This is an automated email from the ASF dual-hosted git repository. yasith pushed a commit to branch cybershuttle-staging in repository https://gitbox.apache.org/repos/asf/airavata.git
commit 8169534a1b129a872697f5ebbe97132c83931733 Author: Krish Katariya <[email protected]> AuthorDate: Thu Mar 27 12:40:55 2025 -0700 ide-integration docker-compose changes * Updating docker-compose.yml file to fix database setup errors and setup keycloak properly on version 24.0.0 * Change volume mount name to db data * Uploaded default-export.json * Updated ports and docker volume name --- .../src/main/containers/docker-compose.yml | 23 +- .../main/containers/keycloak/Default-export.json | 3448 +++++++++++--------- 2 files changed, 1979 insertions(+), 1492 deletions(-) diff --git a/modules/ide-integration/src/main/containers/docker-compose.yml b/modules/ide-integration/src/main/containers/docker-compose.yml index 5e03a9b1f0..344982fed8 100644 --- a/modules/ide-integration/src/main/containers/docker-compose.yml +++ b/modules/ide-integration/src/main/containers/docker-compose.yml @@ -1,18 +1,19 @@ version: '3' services: keycloak: - image: jboss/keycloak:2.5.4.Final + image: quay.io/keycloak/keycloak:24.0.0 environment: - - KEYCLOAK_USER=admin - - KEYCLOAK_PASSWORD=admin + - KEYCLOAK_ADMIN=admin + - KEYCLOAK_ADMIN_PASSWORD=admin ports: - "18080:8080" - "8443:8443" volumes: - - ./keycloak/Default-export.json:/opt/keycloak/Default-export.json - - ../resources/keystores/airavata.jks:/opt/jboss/keycloak/standalone/configuration/keystores/airavata.jks - - ./keycloak/standalone.xml:/opt/jboss/keycloak/standalone/configuration/standalone.xml - command: ["-b", "0.0.0.0", "-Dkeycloak.migration.action=import", "-Dkeycloak.migration.provider=singleFile", "-Dkeycloak.migration.file=/opt/keycloak/Default-export.json", "-Dkeycloak.migration.strategy=OVERWRITE_EXISTING"] + - ./keycloak/Default-export.json:/opt/keycloak/data/import/Default-export.json + command: + - start-dev + - "--import-realm" + - "--hostname-strict=false" db: image: mariadb:10.4.13 environment: @@ -21,9 +22,9 @@ services: - MYSQL_PASSWORD=123456 volumes: - ./database_scripts/init:/docker-entrypoint-initdb.d - - ./database_data:/var/lib/mysql + - database_data:/var/lib/mysql ports: - - "13306:3306" + - "13306:3306" command: ['mysqld', '--character-set-server=utf8mb4', '--collation-server=utf8mb4_unicode_ci', '--sql_mode='] rabbitmq: image: rabbitmq @@ -52,3 +53,7 @@ services: - /tmp:/tmp ports: - "22222:22" + +volumes: + database_data: + driver: local \ No newline at end of file diff --git a/modules/ide-integration/src/main/containers/keycloak/Default-export.json b/modules/ide-integration/src/main/containers/keycloak/Default-export.json index 95e9e256aa..4b2e775f5d 100644 --- a/modules/ide-integration/src/main/containers/keycloak/Default-export.json +++ b/modules/ide-integration/src/main/containers/keycloak/Default-export.json @@ -1,1508 +1,1990 @@ { - "id" : "default", - "realm" : "default", - "notBefore" : 0, - "revokeRefreshToken" : false, - "accessTokenLifespan" : 300, - "accessTokenLifespanForImplicitFlow" : 900, - "ssoSessionIdleTimeout" : 1800, - "ssoSessionMaxLifespan" : 36000, - "offlineSessionIdleTimeout" : 2592000, - "accessCodeLifespan" : 60, - "accessCodeLifespanUserAction" : 300, - "accessCodeLifespanLogin" : 1800, - "enabled" : true, - "sslRequired" : "external", - "registrationAllowed" : false, - "registrationEmailAsUsername" : false, - "rememberMe" : false, - "verifyEmail" : false, - "loginWithEmailAllowed" : true, - "duplicateEmailsAllowed" : false, - "resetPasswordAllowed" : false, - "editUsernameAllowed" : false, - "bruteForceProtected" : false, - "maxFailureWaitSeconds" : 900, - "minimumQuickLoginWaitSeconds" : 60, - "waitIncrementSeconds" : 60, - "quickLoginCheckMilliSeconds" : 1000, - "maxDeltaTimeSeconds" : 43200, - "failureFactor" : 30, - "roles" : { - "realm" : [ { - "id" : "e57cc238-851f-438f-9e3a-fdfe5bf1b01d", - "name" : "admin", - "scopeParamRequired" : false, - "composite" : false, - "clientRole" : false, - "containerId" : "default" - }, { - "id" : "1fc6a378-99fc-4ae4-8cfe-f3e570594fbc", - "name" : "gateway-user", - "scopeParamRequired" : false, - "composite" : false, - "clientRole" : false, - "containerId" : "default" - }, { - "id" : "0058eb76-b61e-4f14-a3de-5377c154e6ce", - "name" : "gateway-provider", - "scopeParamRequired" : false, - "composite" : false, - "clientRole" : false, - "containerId" : "default" - }, { - "id" : "33473891-9fb4-4076-90c3-325b4bdbfe71", - "name" : "user-pending", - "scopeParamRequired" : false, - "composite" : false, - "clientRole" : false, - "containerId" : "default" - }, { - "id" : "4edaec82-9b96-4b04-bbc0-e72b4b028b8f", - "name" : "uma_authorization", - "description" : "${role_uma_authorization}", - "scopeParamRequired" : false, - "composite" : false, - "clientRole" : false, - "containerId" : "default" - }, { - "id" : "3bd559a1-cb42-4326-a211-ebe386abedb8", - "name" : "admin-read-only", - "scopeParamRequired" : false, - "composite" : false, - "clientRole" : false, - "containerId" : "default" - }, { - "id" : "c287cd41-2fa9-4af0-adf4-e1cf8eaed0a1", - "name" : "offline_access", - "description" : "${role_offline-access}", - "scopeParamRequired" : true, - "composite" : false, - "clientRole" : false, - "containerId" : "default" - } ], - "client" : { - "realm-management" : [ { - "id" : "25eeb575-8f30-4c3c-9025-7c49521168a3", - "name" : "view-identity-providers", - "description" : "${role_view-identity-providers}", - "scopeParamRequired" : false, - "composite" : false, - "clientRole" : true, - "containerId" : "444bd287-e88f-4bdf-b806-c1fa1f81de4f" - }, { - "id" : "ae1d8150-4437-4f85-bb2e-a8a12c0be9ef", - "name" : "view-users", - "description" : "${role_view-users}", - "scopeParamRequired" : false, - "composite" : false, - "clientRole" : true, - "containerId" : "444bd287-e88f-4bdf-b806-c1fa1f81de4f" - }, { - "id" : "6c48363c-70d1-4f39-a0b5-d7a34be66705", - "name" : "create-client", - "description" : "${role_create-client}", - "scopeParamRequired" : false, - "composite" : false, - "clientRole" : true, - "containerId" : "444bd287-e88f-4bdf-b806-c1fa1f81de4f" - }, { - "id" : "97be766a-b5cc-422d-82c6-77ccec6cc721", - "name" : "manage-realm", - "description" : "${role_manage-realm}", - "scopeParamRequired" : false, - "composite" : false, - "clientRole" : true, - "containerId" : "444bd287-e88f-4bdf-b806-c1fa1f81de4f" - }, { - "id" : "2425b20b-e233-4b88-9d2d-b487c31a97f2", - "name" : "manage-events", - "description" : "${role_manage-events}", - "scopeParamRequired" : false, - "composite" : false, - "clientRole" : true, - "containerId" : "444bd287-e88f-4bdf-b806-c1fa1f81de4f" - }, { - "id" : "5e0ca9e1-9ae6-49a5-a61e-4ebda609752a", - "name" : "realm-admin", - "description" : "${role_realm-admin}", - "scopeParamRequired" : false, - "composite" : true, - "composites" : { - "client" : { - "realm-management" : [ "view-users", "view-identity-providers", "create-client", "manage-realm", "manage-events", "view-events", "manage-users", "impersonation", "view-authorization", "view-clients", "manage-identity-providers", "manage-clients", "manage-authorization", "view-realm" ] + "id": "afc8036c-62c3-462e-ae10-e1727c4bd8f7", + "realm": "default", + "displayName": "", + "displayNameHtml": "", + "notBefore": 0, + "defaultSignatureAlgorithm": "RS256", + "revokeRefreshToken": false, + "refreshTokenMaxReuse": 0, + "accessTokenLifespan": 7200, + "accessTokenLifespanForImplicitFlow": 3600, + "ssoSessionIdleTimeout": 604800, + "ssoSessionMaxLifespan": 604800, + "ssoSessionIdleTimeoutRememberMe": 0, + "ssoSessionMaxLifespanRememberMe": 0, + "offlineSessionIdleTimeout": 2592000, + "offlineSessionMaxLifespanEnabled": false, + "offlineSessionMaxLifespan": 5184000, + "clientSessionIdleTimeout": 0, + "clientSessionMaxLifespan": 0, + "clientOfflineSessionIdleTimeout": 0, + "clientOfflineSessionMaxLifespan": 0, + "accessCodeLifespan": 60, + "accessCodeLifespanUserAction": 300, + "accessCodeLifespanLogin": 1800, + "actionTokenGeneratedByAdminLifespan": 43200, + "actionTokenGeneratedByUserLifespan": 300, + "oauth2DeviceCodeLifespan": 600, + "oauth2DevicePollingInterval": 5, + "enabled": true, + "sslRequired": "external", + "registrationAllowed": false, + "registrationEmailAsUsername": false, + "rememberMe": false, + "verifyEmail": false, + "loginWithEmailAllowed": true, + "duplicateEmailsAllowed": false, + "resetPasswordAllowed": false, + "editUsernameAllowed": false, + "bruteForceProtected": false, + "permanentLockout": false, + "maxTemporaryLockouts": 0, + "maxFailureWaitSeconds": 900, + "minimumQuickLoginWaitSeconds": 60, + "waitIncrementSeconds": 60, + "quickLoginCheckMilliSeconds": 1000, + "maxDeltaTimeSeconds": 43200, + "failureFactor": 30, + "roles": { + "realm": [ + { + "id": "4cd8497d-db71-41dd-9186-f7df0c22d446", + "name": "gateway-provider", + "description": "", + "composite": false, + "clientRole": false, + "containerId": "afc8036c-62c3-462e-ae10-e1727c4bd8f7", + "attributes": {} + }, + { + "id": "b585e111-f934-43b7-b9c2-cbad0c7dc08a", + "name": "default-roles-10000000", + "description": "${role_default-roles}", + "composite": true, + "composites": { + "realm": [ + "offline_access", + "uma_authorization" + ], + "client": { + "account": [ + "view-profile", + "manage-account" + ] } }, - "clientRole" : true, - "containerId" : "444bd287-e88f-4bdf-b806-c1fa1f81de4f" - }, { - "id" : "0d64c48f-9309-4ed9-a4e9-c18635d4c31b", - "name" : "view-events", - "description" : "${role_view-events}", - "scopeParamRequired" : false, - "composite" : false, - "clientRole" : true, - "containerId" : "444bd287-e88f-4bdf-b806-c1fa1f81de4f" - }, { - "id" : "2a0ec04e-46bf-47e3-9f41-a54c7049bf1c", - "name" : "manage-users", - "description" : "${role_manage-users}", - "scopeParamRequired" : false, - "composite" : false, - "clientRole" : true, - "containerId" : "444bd287-e88f-4bdf-b806-c1fa1f81de4f" - }, { - "id" : "ea3213a8-fdcf-4481-9620-68634705206f", - "name" : "impersonation", - "description" : "${role_impersonation}", - "scopeParamRequired" : false, - "composite" : false, - "clientRole" : true, - "containerId" : "444bd287-e88f-4bdf-b806-c1fa1f81de4f" - }, { - "id" : "279b6454-4e02-4499-a874-e6efb7c35fc7", - "name" : "view-authorization", - "description" : "${role_view-authorization}", - "scopeParamRequired" : false, - "composite" : false, - "clientRole" : true, - "containerId" : "444bd287-e88f-4bdf-b806-c1fa1f81de4f" - }, { - "id" : "7f35f618-9954-4e54-826d-9c8613a6a74d", - "name" : "view-clients", - "description" : "${role_view-clients}", - "scopeParamRequired" : false, - "composite" : false, - "clientRole" : true, - "containerId" : "444bd287-e88f-4bdf-b806-c1fa1f81de4f" - }, { - "id" : "bd937a5a-1f13-4d06-a30c-8993e66a6533", - "name" : "manage-identity-providers", - "description" : "${role_manage-identity-providers}", - "scopeParamRequired" : false, - "composite" : false, - "clientRole" : true, - "containerId" : "444bd287-e88f-4bdf-b806-c1fa1f81de4f" - }, { - "id" : "72b5f596-1d58-42ef-b4bf-79fec573406e", - "name" : "manage-clients", - "description" : "${role_manage-clients}", - "scopeParamRequired" : false, - "composite" : false, - "clientRole" : true, - "containerId" : "444bd287-e88f-4bdf-b806-c1fa1f81de4f" - }, { - "id" : "bc379239-b21b-46fc-8b0b-43c991d825bf", - "name" : "manage-authorization", - "description" : "${role_manage-authorization}", - "scopeParamRequired" : false, - "composite" : false, - "clientRole" : true, - "containerId" : "444bd287-e88f-4bdf-b806-c1fa1f81de4f" - }, { - "id" : "f6d83939-a100-4f4d-9b32-238bf4688bff", - "name" : "view-realm", - "description" : "${role_view-realm}", - "scopeParamRequired" : false, - "composite" : false, - "clientRole" : true, - "containerId" : "444bd287-e88f-4bdf-b806-c1fa1f81de4f" - } ], - "security-admin-console" : [ ], - "admin-cli" : [ ], - "pga" : [ { - "id" : "5b99936c-2625-4824-9a44-0fd70382c46f", - "name" : "uma_protection", - "scopeParamRequired" : false, - "composite" : false, - "clientRole" : true, - "containerId" : "d91304eb-aaa7-4c21-a3bd-7d525a88756f" - } ], - "broker" : [ { - "id" : "3ae3efa0-3a7d-4eac-b13e-eb0a6f018ec9", - "name" : "read-token", - "description" : "${role_read-token}", - "scopeParamRequired" : false, - "composite" : false, - "clientRole" : true, - "containerId" : "9d167524-4ff0-40d0-9beb-3fd1dd6c61b5" - } ], - "account" : [ { - "id" : "737745c4-d179-414b-b5a3-bfb9bb7e3d13", - "name" : "manage-account", - "description" : "${role_manage-account}", - "scopeParamRequired" : false, - "composite" : false, - "clientRole" : true, - "containerId" : "6b0b6755-6e5f-4f38-b78a-be79208be58e" - }, { - "id" : "c918eba7-f2d1-48e3-b3a5-492569936317", - "name" : "view-profile", - "description" : "${role_view-profile}", - "scopeParamRequired" : false, - "composite" : false, - "clientRole" : true, - "containerId" : "6b0b6755-6e5f-4f38-b78a-be79208be58e" - } ] + "clientRole": false, + "containerId": "afc8036c-62c3-462e-ae10-e1727c4bd8f7", + "attributes": {} + }, + { + "id": "420f07dc-c07c-4ea8-bf56-f6adf3f2bbc7", + "name": "uma_authorization", + "description": "${role_uma_authorization}", + "composite": false, + "clientRole": false, + "containerId": "afc8036c-62c3-462e-ae10-e1727c4bd8f7", + "attributes": {} + }, + { + "id": "61fafc5e-96fc-4644-98a9-94f9baf654e6", + "name": "admin", + "description": "", + "composite": false, + "clientRole": false, + "containerId": "afc8036c-62c3-462e-ae10-e1727c4bd8f7", + "attributes": {} + }, + { + "id": "1f03206b-d918-491b-a33f-ee96147b310d", + "name": "admin-read-only", + "description": "", + "composite": false, + "clientRole": false, + "containerId": "afc8036c-62c3-462e-ae10-e1727c4bd8f7", + "attributes": {} + }, + { + "id": "3f7e69dc-75d4-4388-8a34-e82d32071dc9", + "name": "offline_access", + "description": "${role_offline-access}", + "composite": false, + "clientRole": false, + "containerId": "afc8036c-62c3-462e-ae10-e1727c4bd8f7", + "attributes": {} + }, + { + "id": "ebb21957-06c9-4350-9157-576b10cc8761", + "name": "user-pending", + "description": "", + "composite": false, + "clientRole": false, + "containerId": "afc8036c-62c3-462e-ae10-e1727c4bd8f7", + "attributes": {} + }, + { + "id": "a2acdfe6-eb2a-4104-bb6a-be961e380d97", + "name": "gateway-user", + "description": "", + "composite": false, + "clientRole": false, + "containerId": "afc8036c-62c3-462e-ae10-e1727c4bd8f7", + "attributes": {} + } + ], + "client": { + "pga": [ + { + "id": "d8d76309-d081-4159-b2cd-d9ca93eb7d02", + "name": "uma_protection", + "composite": false, + "clientRole": true, + "containerId": "5e2398e0-3498-4da3-9262-4f2dcc7448fa", + "attributes": {} + }, + { + "id": "f8051cd8-10cb-44e6-8826-d323daa236d1", + "name": "gateway-provider", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "5e2398e0-3498-4da3-9262-4f2dcc7448fa", + "attributes": {} + }, + { + "id": "fb2c5f47-09e2-4f4b-b858-625f3c5442cd", + "name": "user-pending", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "5e2398e0-3498-4da3-9262-4f2dcc7448fa", + "attributes": {} + }, + { + "id": "c7d75283-b7c3-4b93-8804-9ce55bccf74c", + "name": "admin", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "5e2398e0-3498-4da3-9262-4f2dcc7448fa", + "attributes": {} + }, + { + "id": "da796582-cbf2-4b23-a31d-5fc9b4010bb0", + "name": "admin-read-only", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "5e2398e0-3498-4da3-9262-4f2dcc7448fa", + "attributes": {} + }, + { + "id": "42660438-3a37-466f-b748-d25a25ff9082", + "name": "gateway-user", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "5e2398e0-3498-4da3-9262-4f2dcc7448fa", + "attributes": {} + } + ] } }, - "groups" : [ ], - "defaultRoles" : [ "uma_authorization", "offline_access" ], - "requiredCredentials" : [ "password" ], - "passwordPolicy" : "hashIterations(20000)", - "otpPolicyType" : "totp", - "otpPolicyAlgorithm" : "HmacSHA1", - "otpPolicyInitialCounter" : 0, - "otpPolicyDigits" : 6, - "otpPolicyLookAheadWindow" : 1, - "otpPolicyPeriod" : 30, - "users" : [ { - "id" : "dcc21374-79ff-4f9f-b895-a6f6a35554bf", - "createdTimestamp" : 1521560049031, - "username" : "default-admin", - "enabled" : true, - "totp" : false, - "emailVerified" : true, - "firstName" : "dim", - "lastName" : "Upe", - "email" : "[email protected]", - "credentials" : [ { - "type" : "password", - "hashedSaltedValue" : "z8nHFEg9ZRGRsKAx3EE6yJPnzI7+a8qxVKgMI0pZo+WzFKKkPVR+rIrJv32Ht+dROjaT9DBRUJVe5J01oHo6PQ==", - "salt" : "DyQ22650v7+xdd1KxHa96A==", - "hashIterations" : 20000, - "counter" : 0, - "algorithm" : "pbkdf2", - "digits" : 0, - "period" : 0, - "createdDate" : 1521560064798, - "config" : { } - } ], - "disableableCredentialTypes" : [ "password" ], - "requiredActions" : [ ], - "realmRoles" : [ "admin", "uma_authorization", "offline_access" ], - "clientRoles" : { - "realm-management" : [ "create-client", "manage-realm", "manage-events", "realm-admin", "manage-users", "impersonation", "manage-identity-providers", "manage-clients", "manage-authorization" ], - "account" : [ "view-profile", "manage-account" ] - }, - "groups" : [ ] - }, { - "id" : "03b635cf-bc43-45c5-9cbf-191a90b1ee87", - "createdTimestamp" : 1521559886114, - "username" : "service-account-pga", - "enabled" : true, - "totp" : false, - "emailVerified" : false, - "email" : "[email protected]", - "serviceAccountClientId" : "pga", - "credentials" : [ ], - "disableableCredentialTypes" : [ ], - "requiredActions" : [ ], - "realmRoles" : [ "uma_authorization", "offline_access" ], - "clientRoles" : { - "realm-management" : [ "create-client", "manage-realm", "manage-events", "realm-admin", "manage-users", "impersonation", "manage-identity-providers", "manage-clients", "manage-authorization" ], - "pga" : [ "uma_protection" ], - "account" : [ "view-profile", "manage-account" ] - }, - "groups" : [ ] - } ], - "clientScopeMappings" : { - "realm-management" : [ { - "client" : "admin-cli", - "roles" : [ "realm-admin" ] - }, { - "client" : "security-admin-console", - "roles" : [ "realm-admin" ] - } ] + "groups": [], + "defaultRole": { + "id": "b585e111-f934-43b7-b9c2-cbad0c7dc08a", + "name": "default-roles-10000000", + "description": "${role_default-roles}", + "composite": true, + "clientRole": false, + "containerId": "afc8036c-62c3-462e-ae10-e1727c4bd8f7" }, - "clients" : [ { - "id" : "6b0b6755-6e5f-4f38-b78a-be79208be58e", - "clientId" : "account", - "name" : "${client_account}", - "baseUrl" : "/auth/realms/default/account", - "surrogateAuthRequired" : false, - "enabled" : true, - "clientAuthenticatorType" : "client-secret", - "secret" : "7c020384-8beb-4b0d-8b6b-13b5fb976349", - "defaultRoles" : [ "manage-account", "view-profile" ], - "redirectUris" : [ "/auth/realms/default/account/*" ], - "webOrigins" : [ ], - "notBefore" : 0, - "bearerOnly" : false, - "consentRequired" : false, - "standardFlowEnabled" : true, - "implicitFlowEnabled" : false, - "directAccessGrantsEnabled" : false, - "serviceAccountsEnabled" : false, - "publicClient" : false, - "frontchannelLogout" : false, - "attributes" : { }, - "fullScopeAllowed" : false, - "nodeReRegistrationTimeout" : 0, - "protocolMappers" : [ { - "id" : "acb04784-f725-4707-a0f3-5ef026a0452f", - "name" : "username", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-usermodel-property-mapper", - "consentRequired" : true, - "consentText" : "${username}", - "config" : { - "userinfo.token.claim" : "true", - "user.attribute" : "username", - "id.token.claim" : "true", - "access.token.claim" : "true", - "claim.name" : "preferred_username", - "jsonType.label" : "String" - } - }, { - "id" : "9c98c619-0112-4b32-9244-42e62c8b7fd8", - "name" : "full name", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-full-name-mapper", - "consentRequired" : true, - "consentText" : "${fullName}", - "config" : { - "id.token.claim" : "true", - "access.token.claim" : "true" - } - }, { - "id" : "81028b13-e742-4424-951c-78a360cd135c", - "name" : "family name", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-usermodel-property-mapper", - "consentRequired" : true, - "consentText" : "${familyName}", - "config" : { - "userinfo.token.claim" : "true", - "user.attribute" : "lastName", - "id.token.claim" : "true", - "access.token.claim" : "true", - "claim.name" : "family_name", - "jsonType.label" : "String" - } - }, { - "id" : "fa4e2f31-68d2-427a-a650-00b36a507c21", - "name" : "given name", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-usermodel-property-mapper", - "consentRequired" : true, - "consentText" : "${givenName}", - "config" : { - "userinfo.token.claim" : "true", - "user.attribute" : "firstName", - "id.token.claim" : "true", - "access.token.claim" : "true", - "claim.name" : "given_name", - "jsonType.label" : "String" - } - }, { - "id" : "66c52b74-a51b-4250-bc51-988af6e8e189", - "name" : "email", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-usermodel-property-mapper", - "consentRequired" : true, - "consentText" : "${email}", - "config" : { - "userinfo.token.claim" : "true", - "user.attribute" : "email", - "id.token.claim" : "true", - "access.token.claim" : "true", - "claim.name" : "email", - "jsonType.label" : "String" - } - }, { - "id" : "7aad501b-e92b-4097-b9ec-6b64394ea98b", - "name" : "role list", - "protocol" : "saml", - "protocolMapper" : "saml-role-list-mapper", - "consentRequired" : false, - "config" : { - "single" : "false", - "attribute.nameformat" : "Basic", - "attribute.name" : "Role" - } - } ], - "useTemplateConfig" : false, - "useTemplateScope" : false, - "useTemplateMappers" : false - }, { - "id" : "5bbd77f4-a98e-49e6-a97a-09be34fd34dc", - "clientId" : "admin-cli", - "name" : "${client_admin-cli}", - "surrogateAuthRequired" : false, - "enabled" : true, - "clientAuthenticatorType" : "client-secret", - "secret" : "384ad67c-1d4c-4952-af98-2a9a9f0bf672", - "redirectUris" : [ ], - "webOrigins" : [ ], - "notBefore" : 0, - "bearerOnly" : false, - "consentRequired" : false, - "standardFlowEnabled" : false, - "implicitFlowEnabled" : false, - "directAccessGrantsEnabled" : true, - "serviceAccountsEnabled" : false, - "publicClient" : true, - "frontchannelLogout" : false, - "attributes" : { }, - "fullScopeAllowed" : false, - "nodeReRegistrationTimeout" : 0, - "protocolMappers" : [ { - "id" : "3df9d992-a422-481a-bc5e-ef52741346e4", - "name" : "role list", - "protocol" : "saml", - "protocolMapper" : "saml-role-list-mapper", - "consentRequired" : false, - "config" : { - "single" : "false", - "attribute.nameformat" : "Basic", - "attribute.name" : "Role" - } - }, { - "id" : "3ea8fbae-2d92-4e1e-bf7e-f8d63b78c665", - "name" : "given name", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-usermodel-property-mapper", - "consentRequired" : true, - "consentText" : "${givenName}", - "config" : { - "userinfo.token.claim" : "true", - "user.attribute" : "firstName", - "id.token.claim" : "true", - "access.token.claim" : "true", - "claim.name" : "given_name", - "jsonType.label" : "String" - } - }, { - "id" : "6e13db11-02be-473e-8fda-805a90c07b38", - "name" : "family name", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-usermodel-property-mapper", - "consentRequired" : true, - "consentText" : "${familyName}", - "config" : { - "userinfo.token.claim" : "true", - "user.attribute" : "lastName", - "id.token.claim" : "true", - "access.token.claim" : "true", - "claim.name" : "family_name", - "jsonType.label" : "String" - } - }, { - "id" : "a5de4a6a-8835-4924-bf92-457b8afc9ce9", - "name" : "full name", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-full-name-mapper", - "consentRequired" : true, - "consentText" : "${fullName}", - "config" : { - "id.token.claim" : "true", - "access.token.claim" : "true" - } - }, { - "id" : "43f531b4-1b1d-4663-a7c5-f4140a8699b3", - "name" : "username", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-usermodel-property-mapper", - "consentRequired" : true, - "consentText" : "${username}", - "config" : { - "userinfo.token.claim" : "true", - "user.attribute" : "username", - "id.token.claim" : "true", - "access.token.claim" : "true", - "claim.name" : "preferred_username", - "jsonType.label" : "String" - } - }, { - "id" : "64508175-b6b9-4f48-929d-9a7e2a144eed", - "name" : "email", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-usermodel-property-mapper", - "consentRequired" : true, - "consentText" : "${email}", - "config" : { - "userinfo.token.claim" : "true", - "user.attribute" : "email", - "id.token.claim" : "true", - "access.token.claim" : "true", - "claim.name" : "email", - "jsonType.label" : "String" - } - } ], - "useTemplateConfig" : false, - "useTemplateScope" : false, - "useTemplateMappers" : false - }, { - "id" : "9d167524-4ff0-40d0-9beb-3fd1dd6c61b5", - "clientId" : "broker", - "name" : "${client_broker}", - "surrogateAuthRequired" : false, - "enabled" : true, - "clientAuthenticatorType" : "client-secret", - "secret" : "a2ca00a3-d2d9-4647-9ad0-e52e59644bef", - "redirectUris" : [ ], - "webOrigins" : [ ], - "notBefore" : 0, - "bearerOnly" : false, - "consentRequired" : false, - "standardFlowEnabled" : true, - "implicitFlowEnabled" : false, - "directAccessGrantsEnabled" : false, - "serviceAccountsEnabled" : false, - "publicClient" : false, - "frontchannelLogout" : false, - "attributes" : { }, - "fullScopeAllowed" : false, - "nodeReRegistrationTimeout" : 0, - "protocolMappers" : [ { - "id" : "dcb271f7-326f-4108-b628-9f328bb6e0ca", - "name" : "full name", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-full-name-mapper", - "consentRequired" : true, - "consentText" : "${fullName}", - "config" : { - "id.token.claim" : "true", - "access.token.claim" : "true" - } - }, { - "id" : "355de467-08d5-4742-87f4-18d950e2662b", - "name" : "given name", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-usermodel-property-mapper", - "consentRequired" : true, - "consentText" : "${givenName}", - "config" : { - "userinfo.token.claim" : "true", - "user.attribute" : "firstName", - "id.token.claim" : "true", - "access.token.claim" : "true", - "claim.name" : "given_name", - "jsonType.label" : "String" - } - }, { - "id" : "8e642aca-e044-40c3-a154-08b41c47f87d", - "name" : "email", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-usermodel-property-mapper", - "consentRequired" : true, - "consentText" : "${email}", - "config" : { - "userinfo.token.claim" : "true", - "user.attribute" : "email", - "id.token.claim" : "true", - "access.token.claim" : "true", - "claim.name" : "email", - "jsonType.label" : "String" - } - }, { - "id" : "c3c3d79c-8b7f-44db-8886-050bfe1be7ce", - "name" : "family name", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-usermodel-property-mapper", - "consentRequired" : true, - "consentText" : "${familyName}", - "config" : { - "userinfo.token.claim" : "true", - "user.attribute" : "lastName", - "id.token.claim" : "true", - "access.token.claim" : "true", - "claim.name" : "family_name", - "jsonType.label" : "String" - } - }, { - "id" : "172c3f41-0346-44bb-9149-cdb7af510f54", - "name" : "role list", - "protocol" : "saml", - "protocolMapper" : "saml-role-list-mapper", - "consentRequired" : false, - "config" : { - "single" : "false", - "attribute.nameformat" : "Basic", - "attribute.name" : "Role" - } - }, { - "id" : "acad670c-0565-4c4a-ada8-93b9315cd1e6", - "name" : "username", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-usermodel-property-mapper", - "consentRequired" : true, - "consentText" : "${username}", - "config" : { - "userinfo.token.claim" : "true", - "user.attribute" : "username", - "id.token.claim" : "true", - "access.token.claim" : "true", - "claim.name" : "preferred_username", - "jsonType.label" : "String" + "requiredCredentials": [ + "password" + ], + "otpPolicyType": "totp", + "otpPolicyAlgorithm": "HmacSHA1", + "otpPolicyInitialCounter": 0, + "otpPolicyDigits": 6, + "otpPolicyLookAheadWindow": 1, + "otpPolicyPeriod": 30, + "otpPolicyCodeReusable": false, + "otpSupportedApplications": [ + "totpAppFreeOTPName", + "totpAppGoogleName", + "totpAppMicrosoftAuthenticatorName" + ], + "webAuthnPolicyRpEntityName": "keycloak", + "webAuthnPolicySignatureAlgorithms": [ + "ES256" + ], + "webAuthnPolicyRpId": "", + "webAuthnPolicyAttestationConveyancePreference": "not specified", + "webAuthnPolicyAuthenticatorAttachment": "not specified", + "webAuthnPolicyRequireResidentKey": "not specified", + "webAuthnPolicyUserVerificationRequirement": "not specified", + "webAuthnPolicyCreateTimeout": 0, + "webAuthnPolicyAvoidSameAuthenticatorRegister": false, + "webAuthnPolicyAcceptableAaguids": [], + "webAuthnPolicyExtraOrigins": [], + "webAuthnPolicyPasswordlessRpEntityName": "keycloak", + "webAuthnPolicyPasswordlessSignatureAlgorithms": [ + "ES256" + ], + "webAuthnPolicyPasswordlessRpId": "", + "webAuthnPolicyPasswordlessAttestationConveyancePreference": "not specified", + "webAuthnPolicyPasswordlessAuthenticatorAttachment": "not specified", + "webAuthnPolicyPasswordlessRequireResidentKey": "not specified", + "webAuthnPolicyPasswordlessUserVerificationRequirement": "not specified", + "webAuthnPolicyPasswordlessCreateTimeout": 0, + "webAuthnPolicyPasswordlessAvoidSameAuthenticatorRegister": false, + "webAuthnPolicyPasswordlessAcceptableAaguids": [], + "webAuthnPolicyPasswordlessExtraOrigins": [], + "users": [ + { + "id": "e9d5a7b9-c093-4916-a331-12fbc9101c70", + "username": "service-account-pga", + "emailVerified": false, + "createdTimestamp": 1726317784923, + "enabled": true, + "totp": false, + "serviceAccountClientId": "pga", + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-10000000" + ], + "clientRoles": { + "realm-management": [ + "manage-users" + ], + "pga": [ + "uma_protection" + ] + }, + "notBefore": 0, + "groups": [] + } + ], + "scopeMappings": [ + { + "clientScope": "offline_access", + "roles": [ + "offline_access" + ] + } + ], + "clientScopeMappings": { + "account": [ + { + "client": "account-console", + "roles": [ + "manage-account", + "view-groups" + ] } - } ], - "useTemplateConfig" : false, - "useTemplateScope" : false, - "useTemplateMappers" : false - }, { - "id" : "d91304eb-aaa7-4c21-a3bd-7d525a88756f", - "clientId" : "pga", - "surrogateAuthRequired" : false, - "enabled" : true, - "clientAuthenticatorType" : "client-secret", - "secret" : "9790c8c4-7d9b-4ccc-a820-ca5aac38d2ad", - "redirectUris" : [ "http://localhost:8008";, "http://airavata.host:8008"; ], - "webOrigins" : [ ], - "notBefore" : 0, - "bearerOnly" : false, - "consentRequired" : false, - "standardFlowEnabled" : true, - "implicitFlowEnabled" : false, - "directAccessGrantsEnabled" : true, - "serviceAccountsEnabled" : true, - "authorizationServicesEnabled" : true, - "publicClient" : false, - "frontchannelLogout" : false, - "protocol" : "openid-connect", - "attributes" : { - "saml.assertion.signature" : "false", - "saml.force.post.binding" : "false", - "saml.multivalued.roles" : "false", - "saml.encrypt" : "false", - "saml_force_name_id_format" : "false", - "saml.client.signature" : "false", - "saml.authnstatement" : "false", - "saml.server.signature" : "false", - "saml.server.signature.keyinfo.ext" : "false" + ] + }, + "clients": [ + { + "id": "5e2398e0-3498-4da3-9262-4f2dcc7448fa", + "clientId": "pga", + "name": "Airavata Client", + "description": "Client For Airavata Services", + "rootUrl": "", + "adminUrl": "", + "baseUrl": "", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "9790c8c4-7d9b-4ccc-a820-ca5aac38d2ad", + "redirectUris": [ + "http://airavata.host:8008/callback-url";, + "http://localhost/callback-url";, + "https://airavata.host/callback-url";, + "https://airavata.host/";, + "https://airavata.host/auth/callback*"; + ], + "webOrigins": [ + "https://gateway.airavata.host";, + "*" + ], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": true, + "serviceAccountsEnabled": true, + "authorizationServicesEnabled": true, + "publicClient": false, + "frontchannelLogout": true, + "protocol": "openid-connect", + "attributes": { + "oidc.ciba.grant.enabled": "false", + "client.secret.creation.time": "1726317784", + "backchannel.logout.session.required": "true", + "display.on.consent.screen": "false", + "oauth2.device.authorization.grant.enabled": "true", + "backchannel.logout.revoke.offline.tokens": "false" + }, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "f15a7de0-0c1e-40d8-bd05-c1aaf0deb3e1", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "introspection.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + }, + { + "id": "a0956d0b-e5c4-4d9a-aebf-89efa6881438", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "client_id", + "introspection.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "client_id", + "jsonType.label": "String" + } + }, + { + "id": "6863299e-7d4f-43f4-8d0e-fc8cd4a8ceac", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "introspection.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "acr", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "preferred_username", + "microprofile-jwt" + ] + } + ], + "clientScopes": [ + { + "id": "a8292b23-f927-4a5c-a432-2f0ae8867105", + "name": "roles", + "description": "OpenID Connect scope for add user roles to the access token", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "false", + "display.on.consent.screen": "true", + "consent.screen.text": "${rolesScopeConsentText}" + }, + "protocolMappers": [ + { + "id": "bfd13362-6c5d-405c-b7c0-bd37063ca9f9", + "name": "client roles", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-client-role-mapper", + "consentRequired": false, + "config": { + "introspection.token.claim": "true", + "multivalued": "true", + "user.attribute": "foo", + "access.token.claim": "true", + "claim.name": "resource_access.