Gitiles
Code Review Sign In
gerrit.nordix.org / oransc / oam / 261a55c179f98d8582184e8799230708a00f0769 / . / solution / integration / smo / common / identity / o-ran-sc-realm.json
blob: 67b5bc291b1af22f7d34d40003e46c641e775e3d [file] [log] [blame]
demx8as6a93cb372021-06-06 16:05:58 +0200[diff] [blame]1{
2 "id": "onap",
3 "realm": "onap",
demx8as6261a55c2022-07-06 09:54:37 +0200[diff] [blame^]4 "displayName": "O-RAN-SC OAM",
5 "displayNameHtml": "<div class=\"kc-logo-text\"><span>O-RAN-SC OAM</span></div>",
demx8as6a93cb372021-06-06 16:05:58 +0200[diff] [blame]6 "notBefore": 1606124502,
7 "revokeRefreshToken": false,
8 "refreshTokenMaxReuse": 0,
9 "accessTokenLifespan": 300,
10 "accessTokenLifespanForImplicitFlow": 900,
11 "ssoSessionIdleTimeout": 1800,
12 "ssoSessionMaxLifespan": 36000,
13 "ssoSessionIdleTimeoutRememberMe": 0,
14 "ssoSessionMaxLifespanRememberMe": 0,
15 "offlineSessionIdleTimeout": 2592000,
16 "offlineSessionMaxLifespanEnabled": false,
17 "offlineSessionMaxLifespan": 5184000,
18 "clientSessionIdleTimeout": 0,
19 "clientSessionMaxLifespan": 0,
20 "clientOfflineSessionIdleTimeout": 0,
21 "clientOfflineSessionMaxLifespan": 0,
22 "accessCodeLifespan": 60,
23 "accessCodeLifespanUserAction": 300,
24 "accessCodeLifespanLogin": 1800,
25 "actionTokenGeneratedByAdminLifespan": 43200,
26 "actionTokenGeneratedByUserLifespan": 300,
27 "enabled": true,
28 "sslRequired": "external",
demx8as6261a55c2022-07-06 09:54:37 +0200[diff] [blame^]29 "registrationAllowed": true,
demx8as6a93cb372021-06-06 16:05:58 +0200[diff] [blame]30 "registrationEmailAsUsername": false,
31 "rememberMe": true,
32 "verifyEmail": false,
33 "loginWithEmailAllowed": true,
34 "duplicateEmailsAllowed": false,
demx8as6261a55c2022-07-06 09:54:37 +0200[diff] [blame^]35 "resetPasswordAllowed": true,
demx8as6a93cb372021-06-06 16:05:58 +0200[diff] [blame]36 "editUsernameAllowed": false,
37 "bruteForceProtected": false,
38 "permanentLockout": false,
39 "maxFailureWaitSeconds": 900,
40 "minimumQuickLoginWaitSeconds": 60,
41 "waitIncrementSeconds": 60,
42 "quickLoginCheckMilliSeconds": 1000,
43 "maxDeltaTimeSeconds": 43200,
44 "failureFactor": 30,
45 "roles": {
46 "realm": [
47 {
48 "id": "66f90a7a-3766-4f69-989d-c94910e0bad6",
49 "name": "administration",
50 "description": "Read/write access to all operations.",
51 "composite": false,
52 "clientRole": false,
53 "containerId": "onap",
54 "attributes": {}
55 },
56 {
57 "id": "d2594199-99c2-4e0c-9b33-94b0a84b569a",
58 "name": "supervision",
59 "description": "In general no write access and also no read access to user-management.",
60 "composite": false,
61 "clientRole": false,
62 "containerId": "onap",
63 "attributes": {}
64 },
65 {
66 "id": "db6e98ed-5fa8-4471-9522-ba12a8732e08",
67 "name": "uma_authorization",
68 "description": "${role_uma_authorization}",
69 "composite": false,
70 "clientRole": false,
71 "containerId": "onap",
72 "attributes": {}
73 },
74 {
75 "id": "e344eb3a-8efe-4346-b5d4-93b9262cf0ec",
76 "name": "offline_access",
77 "description": "${role_offline-access}",
78 "composite": false,
79 "clientRole": false,
80 "containerId": "onap",
81 "attributes": {}
82 },
83 {
84 "id": "7c6d7309-c7c1-4a51-8a85-bd6713af5ca7",
85 "name": "provision",
86 "description": "In general read/write access, expect write access to user-management.",
87 "composite": false,
88 "clientRole": false,
89 "containerId": "onap",
90 "attributes": {}
91 }
92 ],
93 "client": {
94 "realm-management": [
95 {
96 "id": "48cf3c96-5ef0-4a91-a95f-149234d0b595",
97 "name": "manage-identity-providers",
98 "description": "${role_manage-identity-providers}",
99 "composite": false,
100 "clientRole": true,
101 "containerId": "048a9bfc-077a-42a2-afe8-1ec13d3a43a3",
102 "attributes": {}
103 },
104 {
105 "id": "97066b13-50b7-4556-8c33-b06279ee26b7",
106 "name": "query-realms",
107 "description": "${role_query-realms}",
108 "composite": false,
109 "clientRole": true,
110 "containerId": "048a9bfc-077a-42a2-afe8-1ec13d3a43a3",
111 "attributes": {}
112 },
113 {
114 "id": "120f58c7-3850-487e-9733-a9b98ac43921",
115 "name": "view-events",
116 "description": "${role_view-events}",
117 "composite": false,
118 "clientRole": true,
119 "containerId": "048a9bfc-077a-42a2-afe8-1ec13d3a43a3",
120 "attributes": {}
121 },
122 {
123 "id": "4ab08158-f781-448f-a394-d0022957c2d8",
124 "name": "manage-users",
125 "description": "${role_manage-users}",
126 "composite": false,
127 "clientRole": true,
128 "containerId": "048a9bfc-077a-42a2-afe8-1ec13d3a43a3",
129 "attributes": {}
130 },
131 {
132 "id": "a2aeee62-6cfa-4968-be7c-b861ca16d9ae",
133 "name": "impersonation",
134 "description": "${role_impersonation}",
135 "composite": false,
136 "clientRole": true,
137 "containerId": "048a9bfc-077a-42a2-afe8-1ec13d3a43a3",
138 "attributes": {}
139 },
140 {
141 "id": "cddc6aa1-d8d8-4a4b-a6d0-15576ca147cc",
142 "name": "manage-authorization",
143 "description": "${role_manage-authorization}",
144 "composite": false,
145 "clientRole": true,
146 "containerId": "048a9bfc-077a-42a2-afe8-1ec13d3a43a3",
147 "attributes": {}
148 },
149 {
150 "id": "f139916a-75d6-44e2-8fb2-818cabc9aa79",
151 "name": "query-users",
152 "description": "${role_query-users}",
153 "composite": false,
154 "clientRole": true,
155 "containerId": "048a9bfc-077a-42a2-afe8-1ec13d3a43a3",
156 "attributes": {}
157 },
158 {
159 "id": "51216a0a-b1cb-4bbf-966a-6d6b9a430981",
160 "name": "query-clients",
161 "description": "${role_query-clients}",
162 "composite": false,
163 "clientRole": true,
164 "containerId": "048a9bfc-077a-42a2-afe8-1ec13d3a43a3",
165 "attributes": {}
166 },
167 {
168 "id": "77174699-6e58-4515-a4de-fc0c5f1b84aa",
169 "name": "manage-events",
170 "description": "${role_manage-events}",
171 "composite": false,
172 "clientRole": true,
173 "containerId": "048a9bfc-077a-42a2-afe8-1ec13d3a43a3",
174 "attributes": {}
175 },
176 {
177 "id": "34107e13-212e-4b07-a00a-0cb422cb1b18",
178 "name": "view-authorization",
179 "description": "${role_view-authorization}",
180 "composite": false,
181 "clientRole": true,
182 "containerId": "048a9bfc-077a-42a2-afe8-1ec13d3a43a3",
183 "attributes": {}
184 },
185 {
186 "id": "b2460807-5207-4112-ae9d-931e1ea8e495",
187 "name": "manage-realm",
188 "description": "${role_manage-realm}",
189 "composite": false,
190 "clientRole": true,
191 "containerId": "048a9bfc-077a-42a2-afe8-1ec13d3a43a3",
192 "attributes": {}
193 },
194 {
195 "id": "36454cac-a7b4-49a2-9202-7e9253680709",
196 "name": "view-clients",
197 "description": "${role_view-clients}",
198 "composite": true,
199 "composites": {
200 "client": {
201 "realm-management": [
202 "query-clients"
203 ]
204 }
205 },
206 "clientRole": true,
207 "containerId": "048a9bfc-077a-42a2-afe8-1ec13d3a43a3",
208 "attributes": {}
209 },
210 {
211 "id": "bd6536a5-fb15-4d9d-acd4-05af2f5f0872",
212 "name": "manage-clients",
213 "description": "${role_manage-clients}",
214 "composite": false,
215 "clientRole": true,
216 "containerId": "048a9bfc-077a-42a2-afe8-1ec13d3a43a3",
217 "attributes": {}
218 },
219 {
220 "id": "0413ee3e-5669-45e2-a62e-013e5fa9f95c",
221 "name": "view-identity-providers",
222 "description": "${role_view-identity-providers}",
223 "composite": false,
224 "clientRole": true,
225 "containerId": "048a9bfc-077a-42a2-afe8-1ec13d3a43a3",
226 "attributes": {}
227 },
228 {
229 "id": "a7f035f6-bcb3-4a3e-9aba-b9d8151ae1e2",
230 "name": "create-client",
231 "description": "${role_create-client}",
232 "composite": false,
233 "clientRole": true,
234 "containerId": "048a9bfc-077a-42a2-afe8-1ec13d3a43a3",
