-64b7de25dede", "name": "middle name", "protocol": "openid-connect", "protocolMapper": "oidc-usermodel-attribute-mapper", "consentRequired": false, "config": { "introspection.token.claim": "true", "userinfo.token.claim": "true", "user.attribute": "middleName", "id.token.claim": "true", "access.token.claim": "true", "claim.name": "middle_name", "jsonType.label": "String" } } ] }, { "id": "af9cfbd6-8da9-40b1-895d-e7b55dca5c54", "name": "offline_access", "description": "OpenID Connect built-in scope: offline_access", "protocol": "openid-connect", "attributes": { "consent.screen.text": "${offlineAccessScopeConsentText}", "display.on.consent.screen": "true" } }, { "id": "c20b8d69-1288-429a-bbab-700c87c83c49", "name": "address", "description": "OpenID Connect built-in scope: address", "protocol": "openid-connect", "attributes": { "include.in.token.scope": "true", "consent.screen.text": "${addressScopeConsentText}", "display.on.consent.screen": "true" }, "protocolMappers": [ { "id": "c25b6316-3df0-45c5-81ff-095df760f377", "name": "address", "protocol": "openid-connect", "protocolMapper": "oidc-address-mapper", "consentRequired": false, "config": { "user.attribute.formatted": "formatted", "user.attribute.country": "country", "introspection.token.claim": "true", "user.attribute.postal_code": "postal_code", "userinfo.token.claim": "true", "user.attribute.street": "street", "id.token.claim": "true", "user.attribute.region": "region", "access.token.claim": "true", "user.attribute.locality": "locality" } } ] }, { "id": "20578d0f-d7ec-4d21-989d-701b923bc06c", "name": "web-origins", "description": "OpenID Connect scope for add allowed web origins to the access token", "protocol": "openid-connect", "attributes": { "include.in.token.scope": "false", "consent.screen.text": "", "display.on.consent.screen": "false" }, "protocolMappers": [ { "id": "31100389-c118-452e-bb6f-4f6fa62985a3", "name": "allowed web origins", "protocol": "openid-connect", "protocolMapper": "oidc-allowed-origins-mapper", "consentRequired": false, "config": { "introspection.token.claim": "true", "access.token.claim": "true" } } ] }, { "id": "0bacede0-3962-4f42-8255-b72389e6785c", "name": "email", "description": "OpenID Connect built-in scope: email", "protocol": "openid-connect", "attributes": { "include.in.token.scope": "true", "consent.screen.text": "${emailScopeConsentText}", "display.on.consent.screen": "true" }, "protocolMappers": [ { "id": "0b642538-f270-4b11-a97e-5507a4bf68f7", "name": "email", "protocol": "openid-connect", "protocolMapper": "oidc-usermodel-attribute-mapper", "consentRequired": false, "config": { "introspection.token.claim": "true", "userinfo.token.claim": "true", "user.attribute": "email", "id.token.claim": "true", "access.token.claim": "true", "claim.name": "email", "jsonType.label": "String" } }, { "id": "524c233c-981d-4181-837b-3d7b765b4fc7", "name": "email verified", "protocol": "openid-connect", "protocolMapper": "oidc-usermodel-property-mapper", "consentRequired": false, "config": { "introspection.token.claim": "true", "userinfo.token.claim": "true", "user.attribute": "emailVerified", "id.token.claim": "true", "access.token.claim": "true", "claim.name": "email_verified", "jsonType.label": "boolean" } } ] }, { "id": "c8d1be69-6b3e-4923-86f2-02c5778bc008", "name": "phone", "description": "OpenID Connect built-in scope: phone", "protocol": "openid-connect", "attributes": { "include.in.token.scope": "true", "consent.screen.text": "${phoneScopeConsentText}", "display.on.consent.screen": "true" }, "protocolMappers": [ { "id": "676401ce-60cc-46a9-93b9-dca0b0f1faf6", "name": "phone number verified", "protocol": "openid-connect", "protocolMapper": "oidc-usermodel-attribute-mapper", "consentRequired": false, "config": { "introspection.token.claim": "true", "userinfo.token.claim": "true", "user.attribute": "phoneNumberVerified", "id.token.claim": "true", "access.token.claim": "true", "claim.name": "phone_number_verified", "jsonType.label": "boolean" } }, { "id": "dd4d15e6-d124-43a8-841f-ea642ef5bc93", "name": "phone