${client_id}.roles", + "jsonType.label": "String" + } + }, + { + "id": "be26563f-80a7-43d7-bf9f-d71205ec53be", + "name": "audience resolve", + "protocol": "openid-connect", + "protocolMapper": "oidc-audience-resolve-mapper", + "consentRequired": false, + "config": { + "access.token.claim": "true", + "introspection.token.claim": "true" + } + }, + { + "id": "9565b5e4-dfbb-43bc-aa8d-3e845c188669", + "name": "realm roles", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-realm-role-mapper", + "consentRequired": false, + "config": { + "introspection.token.claim": "true", + "multivalued": "true", + "user.attribute": "foo", + "access.token.claim": "true", + "claim.name": "realm_access.roles", + "jsonType.label": "String" + } + } + ] }, - "fullScopeAllowed" : true, - "nodeReRegistrationTimeout" : -1, - "protocolMappers" : [ { - "id" : "63bfb4d1-6721-4b30-be12-9524f33ca5d6", - "name" : "given name", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-usermodel-property-mapper", - "consentRequired" : true, - "consentText" : "${givenName}", - "config" : { - "userinfo.token.claim" : "true", - "user.attribute" : "firstName", - "id.token.claim" : "true", - "access.token.claim" : "true", - "claim.name" : "given_name", - "jsonType.label" : "String" - } - }, { - "id" : "e1563941-e46b-47df-ac80-ad9ebe4b4a1c", - "name" : "full name", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-full-name-mapper", - "consentRequired" : true, - "consentText" : "${fullName}", - "config" : { - "id.token.claim" : "true", - "access.token.claim" : "true" - } - }, { - "id" : "ea351bc5-0d40-42e8-b915-76bb9146725c", - "name" : "Client IP Address", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-usersessionmodel-note-mapper", - "consentRequired" : false, - "consentText" : "", - "config" : { - "user.session.note" : "clientAddress", - "id.token.claim" : "true", - "access.token.claim" : "true", - "claim.name" : "clientAddress", - "jsonType.label" : "String" - } - }, { - "id" : "8e2d75f2-0cbe-40c0-bc64-4e26492d3ddb", - "name" : "family name", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-usermodel-property-mapper", - "consentRequired" : true, - "consentText" : "${familyName}", - "config" : { - "userinfo.token.claim" : "true", - "user.attribute" : "lastName", - "id.token.claim" : "true", - "access.token.claim" : "true", - "claim.name" : "family_name", - "jsonType.label" : "String" - } - }, { - "id" : "f0310a3c-718c-4e6a-9a78-b1c78c53c7e8", - "name" : "username", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-usermodel-property-mapper", - "consentRequired" : true, - "consentText" : "${username}", - "config" : { - "userinfo.token.claim" : "true", - "user.attribute" : "username", - "id.token.claim" : "true", - "access.token.claim" : "true", - "claim.name" : "preferred_username", - "jsonType.label" : "String" - } - }, { - "id" : "2fa4d469-c87f-4af1-8dfa-94b7389d6d41", - "name" : "Client Host", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-usersessionmodel-note-mapper", - "consentRequired" : false, - "consentText" : "", - "config" : { - "user.session.note" : "clientHost", - "id.token.claim" : "true", - "access.token.claim" : "true", - "claim.name" : "clientHost", - "jsonType.label" : "String" - } - }, { - "id" : "b78030a3-90f0-41fe-8490-0b0e94d24019", - "name" : "Client ID", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-usersessionmodel-note-mapper", - "consentRequired" : false, - "consentText" : "", - "config" : { - "user.session.note" : "clientId", - "id.token.claim" : "true", - "access.token.claim" : "true", - "claim.name" : "clientId", - "jsonType.label" : "String" - } - }, { - "id" : "adc877a6-20cc-43e4-8716-28210a7579b7", - "name" : "role list", - "protocol" : "saml", - "protocolMapper" : "saml-role-list-mapper", - "consentRequired" : false, - "config" : { - "single" : "false", - "attribute.nameformat" : "Basic", - "attribute.name" : "Role" - } - }, { - "id" : "bce95330-6b57-42a0-92b5-9b20bb826c93", - "name" : "email", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-usermodel-property-mapper", - "consentRequired" : true, - "consentText" : "${email}", - "config" : { - "userinfo.token.claim" : "true", - "user.attribute" : "email", - "id.token.claim" : "true", - "access.token.claim" : "true", - "claim.name" : "email", - "jsonType.label" : "String" + { + "id": "34779656-fdf3-41c5-a963-d1e2b533b8f0", + "name": "phone", + "description": "OpenID Connect built-in scope: phone", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "true", + "consent.screen.text": "${phoneScopeConsentText}" + }, + "protocolMappers": [ + { + "id": "6d5c53bd-a91a-4066-baba-52de991b5d53", + "name": "phone number", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "introspection.token.claim": "true", + "userinfo.token.claim": "true", + "user.attribute": "phoneNumber", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "phone_number", + "jsonType.label": "String" + } + }, + { + "id": "a4f0d91a-e59e-4794-b71c-726413ba5be8", + "name": "phone number verified", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "introspection.token.claim": "true", + "userinfo.token.claim": "true", + "user.attribute": "phoneNumberVerified", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "phone_number_verified", + "jsonType.label": "boolean" + } + } + ] + }, + { + "id": "8240c399-c132-49a0-8e41-48266e89b2ce", + "name": "address", + "description": "OpenID Connect built-in scope: address", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "true", + "consent.screen.text": "${addressScopeConsentText}" + }, + "protocolMappers": [ + { + "id": "cbd43ec1-4467-4148-a435-081cd1c0d161", + "name": "address", + "protocol": "openid-connect", + "protocolMapper": "oidc-address-mapper", + "consentRequired": false, + "config": { + "user.attribute.formatted": "formatted", + "user.attribute.country": "country", + "introspection.token.claim": "true", + "user.attribute.postal_code": "postal_code", + "userinfo.token.claim": "true", + "user.attribute.street": "street", + "id.token.claim": "true", + "user.attribute.region": "region", + "access.token.claim": "true", + "user.attribute.locality": "locality" + } + } + ] + }, + { + "id": "7d17e91f-6691-4f1d-9f6c-7a6a7ae0b5ae", + "name": "email", + "description": "OpenID Connect built-in scope: email", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "true", + "consent.screen.text": "${emailScopeConsentText}" + }, + "protocolMappers": [ + { + "id": "c0d4e90d-2c57-4ed5-9e82-01a6d1d16cf0", + "name": "email", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "introspection.token.claim": "true", + "userinfo.token.claim": "true", + "user.attribute": "email", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "email", + "jsonType.label": "String" + } + }, + { + "id": "c7e78134-c7dd-45a9-a921-cc5dbdc9fc68", + "name": "email verified", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "introspection.token.claim": "true", + "userinfo.token.claim": "true", + "user.attribute": "emailVerified", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "email_verified", + "jsonType.label": "boolean" + } + } + ] + }, + { + "id": "c0509e2e-01ae-49d6-8d24-0e86628a85aa", + "name": "preferred_username", + "description": "preferred_username", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "true", + "gui.order": "", + "consent.screen.text": "" + }, + "protocolMappers": [ + { + "id": "e56aa26c-4614-43bb-a96b-56c1ad959e45", + "name": "email", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "introspection.token.claim": "true", + "userinfo.token.claim": "true", + "user.attribute": "email", + "id.token.claim": "true", + "lightweight.claim": "false", + "access.token.claim": "true", + "claim.name": "email", + "jsonType.label": "String" + } + }, + { + "id": "b50ae18b-52e8-44f6-ad4d-ad596de89cfd", + "name": "username", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "introspection.token.claim": "true", + "userinfo.token.claim": "true", + "user.attribute": "username", + "id.token.claim": "true", + "lightweight.claim": "false", + "access.token.claim": "true", + "claim.name": "preferred_username", + "jsonType.label": "String" + } + }, + { + "id": "0a93294b-2a7c-4098-af47-4faaa535c8d4", + "name": "ClientId", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "introspection.token.claim": "true", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "lightweight.claim": "false", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String", + "access.tokenResponse.claim": "false" + } + }, + { + "id": "37b8b958-2396-4e2c-871c-f56f6ad393aa", + "name": "family name", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "introspection.token.claim": "true", + "userinfo.token.claim": "true", + "user.attribute": "lastName", + "id.token.claim": "true", + "lightweight.claim": "false", + "access.token.claim": "true", + "claim.name": "family_name", + "jsonType.label": "String" + } + }, + { + "id": "d779bc1f-5c49-46c6-ae84-1d9e419984ba", + "name": "given name", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "introspection.token.claim": "true", + "userinfo.token.claim": "true", + "user.attribute": "firstName", + "id.token.claim": "true", + "lightweight.claim": "false", + "access.token.claim": "true", + "claim.name": "given_name", + "jsonType.label": "String" + } + }, + { + "id": "75c6a588-0993-446e-90e0-52046505959e", + "name": "full name", + "protocol": "openid-connect", + "protocolMapper": "oidc-full-name-mapper", + "consentRequired": false, + "config": { + "id.token.claim": "true", + "lightweight.claim": "false", + "access.token.claim": "true", + "introspection.token.claim": "true", + "userinfo.token.claim": "false" + } + } + ] + }, + { + "id": "33b54357-7cdd-494c-9806-6e6d59f6af69", + "name": "role_list", + "description": "SAML role list", + "protocol": "saml", + "attributes": { + "consent.screen.text": "${samlRoleListScopeConsentText}", + "display.on.consent.screen": "true" + }, + "protocolMappers": [ + { + "id": "c56cb073-719d-4f74-8a23-b2105804ee80", + "name": "role list", + "protocol": "saml", + "protocolMapper": "saml-role-list-mapper", + "consentRequired": false, + "config": { + "single": "false", + "attribute.nameformat": "Basic", + "attribute.name": "Role" + } + } + ] + }, + { + "id": "658e931d-3b55-464e-b199-48e9b43f9c3f", + "name": "profile", + "description": "OpenID Connect built-in scope: profile", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "true", + "consent.screen.text": "${profileScopeConsentText}" + }, + "protocolMappers": [ + { + "id": "a352424d-d48b-4e7e-9394-c769f9542605", + "name": "website", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "introspection.token.claim": "true", + "userinfo.token.claim": "true", + "user.attribute": "website", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "website", + "jsonType.label": "String" + } + }, + { + "id": "3710a2dd-969f-4562-89af-55e31e30f565", + "name": "middle name", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "introspection.token.claim": "true", + "userinfo.token.claim": "true", + "user.attribute": "middleName", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "middle_name", + "jsonType.label": "String" + } + }, + { + "id": "862fa550-a9df-40e5-8fa3-473c45de5e59", + "name": "zoneinfo", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "introspection.token.claim": "true", + "userinfo.token.claim": "true", + "user.attribute": "zoneinfo", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "zoneinfo", + "jsonType.label": "String" + } + }, + { + "id": "0ae8854b-1589-401c-b0e0-24e423d8e723", + "name": "given name", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "introspection.token.claim": "true", + "userinfo.token.claim": "true", + "user.attribute": "firstName", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "given_name", + "jsonType.label": "String" + } + }, + { + "id": "a72f9f11-04bb-4905-81fe-7b23b7446e20", + "name": "gender", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "introspection.token.claim": "true", + "userinfo.token.claim": "true", + "user.attribute": "gender", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "gender", + "jsonType.label": "String" + } + }, + { + "id": "eaded814-dc28-450e-95ca-fbd2712e6a40", + "name": "profile", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "introspection.token.claim": "true", + "userinfo.token.claim": "true", + "user.attribute": "profile", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "profile", + "jsonType.label": "String" + } + }, + { + "id": "652dd31b-d4d8-49e9-8f53-125404b2a1f1", + "name": "locale", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "introspection.token.claim": "true", + "userinfo.token.claim": "true", + "user.attribute": "locale", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "locale", + "jsonType.label": "String" + } + }, + { + "id": "b20740b4-9fea-4035-b3af-cf0a40852b2f", + "name": "birthdate", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "introspection.token.claim": "true", + "userinfo.token.claim": "true", + "user.attribute": "birthdate", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "birthdate", + "jsonType.label": "String" + } + }, + { + "id": "7d36aacc-aa67-4ccb-98b0-b02a111c7dea", + "name": "username", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "introspection.token.claim": "true", + "userinfo.token.claim": "true", + "user.attribute": "username", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "preferred_username", + "jsonType.label": "String" + } + }, + { + "id": "4ed1750d-d48a-4005-8398-2c34f0c6548e", + "name": "full