235 "attributes": {}
236 },
237 {
238 "id": "6f755449-81aa-413c-b9a2-f1a04a310216",
239 "name": "realm-admin",
240 "description": "${role_realm-admin}",
241 "composite": true,
242 "composites": {
243 "client": {
244 "realm-management": [
245 "view-events",
246 "manage-identity-providers",
247 "query-realms",
248 "manage-users",
249 "impersonation",
250 "manage-authorization",
251 "query-users",
252 "query-clients",
253 "manage-events",
254 "view-authorization",
255 "manage-realm",
256 "view-clients",
257 "manage-clients",
258 "view-identity-providers",
259 "create-client",
260 "view-realm",
261 "view-users",
262 "query-groups"
263 ]
264 }
265 },
266 "clientRole": true,
267 "containerId": "048a9bfc-077a-42a2-afe8-1ec13d3a43a3",
268 "attributes": {}
269 },
270 {
271 "id": "b84067d9-c1a0-473b-9a8d-c9da11d702d0",
272 "name": "view-realm",
273 "description": "${role_view-realm}",
274 "composite": false,
275 "clientRole": true,
276 "containerId": "048a9bfc-077a-42a2-afe8-1ec13d3a43a3",
277 "attributes": {}
278 },
279 {
280 "id": "f93e22e0-4777-4eed-8793-54344e3912b8",
281 "name": "view-users",
282 "description": "${role_view-users}",
283 "composite": true,
284 "composites": {
285 "client": {
286 "realm-management": [
287 "query-users",
288 "query-groups"
289 ]
290 }
291 },
292 "clientRole": true,
293 "containerId": "048a9bfc-077a-42a2-afe8-1ec13d3a43a3",
294 "attributes": {}
295 },
296 {
297 "id": "0a21201d-d801-4905-bd24-15a0b6b672bd",
298 "name": "query-groups",
299 "description": "${role_query-groups}",
300 "composite": false,
301 "clientRole": true,
302 "containerId": "048a9bfc-077a-42a2-afe8-1ec13d3a43a3",
303 "attributes": {}
304 }
305 ],
306 "odlux.app": [],
307 "security-admin-console": [],
308 "admin-cli": [],
309 "account-console": [],
310 "broker": [
311 {
312 "id": "0ffc5717-546e-4bc9-a5ac-402cf244b8ef",
313 "name": "read-token",
314 "description": "${role_read-token}",
315 "composite": false,
316 "clientRole": true,
317 "containerId": "03f925c3-3688-44fc-80da-57a15e48f9c6",
318 "attributes": {}
319 }
320 ],
321 "account": [
322 {
323 "id": "73a6e64c-673d-41f8-891d-35cdf18530a2",
324 "name": "view-consent",
325 "description": "${role_view-consent}",
326 "composite": false,
327 "clientRole": true,
328 "containerId": "79520b16-34b6-4427-8c0f-40ef1e514d5e",
329 "attributes": {}
330 },
331 {
332 "id": "ad1c45b0-c118-423c-932b-4d37a1e22169",
333 "name": "manage-account-links",
334 "description": "${role_manage-account-links}",
335 "composite": false,
336 "clientRole": true,
337 "containerId": "79520b16-34b6-4427-8c0f-40ef1e514d5e",
338 "attributes": {}
339 },
340 {
341 "id": "5a945b4b-5982-4340-a2b9-464edacb5280",
342 "name": "manage-consent",
343 "description": "${role_manage-consent}",
344 "composite": true,
345 "composites": {
346 "client": {
347 "account": [
348 "view-consent"
349 ]
350 }
351 },
352 "clientRole": true,
353 "containerId": "79520b16-34b6-4427-8c0f-40ef1e514d5e",
354 "attributes": {}
355 },
356 {
357 "id": "27c9a3d3-78e9-4ca3-940c-3a3c16cac97f",
358 "name": "view-profile",
359 "description": "${role_view-profile}",
360 "composite": false,
361 "clientRole": true,
362 "containerId": "79520b16-34b6-4427-8c0f-40ef1e514d5e",
363 "attributes": {}
364 },
365 {
366 "id": "0dc10caf-b2f3-42e2-af88-c6c3d8f170ad",
367 "name": "delete-account",
368 "description": "${role_delete-account}",
369 "composite": false,
370 "clientRole": true,
371 "containerId": "79520b16-34b6-4427-8c0f-40ef1e514d5e",
372 "attributes": {}
373 },
374 {
375 "id": "b3ff60e4-53e9-4a78-9855-3e7a13608a37",
376 "name": "manage-account",
377 "description": "${role_manage-account}",
378 "composite": true,
379 "composites": {
380 "client": {
381 "account": [
382 "manage-account-links"
383 ]
384 }
385 },
386 "clientRole": true,
387 "containerId": "79520b16-34b6-4427-8c0f-40ef1e514d5e",
388 "attributes": {}
389 },
390 {
391 "id": "9fbd7ab1-300f-4bf4-8e3f-9de42ea841f4",
392 "name": "view-applications",
393 "description": "${role_view-applications}",
394 "composite": false,
395 "clientRole": true,
396 "containerId": "79520b16-34b6-4427-8c0f-40ef1e514d5e",
397 "attributes": {}
398 }
399 ]
400 }
401 },
402 "groups": [
403 {
404 "id": "53697740-dd18-4170-bcc7-5386d68bee12",
405 "name": "NetworkAdministration",
406 "path": "/NetworkAdministration",
407 "attributes": {},
408 "realmRoles": [
409 "administration"
410 ],
411 "clientRoles": {},
412 "subGroups": []
413 },
414 {
415 "id": "7416392a-8a94-48a0-b2f4-32355df722ee",
416 "name": "NetworkOperation",
417 "path": "/NetworkOperation",
418 "attributes": {},
419 "realmRoles": [
420 "provision"
421 ],
422 "clientRoles": {},
423 "subGroups": []
424 },
425 {
426 "id": "2627fd3e-5991-4464-8d46-5accfa7f49d9",
427 "name": "NetworkPlanning",
428 "path": "/NetworkPlanning",
429 "attributes": {},
430 "realmRoles": [
431 "supervision"
432 ],
433 "clientRoles": {},
434 "subGroups": []
435 }
436 ],
437 "defaultRoles": [
438 "uma_authorization",
439 "offline_access"
440 ],
441 "requiredCredentials": [
442 "password"
443 ],
444 "otpPolicyType": "totp",
445 "otpPolicyAlgorithm": "HmacSHA1",
446 "otpPolicyInitialCounter": 0,
447 "otpPolicyDigits": 6,
448 "otpPolicyLookAheadWindow": 1,
449 "otpPolicyPeriod": 30,
450 "otpSupportedApplications": [
451 "FreeOTP",
452 "Google Authenticator"
453 ],
454 "webAuthnPolicyRpEntityName": "keycloak",
455 "webAuthnPolicySignatureAlgorithms": [
456 "ES256"
457 ],
458 "webAuthnPolicyRpId": "",
459 "webAuthnPolicyAttestationConveyancePreference": "not specified",
460 "webAuthnPolicyAuthenticatorAttachment": "not specified",
461 "webAuthnPolicyRequireResidentKey": "not specified",
462 "webAuthnPolicyUserVerificationRequirement": "not specified",
463 "webAuthnPolicyCreateTimeout": 0,
464 "webAuthnPolicyAvoidSameAuthenticatorRegister": false,
465 "webAuthnPolicyAcceptableAaguids": [],
466 "webAuthnPolicyPasswordlessRpEntityName": "keycloak",
467 "webAuthnPolicyPasswordlessSignatureAlgorithms": [
468 "ES256"
469 ],
470 "webAuthnPolicyPasswordlessRpId": "",
471 "webAuthnPolicyPasswordlessAttestationConveyancePreference": "not specified",
472 "webAuthnPolicyPasswordlessAuthenticatorAttachment": "not specified",
473 "webAuthnPolicyPasswordlessRequireResidentKey": "not specified",
474 "webAuthnPolicyPasswordlessUserVerificationRequirement": "not specified",
475 "webAuthnPolicyPasswordlessCreateTimeout": 0,
476 "webAuthnPolicyPasswordlessAvoidSameAuthenticatorRegister": false,
477 "webAuthnPolicyPasswordlessAcceptableAaguids": [],
478 "scopeMappings": [
479 {
480 "clientScope": "offline_access",
481 "roles": [
482 "offline_access"
483 ]
484 }
485 ],
486 "clientScopeMappings": {
487 "account": [
488 {
489 "client": "account-console",
490 "roles": [
491 "manage-account"
492 ]
493 }
494 ]
495 },
496 "clients": [
497 {
498 "id": "79520b16-34b6-4427-8c0f-40ef1e514d5e",
499 "clientId": "account",
500 "name": "${client_account}",
501 "rootUrl": "${authBaseUrl}",
502 "baseUrl": "/realms/onap-oam-joins-non-rt-ric/account/",
503 "surrogateAuthRequired": false,
504 "enabled": true,
505 "alwaysDisplayInConsole": false,
506 "clientAuthenticatorType": "client-secret",
507 "secret": "**********",
508 "defaultRoles": [
509 "view-profile",
510 "manage-account"
511 ],
512 "redirectUris": [
513 "/realms/onap-oam-joins-non-rt-ric/account/*"
514 ],
515 "webOrigins": [],
516 "notBefore": 0,
517 "bearerOnly": false,
518 "consentRequired": false,
519 "standardFlowEnabled": true,
520 "implicitFlowEnabled": false,
521 "directAccessGrantsEnabled": false,
