From ef760e9e28b690d4446b5d6ac20f93878903badd Mon Sep 17 00:00:00 2001 From: Jonas Voelcker Date: Tue, 5 Dec 2023 10:31:59 +0100 Subject: [PATCH] Add Keycloak 23 --- .env | 2 +- .github/workflows/ci.yaml | 17 +- CHANGELOG.md | 1 + Dockerfile | 2 +- README.md | 2 +- pom.xml | 57 +- .../repository/UserProfileRepository.java | 28 +- .../keycloak/config/util/JsonUtil.java | 8 + .../exported-realm/23.0.1/master-realm.json | 1772 +++++++++++++++++ 9 files changed, 1872 insertions(+), 17 deletions(-) create mode 100644 src/test/resources/import-files/exported-realm/23.0.1/master-realm.json diff --git a/.env b/.env index 5e5dc00f2..12cdb7593 100644 --- a/.env +++ b/.env @@ -1,3 +1,3 @@ # Used in docker-compose # shellcheck disable=SC2034 -KEYCLOAK_VERSION=22.0.4 +KEYCLOAK_VERSION=23.0.1 diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index c6e8d8a91..1e32ea980 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -29,10 +29,10 @@ jobs: env: # we keep 18.0.2 for backwards compatibility with RH-SSO 7.6 - KEYCLOAK_VERSION: 18.0.2 - - KEYCLOAK_VERSION: 19.0.3 - KEYCLOAK_VERSION: 20.0.5 - KEYCLOAK_VERSION: 21.1.1 - KEYCLOAK_VERSION: 22.0.4 + - KEYCLOAK_VERSION: 23.0.1 steps: - uses: actions/checkout@v3 with: @@ -50,6 +50,11 @@ jobs: key: ${{ runner.os }}-maven-${{ matrix.env.KEYCLOAK_VERSION }}-${{ hashFiles('**/pom.xml') }} restore-keys: ${{ runner.os }}-maven-${{ matrix.env.KEYCLOAK_VERSION }} + - name: Adapt sources for Keycloak versions < 23.0.0 (UPConfig -> String) + if: ${{ matrix.env.KEYCLOAK_VERSION < '23.0.0' }} + run: | + echo "JAVAX_PROFILE=-Ppre-keycloak23" >> $GITHUB_ENV + - name: Adapt sources for Keycloak versions < 22.0.0 (jakarta -> javax) if: ${{ matrix.env.KEYCLOAK_VERSION < '22.0.0' }} run: | @@ -159,6 +164,11 @@ jobs: key: ${{ runner.os }}-${{ matrix.java }}-maven-build-pom-${{ hashFiles('**/pom.xml') }} restore-keys: ${{ runner.os }}-${{ matrix.java }}-maven-build-pom + - name: Adapt sources for Keycloak versions < 23.0.0 (UPConfig -> String) + if: ${{ matrix.env.KEYCLOAK_VERSION < '23.0.0' }} + run: | + echo "JAVAX_PROFILE=-Ppre-keycloak23" >> $GITHUB_ENV + - name: Adapt sources for Keycloak versions < 22.0.0 (jakarta -> javax) if: ${{ matrix.env.KEYCLOAK_VERSION < '22.0.0' }} run: | @@ -192,6 +202,11 @@ jobs: restore-keys: | ${{ runner.os }}-maven-keycloak-legacy + - name: Adapt sources for Keycloak versions < 23.0.0 (UPConfig -> String) + if: ${{ matrix.env.KEYCLOAK_VERSION < '23.0.0' }} + run: | + echo "JAVAX_PROFILE=-Ppre-keycloak23" >> $GITHUB_ENV + - name: Adapt sources for Keycloak versions < 22.0.0 (jakarta -> javax) if: ${{ matrix.env.KEYCLOAK_VERSION < '22.0.0' }} run: | diff --git a/CHANGELOG.md b/CHANGELOG.md index 3fcb60354..cc7556461 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -5,6 +5,7 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). ## [Unreleased] +- Updated CI to use Keycloak 23.0.1 ## [5.9.0] - 2023-10-13 - Updated CI to use Keycloak 22.0.4 diff --git a/Dockerfile b/Dockerfile index 848c3f18b..be02aac5e 100644 --- a/Dockerfile +++ b/Dockerfile @@ -6,7 +6,7 @@ FROM ${BUILDER_IMAGE} AS BUILDER WORKDIR /app/ -ARG KEYCLOAK_VERSION=22.0.4 +ARG KEYCLOAK_VERSION=23.0.1 ARG MAVEN_CLI_OPTS="-ntp -B" COPY .mvn .mvn diff --git a/README.md b/README.md index b188bef0b..76c9ad924 100644 --- a/README.md +++ b/README.md @@ -156,7 +156,7 @@ Additionally, the tag `maven` contains the source code and compile keycloak-conf Keycloak versions, that not official supported., e.g.: ```bash -docker run --rm -ti -v $PWD:/config/ -eKEYCLOAK_VERSION=22.0.4 -eMAVEN_CLI_OPTS="-B -ntp -q" adorsys/keycloak-config-cli:edge-build +docker run --rm -ti -v $PWD:/config/ -eKEYCLOAK_VERSION=23.0.1 -eMAVEN_CLI_OPTS="-B -ntp -q" adorsys/keycloak-config-cli:edge-build ``` ### Docker run diff --git a/pom.xml b/pom.xml index dee390cf6..837793ea4 100644 --- a/pom.xml +++ b/pom.xml @@ -59,7 +59,7 @@ UTF-8 UTF-8 - 22.0.4 + 23.0.1 3.2.0 10.0 @@ -727,6 +727,61 @@ import jakarta import javax + + ; import org.keycloak.representations.userprofile.config.UPConfig; + ; + + + return JsonUtil.toJson\(userProfileResource.getConfiguration\(\)\); + return userProfileResource.getConfiguration(); + + + userProfileResource.update\(JsonUtil.readValue\(newUserProfileConfiguration, UPConfig.class\)\); + userProfileResource.update(newUserProfileConfiguration); + + + + + + + + + pre-keycloak23 + + + + com.google.code.maven-replacer-plugin + replacer + ${maven-replacer.version} + + + replace-upconfig-with-string + generate-sources + + replace + + + + + + ${project.basedir}/src + + + main/java/de/adorsys/keycloak/config/repository/UserProfileRepository.java + + + + ; import org.keycloak.representations.userprofile.config.UPConfig; + ; + + + return JsonUtil.toJson\(userProfileResource.getConfiguration\(\)\); + return userProfileResource.getConfiguration(); + + + userProfileResource.update\(JsonUtil.readValue\(newUserProfileConfiguration, UPConfig.class\)\); + userProfileResource.update(newUserProfileConfiguration); + diff --git a/src/main/java/de/adorsys/keycloak/config/repository/UserProfileRepository.java b/src/main/java/de/adorsys/keycloak/config/repository/UserProfileRepository.java index 1e16a64ce..3c61ab021 100644 --- a/src/main/java/de/adorsys/keycloak/config/repository/UserProfileRepository.java +++ b/src/main/java/de/adorsys/keycloak/config/repository/UserProfileRepository.java @@ -23,16 +23,13 @@ import de.adorsys.keycloak.config.exception.KeycloakRepositoryException; import de.adorsys.keycloak.config.util.JsonUtil; import org.keycloak.admin.client.resource.UserProfileResource; +import org.keycloak.representations.userprofile.config.UPConfig; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Component; import org.springframework.util.StringUtils; -import java.util.Optional; - -import jakarta.ws.rs.core.Response; - @Component public class UserProfileRepository { @@ -57,14 +54,13 @@ public void updateUserProfile(String realm, boolean newUserProfileEnabled, Strin if (!newUserProfileEnabled) { logger.trace("UserProfile is explicitly disabled, removing configuration."); - try (var response = userProfileResource.update(null)) { - logger.trace("UserProfile configuration removed."); - } + userProfileResource.update(null); + logger.trace("UserProfile configuration removed."); return; } var realmAttributes = realmRepository.get(realm).getAttributesOrEmpty(); - var currentUserProfileConfiguration = Optional.ofNullable(userProfileResource.getConfiguration()).orElse(""); + var currentUserProfileConfiguration = getUserProfileConfiguration(userProfileResource); if (!StringUtils.hasText(currentUserProfileConfiguration)) { logger.warn("UserProfile is enabled, but no configuration string provided."); return; @@ -82,10 +78,10 @@ public void updateUserProfile(String realm, boolean newUserProfileEnabled, Strin return; } - try (var updateUserProfileResponse = userProfileResource.update(newUserProfileConfiguration)) { - if (!updateUserProfileResponse.getStatusInfo().equals(Response.Status.OK)) { - throw new KeycloakRepositoryException("Could not update UserProfile Definition"); - } + try { + resolveUserProfileUpdate(userProfileResource, newUserProfileConfiguration); + } catch (Exception ex) { + throw new KeycloakRepositoryException("Could not update UserProfile Definition", ex); } logger.trace("UserProfile updated."); @@ -97,6 +93,14 @@ private boolean