name", + "protocol": "openid-connect", + "protocolMapper": "oidc-full-name-mapper", + "consentRequired": false, + "config": { + "id.token.claim": "true", + "access.token.claim": "true", + "introspection.token.claim": "true", + "userinfo.token.claim": "true" + } + }, + { + "id": "4b111e20-11ee-4429-be4d-93414b08e506", + "name": "updated at", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "introspection.token.claim": "true", + "userinfo.token.claim": "true", + "user.attribute": "updatedAt", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "updated_at", + "jsonType.label": "long" + } + }, + { + "id": "7a7e5200-ae1c-44dc-a5a7-5546391929b5", + "name": "family name", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "introspection.token.claim": "true", + "userinfo.token.claim": "true", + "user.attribute": "lastName", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "family_name", + "jsonType.label": "String" + } + }, + { + "id": "d353e69e-7d1e-4c41-9fdd-f76a59dacf2b", + "name": "picture", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "introspection.token.claim": "true", + "userinfo.token.claim": "true", + "user.attribute": "picture", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "picture", + "jsonType.label": "String" + } + }, + { + "id": "a0e4a0a3-1428-46a5-a2a8-66480b1ecf9f", + "name": "nickname", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "introspection.token.claim": "true", + "userinfo.token.claim": "true", + "user.attribute": "nickname", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "nickname", + "jsonType.label": "String" + } + } + ] + }, + { + "id": "af72f98c-7086-4e99-97ad-2cdfe9f46cd4", + "name": "offline_access", + "description": "OpenID Connect built-in scope: offline_access", + "protocol": "openid-connect", + "attributes": { + "consent.screen.text": "${offlineAccessScopeConsentText}", + "display.on.consent.screen": "true" } - } ], - "useTemplateConfig" : false, - "useTemplateScope" : false, - "useTemplateMappers" : false, - "authorizationSettings" : { - "allowRemoteResourceManagement" : false, - "policyEnforcementMode" : "ENFORCING", - "resources" : [ { - "name" : "Default Resource", - "uri" : "/*", - "type" : "urn:pga:resources:default", - "typedScopes" : [ ] - } ], - "policies" : [ { - "name" : "Default Policy", - "description" : "A policy that grants access only for users within this realm", - "type" : "js", - "logic" : "POSITIVE", - "decisionStrategy" : "AFFIRMATIVE", - "config" : { - "code" : "// by default, grants any permission associated with this policy\n$evaluation.grant();\n" + }, + { + "id": "c98af4d7-e60f-469d-b76b-c8673b3d641c", + "name": "acr", + "description": "OpenID Connect scope for add acr (authentication context class reference) to the token", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "false", + "display.on.consent.screen": "false" + }, + "protocolMappers": [ + { + "id": "d000afcc-348f-414e-8e18-fbf9dd73bec0", + "name": "acr loa level", + "protocol": "openid-connect", + "protocolMapper": "oidc-acr-mapper", + "consentRequired": false, + "config": { + "id.token.claim": "true", + "access.token.claim": "true", + "introspection.token.claim": "true" + } + } + ] + }, + { + "id": "9bc461ac-7b67-48ae-af92-03b51bdd2336", + "name": "microprofile-jwt", + "description": "Microprofile - JWT built-in scope", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "false" + }, + "protocolMappers": [ + { + "id": "075ba449-99e1-49c5-8642-755d9fd1ca08", + "name": "upn", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "introspection.token.claim": "true", + "userinfo.token.claim": "true", + "user.attribute": "username", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "upn", + "jsonType.label": "String" + } + }, + { + "id": "4d1db13c-a944-4205-95fc-6b9c184e3cc4", + "name": "groups", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-realm-role-mapper", + "consentRequired": false, + "config": { + "introspection.token.claim": "true", + "multivalued": "true", + "user.attribute": "foo", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "groups", + "jsonType.label": "String" + } } - }, { - "name" : "Default Permission", - "description" : "A permission that applies to the default resource type", - "type" : "resource", - "logic" : "POSITIVE", - "decisionStrategy" : "UNANIMOUS", - "config" : { - "defaultResourceType" : "urn:pga:resources:default", - "applyPolicies" : "[\"Default Policy\"]", - "default" : "true" + ] + }, + { + "id": "162a761a-4a0b-4c30-a388-1ee5df06eb8e", + "name": "web-origins", + "description": "OpenID Connect scope for add allowed web origins to the access token", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "false", + "display.on.consent.screen": "false", + "consent.screen.text": "" + }, + "protocolMappers": [ + { + "id": "2ecc5181-9142-45b5-b11a-4d7936f9e38e", + "name": "allowed web origins", + "protocol": "openid-connect", + "protocolMapper": "oidc-allowed-origins-mapper", + "consentRequired": false, + "config": { + "access.token.claim": "true", + "introspection.token.claim": "true" + } } - } ], - "scopes" : [ ] + ] } - }, { - "id" : "444bd287-e88f-4bdf-b806-c1fa1f81de4f", - "clientId" : "realm-management", - "name" : "${client_realm-management}", - "surrogateAuthRequired" : false, - "enabled" : true, - "clientAuthenticatorType" : "client-secret", - "secret" : "55353926-9432-4e0c-be9b-cc4a7b07a859", - "redirectUris" : [ ], - "webOrigins" : [ ], - "notBefore" : 0, - "bearerOnly" : true, - "consentRequired" : false, - "standardFlowEnabled" : true, - "implicitFlowEnabled" : false, - "directAccessGrantsEnabled" : false, - "serviceAccountsEnabled" : false, - "publicClient" : false, - "frontchannelLogout" : false, - "attributes" : { }, - "fullScopeAllowed" : false, - "nodeReRegistrationTimeout" : 0, - "protocolMappers" : [ { - "id" : "f3cffafd-897c-45b1-946b-21271bbc4265", - "name" : "email", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-usermodel-property-mapper", - "consentRequired" : true, - "consentText" : "${email}", - "config" : { - "userinfo.token.claim" : "true", - "user.attribute" : "email", - "id.token.claim" : "true", - "access.token.claim" : "true", - "claim.name" : "email", - "jsonType.label" : "String" - } - }, { - "id" : "778385bb-7275-4431-89b5-ad94216345d2", - "name" : "family name", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-usermodel-property-mapper", - "consentRequired" : true, - "consentText" : "${familyName}", - "config" : { - "userinfo.token.claim" : "true", - "user.attribute" : "lastName", - "id.token.claim" : "true", - "access.token.claim" : "true", - "claim.name" : "family_name", - "jsonType.label" : "String" - } - }, { - "id" : "51319a83-386d-40df-a706-91f400e1aed9", - "name" : "role list", - "protocol" : "saml", - "protocolMapper" : "saml-role-list-mapper", - "consentRequired" : false, - "config" : { - "single" : "false", - "attribute.nameformat" : "Basic", - "attribute.name" : "Role" - } - }, { - "id" : "e4fe5a3e-3217-4953-8c26-17cf78de3d34", - "name" : "full name", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-full-name-mapper", - "consentRequired" : true, - "consentText" : "${fullName}", - "config" : { - "id.token.claim" : "true", - "access.token.claim" : "true" - } - }, { - "id" : "396d04c3-47da-4aa0-a7c5-ea88df50ed1f", - "name" : "username", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-usermodel-property-mapper", - "consentRequired" : true, - "consentText" : "${username}", - "config" : { - "userinfo.token.claim" : "true", - "user.attribute" : "username", - "id.token.claim" : "true", - "access.token.claim" : "true", - "claim.name" : "preferred_username", - "jsonType.label" : "String" - } - }, { - "id" : "3beafd0d-c620-417e-8b68-22d96c9604c0", - "name" : "given name", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-usermodel-property-mapper", - "consentRequired" : true, - "consentText" : "${givenName}", - "config" : { - "userinfo.token.claim" : "true", - "user.attribute" : "firstName", - "id.token.claim" : "true", - "access.token.claim" : "true", - "claim.name" : "given_name", - "jsonType.label" : "String" - } - } ], - "useTemplateConfig" : false, - "useTemplateScope" : false, - "useTemplateMappers" : false - }, { - "id" : "8bdd2a6b-05aa-4512-bbfe-e1f0ea762107", - "clientId" : "security-admin-console", - "name" : "${client_security-admin-console}", - "baseUrl" : "/auth/admin/default/console/index.html", - "surrogateAuthRequired" : false, - "enabled" : true, - "clientAuthenticatorType" : "client-secret", - "secret" : "01e0b45c-0dd4-45ef-99a8-4d9d40fcbf50", - "redirectUris" : [ "/auth/admin/default/console/*" ], - "webOrigins" : [ ], - "notBefore" : 0, - "bearerOnly" : false, - "consentRequired" : false, - "standardFlowEnabled" : true, - "implicitFlowEnabled" : false, - "directAccessGrantsEnabled" : false, - "serviceAccountsEnabled" : false, - "publicClient" : true, - "frontchannelLogout" : false, - "attributes" : { }, - "fullScopeAllowed" : false, - "nodeReRegistrationTimeout" : 0, - "protocolMappers" : [ { - "id" : "438a8794-0eed-4e1e-a2d9-6214d34c6b8a", - "name" : "email", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-usermodel-property-mapper", - "consentRequired" : true, - "consentText" : "${email}", - "config" : { - "userinfo.token.claim" : "true", - "user.attribute" : "email", - "id.token.claim" : "true", - "access.token.claim" : "true", - "claim.name" : "email", - "jsonType.label" : "String" - } - }, { - "id" : "8617a0a7-e20c-42ea-9291-69d10c99b95e", - "name" : "full name", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-full-name-mapper", - "consentRequired" : true, - "consentText" : "${fullName}", - "config" : { - "id.token.claim" : "true", - "access.token.claim" : "true" - } - }, { - "id" : "1568fb0b-0340-4e7b-be46-115e950d7b41", - "name" : "role list", - "protocol" : "saml", - "protocolMapper" : "saml-role-list-mapper", - "consentRequired" : false, - "config" : { - "single" : "false", - "attribute.nameformat" : "Basic", - "attribute.name" : "Role" + ], + "defaultDefaultClientScopes": [ + "web-origins", + "role_list", + "profile", + "email", + "roles", + "acr" + ], + "defaultOptionalClientScopes": [ + "phone", + "address", + "microprofile-jwt", + "offline_access", + "preferred_username" + ], + "browserSecurityHeaders": { + "contentSecurityPolicyReportOnly": "", + "xContentTypeOptions": "nosniff", + "referrerPolicy": "no-referrer", + "xRobotsTag": "none", + "xFrameOptions": "SAMEORIGIN", + "contentSecurityPolicy": "frame-src 'self'; frame-ancestors 'self'; object-src 'none';", + "xXSSProtection": "1; mode=block", + "strictTransportSecurity": "max-age=31536000; includeSubDomains" + }, + "smtpServer": {}, + "eventsEnabled": false, + "eventsListeners": [ + "jboss-logging" + ], + "enabledEventTypes": [], + "adminEventsEnabled": false, + "adminEventsDetailsEnabled": false, + "identityProviders": [ + { + "alias": "oidc", + "displayName": "CILogon", + "internalId": "f0427047-bcb0-414d-9e9a-dc97b7cddefa", + "providerId": "oidc", + "enabled": true, + "updateProfileFirstLoginMode": "on", + "trustEmail": true, + "storeToken": true, + "addReadTokenRoleOnCreate": true, + "authenticateByDefault": false, + "linkOnly": false, + "firstBrokerLoginFlowAlias": "first broker login", + "config": { + "acceptsPromptNoneForwardFromClient": "false", + "tokenUrl": "https://cilogon.org/oauth2/token";, + "isAccessTokenJWT": "false", + "filteredByClaim": "false", + "backchannelSupported": "false", + "issuer": "https://cilogon.org";, + "loginHint": "false", + "clientAuthMethod": "client_secret_post", + "syncMode": "IMPORT", + "clientSecret": "**********", + "allowedClockSkew": "0", + "defaultScope": "openid profile email org.cilogon.userinfo", + "guiOrder": "1", + "hideOnLoginPage": "false", + "userInfoUrl": "https://cilogon.org/oauth2/userinfo";, + "validateSignature": "false", + "clientId": "cilogon:/client_id/392446d1fe4981d3eab8adb6da2a1952", + "uiLocales": "false", + "disableNonce": "false", + "sendClientIdOnLogout": "false", + "pkceEnabled": "false", + "forwardParameters": "kc_idp_hint", + "authorizationUrl": "https://cilogon.org/authorize";, + "disableUserInfo": "false", + "logoutUrl": "https://cilogon.org/logout";, + "sendIdTokenOnLogout": "true", + "passMaxAge": "false" } - }, { - "id" : "e170660c-244f-4eca-bbde-2b62fc9da922", - "name" : "family name", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-usermodel-property-mapper", - "consentRequired" : true, - "consentText" : "${familyName}", - "config" : { - "userinfo.token.claim" : "true", - "user.attribute" : "lastName", - "id.token.claim" : "true", - "access.token.claim" : "true", - "claim.name" : "family_name", - "jsonType.label" : "String" + } + ], + "identityProviderMappers": [ + { + "id": "c4c0522a-97a5-4f19-83cd-bf43ddaa164e", + "name": "family_name", + "identityProviderAlias": "oidc", + "identityProviderMapper": "oidc-user-attribute-idp-mapper", + "config": { + "syncMode": "INHERIT", + "claim": "family_name", + "user.attribute": "lastName" } - }, { - "id" : "40a0c295-03f0-42d9-a1a2-78c0c4aac05b", - "name" : "given name", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-usermodel-property-mapper", - "consentRequired" : true, - "consentText" : "${givenName}", - "config" : { - "userinfo.token.claim" : "true", - "user.attribute" : "firstName", - "id.token.claim" : "true", - "access.token.claim" : "true", - "claim.name" : "given_name", - "jsonType.label" : "String" + }, + { + "id": "c63368b2-6bb7-4dc4-85bc-5ae63147ed9c", + "name": "given_name", + "identityProviderAlias": "oidc", + "identityProviderMapper": "oidc-user-attribute-idp-mapper", + "config": { + "syncMode": "INHERIT", + "claim": "given_name", + "user.attribute": "firstName" } - }, { - "id" : "a55f9a18-163c-46aa-a51e-9db11e6ebb84", - "name" : "username", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-usermodel-property-mapper", - "consentRequired" : true, - "consentText" : "${username}", - "config" : { - "userinfo.token.claim" : "true", - "user.attribute" : "username", - "id.token.claim" : "true", - "access.token.claim" : "true", - "claim.name" : "preferred_username", - "jsonType.label" : "String" + } + ], + "components": { + "org.keycloak.services.clientregistration.policy.ClientRegistrationPolicy": [ + { + "id": "d446bfe5-46d7-4b5a-a569-41268f1f0e87", + "name": "Trusted Hosts", + "providerId": "trusted-hosts", + "subType": "anonymous", + "subComponents": {}, + "config": { + "host-sending-registration-request-must-match": [ + "true" + ], + "client-uris-must-match": [ + "true" + ] + } + }, + { + "id": "d6c586ad-07ab-4a3e-8f61-9ee3d4f7e03f", + "name": "Max Clients Limit", + "providerId": "max-clients", + "subType": "anonymous", + "subComponents": {}, + "config": { + "max-clients": [ + "200" + ] + } + }, + { + "id": "fcf2e8da-427f-4232-8e02-cf08151c0211", + "name": "Allowed Protocol Mapper Types", + "providerId": "allowed-protocol-mappers", + "subType": "authenticated", + "subComponents": {}, + "config": { + "allowed-protocol-mapper-types": [ + "oidc-full-name-mapper", + "oidc-usermodel-attribute-mapper", + "saml-role-list-mapper", + "oidc-sha256-pairwise-sub-mapper", + "oidc-usermodel-property-mapper", + "oidc-address-mapper", + "saml-user-attribute-mapper", + "saml-user-property-mapper" + ] + } + }, + { + "id": "9d32bc1e-fa04-4ab7-8911-cb344ff8b5c8", + "name": "Consent Required", + "providerId": "consent-required", + "subType": "anonymous", + "subComponents": {}, + "config": {} + }, + { + "id": "eff493d8-9108-420f-88ca-522e9df73f46", + "name": "Allowed Protocol Mapper Types", + "providerId": "allowed-protocol-mappers", + "subType": "anonymous", + "subComponents": {}, + "config": { + "allowed-protocol-mapper-types": [ + "oidc-address-mapper", + "saml-role-list-mapper", + "oidc-usermodel-property-mapper", + "saml-user-attribute-mapper", + "oidc-usermodel-attribute-mapper", + "oidc-full-name-mapper", + "oidc-sha256-pairwise-sub-mapper", + "saml-user-property-mapper" + ] + } + }, + { + "id": "64e7e77a-3489-45bd-b440-e1c42941b22a", + "name": "Allowed Client Scopes", + "providerId": "allowed-client-templates", + "subType": "anonymous", + "subComponents": {}, + "config": { + "allow-default-scopes": [ + "true" + ] + } + }, + { + "id": "b3315017-dfb7-4e2f-a682-f9278ae9008a", + "name": "Allowed Client Scopes", + "providerId": "allowed-client-templates", + "subType": "authenticated", + "subComponents": {}, + "config": { + "allow-default-scopes": [ + "true" + ] + } + }, + { + "id": "35fa6e56-7042-4df8-bdda-feeeb6b39c45", + "name": "Full Scope Disabled", + "providerId": "scope", + "subType": "anonymous", + "subComponents": {}, + "config": {} } - }, { - "id" : "a459fa53-bc8b-443e-bc9a-919bc11cfea5", - "name" : "locale", - "protocol" : "openid-connect", - "protocolMapper" : "oidc-usermodel-attribute-mapper", - "consentRequired" : false, - "consentText" : "${locale}", - "config" : { - "userinfo.token.claim" : "true", - "user.attribute" : "locale", - "id.token.claim" : "true", - "access.token.claim" : "true", - "claim.name" : "locale", - "jsonType.label" : "String" + ], + "org.keycloak.keys.KeyProvider": [ + { + "id": "33a8177a-0278-4ce3-abee-a4394ec04aed", + "name": "rsa-enc-generated", + "providerId": "rsa-enc-generated", + "subComponents": {}, + "config": { + "priority": [ + "100" + ], + "algorithm": [ + "RSA-OAEP" + ] + } + }, + { + "id": "a4d499fc-aced-40b4-9102-255159578eec", + "name": "hmac-generated-hs512", + "providerId": "hmac-generated", + "subComponents": {}, + "config": { + "priority": [ + "100" + ], + "algorithm": [ + "HS512" + ] + } + }, + { + "id": "f5dc3169-59a8-4790-a9e5-e0bf3c78805c", + "name": "aes-generated", + "providerId": "aes-generated", + "subComponents": {}, + "config": { + "priority": [ + "100" + ] + } + }, + { + "id": "762fc122-3966-4253-8ff2-681aef52798a", + "name": "rsa-generated", + "providerId": "rsa-generated", + "subComponents": {}, + "config": { + "priority": [ + "100" + ] + } } - } ], - "useTemplateConfig" : false, - "useTemplateScope" : false, - "useTemplateMappers" : false - } ], - "clientTemplates" : [ ], - "browserSecurityHeaders" : { - "xContentTypeOptions" : "nosniff", - "xFrameOptions" : "SAMEORIGIN", - "contentSecurityPolicy" : "frame-src 'self'" + ] }, - "smtpServer" : { }, - "eventsEnabled" : false, - "eventsListeners" : [ "jboss-logging" ], - "enabledEventTypes" : [ ], - "adminEventsEnabled" : false, - "adminEventsDetailsEnabled" : false, - "components" : { - "org.keycloak.services.clientregistration.policy.ClientRegistrationPolicy" : [ { - "id" : "15cbcc72-a1de-46ed-b3dc-47535293f0da", - "name" : "Allowed Protocol Mapper Types", - "providerId" : "allowed-protocol-mappers", - "subType" : "anonymous", - "subComponents" : { }, - "config" : { - "allowed-protocol-mapper-types" : [ "oidc-full-name-mapper", "oidc-usermodel-property-mapper", "oidc-usermodel-attribute-mapper", "saml-user-property-mapper", "saml-user-attribute-mapper", "oidc-address-mapper", "saml-role-list-mapper", "oidc-sha256-pairwise-sub-mapper" ], - "consent-required-for-all-mappers" : [ "true" ] - } - }, { - "id" : "2e27e8d7-80f4-417e-b359-9971614cf7c8", - "name" : "Consent Required", - "providerId" : "consent-required", - "subType" : "anonymous", - "subComponents" : { }, - "config" : { } - }, { - "id" : "30944217-0b40-4d9c-915d-65818a53cc99", - "name" : "Allowed Client Templates", - "providerId" : "allowed-client-templates", - "subType" : "authenticated", - "subComponents" : { }, - "config" : { } - }, { - "id" : "54fd7c81-ef7f-4329-935b-dba6b309d528", - "name" : "Full Scope Disabled", - "providerId" : "scope", - "subType" : "anonymous", - "subComponents" : { }, - "config" : { } - }, { - "id" : "7ce77be7-0568-4e91-a69a-8335c3c19f62", - "name" : "Trusted Hosts", - "providerId" : "trusted-hosts", - "subType" : "anonymous", - "subComponents" : { }, - "config" : { - "host-sending-registration-request-must-match" : [ "true" ], - "client-uris-must-match" : [ "true" ] - } - }, { - "id" : "92012f2d-f36a-42ec-9ccb-6a18b23bfc47", - "name" : "Allowed Client Templates", - "providerId" : "allowed-client-templates", - "subType" : "anonymous", - "subComponents" : { }, - "config" : { } - }, { - "id" : "ab75f593-8e0e-469a-bf4f-a6993c069b62", - "name" : "Allowed Protocol Mapper Types", - "providerId" : "allowed-protocol-mappers", - "subType" : "authenticated", - "subComponents" : { }, - "config" : { - "allowed-protocol-mapper-types" : [ "saml-role-list-mapper", "oidc-usermodel-property-mapper", "saml-user-property-mapper", "oidc-address-mapper", "saml-user-attribute-mapper", "oidc-usermodel-attribute-mapper", "oidc-sha256-pairwise-sub-mapper", "oidc-full-name-mapper" ], - "consent-required-for-all-mappers" : [ "true" ] - } - }, { - "id" : "e0b51b51-51bc-4bf0-8f50-4c60279ed926", - "name" : "Max Clients Limit", - "providerId" : "max-clients", - "subType" : "anonymous", - "subComponents" : { }, - "config" : { - "max-clients" : [ "200" ] + "internationalizationEnabled": false, + "supportedLocales": [], + "authenticationFlows": [ + { + "id": "ee04c896-46c6-46e5-8f5f-2c3f5f5e982f", + "alias": "Account verification options", + "description": "Method with which to verity the existing account", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "idp-email-verification", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 10, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticatorFlow": true, + "requirement": "ALTERNATIVE", + "priority": 20, + "autheticatorFlow": true, + "flowAlias": "Verify Existing Account by Re-authentication", + "userSetupAllowed": false + } + ] + }, + { + "id": "78e019d7-5a2f-44f3-81d0-6fa566f21a32", + "alias": "Browser - Conditional OTP", + "description": "Flow to determine if the OTP is required for the authentication", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "conditional-user-configured", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticator": "auth-otp-form", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "autheticatorFlow": false, + "userSetupAllowed": false + } + ] + }, + { + "id": "3482050b-0ea3-4aee-8200-bcc78dfda38d", + "alias": "Direct Grant - Conditional OTP", + "description": "Flow to determine if the OTP is required for the authentication", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "conditional-user-configured", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticator": "direct-grant-validate-otp", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "autheticatorFlow": false, + "userSetupAllowed": false + } + ] + }, + { + "id": "64987dfc-4f74-4abe-a9fa-47028f056258", + "alias": "First broker login - Conditional OTP", + "description": "Flow to determine if the OTP is required for the authentication", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "conditional-user-configured", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticator": "auth-otp-form", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "autheticatorFlow": false, + "userSetupAllowed": false + } + ] + }, + { + "id": "32144fde-d5b5-4a21-bdd5-fb8d92f3c435", + "alias": "Handle Existing Account", + "description": "Handle what to do if there is existing account with same email/username like authenticated identity provider", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "idp-confirm-link", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticatorFlow": true, + "requirement": "REQUIRED", + "priority": 20, + "autheticatorFlow": true, + "flowAlias": "Account verification options", + "userSetupAllowed": false + } + ] + }, + { + "id": "53e1602d-6fb0-4dcb-81a8-e0e549165a2c", + "alias": "Reset - Conditional OTP", + "description": "Flow to determine if the OTP should be reset or not. Set to REQUIRED to force.", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "conditional-user-configured", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticator": "reset-otp", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "autheticatorFlow": false, + "userSetupAllowed": false + } + ] + }, + { + "id": "4819cc94-f5e5-47ca-99ca-35abb57f80e4", + "alias": "User creation or linking", + "description": "Flow for the existing/non-existing user alternatives", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticatorConfig": "create unique user config", + "authenticator": "idp-create-user-if-unique", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 10, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticatorFlow": true, + "requirement": "ALTERNATIVE", + "priority": 20, + "autheticatorFlow": true, + "flowAlias": "Handle Existing Account", + "userSetupAllowed": false + } + ] + }, + { + "id": "5942a1e4-f029-40cd-ae92-830898bf97dc", + "alias": "Verify Existing Account by Re-authentication", + "description": "Reauthentication of existing account", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "idp-username-password-form", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticatorFlow": true, + "requirement": "CONDITIONAL", + "priority": 20, + "autheticatorFlow": true, + "flowAlias": "First broker login - Conditional OTP", + "userSetupAllowed": false + } + ] + }, + { + "id": "92632d82-47d5-4dd6-8a7e-8bf3e0ecd02f", + "alias": "browser", + "description": "browser based authentication", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "auth-cookie", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 10, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticator": "auth-spnego", + "authenticatorFlow": false, + "requirement": "DISABLED", + "priority": 20, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticatorConfig": "oidc", + "authenticator": "identity-provider-redirector", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 25, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticatorFlow": true, + "requirement": "ALTERNATIVE", + "priority": 30, + "autheticatorFlow": true, + "flowAlias": "forms", + "userSetupAllowed": false + } + ] + }, + { + "id": "dfedc4d5-a50e-4622-bba6-7e5ee9b2065c", + "alias": "clients", + "description": "Base authentication for clients", + "providerId": "client-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "client-secret", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 10, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticator": "client-jwt", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 20, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticator": "client-secret-jwt", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 30, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticator": "client-x509", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 40, + "autheticatorFlow": false, + "userSetupAllowed": false + } + ] + }, + { + "id": "25ac344e-2d5e-4c5c-8f86-2b8ba2e3dfde", + "alias": "direct grant", + "description": "OpenID Connect Resource Owner Grant", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "direct-grant-validate-username", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticator": "direct-grant-validate-password", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticatorFlow": true, + "requirement": "CONDITIONAL", + "priority": 30, + "autheticatorFlow": true, + "flowAlias": "Direct Grant - Conditional OTP", + "userSetupAllowed": false + } + ] + }, + { + "id": "fc07ca16-4d7d-4132-a6d6-352a566d19da", + "alias": "docker auth", + "description": "Used by Docker clients to authenticate against the IDP", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "docker-http-basic-authenticator", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "autheticatorFlow": false, + "userSetupAllowed": false + } + ] + }, + { + "id": "eb9f31b1-f136-47bc-93d1-9fc8c62de3c5", + "alias": "first broker login", + "description": "Actions taken after first broker login with identity provider account, which is not yet linked to any Keycloak account", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticatorConfig": "review profile config", + "authenticator": "idp-review-profile", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticatorFlow": true, + "requirement": "REQUIRED", + "priority": 20, + "autheticatorFlow": true, + "flowAlias": "User creation or linking", + "userSetupAllowed": false + } + ] + }, + { + "id": "92f6f1d6-7684-4c3a-8623-1a1643cf1b07", + "alias": "forms", + "description": "Username, password, otp and other auth forms.", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "auth-username-password-form", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticatorFlow": true, + "requirement": "CONDITIONAL", + "priority": 20, + "autheticatorFlow": true, + "flowAlias": "Browser - Conditional OTP", + "userSetupAllowed": false + } + ] + }, + { + "id": "4701b039-0e51-435c-a867-76e602446315", + "alias": "registration", + "description": "registration flow", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "registration-page-form", + "authenticatorFlow": true, + "requirement": "REQUIRED", + "priority": 10, + "autheticatorFlow": true, + "flowAlias": "registration form", + "userSetupAllowed": false + } + ] + }, + { + "id": "4857befc-6fac-45f1-ae13-02830ab04646", + "alias": "registration form", + "description": "registration form", + "providerId": "form-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "registration-user-creation", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticator": "registration-password-action", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 50, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticator": "registration-recaptcha-action", + "authenticatorFlow": false, + "requirement": "DISABLED", + "priority": 60, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticator": "registration-terms-and-conditions", + "authenticatorFlow": false, + "requirement": "DISABLED", + "priority": 70, + "autheticatorFlow": false, + "userSetupAllowed": false + } + ] + }, + { + "id": "72627447-0fbe-4017-96ab-b12eacc75a2d", + "alias": "reset credentials", + "description": "Reset credentials for a user if they forgot their password or something", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "reset-credentials-choose-user", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticator": "reset-credential-email", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticator": "reset-password", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 30, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticatorFlow": true, + "requirement": "CONDITIONAL", + "priority": 40, + "autheticatorFlow": true, + "flowAlias": "Reset - Conditional OTP", + "userSetupAllowed": false + } + ] + }, + { + "id": "d8bec40b-7015-40c9-b069-c1bb1b1cf09e", + "alias": "saml ecp", + "description": "SAML ECP Profile Authentication Flow", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "http-basic-authenticator", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "autheticatorFlow": false, + "userSetupAllowed": false + } + ] + } + ], + "authenticatorConfig": [ + { + "id": "6ee3b9e1-c19b-43f5-bc30-4dde2953aa3f", + "alias": "create unique user config", + "config": { + "require.password.update.after.registration": "false" } - } ], - "org.keycloak.keys.KeyProvider" : [ { - "id" : "c809b9e5-5b4d-406d-99be-5a8542a30131", - "name" : "hmac-generated", - "providerId" : "hmac-generated", - "subComponents" : { }, - "config" : { - "kid" : [ "bdedd233-061c-4042-935b-680b91cd39b8" ], - "secret" : [ "Ab8Dw3Si_vOmkkGQqiFo-IPCMziYKk017UfBnEdnOow" ], - "priority" : [ "100" ] + }, + { + "id": "420707ab-984e-4a95-a679-26cddf145323", + "alias": "oidc", + "config": { + "default.reference.maxAge": "10000", + "default.reference.value": "CILogon", + "defaultProvider": "oidc" } - }, { - "id" : "c93b4a04-cb15-45e2-b8c5-1e8dd240e818", - "name" : "rsa-generated", - "providerId" : "rsa-generated", - "subComponents" : { }, - "config" : { - "privateKey" : [ "MIIEowIBAAKCAQEAuG14Yb94lXVhv213hNnbvLdhj03teLESoIkTS/D8OGFFmzR6bpgLNk63a5ajYt9g+C803hyV27Z2hhwZFjpDi0Csh7vikCpdBwfJuJUZd83mfy9zwufHmAcFXD1f70nfMtdis8bDmplQ+CvToI/8AEdNjR6FEzjoFG9SLo6ON/ccVL/jcMW1geLBhFm15WzFk/l4sopS3kuaEo6qN7ubb1IDvfHKnqk+ZoeZLOFXzUMSRo2r6n3VnNa421e8pxM5twh07V+GEw+otxc2d4ocmoTLNnAmUf9Nu1jb9RcVHe9E+VLwNyQiJ9yolbN2Cbius9tBlmHLvQ8QajrEiHKFxwIDAQABAoIBAQCBE7zpTMTsddcPz2GTDZcJIZ+aWIQXsHbE/KsQv30HSK0az0PRG4DdZYJiPm/jx0tq6D8sJP2NZMrXWdsE/4o+b+lQpmMPW1 [...] - "certificate" : [ "MIICnTCCAYUCBgFiRAjgcTANBgkqhkiG9w0BAQsFADASMRAwDgYDVQQDDAdkZWZhdWx0MB4XDTE4MDMyMDE1MjkxNVoXDTI4MDMyMDE1MzA1NVowEjEQMA4GA1UEAwwHZGVmYXVsdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALhteGG/eJV1Yb9td4TZ27y3YY9N7XixEqCJE0vw/DhhRZs0em6YCzZOt2uWo2LfYPgvNN4cldu2doYcGRY6Q4tArIe74pAqXQcHybiVGXfN5n8vc8Lnx5gHBVw9X+9J3zLXYrPGw5qZUPgr06CP/ABHTY0ehRM46BRvUi6Ojjf3HFS/43DFtYHiwYRZteVsxZP5eLKKUt5LmhKOqje7m29SA73xyp6pPmaHmSzhV81DEkaNq+p91ZzWuNtXvKcTObcIdO1fhhMPqLcXNneKHJqEyzZwJ [...] - "priority" : [ "100" ] + }, + { + "id": "6bab8c26-0c25-4cf3-a5a7-634cdfcf9f41", + "alias": "review profile config", + "config": { + "update.profile.on.first.login": "missing" } - } ] - }, - "internationalizationEnabled" : false, - "supportedLocales" : [ ], - "authenticationFlows" : [ { - "id" : "019bcc2f-0262-40cd-80b9-09695025956d", - "alias" : "Handle Existing Account", - "description" : "Handle what to do if there is existing account with same email/username like authenticated identity provider", - "providerId" : "basic-flow", - "topLevel" : false, - "builtIn" : true, - "authenticationExecutions" : [ { - "authenticator" : "idp-confirm-link", - "requirement" : "REQUIRED", - "priority" : 10, - "userSetupAllowed" : false, - "autheticatorFlow" : false - }, { - "authenticator" : "idp-email-verification", - "requirement" : "ALTERNATIVE", - "priority" : 20, - "userSetupAllowed" : false, - "autheticatorFlow" : false - }, { - "requirement" : "ALTERNATIVE", - "priority" : 30, - "flowAlias" : "Verify Existing Account by Re-authentication", - "userSetupAllowed" : false, - "autheticatorFlow" : true - } ] - }, { - "id" : "acf385b1-ca2b-4915-a9a7-ebd0d50a773d", - "alias" : "Verify Existing Account by Re-authentication", - "description" : "Reauthentication of existing account", - "providerId" : "basic-flow", - "topLevel" : false, - "builtIn" : true, - "authenticationExecutions" : [ { - "authenticator" : "idp-username-password-form", - "requirement" : "REQUIRED", - "priority" : 10, - "userSetupAllowed" : false, - "autheticatorFlow" : false - }, { - "authenticator" : "auth-otp-form", - "requirement" : "OPTIONAL", - "priority" : 20, - "userSetupAllowed" : false, - "autheticatorFlow" : false - } ] - }, { - "id" : "d0edd344-70c1-4cec-8212-06e9eef11654", - "alias" : "browser", - "description" : "browser based authentication", - "providerId" : "basic-flow", - "topLevel" : true, - "builtIn" : true, - "authenticationExecutions" : [ { - "authenticator" : "auth-cookie", - "requirement" : "ALTERNATIVE", - "priority" : 10, - "userSetupAllowed" : false, - "autheticatorFlow" : false - }, { - "authenticator" : "auth-spnego", - "requirement" : "DISABLED", - "priority" : 20, - "userSetupAllowed" : false, - "autheticatorFlow" : false - }, { - "authenticator" : "identity-provider-redirector", - "requirement" : "ALTERNATIVE", - "priority" : 25, - "userSetupAllowed" : false, - "autheticatorFlow" : false - }, { - "requirement" : "ALTERNATIVE", - "priority" : 30, - "flowAlias" : "forms", - "userSetupAllowed" : false, - "autheticatorFlow" : true - } ] - }, { - "id" : "942c0549-21d8-4bc5-8ce5-48e8743b44b8", - "alias" : "clients", - "description" : "Base authentication for clients", - "providerId" : "client-flow", - "topLevel" : true, - "builtIn" : true, - "authenticationExecutions" : [ { - "authenticator" : "client-secret", - "requirement" : "ALTERNATIVE", - "priority" : 10, - "userSetupAllowed" : false, - "autheticatorFlow" : false - }, { - "authenticator" : "client-jwt", - "requirement" : "ALTERNATIVE", - "priority" : 20, - "userSetupAllowed" : false, - "autheticatorFlow" : false - } ] - }, { - "id" : "bd526764-1c51-436d-b51e-634838675496", - "alias" : "direct grant", - "description" : "OpenID Connect Resource Owner Grant", - "providerId" : "basic-flow", - "topLevel" : true, - "builtIn" : true, - "authenticationExecutions" : [ { - "authenticator" : "direct-grant-validate-username", - "requirement" : "REQUIRED", - "priority" : 10, - "userSetupAllowed" : false, - "autheticatorFlow" : false - }, { - "authenticator" : "direct-grant-validate-password", - "requirement" : "REQUIRED", - "priority" : 20, - "userSetupAllowed" : false, - "autheticatorFlow" : false - }, { - "authenticator" : "direct-grant-validate-otp", - "requirement" : "OPTIONAL", - "priority" : 30, - "userSetupAllowed" : false, - "autheticatorFlow" : false - } ] - }, { - "id" : "639c578b-98a5-4a0e-91ac-eadd20e22f82", - "alias" : "first broker login", - "description" : "Actions taken after first broker login with identity provider account, which is not yet linked to any Keycloak account", - "providerId" : "basic-flow", - "topLevel" : true, - "builtIn" : true, - "authenticationExecutions" : [ { - "authenticatorConfig" : "review profile config", - "authenticator" : "idp-review-profile", - "requirement" : "REQUIRED", - "priority" : 10, - "userSetupAllowed" : false, - "autheticatorFlow" : false - }, { - "authenticatorConfig" : "create unique user config", - "authenticator" : "idp-create-user-if-unique", - "requirement" : "ALTERNATIVE", - "priority" : 20, - "userSetupAllowed" : false, - "autheticatorFlow" : false - }, { - "requirement" : "ALTERNATIVE", - "priority" : 30, - "flowAlias" : "Handle Existing Account", - "userSetupAllowed" : false, - "autheticatorFlow" : true - } ] - }, { - "id" : "d510b177-7e43-41c5-a0ba-524e40564eb1", - "alias" : "forms", - "description" : "Username, password, otp and other auth forms.", - "providerId" : "basic-flow", - "topLevel" : false, - "builtIn" : true, - "authenticationExecutions" : [ { - "authenticator" : "auth-username-password-form", - "requirement" : "REQUIRED", - "priority" : 10, - "userSetupAllowed" : false, - "autheticatorFlow" : false - }, { - "authenticator" : "auth-otp-form", - "requirement" : "OPTIONAL", - "priority" : 20, - "userSetupAllowed" : false, - "autheticatorFlow" : false - } ] - }, { - "id" : "b2a16db2-0538-49ce-8478-5e982e0e428e", - "alias" : "registration", - "description" : "registration flow", - "providerId" : "basic-flow", - "topLevel" : true, - "builtIn" : true, - "authenticationExecutions" : [ { - "authenticator" : "registration-page-form", - "requirement" : "REQUIRED", - "priority" : 10, - "flowAlias" : "registration form", - "userSetupAllowed" : false, - "autheticatorFlow" : true - } ] - }, { - "id" : "cb43a4d3-5513-4341-91c8-f48b490d0325", - "alias" : "registration form", - "description" : "registration form", - "providerId" : "form-flow", - "topLevel" : false, - "builtIn" : true, - "authenticationExecutions" : [ { - "authenticator" : "registration-user-creation", - "requirement" : "REQUIRED", - "priority" : 20, - "userSetupAllowed" : false, - "autheticatorFlow" : false - }, { - "authenticator" : "registration-profile-action", - "requirement" : "REQUIRED", - "priority" : 40, - "userSetupAllowed" : false, - "autheticatorFlow" : false - }, { - "authenticator" : "registration-password-action", - "requirement" : "REQUIRED", - "priority" : 50, - "userSetupAllowed" : false, - "autheticatorFlow" : false - }, { - "authenticator" : "registration-recaptcha-action", - "requirement" : "DISABLED", - "priority" : 60, - "userSetupAllowed" : false, - "autheticatorFlow" : false - } ] - }, { - "id" : "230a1ca4-f347-446a-9149-48efac890537", - "alias" : "reset credentials", - "description" : "Reset credentials for a user if they forgot their password or something", - "providerId" : "basic-flow", - "topLevel" : true, - "builtIn" : true, - "authenticationExecutions" : [ { - "authenticator" : "reset-credentials-choose-user", - "requirement" : "REQUIRED", - "priority" : 10, - "userSetupAllowed" : false, - "autheticatorFlow" : false - }, { - "authenticator" : "reset-credential-email", - "requirement" : "REQUIRED", - "priority" : 20, - "userSetupAllowed" : false, - "autheticatorFlow" : false - }, { - "authenticator" : "reset-password", - "requirement" : "REQUIRED", - "priority" : 30, - "userSetupAllowed" : false, - "autheticatorFlow" : false - }, { - "authenticator" : "reset-otp", - "requirement" : "OPTIONAL", - "priority" : 40, - "userSetupAllowed" : false, - "autheticatorFlow" : false - } ] - }, { - "id" : "48904284-dd62-4b0d-8b26-a7edcef5eff0", - "alias" : "saml ecp", - "description" : "SAML ECP Profile Authentication Flow", - "providerId" : "basic-flow", - "topLevel" : true, - "builtIn" : true, - "authenticationExecutions" : [ { - "authenticator" : "http-basic-authenticator", - "requirement" : "REQUIRED", - "priority" : 10, - "userSetupAllowed" : false, - "autheticatorFlow" : false - } ] - } ], - "authenticatorConfig" : [ { - "id" : "e321d1b8-e71c-49ed-9a4f-bcb54d674b46", - "alias" : "create unique user config", - "config" : { - "require.password.update.after.registration" : "false" } - }, { - "id" : "1d76feba-114d-464e-99cc-8839b3f271d7", - "alias" : "review profile config", - "config" : { - "update.profile.on.first.login" : "missing" + ], + "requiredActions": [ + { + "alias": "CONFIGURE_TOTP", + "name": "Configure OTP", + "providerId": "CONFIGURE_TOTP", + "enabled": true, + "defaultAction": false, + "priority": 10, + "config": {} + }, + { + "alias": "TERMS_AND_CONDITIONS", + "name": "Terms and Conditions", + "providerId": "TERMS_AND_CONDITIONS", + "enabled": false, + "defaultAction": false, + "priority": 20, + "config": {} + }, + { + "alias": "UPDATE_PASSWORD", + "name": "Update Password", + "providerId": "UPDATE_PASSWORD", + "enabled": true, + "defaultAction": false, + "priority": 30, + "config": {} + }, + { + "alias": "UPDATE_PROFILE", + "name": "Update Profile", + "providerId": "UPDATE_PROFILE", + "enabled": true, + "defaultAction": false, + "priority": 40, + "config": {} + }, + { + "alias": "VERIFY_EMAIL", + "name": "Verify Email", + "providerId": "VERIFY_EMAIL", + "enabled": true, + "defaultAction": false, + "priority": 50, + "config": {} + }, + { + "alias": "delete_account", + "name": "Delete Account", + "providerId": "delete_account", + "enabled": false, + "defaultAction": false, + "priority": 60, + "config": {} + }, + { + "alias": "webauthn-register", + "name": "Webauthn Register", + "providerId": "webauthn-register", + "enabled": true, + "defaultAction": false, + "priority": 70, + "config": {} + }, + { + "alias": "webauthn-register-passwordless", + "name": "Webauthn Register Passwordless", + "providerId": "webauthn-register-passwordless", + "enabled": true, + "defaultAction": false, + "priority": 80, + "config": {} + }, + { + "alias": "VERIFY_PROFILE", + "name": "Verify Profile", + "providerId": "VERIFY_PROFILE", + "enabled": true, + "defaultAction": false, + "priority": 90, + "config": {} + }, + { + "alias": "update_user_locale", + "name": "Update User Locale", + "providerId": "update_user_locale", + "enabled": true, + "defaultAction": false, + "priority": 1000, + "config": {} } - } ], - "requiredActions" : [ { - "alias" : "CONFIGURE_TOTP", - "name" : "Configure OTP", - "providerId" : "CONFIGURE_TOTP", - "enabled" : true, - "defaultAction" : false, - "config" : { } - }, { - "alias" : "UPDATE_PASSWORD", - "name" : "Update Password", - "providerId" : "UPDATE_PASSWORD", - "enabled" : true, - "defaultAction" : false, - "config" : { } - }, { - "alias" : "UPDATE_PROFILE", - "name" : "Update Profile", - "providerId" : "UPDATE_PROFILE", - "enabled" : true, - "defaultAction" : false, - "config" : { } - }, { - "alias" : "VERIFY_EMAIL", - "name" : "Verify Email", - "providerId" : "VERIFY_EMAIL", - "enabled" : true, - "defaultAction" : false, - "config" : { } - }, { - "alias" : "terms_and_conditions", - "name" : "Terms and Conditions", - "providerId" : "terms_and_conditions", - "enabled" : false, - "defaultAction" : false, - "config" : { } - } ], - "browserFlow" : "browser", - "registrationFlow" : "registration", - "directGrantFlow" : "direct grant", - "resetCredentialsFlow" : "reset credentials", - "clientAuthenticationFlow" : "clients", - "attributes" : { - "failureFactor" : "30", - "_browser_header.xFrameOptions" : "SAMEORIGIN", - "quickLoginCheckMilliSeconds" : "1000", - "maxDeltaTimeSeconds" : "43200", - "_browser_header.xContentTypeOptions" : "nosniff", - "bruteForceProtected" : "false", - "maxFailureWaitSeconds" : "900", - "minimumQuickLoginWaitSeconds" : "60", - "_browser_header.contentSecurityPolicy" : "frame-src 'self'", - "waitIncrementSeconds" : "60" + ], + "browserFlow": "browser", + "registrationFlow": "registration", + "directGrantFlow": "direct grant", + "resetCredentialsFlow": "reset credentials", + "clientAuthenticationFlow": "clients", + "dockerAuthenticationFlow": "docker auth", + "firstBrokerLoginFlow": "first broker login", + "attributes": { + "cibaBackchannelTokenDeliveryMode": "poll", + "cibaAuthRequestedUserHint": "login_hint", + "clientOfflineSessionMaxLifespan": "0", + "oauth2DevicePollingInterval": "5", + "clientSessionIdleTimeout": "0", + "actionTokenGeneratedByUserLifespan.idp-verify-account-via-email": "", + "actionTokenGeneratedByUserLifespan.verify-email": "", + "clientOfflineSessionIdleTimeout": "0", + "actionTokenGeneratedByUserLifespan.execute-actions": "", + "cibaInterval": "5", + "realmReusableOtpCode": "false", + "cibaExpiresIn": "120", + "oauth2DeviceCodeLifespan": "600", + "parRequestUriLifespan": "60", + "clientSessionMaxLifespan": "0", + "frontendUrl": "", + "acr.loa.map": "{}", + "shortVerificationUri": "", + "actionTokenGeneratedByUserLifespan.reset-credentials": "" + }, + "keycloakVersion": "24.0.0", + "userManagedAccessAllowed": false, + "clientProfiles": { + "profiles": [] }, - "keycloakVersion" : "2.5.4.Final" + "clientPolicies": { + "policies": [] + } } \ No newline at end of file