522 "serviceAccountsEnabled": false,
523 "publicClient": false,
524 "frontchannelLogout": false,
525 "protocol": "openid-connect",
526 "attributes": {},
527 "authenticationFlowBindingOverrides": {},
528 "fullScopeAllowed": false,
529 "nodeReRegistrationTimeout": 0,
530 "defaultClientScopes": [
531 "web-origins",
532 "role_list",
533 "roles",
534 "profile",
535 "email"
536 ],
537 "optionalClientScopes": [
538 "address",
539 "phone",
540 "offline_access",
541 "microprofile-jwt"
542 ]
543 },
544 {
545 "id": "9e6bfeba-bdd0-480f-b5a2-872613bc8f5c",
546 "clientId": "account-console",
547 "name": "${client_account-console}",
548 "rootUrl": "${authBaseUrl}",
549 "baseUrl": "/realms/onap-oam-joins-non-rt-ric/account/",
550 "surrogateAuthRequired": false,
551 "enabled": true,
552 "alwaysDisplayInConsole": false,
553 "clientAuthenticatorType": "client-secret",
554 "secret": "**********",
555 "redirectUris": [
556 "/realms/onap-oam-joins-non-rt-ric/account/*"
557 ],
558 "webOrigins": [],
559 "notBefore": 0,
560 "bearerOnly": false,
561 "consentRequired": false,
562 "standardFlowEnabled": true,
563 "implicitFlowEnabled": false,
564 "directAccessGrantsEnabled": false,
565 "serviceAccountsEnabled": false,
566 "publicClient": true,
567 "frontchannelLogout": false,
568 "protocol": "openid-connect",
569 "attributes": {
570 "pkce.code.challenge.method": "S256"
571 },
572 "authenticationFlowBindingOverrides": {},
573 "fullScopeAllowed": false,
574 "nodeReRegistrationTimeout": 0,
575 "protocolMappers": [
576 {
577 "id": "7c4d0074-59ac-48de-a13d-ff68f061b5aa",
578 "name": "audience resolve",
579 "protocol": "openid-connect",
580 "protocolMapper": "oidc-audience-resolve-mapper",
581 "consentRequired": false,
582 "config": {}
583 }
584 ],
585 "defaultClientScopes": [
586 "web-origins",
587 "role_list",
588 "roles",
589 "profile",
590 "email"
591 ],
592 "optionalClientScopes": [
593 "address",
594 "phone",
595 "offline_access",
596 "microprofile-jwt"
597 ]
598 },
599 {
600 "id": "42be94b8-40c9-4874-9d6e-9501d12f73a5",
601 "clientId": "admin-cli",
602 "name": "${client_admin-cli}",
603 "surrogateAuthRequired": false,
604 "enabled": true,
605 "alwaysDisplayInConsole": false,
606 "clientAuthenticatorType": "client-secret",
607 "secret": "**********",
608 "redirectUris": [],
609 "webOrigins": [],
610 "notBefore": 0,
611 "bearerOnly": false,
612 "consentRequired": false,
613 "standardFlowEnabled": false,
614 "implicitFlowEnabled": false,
615 "directAccessGrantsEnabled": true,
616 "serviceAccountsEnabled": false,
617 "publicClient": true,
618 "frontchannelLogout": false,
619 "protocol": "openid-connect",
620 "attributes": {
621 "saml.assertion.signature": "false",
622 "access.token.lifespan": "1200",
623 "saml.force.post.binding": "false",
624 "saml.multivalued.roles": "false",
625 "saml.encrypt": "false",
626 "saml.server.signature": "false",
627 "saml.server.signature.keyinfo.ext": "false",
628 "exclude.session.state.from.auth.response": "false",
629 "saml_force_name_id_format": "false",
630 "saml.client.signature": "false",
631 "tls.client.certificate.bound.access.tokens": "false",
632 "saml.authnstatement": "false",
633 "display.on.consent.screen": "false",
634 "saml.onetimeuse.condition": "false"
635 },
636 "authenticationFlowBindingOverrides": {},
637 "fullScopeAllowed": true,
638 "nodeReRegistrationTimeout": 0,
639 "defaultClientScopes": [
640 "web-origins",
641 "role_list",
642 "roles",
643 "profile",
644 "email"
645 ],
646 "optionalClientScopes": [
647 "address",
648 "phone",
649 "offline_access",
650 "microprofile-jwt"
651 ]
652 },
653 {
654 "id": "03f925c3-3688-44fc-80da-57a15e48f9c6",
655 "clientId": "broker",
656 "name": "${client_broker}",
657 "surrogateAuthRequired": false,
658 "enabled": true,
659 "alwaysDisplayInConsole": false,
660 "clientAuthenticatorType": "client-secret",
661 "secret": "**********",
662 "redirectUris": [],
663 "webOrigins": [],
664 "notBefore": 0,
665 "bearerOnly": false,
666 "consentRequired": false,
667 "standardFlowEnabled": true,
668 "implicitFlowEnabled": false,
669 "directAccessGrantsEnabled": false,
670 "serviceAccountsEnabled": false,
671 "publicClient": false,
672 "frontchannelLogout": false,
673 "protocol": "openid-connect",
674 "attributes": {},
675 "authenticationFlowBindingOverrides": {},
676 "fullScopeAllowed": false,
677 "nodeReRegistrationTimeout": 0,
678 "defaultClientScopes": [
679 "web-origins",
680 "role_list",
681 "roles",
682 "profile",
683 "email"
684 ],
685 "optionalClientScopes": [
686 "address",
687 "phone",
688 "offline_access",
689 "microprofile-jwt"
690 ]
691 },
692 {
693 "id": "dbd662ad-e959-44c9-bd18-859ca0142927",
694 "clientId": "odlux.app",
695 "surrogateAuthRequired": false,
696 "enabled": true,
697 "alwaysDisplayInConsole": false,
698 "clientAuthenticatorType": "client-secret",
699 "secret": "2a64fdca-c205-4b52-9f58-195ccc142ddb",
700 "redirectUris": [
demx8as6a93cb372021-06-06 16:05:58 +0200[diff] [blame]701 "https://sdnc-web:8453/*"
702 ],
703 "webOrigins": [],
704 "notBefore": 0,
705 "bearerOnly": false,
706 "consentRequired": false,
707 "standardFlowEnabled": true,
708 "implicitFlowEnabled": false,
709 "directAccessGrantsEnabled": true,
710 "serviceAccountsEnabled": false,
711 "publicClient": false,
712 "frontchannelLogout": false,
713 "protocol": "openid-connect",
714 "attributes": {
715 "saml.assertion.signature": "false",
716 "access.token.lifespan": "1800",
717 "saml.force.post.binding": "false",
718 "saml.multivalued.roles": "false",
719 "saml.encrypt": "false",
720 "backchannel.logout.revoke.offline.tokens": "false",
721 "saml.server.signature": "false",
722 "saml.server.signature.keyinfo.ext": "false",
723 "exclude.session.state.from.auth.response": "false",
724 "backchannel.logout.session.required": "false",
725 "client_credentials.use_refresh_token": "false",
726 "saml_force_name_id_format": "false",
727 "saml.client.signature": "false",
728 "tls.client.certificate.bound.access.tokens": "false",
729 "saml.authnstatement": "false",
730 "display.on.consent.screen": "false",
731 "saml.onetimeuse.condition": "false"
732 },
733 "authenticationFlowBindingOverrides": {
734 "direct_grant": "dfb7f7d8-1260-4d25-ac2c-b04b029bc63f",
735 "browser": "158733a4-43f8-4cbc-922d-5017939ad0dc"
736 },
737 "fullScopeAllowed": true,
738 "nodeReRegistrationTimeout": -1,
739 "defaultClientScopes": [
740 "web-origins",
741 "role_list",
742 "roles",
743 "profile",
744 "email"
745 ],
746 "optionalClientScopes": [
747 "address",
748 "phone",
749 "offline_access",
750 "microprofile-jwt"
751 ]
752 },
753 {
754 "id": "048a9bfc-077a-42a2-afe8-1ec13d3a43a3",
755 "clientId": "realm-management",
756 "name": "${client_realm-management}",
757 "surrogateAuthRequired": false,
758 "enabled": true,
759 "alwaysDisplayInConsole": false,
760 "clientAuthenticatorType": "client-secret",
761 "secret": "**********",
762 "redirectUris": [],
763 "webOrigins": [],
764 "notBefore": 0,
765 "bearerOnly": true,
766 "consentRequired": false,
767 "standardFlowEnabled": true,
768 "implicitFlowEnabled": false,
769 "directAccessGrantsEnabled": false,
770 "serviceAccountsEnabled": false,
771 "publicClient": false,
772 "frontchannelLogout": false,
773 "protocol": "openid-connect",
774 "attributes": {},
775 "authenticationFlowBindingOverrides": {},
776 "fullScopeAllowed": false,
777 "nodeReRegistrationTimeout": 0,
778 "defaultClientScopes": [
779 "web-origins",
780 "role_list",
781 "roles",
782 "profile",
783 "email"
784 ],
785 "optionalClientScopes": [
786 "address",
787 "phone",