number", "protocol": "openid-connect", "protocolMapper": "oidc-usermodel-attribute-mapper", "consentRequired": false, "config": { "introspection.token.claim": "true", "userinfo.token.claim": "true", "user.attribute": "phoneNumber", "id.token.claim": "true", "access.token.claim": "true", "claim.name": "phone_number", "jsonType.label": "String" } } ] }, { "id": "6cbdd9ec-8bd3-4121-8eba-4327233dbf53", "name": "role_list", "description": "SAML role list", "protocol": "saml", "attributes": { "consent.screen.text": "${samlRoleListScopeConsentText}", "display.on.consent.screen": "true" }, "protocolMappers": [ { "id": "96fb77a8-968a-415f-a03c-971b5a175c5f", "name": "role list", "protocol": "saml", "protocolMapper": "saml-role-list-mapper", "consentRequired": false, "config": { "single": "false", "attribute.nameformat": "Basic", "attribute.name": "Role" } } ] } ], "defaultDefaultClientScopes": [ "role_list", "profile", "email", "roles", "web-origins", "acr", "basic" ], "defaultOptionalClientScopes": [ "offline_access", "address", "phone", "microprofile-jwt" ], "browserSecurityHeaders": { "contentSecurityPolicyReportOnly": "", "xContentTypeOptions": "nosniff", "referrerPolicy": "no-referrer", "xRobotsTag": "none", "xFrameOptions": "SAMEORIGIN", "contentSecurityPolicy": "frame-src 'self'; frame-ancestors 'self'; object-src 'none';", "xXSSProtection": "1; mode=block", "strictTransportSecurity": "max-age=31536000; includeSubDomains" }, "smtpServer": {}, "eventsEnabled": false, "eventsListeners": ["jboss-logging"], "enabledEventTypes": [], "adminEventsEnabled": false, "adminEventsDetailsEnabled": false, "identityProviders": [], "identityProviderMappers": [], "components": { "org.keycloak.services.clientregistration.policy.ClientRegistrationPolicy": [ { "id": "14a3a641-eff4-4177-98ff-80081fae612f", "name": "Max Clients Limit", "providerId": "max-clients", "subType": "anonymous", "subComponents": {}, "config": { "max-clients": ["200"] } }, { "id": "3f211d4a-277e-4198-a49f-8451076ce8b3", "name": "Consent Required", "providerId": "consent-required", "subType": "anonymous", "subComponents": {}, "config": {} }, { "id": "b9a91b05-a18a-4b45-a1b8-29b2fbd07ffd", "name": "Full Scope Disabled", "providerId": "scope", "subType": "anonymous", "subComponents": {}, "config": {} }, { "id": "96a2eabb-81ec-44fd-83be-64a560f2a384", "name": "Allowed Client Scopes", "providerId": "allowed-client-templates", "subType": "anonymous", "subComponents": {}, "config": { "allow-default-scopes": ["true"] } }, { "id": "df2ed699-faca-4981-b0eb-ad3c2723696b", "name": "Allowed Protocol Mapper Types", "providerId": "allowed-protocol-mappers", "subType": "anonymous", "subComponents": {}, "config": { "allowed-protocol-mapper-types": [ "oidc-address-mapper", "saml-user-property-mapper", "oidc-usermodel-attribute-mapper", "oidc-usermodel-property-mapper", "oidc-sha256-pairwise-sub-mapper", "saml-user-attribute-mapper", "saml-role-list-mapper", "oidc-full-name-mapper" ] } }, { "id": "0701ed0c-0451-4c5d-a00f-a4be764a7622", "name": "Allowed Protocol Mapper Types", "providerId": "allowed-protocol-mappers", "subType": "authenticated", "subComponents": {}, "config": { "allowed-protocol-mapper-types": [ "saml-role-list-mapper", "saml-user-attribute-mapper", "oidc-full-name-mapper", "saml-user-property-mapper", "oidc-usermodel-property-mapper", "oidc-sha256-pairwise-sub-mapper", "oidc-usermodel-attribute-mapper", "oidc-address-mapper" ] } }, { "id": "af33cccd-fd22-4022-b5a0-22d25f63618e", "name": "Allowed Client Scopes", "providerId": "allowed-client-templates", "subType": "authenticated", "subComponents": {}, "config": { "allow-default-scopes": ["true"] } }, { "id": "04daef40-4061-491c-9a4b-ff800e2fa21c", "name": "Trusted