hasUserProfileConfigurationChanged(String newUserProfileConfigur return !currentValue.equals(newValue); } + private String getUserProfileConfiguration(UserProfileResource userProfileResource) { + return JsonUtil.toJson(userProfileResource.getConfiguration()); + } + + private void resolveUserProfileUpdate(UserProfileResource userProfileResource, String newUserProfileConfiguration) { + userProfileResource.update(JsonUtil.readValue(newUserProfileConfiguration, UPConfig.class)); + } + private UserProfileResource getResource(String realmName) { return this.realmRepository.getResource(realmName).users().userProfile(); } diff --git a/src/main/java/de/adorsys/keycloak/config/util/JsonUtil.java b/src/main/java/de/adorsys/keycloak/config/util/JsonUtil.java index fd3087189..f7d289e93 100644 --- a/src/main/java/de/adorsys/keycloak/config/util/JsonUtil.java +++ b/src/main/java/de/adorsys/keycloak/config/util/JsonUtil.java @@ -70,4 +70,12 @@ private static JsonNode fromJsonAsNode(String value) { throw new ImportProcessingException(e); } } + + public static T readValue(String value, Class type) { + try { + return value == null ? null : objectMapper.readValue(value, type); + } catch (JsonProcessingException e) { + throw new ImportProcessingException(e); + } + } } diff --git a/src/test/resources/import-files/exported-realm/23.0.1/master-realm.json b/src/test/resources/import-files/exported-realm/23.0.1/master-realm.json new file mode 100644 index 000000000..ef5285bd3 --- /dev/null +++ b/src/test/resources/import-files/exported-realm/23.0.1/master-realm.json @@ -0,0 +1,1772 @@ +{ + "id" : "460df8d4-5781-4777-9405-53c1f2bc9025", + "realm" : "master", + "displayName" : "Keycloak", + "displayNameHtml" : "
Keycloak
", + "notBefore" : 0, + "defaultSignatureAlgorithm" : "RS256", + "revokeRefreshToken" : false, + "refreshTokenMaxReuse" : 0, + "accessTokenLifespan" : 60, + "accessTokenLifespanForImplicitFlow" : 900, + "ssoSessionIdleTimeout" : 1800, + "ssoSessionMaxLifespan" : 36000, + "ssoSessionIdleTimeoutRememberMe" : 0, + "ssoSessionMaxLifespanRememberMe" : 0, + "offlineSessionIdleTimeout" : 2592000, + "offlineSessionMaxLifespanEnabled" : false, + "offlineSessionMaxLifespan" : 5184000, + "clientSessionIdleTimeout" : 0, + "clientSessionMaxLifespan" : 0, + "clientOfflineSessionIdleTimeout" : 0, + "clientOfflineSessionMaxLifespan" : 0, + "accessCodeLifespan" : 60, + "accessCodeLifespanUserAction" : 300, + "accessCodeLifespanLogin" : 1800, + "actionTokenGeneratedByAdminLifespan" : 43200, + "actionTokenGeneratedByUserLifespan" : 300, + "oauth2DeviceCodeLifespan" : 600, + "oauth2DevicePollingInterval" : 5, + "enabled" : true, + "sslRequired" : "external", + "registrationAllowed" : false, + "registrationEmailAsUsername" : false, + "rememberMe" : false, + "verifyEmail" : false, + "loginWithEmailAllowed" : true, + "duplicateEmailsAllowed" : false, + "resetPasswordAllowed" : false, + "editUsernameAllowed" : false, + "bruteForceProtected" : false, + "permanentLockout" : false, + "maxFailureWaitSeconds" : 900, + "minimumQuickLoginWaitSeconds" : 60, + "waitIncrementSeconds" : 60, + "quickLoginCheckMilliSeconds" : 1000, + "maxDeltaTimeSeconds" : 43200, + "failureFactor" : 30, + "roles" : { + "realm" : [ { + "id" : "ae47c4c5-a140-414a-8100-686b74bb2564", + "name" : "default-roles-master", + "description" : "${role_default-roles}", + "composite" : true, + "composites" : { + "realm" : [ "offline_access", "uma_authorization" ], + "client" : { + "account" : [ "view-profile", "manage-account" ] + } + }, + "clientRole" : false, + "containerId" : "460df8d4-5781-4777-9405-53c1f2bc9025", + "attributes" : { } + }, { + "id" : "963e4dc3-6758-49e0-8f46-5ed26d860d7b", + "name" : "uma_authorization", + "description" : "${role_uma_authorization}", + "composite" : false, + "clientRole" : false, + "containerId" : "460df8d4-5781-4777-9405-53c1f2bc9025", + "attributes" : { } + }, { + "id" : "810c51ab-a806-4e61-abed-9223e0d09f0e", + "name" : "offline_access", + "description" : "${role_offline-access}", + "composite" : false, + "clientRole" : false, + "containerId" : "460df8d4-5781-4777-9405-53c1f2bc9025", + "attributes" : { } + }, { + "id" : "07f7b288-a251-4a16-a1ea-600cca9144b3", + "name" : "admin", + "description" : "${role_admin}", + "composite" : true, + "composites" : { + "realm" : [ "create-realm" ], + "client" : { + "master-realm" : [ "view-realm", "impersonation", "manage-users", "view-clients", "view-identity-providers", "query-groups", "view-events", "manage-clients", "query-clients", "query-realms", "view-authorization", "manage-identity-providers", "view-users", "manage-events", "query-users", "create-client", "manage-authorization", "manage-realm" ] + } + }, + "clientRole" : false, + "containerId" : "460df8d4-5781-4777-9405-53c1f2bc9025", + "attributes" : { } + }, { + "id" : "cbea6ccc-3887-4f0a-9b64-fca3d94d7842", + "name" : "create-realm", + "description" : "${role_create-realm}", + "composite" : false, + "clientRole" : false, + "containerId" : "460df8d4-5781-4777-9405-53c1f2bc9025", + "attributes" : { } + } ], + "client" : { + "security-admin-console" : [ ], + "admin-cli" : [ ], + "account-console" : [ ], + "broker" : [ { + "id" : "124bfac0-40af-44f1-8f47-12e80a2b6be2", + "name" : "read-token", + "description" : "${role_read-token}", + "composite" : false, + "clientRole" : true, + "containerId" : "d57146b7-43c9-4f33-aef6-8d55e3b8950b", + "attributes" : { } + } ], + "master-realm" : [ { + "id" : "c2d8d33d-2abb-4f4d-925b-8b1f6b7d0bcb", + "name" : "view-realm", + "description" : "${role_view-realm}", + "composite" : false, + "clientRole" : true, + "containerId" : "b46bb03c-c38a-4928-a176-1b9beb318b81", + "attributes" : { } + }, { + "id" : "88424f5b-5730-4ac9-912d-4458e4e425fd", + "name" : "impersonation", + "description" : "${role_impersonation}", + "composite" : false, + "clientRole" : true, + "containerId" : "b46bb03c-c38a-4928-a176-1b9beb318b81", + "attributes" : { } + }, { + "id" : "363f354c-4fa5-4500-ab6f-1251b34c318f", + "name" : "manage-users", + "description" : "${role_manage-users}", + "composite" : false, + "clientRole" : true, + "containerId" : "b46bb03c-c38a-4928-a176-1b9beb318b81", + "attributes" : { } + }, { + "id" : "7f666339-3ac5-48ce-9383-6564f76d855e", + "name" : "view-clients", + "description" : "${role_view-clients}", + "composite" : true, + "composites" : { + "client" : { + "master-realm" : [ "query-clients" ] + } + }, + "clientRole" : true, + "containerId" : "b46bb03c-c38a-4928-a176-1b9beb318b81", + "attributes" : { } + }, { + "id" : "083d0190-ff4b-47cc-b83d-e89b327a3836", + "name" : "view-identity-providers", + "description" : "${role_view-identity-providers}", + "composite" : false, + "clientRole" : true, + "containerId" : "b46bb03c-c38a-4928-a176-1b9beb318b81", + "attributes" : { } + }, { + "id" : "9a62f94e-0ada-47b2-9c81-14dede6fcac4", + "name" : "query-groups", + "description" : "${role_query-groups}", + "composite" : false, + "clientRole" : true, + "containerId" : "b46bb03c-c38a-4928-a176-1b9beb318b81", + "attributes" : { } + }, { + "id" : "987f8c16-db0a-4de8-bfee-fb9b52e3d89e", + "name" : "manage-clients", + "description" : "${role_manage-clients}", + "composite" : false, + "clientRole" : true, + "containerId" : "b46bb03c-c38a-4928-a176-1b9beb318b81", + "attributes" : { } + }, { + "id" : "e1f2ccb7-51ef-4f61-aec5-99390cd698ad", + "name" : "query-clients