788 "offline_access",
789 "microprofile-jwt"
790 ]
791 },
792 {
793 "id": "458df016-a86f-4750-979b-7f4bc20d9bed",
794 "clientId": "security-admin-console",
795 "name": "${client_security-admin-console}",
796 "rootUrl": "${authAdminUrl}",
797 "baseUrl": "/admin/onap-oam-joins-non-rt-ric/console/",
798 "surrogateAuthRequired": false,
799 "enabled": true,
800 "alwaysDisplayInConsole": false,
801 "clientAuthenticatorType": "client-secret",
802 "secret": "**********",
803 "redirectUris": [
804 "/admin/onap-oam-joins-non-rt-ric/console/*"
805 ],
806 "webOrigins": [
807 "+"
808 ],
809 "notBefore": 0,
810 "bearerOnly": false,
811 "consentRequired": false,
812 "standardFlowEnabled": true,
813 "implicitFlowEnabled": false,
814 "directAccessGrantsEnabled": false,
815 "serviceAccountsEnabled": false,
816 "publicClient": true,
817 "frontchannelLogout": false,
818 "protocol": "openid-connect",
819 "attributes": {
820 "pkce.code.challenge.method": "S256"
821 },
822 "authenticationFlowBindingOverrides": {},
823 "fullScopeAllowed": false,
824 "nodeReRegistrationTimeout": 0,
825 "protocolMappers": [
826 {
827 "id": "7a2b5c79-4775-4f07-810f-f101774cd086",
828 "name": "locale",
829 "protocol": "openid-connect",
830 "protocolMapper": "oidc-usermodel-attribute-mapper",
831 "consentRequired": false,
832 "config": {
833 "userinfo.token.claim": "true",
834 "user.attribute": "locale",
835 "id.token.claim": "true",
836 "access.token.claim": "true",
837 "claim.name": "locale",
838 "jsonType.label": "String"
839 }
840 }
841 ],
842 "defaultClientScopes": [
843 "web-origins",
844 "role_list",
845 "roles",
846 "profile",
847 "email"
848 ],
849 "optionalClientScopes": [
850 "address",
851 "phone",
852 "offline_access",
853 "microprofile-jwt"
854 ]
855 }
856 ],
857 "clientScopes": [
858 {
859 "id": "6dd0bccf-179e-4d35-acd0-03aa6ef2153d",
860 "name": "address",
861 "description": "OpenID Connect built-in scope: address",
862 "protocol": "openid-connect",
863 "attributes": {
864 "include.in.token.scope": "true",
865 "display.on.consent.screen": "true",
866 "consent.screen.text": "${addressScopeConsentText}"
867 },
868 "protocolMappers": [
869 {
870 "id": "6c342dae-9652-49f9-8327-ec2c3ddcd159",
871 "name": "address",
872 "protocol": "openid-connect",
873 "protocolMapper": "oidc-address-mapper",
874 "consentRequired": false,
875 "config": {
876 "user.attribute.formatted": "formatted",
877 "user.attribute.country": "country",
878 "user.attribute.postal_code": "postal_code",
879 "userinfo.token.claim": "true",
880 "user.attribute.street": "street",
881 "id.token.claim": "true",
882 "user.attribute.region": "region",
883 "access.token.claim": "true",
884 "user.attribute.locality": "locality"
885 }
886 }
887 ]
888 },
889 {
890 "id": "452eb724-9c8c-4d5b-8e3a-c40dfab97fd6",
891 "name": "email",
892 "description": "OpenID Connect built-in scope: email",
893 "protocol": "openid-connect",
894 "attributes": {
895 "include.in.token.scope": "true",
896 "display.on.consent.screen": "true",
897 "consent.screen.text": "${emailScopeConsentText}"
898 },
899 "protocolMappers": [
900 {
901 "id": "e7e9a9b0-0aeb-4d44-bb6d-8d287050521c",
902 "name": "email verified",
903 "protocol": "openid-connect",
904 "protocolMapper": "oidc-usermodel-property-mapper",
905 "consentRequired": false,
906 "config": {
907 "userinfo.token.claim": "true",
908 "user.attribute": "emailVerified",
909 "id.token.claim": "true",
910 "access.token.claim": "true",
911 "claim.name": "email_verified",
912 "jsonType.label": "boolean"
913 }
914 },
915 {
916 "id": "b9fc29ad-dd40-42c5-939c-315f661ac889",
917 "name": "email",
918 "protocol": "openid-connect",
919 "protocolMapper": "oidc-usermodel-property-mapper",
920 "consentRequired": false,
921 "config": {
922 "userinfo.token.claim": "true",
923 "user.attribute": "email",
924 "id.token.claim": "true",
925 "access.token.claim": "true",
926 "claim.name": "email",
927 "jsonType.label": "String"
928 }
929 }
930 ]
931 },
932 {
933 "id": "49f39fbb-5b69-452a-b2b4-064f3e8f23e4",
934 "name": "microprofile-jwt",
935 "description": "Microprofile - JWT built-in scope",
936 "protocol": "openid-connect",
937 "attributes": {
938 "include.in.token.scope": "true",
939 "display.on.consent.screen": "false"
940 },
941 "protocolMappers": [
942 {
943 "id": "ed60115c-0fb1-4c4f-8134-11751957a241",
944 "name": "upn",
945 "protocol": "openid-connect",
946 "protocolMapper": "oidc-usermodel-property-mapper",
947 "consentRequired": false,
948 "config": {
949 "userinfo.token.claim": "true",
950 "user.attribute": "username",
951 "id.token.claim": "true",
952 "access.token.claim": "true",
953 "claim.name": "upn",
954 "jsonType.label": "String"
955 }
956 },
957 {
958 "id": "c88ed97f-9f0e-4d16-a1b2-1cb22e37fc46",
959 "name": "groups",
960 "protocol": "openid-connect",
961 "protocolMapper": "oidc-usermodel-realm-role-mapper",
962 "consentRequired": false,
963 "config": {
964 "multivalued": "true",
965 "userinfo.token.claim": "true",
966 "user.attribute": "foo",
967 "id.token.claim": "true",
968 "access.token.claim": "true",
969 "claim.name": "groups",
970 "jsonType.label": "String"
971 }
972 }
973 ]
974 },
975 {
976 "id": "cf78afd0-da31-4e37-8503-618bf3f1da2b",
977 "name": "offline_access",
978 "description": "OpenID Connect built-in scope: offline_access",
979 "protocol": "openid-connect",
980 "attributes": {
981 "consent.screen.text": "${offlineAccessScopeConsentText}",
982 "display.on.consent.screen": "true"
983 }
984 },
985 {
986 "id": "7b1e27d0-17c0-4358-9e15-ff3dd48afe74",
987 "name": "phone",
988 "description": "OpenID Connect built-in scope: phone",
989 "protocol": "openid-connect",
990 "attributes": {
991 "include.in.token.scope": "true",
992 "display.on.consent.screen": "true",
993 "consent.screen.text": "${phoneScopeConsentText}"
994 },
995 "protocolMappers": [
996 {
997 "id": "33ad6d44-00c7-4ef1-88aa-2d3929225806",
998 "name": "phone number verified",
999 "protocol": "openid-connect",
1000 "protocolMapper": "oidc-usermodel-attribute-mapper",
1001 "consentRequired": false,
1002 "config": {
1003 "userinfo.token.claim": "true",
1004 "user.attribute": "phoneNumberVerified",
1005 "id.token.claim": "true",
1006 "access.token.claim": "true",
1007 "claim.name": "phone_number_verified",
1008 "jsonType.label": "boolean"
1009 }
1010 },
1011 {
1012 "id": "71d82f58-9411-4d7b-89a4-5f8e7cca6f7d",
1013 "name": "phone number",
1014 "protocol": "openid-connect",
1015 "protocolMapper": "oidc-usermodel-attribute-mapper",
1016 "consentRequired": false,
1017 "config": {
1018 "userinfo.token.claim": "true",
1019 "user.attribute": "phoneNumber",
1020 "id.token.claim": "true",
1021 "access.token.claim": "true",
1022 "claim.name": "phone_number",
1023 "jsonType.label": "String"
1024 }
1025 }
1026 ]
1027 },
1028 {
1029 "id": "a226a318-27ab-472e-b53e-a8f6bb7fac28",
1030 "name": "profile",
1031 "description": "OpenID Connect built-in scope: profile",
1032 "protocol": "openid-connect",
1033 "attributes": {
1034 "include.in.token.scope": "true",
1035 "display.on.consent.screen": "true",
1036 "consent.screen.text": "${profileScopeConsentText}"
1037 },
1038 "protocolMappers": [
1039 {
1040 "id": "5e8ecd21-c433-4b17-aacc-a01586532fd9",
1041 "name": "gender",
1042 "protocol": "openid-connect",
1043 "protocolMapper": "oidc-usermodel-attribute-mapper",
1044 "consentRequired": false,
1045 "config": {
1046 "userinfo.token.claim": "true",
1047 "user.attribute": "gender",
1048 "id.token.claim": "true",
1049 "access.token.claim": "true",
1050 "claim.name": "gender",