Hosts", "providerId": "trusted-hosts", "subType": "anonymous", "subComponents": {}, "config": { "host-sending-registration-request-must-match": ["true"], "client-uris-must-match": ["true"] } } ], "org.keycloak.userprofile.UserProfileProvider": [ { "id": "20918307-6ef4-4025-8eea-dd65bceeec34", "providerId": "declarative-user-profile", "subComponents": {}, "config": { "kc.user.profile.config": [ "{\"attributes\":[{\"name\":\"username\",\"displayName\":\"${username}\",\"validations\":{\"length\":{\"min\":3,\"max\":255},\"username-prohibited-characters\":{},\"up-username-not-idn-homograph\":{}},\"permissions\":{\"view\":[\"admin\",\"user\"],\"edit\":[\"admin\",\"user\"]},\"multivalued\":false},{\"name\":\"email\",\"displayName\":\"${email}\",\"validations\":{\"email\":{},\"length\":{\"max\":255}},\"annotations\":{},\"required\":{\"roles\":[\"user\"]},\"permissions\":{\"view\":[\"admin\",\"user\"],\"edit\":[\"admin\",\"user\"]},\"multivalued\":false},{\"name\":\"firstName\",\"displayName\":\"${firstName}\",\"validations\":{\"length\":{\"max\":255},\"person-name-prohibited-characters\":{}},\"required\":{\"roles\":[\"user\"]},\"permissions\":{\"view\":[\"admin\",\"user\"],\"edit\":[\"admin\",\"user\"]},\"multivalued\":false},{\"name\":\"lastName\",\"displayName\":\"${lastName}\",\"validations\":{\"length\":{\"max\":255},\"person-name-prohibited-characters\":{}},\"required\":{\"roles\":[\"user\"]},\"permissions\":{\"view\":[\"admin\",\"user\"],\"edit\":[\"admin\",\"user\"]},\"multivalued\":false}],\"groups\":[{\"name\":\"user-metadata\",\"displayHeader\":\"User metadata\",\"displayDescription\":\"Attributes, which refer to user metadata\"}]}" ] } } ], "org.keycloak.keys.KeyProvider": [ { "id": "378e4484-59bd-4011-83ec-c29d3a00f096", "name": "rsa-enc-generated", "providerId": "rsa-enc-generated", "subComponents": {}, "config": { "privateKey": [ "MIIEpAIBAAKCAQEAqO6k1YaaZtF5El4q89LEKq0Ys+mASKCKcUOSr75YAj+43YQy7hR1cSkOD4eMCuSRhkLiitdX00YYcNZQFZk3+RqARaTduTfIKSisbOSuc0kokj8NbKpuBopKO6pyIpnTWf4/tzSWPtrU4oE+OZtLPs8eoQC+XL+kiVWWfaU/Zcihrcp3WHxNYn7lWMhFzskDu7Ez9Gz8lJamvaI0Da11jrPgBPs0a+riv+ttaURkA5u5ExyRdE4a5ZNxQnJF//QS9fqpkkrhA7u/OrN+qfaHMRgjgVrVO4Bk8HdKqMKNBftlEmz2ElUp9Egdfp/wWF9ytOt8RxH5FF5n+51kz/82DQIDAQABAoIBABMqtnWKluClEi9RE18EMiEkcBnTm6xB2MtWjyFU/5/LspIhknS8SgHrlk6RQsSmn9NDqff2TF7qhFHjIwV8U6M2DEk6ljSSXWm8FWoqfReT/KAxOrjyUlb4IEmKQnZmDRqYFAsZkpVxlzdW0iRPmBc5gUBjuPWFgenaFd/OHLYTwQD93EExVpPD2DgzIsxADY9ncs5MgXLeJbHmVv1bgvFYslKM0hpxRfytgYc4QkV0Tk5uQIrTs6kP1WyykEqIjKlOWMVwSZBkEGyqFy1kSt9q5AQFKBveM0nQQ+SPId4DKFi9biQpzR+Yzvty0y5Pdfc/MSoi7b/2ReppoExax7ECgYEA0jJ4q8+E+dln7IUzqK7hrYUctR1JFqARVPQRctUDnWvDqbNFZvsZLVlGV61kJtli7PEmfdvZfQ1/NicymJADJr4mbe2mX6eBTsFdzmSg+pdVyI4NAxvD/xlrRC2FIR1IJSkltN6EZ/LgIhoIAx9IMbJL+iizxNc7PeBjipWHEDECgYEAzb5FG74RivG6gbzR3s8fc+i4YTTTdx4h9RQ7BgligdabJr2Rqi1V3SrTc+Mu4csndl9Pdj0IDlrsgn4Mtya8IP40VjqpaUe4yfH2VhhfNLKxg3eJewUEfmvcf6P576BmZLXBaQhedGhdwz+xaGB7AkrA47hWK0G9yTo39dLEyJ0CgYEAgp+429R3Z6kSayqP4tjjCCk7oNXVMMlCXA/ctAbqWy64BkKQ86FBkSv0idIH9hiL4IEwEXDJZGw5zNZpG+QLAU2TpibUiIcY1W9XM0bXv0LCnYKhVXgwwdvzDAhZvi1rQySh+Rd7IvoNDUQuDHqpK7EIhCo9JSs39oj2cw3fRFECgYEAysLIAsY3LbJ6tt8qCaYf/jAMfaf8+ziUCJ6uaI2ZKhIgh3ZtdsQFCdjp2Ry8mEOJGYxmmEUfil4rFZM53snqv60mURCw4pOPVl4CAek08o9kiAanU7inLBwKizRD3dc68ed5u5RG2fv8464CnbXvpFudaw7AxRKeAhFBEx9rVbUCgYAJPk9YI5qH4ed/E/cWGrNrRG9ds/e3JeZ5QJ33Dew0jOvG+TyJQDFk76SCP913VsNCGRIJS3V6AO428hRnAMNbuiMAEVpO27mz1b8YzjDiDB3ydcG1EIusKxDXXv83C6C04LN/jaVx0zcxUBKD/pTCXt/QuCbcw7KzMqHb7zLsww==" ], "keyUse": ["ENC"], "certificate": [ "MIICnTCCAYUCBgGRMQ1NojANBgkqhkiG9w0BAQsFADASMRAwDgYDVQQDDAdzcGVja2xlMB4XDTI0MDgwODA4MTIyMVoXDTM0MDgwODA4MTQwMVowEjEQMA4GA1UEAwwHc3BlY2tsZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKjupNWGmmbReRJeKvPSxCqtGLPpgEiginFDkq++WAI/uN2EMu4UdXEpDg+HjArkkYZC4orXV9NGGHDWUBWZN/kagEWk3bk3yCkorGzkrnNJKJI/DWyqbgaKSjuqciKZ01n+P7c0lj7a1OKBPjmbSz7PHqEAvly/pIlVln2lP2XIoa3Kd1h8TWJ+5VjIRc7JA7uxM/Rs/JSWpr2iNA2tdY6z4AT7NGvq4r/rbWlEZAObuRMckXROGuWTcUJyRf/0EvX6qZJK4QO7vzqzfqn2hzEYI4Fa1TuAZPB3SqjCjQX7ZRJs9hJVKfRIHX6f8FhfcrTrfEcR+RReZ/udZM//Ng0CAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAjbgmcsbbZMz6HLWGqdcr+sCnpSNF1L3Bwf3rtQ1bxgzbW3CcQfNIKWzAW9kjfY8t3z3v2SUrRwn3PV2zst9o+t5VhoSaaLcePXnBcvfIHxMdSCQDk+6pllnRnffBgihRufBs3SDWzIDOKtsXOtYib1t7obLy9MOUvZ6jMKG4S7dCdkS3efRzhNsA6g8b7zfqv1QxhcnftNkm+WeAqi6n5n/GgQwcVs8ki5JaXmby7M8NgKZdeS1+pqpff5yol128x5qlNyelUmG3xyObsGsgJLVv+Jbv8+REKpXfvYzkkvtg1qPvEoAL1asOxqzWqVsscMm7wFnV6L6beOCu7qdgTQ==" ], "priority": ["100"], "algorithm": ["RSA-OAEP"] } }, { "id": "5ec56840-aadd-4d94-b77d-147ed099a0ef", "name": "hmac-generated-hs512", "providerId": "hmac-generated", "subComponents": {}, "config": { "kid": ["9c9eaf6f-e6e5-40cf-ae7d-545e2ef41431"], "secret": [ "n8pdCHhgUoPSsN2SJc95lAFf9c1oMeqPZJJXAqhF-QvtB3c3BU_gsakXm-FHo05k-ntiIcFm1z0-NqDGDK7DVhvT4IBTmBIuVk9hPn81hjURang3k2xfC3jIPvpzpWt-hXdZ9byqSRKV8D8BtXbHxSwHENZQsypEh2Ivteok_Vs" ], "priority": ["100"], "algorithm": ["HS512"] } }, { "id": "9f5d7eaa-5415-413f-9354-e5e78ed13d8c", "name": "aes-generated", "providerId": "aes-generated", "subComponents": {}, "config": { "kid": ["8de8bc69-8faf-4469-aefe-ad91c5d82a5a"], "secret": ["W09Ei6AgzLlz0I8oOyRCFA"], "priority": ["100"] } }, { "id": "2cbaab9c-8d27-4b8a-81d2-cf210ded7f69", "name": "rsa-generated", "providerId": "rsa-generated", "subComponents": {}, "config": { "privateKey": [ "MIIEowIBAAKCAQEAuJ2YEnWyF22kmGCavEq2+yNk84DHDLI2EdZgqNp/mO8kqZFFwAnYzyhMoyZve8aVVlI5A4loGxU6n8JgMF/B4PDzi/TSjPbaq+shp06HX6739QxViSdtVOaCJV0Dp00DdJlQ0igSxWsAAYGpF7gCB7iJP1VRSYrwMTrauEUka9NRdmZAVueFJkX+B6qTbb151Zpcb/1u/7bY/5jnitl8Vx3ACVuS1hGOPxj3oKmSND1yLbcnT1CceyOXS2PGN7ZJ86+TjBkCkqAtWFFHtDD1VMPiwpzQyBS+XGM8/4Sb+oDD1tWsZY5UNjru4DSun0WJWynDtJ8CG4XFwBpM9UbwwwIDAQABAoIBADEcDvt+HolX68xzCkZjU6ibwjt6Orj4YSS+k8jnEsFCgEyxLc5HcEqvDC/sRgS1jz0+sxbrQuvNamJcKQ1FM8RcJFVLI4VHF2VbL4EbhSxhVWl0xf4tpEpM5Tr+Mr4a4Pvv2s2ExnWIoKBF9w6trrCSGMRltDFtibZ20v7ouacKw1NlrJw43DPvWVnAxsmvq+GveAt6moQpIyHxW4kEFq/OJirTIiogb9HbyHAyqxmce84JwbeUui2/FWD9omw7/+HIS9pFL7jU3Ls8sO5TPOWAzgL7VGggUWLF7UcKKirbnuRU7GAjv3R5ZiEftCHW0Rzi6+aTloAIOYgzFMWIWHkCgYEA+muixHBM55DIT6JHg3gThFw2dAwvpCvpBbIpMdAu3nzNBWohzs3hHt+Y8/LsIK7IChw56BFkzq6cAaqpwhxElvQ9vp2v9/96ct9cyzpCeiUgiv6c5GKnOdx4Z/YxkmeirpkFf4oCS2pTTkbb9BgY+1fO41EhXeoLvCXJzFXePWsCgYEAvLqdxj/RveZhCQEkaS6y14jr0qwk7e8OUnuPZEi+SInEQjmmQQlGPBsGe24U6fN65HHTPghlu1VvfjDD84fNH1XBvBs72asRJbfktJXFScyLgoeXLJFLR+GZusnhomEChMFZ5Zus7u09jwsjZCdnP7aKYFGkYKw6N+G3Lu6OWAkCgYEA6zhlaG0v36eAcES3Ncd5Va+kOncj3Oqd9Aq4ZSDulW/WyIo7fVynY++VZTe+Eqj6H30J63FDJlyfD3W2BS22Q7DhuoW1v5YK95HVQNPVk5QCMG0fA+uitlfgBY8cWy/bgHMd1gHVS+9wlqs6edqUxKpjG+SeGe/4298G4Vea7EcCgYAG3j+5pD7sy0KCwmDh1wo5H8l9PDiH1ChQRiDcxGzwVNsokdKEEWNV8qHUwhfOv8acI6xNWJ7jJ2PMUtf+t9V2K3fGcbNG45vXJI8VJ1Irsl7tXCPbQlpb/lDK5Gfqsd8Wl7a+zWCIvWd9GimqjmiKgAkfIjl6LypbOEKjWZkiiQKBgG+dehtU4+xAxbFjuBkBFU4EiaVo2d4jNU/X9GO9YOyCi1ecvF8x+LBFWO4kWKDvvkHMRV5HoJUOcyM8K5BB4ZQMr12I5rtEAh44XT7Mcp+OEbShGEs7JFU+aFy/EGtdBp4jzdfiri+IiLQATZE61lNjK1y+2BhMjSY3U8Ug60U1" ], "keyUse": ["SIG"], "certificate": [ "MIICnTCCAYUCBgGRMQ1MgDANBgkqhkiG9w0BAQsFADASMRAwDgYDVQQDDAdzcGVja2xlMB4XDTI0MDgwODA4MTIyMFoXDTM0MDgwODA4MTQwMFowEjEQMA4GA1UEAwwHc3BlY2tsZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALidmBJ1shdtpJhgmrxKtvsjZPOAxwyyNhHWYKjaf5jvJKmRRcAJ2M8oTKMmb3vGlVZSOQOJaBsVOp/CYDBfweDw84v00oz22qvrIadOh1+u9/UMVYknbVTmgiVdA6dNA3SZUNIoEsVrAAGBqRe4Age4iT9VUUmK8DE62rhFJGvTUXZmQFbnhSZF/geqk229edWaXG/9bv+22P+Y54rZfFcdwAlbktYRjj8Y96CpkjQ9ci23J09QnHsjl0tjxje2SfOvk4wZApKgLVhRR7Qw9VTD4sKc0MgUvlxjPP+Em/qAw9bVrGWOVDY67uA0rp9FiVspw7SfAhuFxcAaTPVG8MMCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAbJwv4h4worFEFIYl+dGr4UfItKkTNqNspf9DaqoK2itR/X3dSjm1nEzZaE0qIFdSGGswBMUpPJXo6KD3hvWZ3ntGdiy2/9E6YCLbmXSN6TkgPifVaGw7aRS+snSXRHBXue4Bi+/9Sse0c0p6Z4oP1y/C2tgVEqNmoQH26D+6Wv24w970t05dxpZHC6ISccZuox4pF/xWQERHiFhlyhUAaEsXa5tAYgBySda5a44px4IlAbl34dVcafGiiXh1xfy+IjSfko16OCOauQItUoTPInoFqDqffBynw7DhVRXDo5rfaxCm9xgZSqqDuClVzMc+0162jrg3LnY4VHZnoJRh1A==" ], "priority": ["100"] } } ] }, "internationalizationEnabled": false, "supportedLocales": [], "authenticationFlows": [ { "id": "5ad21fff-1342-4cdc-b69e-bdae6ec16ccf", "alias": "Account verification options", "description": "Method with which to verity the existing account", "providerId": "basic-flow", "topLevel": false, "builtIn": true, "authenticationExecutions": [ { "authenticator": "idp-email-verification", "authenticatorFlow": false, "requirement": "ALTERNATIVE", "priority": 10, "autheticatorFlow": false, "userSetupAllowed": false }, { "authenticatorFlow": true, "requirement": "ALTERNATIVE", "priority": 20, "autheticatorFlow": true, "flowAlias": "Verify Existing Account by Re-authentication", "userSetupAllowed": false } ] }, { "id": "7f5d2b3c-2042-4d91-af7d-979b42eb998c", "alias": "Browser - Conditional OTP", "description": "Flow to determine if the OTP is required for the authentication", "providerId": "basic-flow", "topLevel": false, "builtIn": true, "authenticationExecutions": [ { "authenticator": "conditional-user-configured", "authenticatorFlow": false, "requirement": "REQUIRED", "priority": 10, "autheticatorFlow": false, "userSetupAllowed": false }, { "authenticator": "auth-otp-form", "authenticatorFlow": false, "requirement": "REQUIRED", "priority": 20, "autheticatorFlow": false, "userSetupAllowed": false } ] }, { "id": "6bb57892-5bda-4695-8523-939ebb66486f", "alias": "Direct Grant - Conditional OTP", "description": "Flow to determine if the OTP is required for the authentication", "providerId": "basic-flow", "topLevel": false, "builtIn": true, "authenticationExecutions": [ { "authenticator": "conditional-user-configured", "authenticatorFlow": false, "requirement": "REQUIRED", "priority": 10, "autheticatorFlow": false, "userSetupAllowed": false }, { "authenticator": "direct-grant-validate-otp", "authenticatorFlow": false, "requirement": "REQUIRED", "priority": 20, "autheticatorFlow": false, "userSetupAllowed": false } ] }, { "id": "159619d0-ac22-4fdc-8d2d-225780dfcd8c", "alias": "First broker login - Conditional OTP", "description": "Flow to determine if the OTP is required for the authentication", "providerId": "basic-flow", "topLevel": false, "builtIn": true, "authenticationExecutions": [ { "authenticator": "conditional-user-configured", "authenticatorFlow": false, "requirement": "REQUIRED", "priority": 10, "autheticatorFlow": false, "userSetupAllowed": false }, { "authenticator": "auth-otp-form", "authenticatorFlow": false, "requirement": "REQUIRED", "priority": 20, "autheticatorFlow": false, "userSetupAllowed": false } ] }, { "id": "7297fa36-0d4f-4a46-9511-a2afbeed03b3", "alias": "Handle Existing Account", "description": "Handle what to do if there is existing account with same email/username like authenticated identity provider", "providerId": "basic-flow", "topLevel": false, "builtIn": true, "authenticationExecutions": [ { "authenticator": "idp-confirm-link", "authenticatorFlow": false, "requirement": "REQUIRED", "priority": 10, "autheticatorFlow": false, "userSetupAllowed": false }, { "authenticatorFlow": true, "requirement": "REQUIRED", "priority": 20, "autheticatorFlow": true, "flowAlias": "Account verification options", "userSetupAllowed": false } ] }, { "id": "ccb01bf2-6374-4175-82ba-ff984cffcbf0", "alias": "Reset - Conditional OTP", "description": "Flow to determine if the OTP should be reset or not. Set to REQUIRED to force.", "providerId": "basic-flow", "topLevel": false, "builtIn": true, "authenticationExecutions": [ { "authenticator": "conditional-user-configured", "authenticatorFlow": false, "requirement": "REQUIRED", "priority": 