1051 "jsonType.label": "String"
1052 }
1053 },
1054 {
1055 "id": "cf587792-5813-4fe3-a16d-4ce4d4c92b50",
1056 "name": "updated at",
1057 "protocol": "openid-connect",
1058 "protocolMapper": "oidc-usermodel-attribute-mapper",
1059 "consentRequired": false,
1060 "config": {
1061 "userinfo.token.claim": "true",
1062 "user.attribute": "updatedAt",
1063 "id.token.claim": "true",
1064 "access.token.claim": "true",
1065 "claim.name": "updated_at",
1066 "jsonType.label": "String"
1067 }
1068 },
1069 {
1070 "id": "65b516e5-e573-46a7-a721-141647220ae2",
1071 "name": "birthdate",
1072 "protocol": "openid-connect",
1073 "protocolMapper": "oidc-usermodel-attribute-mapper",
1074 "consentRequired": false,
1075 "config": {
1076 "userinfo.token.claim": "true",
1077 "user.attribute": "birthdate",
1078 "id.token.claim": "true",
1079 "access.token.claim": "true",
1080 "claim.name": "birthdate",
1081 "jsonType.label": "String"
1082 }
1083 },
1084 {
1085 "id": "d6e02648-07f1-4e6e-940a-f0a6997af1ec",
1086 "name": "full name",
1087 "protocol": "openid-connect",
1088 "protocolMapper": "oidc-full-name-mapper",
1089 "consentRequired": false,
1090 "config": {
1091 "id.token.claim": "true",
1092 "access.token.claim": "true",
1093 "userinfo.token.claim": "true"
1094 }
1095 },
1096 {
1097 "id": "957e23f0-14fa-4959-b44d-7ee628302664",
1098 "name": "nickname",
1099 "protocol": "openid-connect",
1100 "protocolMapper": "oidc-usermodel-attribute-mapper",
1101 "consentRequired": false,
1102 "config": {
1103 "userinfo.token.claim": "true",
1104 "user.attribute": "nickname",
1105 "id.token.claim": "true",
1106 "access.token.claim": "true",
1107 "claim.name": "nickname",
1108 "jsonType.label": "String"
1109 }
1110 },
1111 {
1112 "id": "8f73eeed-e3fe-4086-8d56-ed488939bf7a",
1113 "name": "given name",
1114 "protocol": "openid-connect",
1115 "protocolMapper": "oidc-usermodel-property-mapper",
1116 "consentRequired": false,
1117 "config": {
1118 "userinfo.token.claim": "true",
1119 "user.attribute": "firstName",
1120 "id.token.claim": "true",
1121 "access.token.claim": "true",
1122 "claim.name": "given_name",
1123 "jsonType.label": "String"
1124 }
1125 },
1126 {
1127 "id": "987d88f4-0803-4bf1-96d4-ba0badf95656",
1128 "name": "username",
1129 "protocol": "openid-connect",
1130 "protocolMapper": "oidc-usermodel-property-mapper",
1131 "consentRequired": false,
1132 "config": {
1133 "userinfo.token.claim": "true",
1134 "user.attribute": "username",
1135 "id.token.claim": "true",
1136 "access.token.claim": "true",
1137 "claim.name": "preferred_username",
1138 "jsonType.label": "String"
1139 }
1140 },
1141 {
1142 "id": "de495b80-7a8c-47b6-bba5-534f59431156",
1143 "name": "middle name",
1144 "protocol": "openid-connect",
1145 "protocolMapper": "oidc-usermodel-attribute-mapper",
1146 "consentRequired": false,
1147 "config": {
1148 "userinfo.token.claim": "true",
1149 "user.attribute": "middleName",
1150 "id.token.claim": "true",
1151 "access.token.claim": "true",
1152 "claim.name": "middle_name",
1153 "jsonType.label": "String"
1154 }
1155 },
1156 {
1157 "id": "176751a4-b631-4521-a9b4-0275d55c0846",
1158 "name": "locale",
1159 "protocol": "openid-connect",
1160 "protocolMapper": "oidc-usermodel-attribute-mapper",
1161 "consentRequired": false,
1162 "config": {
1163 "userinfo.token.claim": "true",
1164 "user.attribute": "locale",
1165 "id.token.claim": "true",
1166 "access.token.claim": "true",
1167 "claim.name": "locale",
1168 "jsonType.label": "String"
1169 }
1170 },
1171 {
1172 "id": "37a41d7d-3f1b-4290-8885-2fbe197297eb",
1173 "name": "zoneinfo",
1174 "protocol": "openid-connect",
1175 "protocolMapper": "oidc-usermodel-attribute-mapper",
1176 "consentRequired": false,
1177 "config": {
1178 "userinfo.token.claim": "true",
1179 "user.attribute": "zoneinfo",
1180 "id.token.claim": "true",
1181 "access.token.claim": "true",
1182 "claim.name": "zoneinfo",
1183 "jsonType.label": "String"
1184 }
1185 },
1186 {
1187 "id": "f639ac53-4c08-416b-828f-b06e6f5f59cf",
1188 "name": "website",
1189 "protocol": "openid-connect",
1190 "protocolMapper": "oidc-usermodel-attribute-mapper",
1191 "consentRequired": false,
1192 "config": {
1193 "userinfo.token.claim": "true",
1194 "user.attribute": "website",
1195 "id.token.claim": "true",
1196 "access.token.claim": "true",
1197 "claim.name": "website",
1198 "jsonType.label": "String"
1199 }
1200 },
1201 {
1202 "id": "acac2472-8d13-4c22-929d-9c364e3af1dc",
1203 "name": "family name",
1204 "protocol": "openid-connect",
1205 "protocolMapper": "oidc-usermodel-property-mapper",
1206 "consentRequired": false,
1207 "config": {
1208 "userinfo.token.claim": "true",
1209 "user.attribute": "lastName",
1210 "id.token.claim": "true",
1211 "access.token.claim": "true",
1212 "claim.name": "family_name",
1213 "jsonType.label": "String"
1214 }
1215 },
1216 {
1217 "id": "b748d016-ce62-4cf2-bf0f-78482f90c4e0",
1218 "name": "picture",
1219 "protocol": "openid-connect",
1220 "protocolMapper": "oidc-usermodel-attribute-mapper",
1221 "consentRequired": false,
1222 "config": {
1223 "userinfo.token.claim": "true",
1224 "user.attribute": "picture",
1225 "id.token.claim": "true",
1226 "access.token.claim": "true",
1227 "claim.name": "picture",
1228 "jsonType.label": "String"
1229 }
1230 },
1231 {
1232 "id": "e8d61aee-2580-4aec-9c99-9310e0b10637",
1233 "name": "profile",
1234 "protocol": "openid-connect",
1235 "protocolMapper": "oidc-usermodel-attribute-mapper",
1236 "consentRequired": false,
1237 "config": {
1238 "userinfo.token.claim": "true",
1239 "user.attribute": "profile",
1240 "id.token.claim": "true",
1241 "access.token.claim": "true",
1242 "claim.name": "profile",
1243 "jsonType.label": "String"
1244 }
1245 }
1246 ]
1247 },
1248 {
1249 "id": "7b6ec9ac-c5b6-4096-8b48-5a27d9a4b3fd",
1250 "name": "role_list",
1251 "description": "SAML role list",
1252 "protocol": "saml",
1253 "attributes": {
1254 "consent.screen.text": "${samlRoleListScopeConsentText}",
1255 "display.on.consent.screen": "true"
1256 },
1257 "protocolMappers": [
1258 {
1259 "id": "924fba2b-b443-4160-96dd-5a8d7b5fe685",
1260 "name": "role list",
1261 "protocol": "saml",
1262 "protocolMapper": "saml-role-list-mapper",
1263 "consentRequired": false,
1264 "config": {
1265 "single": "false",
1266 "attribute.nameformat": "Basic",
1267 "attribute.name": "Role"
1268 }
1269 }
1270 ]
1271 },
1272 {
1273 "id": "6ccb6ae1-d28c-42a0-a59d-2c3d8429e96f",
1274 "name": "roles",
1275 "description": "OpenID Connect scope for add user roles to the access token",
1276 "protocol": "openid-connect",
1277 "attributes": {
1278 "include.in.token.scope": "false",
1279 "display.on.consent.screen": "true",
1280 "consent.screen.text": "${rolesScopeConsentText}"
1281 },
1282 "protocolMappers": [
1283 {
1284 "id": "1968a6ac-cf1c-4d15-a4fe-f5206f73e0b9",
1285 "name": "client roles",
1286 "protocol": "openid-connect",
1287 "protocolMapper": "oidc-usermodel-client-role-mapper",
1288 "consentRequired": false,
1289 "config": {
1290 "user.attribute": "foo",
1291 "access.token.claim": "true",
1292 "claim.name": "resource_access.${client_id}.roles",
1293 "jsonType.label": "String",
1294 "multivalued": "true"
1295 }
1296 },
1297 {
1298 "id": "800d0b8f-42f0-4990-81a6-4cc513097ba7",
1299 "name": "realm roles",
1300 "protocol": "openid-connect",
1301 "protocolMapper": "oidc-usermodel-realm-role-mapper",
1302 "consentRequired": false,
1303 "config": {
1304 "user.attribute": "foo",
1305 "access.token.claim": "true",
1306 "claim.name": "realm_access.roles",
1307 "jsonType.label": "String",
1308 "multivalued": "true"
1309 }
1310 },
1311 {
1312 "id": "ccaf8f4b-1050-4aca-a54f-5832873a7cfe",
1313 "name": "audience resolve",
1314 "protocol": "openid-connect",
1315 "protocolMapper": "oidc-audience-resolve-mapper",
1316 "consentRequired": false,
1317 "config": {}
1318 }
1319 ]
1320 },
1321 {
1322 "id": "04affd50-f5ca-476a-960f-21935af0ab5d",
1323 "name": "web-origins",
1324 "description": "OpenID Connect scope for add allowed web origins to the access token",
1325 "protocol": "openid-connect",
1326 "attributes": {
1327 "include.in.token.scope": "false",
1328 "display.on.consent.screen": "false",
1329 "consent.screen.text": ""
1330 },
1331 "protocolMappers": [
1332 {
1333 "id": "f4e1fc1e-454a-46b6-a660-5066aecbb363",
1334 "name": "allowed web origins",
1335 "protocol": "openid-connect",
1336 "protocolMapper": "oidc-allowed-origins-mapper",
1337 "consentRequired": false,
1338 "config": {}
1339 }
1340 ]
1341 }
1342 ],
1343 "defaultDefaultClientScopes": [
1344 "web-origins",
1345 "email",
1346 "roles",
1347 "role_list",
1348 "profile"
1349 ],
1350 "defaultOptionalClientScopes": [
1351 "microprofile-jwt",
1352 "address",
1353 "phone",
1354 "offline_access"
1355 ],
1356 "browserSecurityHeaders": {
1357 "contentSecurityPolicyReportOnly": "",
1358 "xContentTypeOptions": "nosniff",
1359 "xRobotsTag": "none",
1360 "xFrameOptions": "SAMEORIGIN",
1361 "contentSecurityPolicy": "frame-src 'self'; frame-ancestors 'self'; object-src 'none';",
1362 "xXSSProtection": "1; mode=block",
1363 "strictTransportSecurity": "max-age=31536000; includeSubDomains"
1364 },
1365 "smtpServer": {},
1366 "eventsEnabled": false,
1367 "eventsListeners": [
1368 "jboss-logging"
1369 ],
1370 "enabledEventTypes": [],
1371 "adminEventsEnabled": false,
1372 "adminEventsDetailsEnabled": false,
1373 "identityProviders": [],
1374 "identityProviderMappers": [],
1375 "components": {
1376 "org.keycloak.services.clientregistration.policy.ClientRegistrationPolicy": [
1377 {
1378 "id": "0c44905c-8894-4af1-8e5b-75370102ebc7",
1379 "name": "Max Clients Limit",
1380 "providerId": "max-clients",
1381 "subType": "anonymous",
1382 "subComponents": {},
1383 "config": {
1384 "max-clients": [
1385 "200"
1386 ]
1387 }
1388 },
1389 {
1390 "id": "b191c0f5-a3b0-4f59-bd83-070d3b6c2b28",
1391 "name": "Allowed Protocol Mapper Types",
1392 "providerId": "allowed-protocol-mappers",
1393 "subType": "anonymous",
1394 "subComponents": {},
1395 "config": {
1396 "allowed-protocol-mapper-types": [
1397 "saml-role-list-mapper",
1398 "oidc-sha256-pairwise-sub-mapper",
1399 "saml-user-attribute-mapper",
1400 "oidc-usermodel-property-mapper",
1401 "oidc-address-mapper",
1402 "oidc-full-name-mapper",
1403 "saml-user-property-mapper",
1404 "oidc-usermodel-attribute-mapper"
1405 ]
1406 }
1407 },
1408 {
1409 "id": "d152b7b9-d519-48bc-ac78-1dc3c08c4569",
1410 "name": "Trusted Hosts",
1411 "providerId": "trusted-hosts",
1412 "subType": "anonymous",
1413 "subComponents": {},
1414 "config": {
1415 "host-sending-registration-request-must-match": [
1416 "true"
1417 ],
1418 "client-uris-must-match": [
1419 "true"
1420 ]
1421 }
1422 },
1423 {
1424 "id": "724d468e-c5da-4189-b51e-0c43ee65ef90",
1425 "name": "Consent Required",
1426 "providerId": "consent-required",
1427 "subType": "anonymous",
1428 "subComponents": {},
1429 "config": {}
1430 },
1431 {
1432 "id": "409f70ab-abe9-4f3e-873f-ae3c717af73e",
1433 "name": "Allowed Client Scopes",
1434 "providerId": "allowed-client-templates",
1435 "subType": "authenticated",
1436 "subComponents": {},
1437 "config": {
1438 "allow-default-scopes": [
1439 "true"
1440 ]
1441 }
1442 },
1443 {
1444 "id": "46ebd6ed-3ad9-433f-b8e1-9a87d971f490",
1445 "name": "Full Scope Disabled",
1446 "providerId": "scope",
1447 "subType": "anonymous",
1448 "subComponents": {},
1449 "config": {}
1450 },
1451 {
1452 "id": "61c5003c-94ee-44de-8e1c-f892f5e09488",
1453 "name": "Allowed Protocol Mapper Types",
1454 "providerId": "allowed-protocol-mappers",
1455 "subType": "authenticated",
1456 "subComponents": {},
1457 "config": {
1458 "allowed-protocol-mapper-types": [
1459 "oidc-usermodel-property-mapper",
1460 "oidc-full-name-mapper",
1461 "saml-role-list-mapper",
1462 "oidc-address-mapper",
1463 "oidc-sha256-pairwise-sub-mapper",
1464 "oidc-usermodel-attribute-mapper",
1465 "saml-user-attribute-mapper",
1466 "saml-user-property-mapper"
1467 ]
1468 }
1469 },
1470 {
1471 "id": "da534621-02b7-4ccc-b14b-6a9a3648961d",
1472 "name": "Allowed Client Scopes",
1473 "providerId": "allowed-client-templates",
1474 "subType": "anonymous",
1475 "subComponents": {},
1476 "config": {
1477 "allow-default-scopes": [
1478 "true"
1479 ]
1480 }
1481 }
1482 ],
1483 "org.keycloak.keys.KeyProvider": [
1484 {
1485 "id": "9890b674-2409-4e30-95e8-0c66775d0dec",
1486 "name": "rsa-generated",
1487 "providerId": "rsa-generated",
1488 "subComponents": {},
1489 "config": {
1490 "priority": [
1491 "100"
1492 ]
1493 }
1494 },
1495 {
1496 "id": "447f9685-f16b-463c-9ee1-ed1ae487fa06",
1497 "name": "aes-generated",
1498 "providerId": "aes-generated",
1499 "subComponents": {},
1500 "config": {
1501 "priority": [
1502 "100"
1503 ]
1504 }
1505 },
1506 {
1507 "id": "198c0d7e-ee71-4b28-86ab-3cd3b0f45231",
1508 "name": "hmac-generated",
1509 "providerId": "hmac-generated",
1510 "subComponents": {},
1511 "config": {
1512 "priority": [
1513 "100"
1514 ],
1515 "algorithm": [
1516 "HS256"
1517 ]
1518 }
1519 }
1520 ]
1521 },
1522 "internationalizationEnabled": false,
1523 "supportedLocales": [],
1524 "authenticationFlows": [
1525 {
1526 "id": "0ee220ce-108a-409c-83c2-a5686323b9ee",
1527 "alias": "Account verification options",
1528 "description": "Method with which to verity the existing account",
1529 "providerId": "basic-flow",
1530 "topLevel": false,
1531 "builtIn": true,
1532 "authenticationExecutions": [
1533 {
1534 "authenticator": "idp-email-verification",
1535 "requirement": "ALTERNATIVE",
1536 "priority": 10,
1537 "userSetupAllowed": false,
1538 "autheticatorFlow": false
1539 },
1540 {
1541 "requirement": "ALTERNATIVE",
1542 "priority": 20,
1543 "flowAlias": "Verify Existing Account by Re-authentication",
1544 "userSetupAllowed": false,
1545 "autheticatorFlow": true
1546 }
1547 ]
1548 },
1549 {
1550 "id": "d21dab1e-44d5-4e02-ad5d-544ac4fb6c3c",
1551 "alias": "Authentication Options",
1552 "description": "Authentication options.",
1553 "providerId": "basic-flow",
1554 "topLevel": false,
1555 "builtIn": true,
1556 "authenticationExecutions": [
1557 {
1558 "authenticator": "basic-auth",
1559 "requirement": "REQUIRED",
1560 "priority": 10,
1561 "userSetupAllowed": false,
1562 "autheticatorFlow": false
1563 },
1564 {
1565 "authenticator": "basic-auth-otp",
1566 "requirement": "DISABLED",
1567 "priority": 20,
1568 "userSetupAllowed": false,
1569 "autheticatorFlow": false
1570 },
1571 {
1572 "authenticator": "auth-spnego",
1573 "requirement": "DISABLED",
1574 "priority": 30,
1575 "userSetupAllowed": false,
1576 "autheticatorFlow": false
1577 }
1578 ]
1579 },
1580 {
1581 "id": "ec170205-9818-4cd2-9aff-d57c3c47a0a8",
1582 "alias": "Browser - Conditional OTP",
1583 "description": "Flow to determine if the OTP is required for the authentication",
1584 "providerId": "basic-flow",
1585 "topLevel": false,
1586 "builtIn": true,
1587 "authenticationExecutions": [
1588 {
1589 "authenticator": "conditional-user-configured",
1590 "requirement": "REQUIRED",
1591 "priority": 10,
1592 "userSetupAllowed": false,
1593 "autheticatorFlow": false
1594 },
1595 {
1596 "authenticator": "auth-otp-form",