10, "autheticatorFlow": false, "userSetupAllowed": false }, { "authenticator": "reset-otp", "authenticatorFlow": false, "requirement": "REQUIRED", "priority": 20, "autheticatorFlow": false, "userSetupAllowed": false } ] }, { "id": "2749507a-0594-4000-889a-652417db7a7e", "alias": "User creation or linking", "description": "Flow for the existing/non-existing user alternatives", "providerId": "basic-flow", "topLevel": false, "builtIn": true, "authenticationExecutions": [ { "authenticatorConfig": "create unique user config", "authenticator": "idp-create-user-if-unique", "authenticatorFlow": false, "requirement": "ALTERNATIVE", "priority": 10, "autheticatorFlow": false, "userSetupAllowed": false }, { "authenticatorFlow": true, "requirement": "ALTERNATIVE", "priority": 20, "autheticatorFlow": true, "flowAlias": "Handle Existing Account", "userSetupAllowed": false } ] }, { "id": "0c63b0c9-69f6-4878-85d6-06f0ce2e47e2", "alias": "Verify Existing Account by Re-authentication", "description": "Reauthentication of existing account", "providerId": "basic-flow", "topLevel": false, "builtIn": true, "authenticationExecutions": [ { "authenticator": "idp-username-password-form", "authenticatorFlow": false, "requirement": "REQUIRED", "priority": 10, "autheticatorFlow": false, "userSetupAllowed": false }, { "authenticatorFlow": true, "requirement": "CONDITIONAL", "priority": 20, "autheticatorFlow": true, "flowAlias": "First broker login - Conditional OTP", "userSetupAllowed": false } ] }, { "id": "f6d684c0-9641-4f4e-adae-c2cc30f21ec6", "alias": "browser", "description": "browser based authentication", "providerId": "basic-flow", "topLevel": true, "builtIn": true, "authenticationExecutions": [ { "authenticator": "auth-cookie", "authenticatorFlow": false, "requirement": "ALTERNATIVE", "priority": 10, "autheticatorFlow": false, "userSetupAllowed": false }, { "authenticator": "auth-spnego", "authenticatorFlow": false, "requirement": "DISABLED", "priority": 20, "autheticatorFlow": false, "userSetupAllowed": false }, { "authenticator": "identity-provider-redirector", "authenticatorFlow": false, "requirement": "ALTERNATIVE", "priority": 25, "autheticatorFlow": false, "userSetupAllowed": false }, { "authenticatorFlow": true, "requirement": "ALTERNATIVE", "priority": 30, "autheticatorFlow": true, "flowAlias": "forms", "userSetupAllowed": false } ] }, { "id": "0d33e19f-cc64-4fbb-abb6-a656ed6aa94d", "alias": "clients", "description": "Base authentication for clients", "providerId": "client-flow", "topLevel": true, "builtIn": true, "authenticationExecutions": [ { "authenticator": "client-secret", "authenticatorFlow": false, "requirement": "ALTERNATIVE", "priority": 10, "autheticatorFlow": false, "userSetupAllowed": false }, { "authenticator": "client-jwt", "authenticatorFlow": false, "requirement": "ALTERNATIVE", "priority": 20, "autheticatorFlow": false, "userSetupAllowed": false }, { "authenticator": "client-secret-jwt", "authenticatorFlow": false, "requirement": "ALTERNATIVE", "priority": 30, "autheticatorFlow": false, "userSetupAllowed": false }, { "authenticator": "client-x509", "authenticatorFlow": false, "requirement": "ALTERNATIVE", "priority": 40, "autheticatorFlow": false, "userSetupAllowed": false } ] }, { "id": "f291d250-9b25-4a57-9617-0017863affed", "alias": "direct grant", "description": "OpenID Connect Resource Owner Grant", "providerId": "basic-flow", "topLevel": true, "builtIn": true, "authenticationExecutions": [ { "authenticator": "direct-grant-validate-username", "authenticatorFlow": false, "requirement": "REQUIRED", "priority": 10, "autheticatorFlow": false, "userSetupAllowed": false }, { "authenticator": "direct-grant-validate-password", "authenticatorFlow": false, "requirement": "REQUIRED", "priority": 20, "autheticatorFlow": false, "userSetupAllowed": false }, { "authenticatorFlow": true, "requirement": "CONDITIONAL", "priority": 30, "autheticatorFlow": true, "flowAlias": "Direct Grant - Conditional OTP", "userSetupAllowed": false } ] }, { "id": "bfd7c74f-8670-4c8e-80f3-1daed6bba003", "alias": "docker auth", "description": "Used by Docker clients to authenticate against the IDP", "providerId": "basic-flow", "topLevel": true, "builtIn": true, "authenticationExecutions": [ { "authenticator": "docker-http-basic-authenticator", "authenticatorFlow": false, "requirement": "REQUIRED", "priority": 10, "autheticatorFlow": false, "userSetupAllowed": false } ] }, { "id": "92b8e7e2-4498-408e-932f-f4aba6be4204", "alias": "first broker login", "description": "Actions taken after first broker login with identity provider account, which is not yet linked to any Keycloak account", "providerId": "basic-flow", "topLevel": true, "builtIn": true, "authenticationExecutions": [ { "authenticatorConfig": "review profile config", "authenticator": "idp-review-profile", "authenticatorFlow": false, "requirement": "REQUIRED", "priority": 10, "autheticatorFlow": false, "userSetupAllowed": false }, { "authenticatorFlow": true, "requirement": "REQUIRED", "priority": 20, "autheticatorFlow": true, "flowAlias": "User creation or linking", "userSetupAllowed": false } ] }, { "id": "30af24ea-6090-4208-8609-ba36a6ee219e", "alias": "forms", "description": "Username, password, otp and other auth forms.", "providerId": "basic-flow", "topLevel": false, "builtIn": true, "authenticationExecutions": [ { "authenticator": "auth-username-password-form", "authenticatorFlow": false, "requirement": "REQUIRED", "priority": 10, "autheticatorFlow": false, "userSetupAllowed": false }, { "authenticatorFlow": true, "requirement": "CONDITIONAL", "priority": 20, "autheticatorFlow": true, "flowAlias": "Browser - Conditional OTP", "userSetupAllowed": false } ] }, { "id": "80891cfa-75da-4acb-913e-d33f3eeaa9bc", "alias": "registration", "description": "registration flow", "providerId": "basic-flow", "topLevel": true, "builtIn": true, "authenticationExecutions": [ { "authenticator": "registration-page-form", "authenticatorFlow": true, "requirement": "REQUIRED", "priority": 10, "autheticatorFlow": true, "flowAlias": "registration form", "userSetupAllowed": false } ] }, { "id": "af0c1820-f6ae-478f-b73c-dcf88fd42086", "alias": "registration form", "description": "registration form", "providerId": "form-flow", "topLevel": false, "builtIn": true, "authenticationExecutions": [ { "authenticator": "registration-user-creation", "authenticatorFlow": false, "requirement": "REQUIRED", "priority": 20, "autheticatorFlow": false, "userSetupAllowed": false }, { "authenticator": "registration-password-action", "authenticatorFlow": false, "requirement": "REQUIRED", "priority": 50, "autheticatorFlow": false, "userSetupAllowed": false }, { "authenticator": "registration-recaptcha-action", "authenticatorFlow": false, "requirement": "DISABLED", "priority": 60, "autheticatorFlow": false, "userSetupAllowed": false }, { "authenticator": "registration-terms-and-conditions", "authenticatorFlow": false, "requirement": "DISABLED", "priority": 70, "autheticatorFlow": false, "userSetupAllowed": false } ] }, { "id": "abe3a285-9fb3-499b-ac50-adbc484e075d", "alias": "reset credentials", "description": "Reset credentials for a user if they forgot their password or something", "providerId": "basic-flow", "topLevel": true, "builtIn": true, "authenticationExecutions": [ { "authenticator": "reset-credentials-choose-user", "authenticatorFlow": false, "requirement": "REQUIRED", "priority": 10, "autheticatorFlow": false, "userSetupAllowed": false }, { "authenticator": "reset-credential-email", "authenticatorFlow": false, "requirement": "REQUIRED", "priority": 20, "autheticatorFlow": false, "userSetupAllowed": false }, { "authenticator": "reset-password", "authenticatorFlow": false, "requirement": "REQUIRED", "priority": 30, "autheticatorFlow": false, "userSetupAllowed": false }, { "authenticatorFlow": true, "requirement": "CONDITIONAL", "priority": 40, "autheticatorFlow": true, "flowAlias": "Reset - Conditional OTP", "userSetupAllowed": false } ] }, { "id": "163fcd5e-de61-4843-be4d-8e01f42566b6", "alias": "saml ecp", "description": "SAML ECP Profile Authentication Flow", "providerId": "basic-flow", "topLevel": true, "builtIn": true, "authenticationExecutions": [ { "authenticator": "http-basic-authenticator", "authenticatorFlow": false, "requirement": "REQUIRED", "priority": 10, "autheticatorFlow": false, "userSetupAllowed": false } ] } ], "authenticatorConfig": [ { "id": "ae5aab89-c28b-47c3-b237-6531c919deea", "alias": "create unique user config", "config": { "require.password.update.after.registration": "false" } }, { "id": "887e4380-1d97-44b3-b7ad-7ff6277f9d57", "alias": "review profile config", "config": { "update.profile.on.first.login": "missing" } } ], "requiredActions": [ { "alias": "CONFIGURE_TOTP", "name": "Configure OTP", "providerId": "CONFIGURE_TOTP", "enabled": true, "defaultAction": false, "priority": 10, "config": {} }, { "alias": "TERMS_AND_CONDITIONS", "name": "Terms and Conditions", "providerId": "TERMS_AND_CONDITIONS", "enabled": false, "defaultAction": false, "priority": 20, "config": {} }, { "alias": "UPDATE_PASSWORD", "name": "Update Password", "providerId": "UPDATE_PASSWORD", "enabled": true, "defaultAction": false, "priority": 30, "config": {} }, { "alias": "UPDATE_PROFILE", "name": "Update Profile", "providerId": "UPDATE_PROFILE", "enabled": true, "defaultAction": false, "priority": 40, "config": {} }, { "alias": "VERIFY_EMAIL", "name": "Verify Email", "providerId": "VERIFY_EMAIL", "enabled": true, "defaultAction": false, "priority": 50, "config": {} }, { "alias": "delete_account", "name": "Delete Account", "providerId": "delete_account", "enabled": false, "defaultAction": false, "priority": 60, "config": {} }, { "alias": "webauthn-register", "name": "Webauthn Register", "providerId": "webauthn-register", "enabled": true, "defaultAction": false, "priority": 70, "config": {} }, { "alias": "webauthn-register-passwordless", "name": "Webauthn Register Passwordless", "providerId": "webauthn-register-passwordless", "enabled": true, "defaultAction": false, "priority": 80, "config": {} }, { "alias": "VERIFY_PROFILE", "name": "Verify Profile", "providerId": "VERIFY_PROFILE", "enabled": true, "defaultAction": false, "priority": 90, "config": {} }, { "alias": "delete_credential", "name": "Delete Credential", "providerId": "delete_credential", "enabled": true, "defaultAction": false, "priority": 100, "config": {} }, { "alias": "update_user_locale", "name": "Update User Locale", "providerId": "update_user_locale", "enabled": true, "defaultAction": false, "priority": 1000, "config": {} } ], "browserFlow": "browser", "registrationFlow": "registration", "directGrantFlow": "direct grant", "resetCredentialsFlow": "reset credentials", "clientAuthenticationFlow": "clients", "dockerAuthenticationFlow": "docker auth", "firstBrokerLoginFlow": "first broker login", "attributes": { "cibaBackchannelTokenDeliveryMode": "poll", "cibaAuthRequestedUserHint": "login_hint", "oauth2DevicePollingInterval": "5", "clientOfflineSessionMaxLifespan": "0", "clientSessionIdleTimeout": "0", "clientOfflineSessionIdleTimeout": "0", "cibaInterval": "5", "realmReusableOtpCode": "false", "cibaExpiresIn": "120", "oauth2DeviceCodeLifespan": "600", "parRequestUriLifespan": "60", "clientSessionMaxLifespan": "0", "organizationsEnabled": "false" }, "keycloakVersion": "25.0.2", "userManagedAccessAllowed": false, "organizationsEnabled": false, "clientProfiles": { "profiles": [] }, "clientPolicies": { "policies": [] } }