1597 "requirement": "REQUIRED",
1598 "priority": 20,
1599 "userSetupAllowed": false,
1600 "autheticatorFlow": false
1601 }
1602 ]
1603 },
1604 {
1605 "id": "7867cf39-84c1-4061-8d7a-000ffd974a06",
1606 "alias": "Direct Grant - Conditional OTP",
1607 "description": "Flow to determine if the OTP is required for the authentication",
1608 "providerId": "basic-flow",
1609 "topLevel": false,
1610 "builtIn": true,
1611 "authenticationExecutions": [
1612 {
1613 "authenticator": "conditional-user-configured",
1614 "requirement": "REQUIRED",
1615 "priority": 10,
1616 "userSetupAllowed": false,
1617 "autheticatorFlow": false
1618 },
1619 {
1620 "authenticator": "direct-grant-validate-otp",
1621 "requirement": "REQUIRED",
1622 "priority": 20,
1623 "userSetupAllowed": false,
1624 "autheticatorFlow": false
1625 }
1626 ]
1627 },
1628 {
1629 "id": "eb496420-e54b-41e4-abdb-c5179dc345af",
1630 "alias": "First broker login - Conditional OTP",
1631 "description": "Flow to determine if the OTP is required for the authentication",
1632 "providerId": "basic-flow",
1633 "topLevel": false,
1634 "builtIn": true,
1635 "authenticationExecutions": [
1636 {
1637 "authenticator": "conditional-user-configured",
1638 "requirement": "REQUIRED",
1639 "priority": 10,
1640 "userSetupAllowed": false,
1641 "autheticatorFlow": false
1642 },
1643 {
1644 "authenticator": "auth-otp-form",
1645 "requirement": "REQUIRED",
1646 "priority": 20,
1647 "userSetupAllowed": false,
1648 "autheticatorFlow": false
1649 }
1650 ]
1651 },
1652 {
1653 "id": "bbf7a7ae-352b-44f4-83ab-1b3adcc0470c",
1654 "alias": "Handle Existing Account",
1655 "description": "Handle what to do if there is existing account with same email/username like authenticated identity provider",
1656 "providerId": "basic-flow",
1657 "topLevel": false,
1658 "builtIn": true,
1659 "authenticationExecutions": [
1660 {
1661 "authenticator": "idp-confirm-link",
1662 "requirement": "REQUIRED",
1663 "priority": 10,
1664 "userSetupAllowed": false,
1665 "autheticatorFlow": false
1666 },
1667 {
1668 "requirement": "REQUIRED",
1669 "priority": 20,
1670 "flowAlias": "Account verification options",
1671 "userSetupAllowed": false,
1672 "autheticatorFlow": true
1673 }
1674 ]
1675 },
1676 {
1677 "id": "74ec31d4-b70d-45db-817d-998ca47dca3f",
1678 "alias": "Reset - Conditional OTP",
1679 "description": "Flow to determine if the OTP should be reset or not. Set to REQUIRED to force.",
1680 "providerId": "basic-flow",
1681 "topLevel": false,
1682 "builtIn": true,
1683 "authenticationExecutions": [
1684 {
1685 "authenticator": "conditional-user-configured",
1686 "requirement": "REQUIRED",
1687 "priority": 10,
1688 "userSetupAllowed": false,
1689 "autheticatorFlow": false
1690 },
1691 {
1692 "authenticator": "reset-otp",
1693 "requirement": "REQUIRED",
1694 "priority": 20,
1695 "userSetupAllowed": false,
1696 "autheticatorFlow": false
1697 }
1698 ]
1699 },
1700 {
1701 "id": "f0f868e5-da82-4ab3-8a39-4b02417ec001",
1702 "alias": "User creation or linking",
1703 "description": "Flow for the existing/non-existing user alternatives",
1704 "providerId": "basic-flow",
1705 "topLevel": false,
1706 "builtIn": true,
1707 "authenticationExecutions": [
1708 {
1709 "authenticatorConfig": "create unique user config",
1710 "authenticator": "idp-create-user-if-unique",
1711 "requirement": "ALTERNATIVE",
1712 "priority": 10,
1713 "userSetupAllowed": false,
1714 "autheticatorFlow": false
1715 },
1716 {
1717 "requirement": "ALTERNATIVE",
1718 "priority": 20,
1719 "flowAlias": "Handle Existing Account",
1720 "userSetupAllowed": false,
1721 "autheticatorFlow": true
1722 }
1723 ]
1724 },
1725 {
1726 "id": "78059620-abd8-4e1c-97a5-dd25bf456a29",
1727 "alias": "Verify Existing Account by Re-authentication",
1728 "description": "Reauthentication of existing account",
1729 "providerId": "basic-flow",
1730 "topLevel": false,
1731 "builtIn": true,
1732 "authenticationExecutions": [
1733 {
1734 "authenticator": "idp-username-password-form",
1735 "requirement": "REQUIRED",
1736 "priority": 10,
1737 "userSetupAllowed": false,
1738 "autheticatorFlow": false
1739 },
1740 {
1741 "requirement": "CONDITIONAL",
1742 "priority": 20,
1743 "flowAlias": "First broker login - Conditional OTP",
1744 "userSetupAllowed": false,
1745 "autheticatorFlow": true
1746 }
1747 ]
1748 },
1749 {
1750 "id": "158733a4-43f8-4cbc-922d-5017939ad0dc",
1751 "alias": "browser",
1752 "description": "browser based authentication",
1753 "providerId": "basic-flow",
1754 "topLevel": true,
1755 "builtIn": true,
1756 "authenticationExecutions": [
1757 {
1758 "authenticator": "auth-cookie",
1759 "requirement": "ALTERNATIVE",
1760 "priority": 10,
1761 "userSetupAllowed": false,
1762 "autheticatorFlow": false
1763 },
1764 {
1765 "authenticator": "auth-spnego",
1766 "requirement": "DISABLED",
1767 "priority": 20,
1768 "userSetupAllowed": false,
1769 "autheticatorFlow": false
1770 },
1771 {
1772 "authenticator": "identity-provider-redirector",
1773 "requirement": "ALTERNATIVE",
1774 "priority": 25,
1775 "userSetupAllowed": false,
1776 "autheticatorFlow": false
1777 },
1778 {
1779 "requirement": "ALTERNATIVE",
1780 "priority": 30,
1781 "flowAlias": "forms",
1782 "userSetupAllowed": false,
1783 "autheticatorFlow": true
1784 }
1785 ]
1786 },
1787 {
1788 "id": "9027d460-c6c3-49d9-869d-108acba1609c",
1789 "alias": "clients",
1790 "description": "Base authentication for clients",
1791 "providerId": "client-flow",
1792 "topLevel": true,
1793 "builtIn": true,
1794 "authenticationExecutions": [
1795 {
1796 "authenticator": "client-secret",
1797 "requirement": "ALTERNATIVE",
1798 "priority": 10,
1799 "userSetupAllowed": false,
1800 "autheticatorFlow": false
1801 },
1802 {
1803 "authenticator": "client-jwt",
1804 "requirement": "ALTERNATIVE",
1805 "priority": 20,
1806 "userSetupAllowed": false,
1807 "autheticatorFlow": false
1808 },
1809 {
1810 "authenticator": "client-secret-jwt",
1811 "requirement": "ALTERNATIVE",
1812 "priority": 30,
1813 "userSetupAllowed": false,
1814 "autheticatorFlow": false
1815 },
1816 {
1817 "authenticator": "client-x509",
1818 "requirement": "ALTERNATIVE",
1819 "priority": 40,
1820 "userSetupAllowed": false,
1821 "autheticatorFlow": false
1822 }
1823 ]
1824 },
1825 {
1826 "id": "dfb7f7d8-1260-4d25-ac2c-b04b029bc63f",
1827 "alias": "direct grant",
1828 "description": "OpenID Connect Resource Owner Grant",
1829 "providerId": "basic-flow",
1830 "topLevel": true,
1831 "builtIn": true,
1832 "authenticationExecutions": [
1833 {
1834 "authenticator": "direct-grant-validate-username",
1835 "requirement": "REQUIRED",
1836 "priority": 10,
1837 "userSetupAllowed": false,
1838 "autheticatorFlow": false
1839 },
1840 {
1841 "authenticator": "direct-grant-validate-password",
1842 "requirement": "REQUIRED",
1843 "priority": 20,
1844 "userSetupAllowed": false,
1845 "autheticatorFlow": false
1846 },
1847 {
1848 "requirement": "CONDITIONAL",
1849 "priority": 30,
1850 "flowAlias": "Direct Grant - Conditional OTP",
1851 "userSetupAllowed": false,
1852 "autheticatorFlow": true
1853 }
1854 ]
1855 },
1856 {
1857 "id": "58f57ccc-d878-4670-bffa-be9f4754df62",
1858 "alias": "docker auth",
1859 "description": "Used by Docker clients to authenticate against the IDP",
1860 "providerId": "basic-flow",
1861 "topLevel": true,
1862 "builtIn": true,
1863 "authenticationExecutions": [
1864 {
1865 "authenticator": "docker-http-basic-authenticator",
1866 "requirement": "REQUIRED",
1867 "priority": 10,
1868 "userSetupAllowed": false,
1869 "autheticatorFlow": false
1870 }
1871 ]
1872 },
1873 {
1874 "id": "c5d1f9d8-1d25-4654-adf8-0a83f0c98303",
1875 "alias": "first broker login",
1876 "description": "Actions taken after first broker login with identity provider account, which is not yet linked to any Keycloak account",
1877 "providerId": "basic-flow",
1878 "topLevel": true,
1879 "builtIn": true,
1880 "authenticationExecutions": [
1881 {
1882 "authenticatorConfig": "review profile config",
1883 "authenticator": "idp-review-profile",
1884 "requirement": "REQUIRED",
1885 "priority": 10,
1886 "userSetupAllowed": false,
1887 "autheticatorFlow": false
1888 },
1889 {
1890 "requirement": "REQUIRED",
1891 "priority": 20,
1892 "flowAlias": "User creation or linking",
1893 "userSetupAllowed": false,
1894 "autheticatorFlow": true
1895 }
1896 ]
1897 },
1898 {
1899 "id": "84eccfe4-1192-4a02-a5ed-f4ff7a5a1442",
1900 "alias": "forms",
1901 "description": "Username, password, otp and other auth forms.",
1902 "providerId": "basic-flow",
1903 "topLevel": false,
1904 "builtIn": true,
1905 "authenticationExecutions": [
1906 {
1907 "authenticator": "auth-username-password-form",
1908 "requirement": "REQUIRED",
1909 "priority": 10,
1910 "userSetupAllowed": false,
1911 "autheticatorFlow": false
1912 },
1913 {
1914 "requirement": "CONDITIONAL",
1915 "priority": 20,
1916 "flowAlias": "Browser - Conditional OTP",
1917 "userSetupAllowed": false,
1918 "autheticatorFlow": true
1919 }
1920 ]
1921 },
1922 {
1923 "id": "a2f8ce9d-0206-4ea5-b09a-e660e551c2c0",
1924 "alias": "http challenge",
1925 "description": "An authentication flow based on challenge-response HTTP Authentication Schemes",
1926 "providerId": "basic-flow",
1927 "topLevel": true,
1928 "builtIn": true,
1929 "authenticationExecutions": [
1930 {
1931 "authenticator": "no-cookie-redirect",
1932 "requirement": "REQUIRED",
1933 "priority": 10,
1934 "userSetupAllowed": false,
1935 "autheticatorFlow": false
1936 },
1937 {
1938 "requirement": "REQUIRED",
1939 "priority": 20,
1940 "flowAlias": "Authentication Options",
1941 "userSetupAllowed": false,
1942 "autheticatorFlow": true
1943 }
1944 ]
1945 },
1946 {
1947 "id": "112ed8a8-631c-455e-9dbc-34935b74b237",
1948 "alias": "registration",
1949 "description": "registration flow",
1950 "providerId": "basic-flow",
1951 "topLevel": true,
1952 "builtIn": true,
1953 "authenticationExecutions": [
1954 {
1955 "authenticator": "registration-page-form",
1956 "requirement": "REQUIRED",
1957 "priority": 10,
1958 "flowAlias": "registration form",
1959 "userSetupAllowed": false,
1960 "autheticatorFlow": true
1961 }
1962 ]
1963 },
1964 {
1965 "id": "f15cdba2-4e59-4c06-9819-604f9eb811d0",
1966 "alias": "registration form",
1967 "description": "registration form",
1968 "providerId": "form-flow",
1969 "topLevel": false,
1970 "builtIn": true,
1971 "authenticationExecutions": [
1972 {
1973 "authenticator": "registration-user-creation",
1974 "requirement": "REQUIRED",
1975 "priority": 20,
1976 "userSetupAllowed": false,
1977 "autheticatorFlow": false
1978 },
1979 {
1980 "authenticator": "registration-profile-action",
1981 "requirement": "REQUIRED",
1982 "priority": 40,
1983 "userSetupAllowed": false,
1984 "autheticatorFlow": false
1985 },
1986 {
1987 "authenticator": "registration-password-action",
1988 "requirement": "REQUIRED",
1989 "priority": 50,
1990 "userSetupAllowed": false,
1991 "autheticatorFlow": false
1992 },
1993 {
1994 "authenticator": "registration-recaptcha-action",
1995 "requirement": "DISABLED",
1996 "priority": 60,
1997 "userSetupAllowed": false,
1998 "autheticatorFlow": false
1999 }
2000 ]
2001 },
2002 {
2003 "id": "182c33c2-1b63-4a77-bbde-54af459f94b6",
2004 "alias": "reset credentials",
2005 "description": "Reset credentials for a user if they forgot their password or something",
2006 "providerId": "basic-flow",
2007 "topLevel": true,
2008 "builtIn": true,
2009 "authenticationExecutions": [
2010 {
2011 "authenticator": "reset-credentials-choose-user",
2012 "requirement": "REQUIRED",
2013 "priority": 10,
2014 "userSetupAllowed": false,
2015 "autheticatorFlow": false
2016 },
2017 {
2018 "authenticator": "reset-credential-email",
2019 "requirement": "REQUIRED",
2020 "priority": 20,
2021 "userSetupAllowed": false,
2022 "autheticatorFlow": false
2023 },
2024 {
2025 "authenticator": "reset-password",
2026 "requirement": "REQUIRED",
2027 "priority": 30,
2028 "userSetupAllowed": false,
2029 "autheticatorFlow": false
2030 },
2031 {
2032 "requirement": "CONDITIONAL",
2033 "priority": 40,
2034 "flowAlias": "Reset - Conditional OTP",
2035 "userSetupAllowed": false,
2036 "autheticatorFlow": true
2037 }
2038 ]
2039 },
2040 {
2041 "id": "bd4486c6-1f69-45fd-b0c7-cbeeaf9e4f21",
2042 "alias": "saml ecp",
2043 "description": "SAML ECP Profile Authentication Flow",
2044 "providerId": "basic-flow",
2045 "topLevel": true,
2046 "builtIn": true,
2047 "authenticationExecutions": [
2048 {
2049 "authenticator": "http-basic-authenticator",
2050 "requirement": "REQUIRED",
2051 "priority": 10,
2052 "userSetupAllowed": false,
2053 "autheticatorFlow": false
2054 }
2055 ]
2056 }
2057 ],
2058 "authenticatorConfig": [
2059 {
2060 "id": "476c8235-6510-4a4f-ae77-dc711b1792ac",
2061 "alias": "create unique user config",
2062 "config": {
2063 "require.password.update.after.registration": "false"
2064 }
2065 },
2066 {
2067 "id": "6e78f8d6-1611-441a-b0da-df6570583564",
2068 "alias": "review profile config",
2069 "config": {
2070 "update.profile.on.first.login": "missing"
2071 }
2072 }
2073 ],
2074 "requiredActions": [
2075 {
2076 "alias": "CONFIGURE_TOTP",
2077 "name": "Configure OTP",
2078 "providerId": "CONFIGURE_TOTP",
2079 "enabled": true,
2080 "defaultAction": false,
2081 "priority": 10,
2082 "config": {}
2083 },
2084 {
2085 "alias": "terms_and_conditions",
2086 "name": "Terms and Conditions",
2087 "providerId": "terms_and_conditions",
2088 "enabled": false,
2089 "defaultAction": false,
2090 "priority": 20,
2091 "config": {}
2092 },
2093 {
2094 "alias": "UPDATE_PASSWORD",
2095 "name": "Update Password",
2096 "providerId": "UPDATE_PASSWORD",
2097 "enabled": true,
2098 "defaultAction": false,
2099 "priority": 30,
2100 "config": {}
2101 },
2102 {
2103 "alias": "UPDATE_PROFILE",
2104 "name": "Update Profile",
2105 "providerId": "UPDATE_PROFILE",
2106 "enabled": true,
2107 "defaultAction": false,
2108 "priority": 40,
2109 "config": {}
2110 },
2111 {
2112 "alias": "VERIFY_EMAIL",
2113 "name": "Verify Email",
2114 "providerId": "VERIFY_EMAIL",
2115 "enabled": true,
2116 "defaultAction": false,
2117 "priority": 50,
2118 "config": {}
2119 },
2120 {
2121 "alias": "delete_account",
2122 "name": "Delete Account",
2123 "providerId": "delete_account",
2124 "enabled": false,
2125 "defaultAction": false,
2126 "priority": 60,
2127 "config": {}
2128 },
2129 {
2130 "alias": "update_user_locale",
2131 "name": "Update User Locale",
2132 "providerId": "update_user_locale",
2133 "enabled": true,
2134 "defaultAction": false,
2135 "priority": 1000,
2136 "config": {}
2137 }
2138 ],
2139 "browserFlow": "browser",
2140 "registrationFlow": "registration",
2141 "directGrantFlow": "direct grant",
2142 "resetCredentialsFlow": "reset credentials",
2143 "clientAuthenticationFlow": "clients",
2144 "dockerAuthenticationFlow": "docker auth",
2145 "attributes": {
2146 "clientOfflineSessionMaxLifespan": "0",
2147 "clientSessionIdleTimeout": "0",
2148 "clientSessionMaxLifespan": "0",
2149 "clientOfflineSessionIdleTimeout": "0"
2150 },
2151 "keycloakVersion": "12.0.4",
2152 "userManagedAccessAllowed": false
demx8as6b1d591a2022-01-29 16:24:57 +0100[diff] [blame]2153}