", + "description" : "${role_query-clients}", + "composite" : false, + "clientRole" : true, + "containerId" : "b46bb03c-c38a-4928-a176-1b9beb318b81", + "attributes" : { } + }, { + "id" : "913593d7-1477-40bc-ac8b-4fdce3af5ec3", + "name" : "view-events", + "description" : "${role_view-events}", + "composite" : false, + "clientRole" : true, + "containerId" : "b46bb03c-c38a-4928-a176-1b9beb318b81", + "attributes" : { } + }, { + "id" : "3e88ec55-eddd-404b-ac06-496e34598cb3", + "name" : "query-realms", + "description" : "${role_query-realms}", + "composite" : false, + "clientRole" : true, + "containerId" : "b46bb03c-c38a-4928-a176-1b9beb318b81", + "attributes" : { } + }, { + "id" : "b079ebec-72d6-4d46-bb46-0f49c4fc7b60", + "name" : "view-authorization", + "description" : "${role_view-authorization}", + "composite" : false, + "clientRole" : true, + "containerId" : "b46bb03c-c38a-4928-a176-1b9beb318b81", + "attributes" : { } + }, { + "id" : "052686f7-1daf-49d5-9570-5af90b1d0478", + "name" : "manage-identity-providers", + "description" : "${role_manage-identity-providers}", + "composite" : false, + "clientRole" : true, + "containerId" : "b46bb03c-c38a-4928-a176-1b9beb318b81", + "attributes" : { } + }, { + "id" : "9b4ffed5-221d-4fdf-a84b-fc9ce4b99593", + "name" : "view-users", + "description" : "${role_view-users}", + "composite" : true, + "composites" : { + "client" : { + "master-realm" : [ "query-users", "query-groups" ] + } + }, + "clientRole" : true, + "containerId" : "b46bb03c-c38a-4928-a176-1b9beb318b81", + "attributes" : { } + }, { + "id" : "7fa3644d-82c5-4413-9bd6-da65d2cc85c8", + "name" : "manage-events", + "description" : "${role_manage-events}", + "composite" : false, + "clientRole" : true, + "containerId" : "b46bb03c-c38a-4928-a176-1b9beb318b81", + "attributes" : { } + }, { + "id" : "0d5cae2b-1a5c-434c-982e-bb1d63b803f9", + "name" : "query-users", + "description" : "${role_query-users}", + "composite" : false, + "clientRole" : true, + "containerId" : "b46bb03c-c38a-4928-a176-1b9beb318b81", + "attributes" : { } + }, { + "id" : "56c80e07-1944-43eb-ae13-409665d757c8", + "name" : "create-client", + "description" : "${role_create-client}", + "composite" : false, + "clientRole" : true, + "containerId" : "b46bb03c-c38a-4928-a176-1b9beb318b81", + "attributes" : { } + }, { + "id" : "60b3b1ae-9957-42d0-b2eb-a5eff9dc4c5e", + "name" : "manage-authorization", + "description" : "${role_manage-authorization}", + "composite" : false, + "clientRole" : true, + "containerId" : "b46bb03c-c38a-4928-a176-1b9beb318b81", + "attributes" : { } + }, { + "id" : "880b3a8c-3346-45c5-90f8-24df99479894", + "name" : "manage-realm", + "description" : "${role_manage-realm}", + "composite" : false, + "clientRole" : true, + "containerId" : "b46bb03c-c38a-4928-a176-1b9beb318b81", + "attributes" : { } + } ], + "account" : [ { + "id" : "f317170a-84fb-438c-a335-6fcfcc1b6b5b", + "name" : "manage-account-links", + "description" : "${role_manage-account-links}", + "composite" : false, + "clientRole" : true, + "containerId" : "9847d217-bae0-4b98-8dcd-b23df8ccd7fd", + "attributes" : { } + }, { + "id" : "f9de4cfe-e37f-4d37-8db7-c0692c33f8cc", + "name" : "view-consent", + "description" : "${role_view-consent}", + "composite" : false, + "clientRole" : true, + "containerId" : "9847d217-bae0-4b98-8dcd-b23df8ccd7fd", + "attributes" : { } + }, { + "id" : "a833bfad-3d17-40d2-a767-f29b20d0f34b", + "name" : "delete-account", + "description" : "${role_delete-account}", + "composite" : false, + "clientRole" : true, + "containerId" : "9847d217-bae0-4b98-8dcd-b23df8ccd7fd", + "attributes" : { } + }, { + "id" : "d4e8f742-3924-453b-a533-b32206d57c46", + "name" : "view-groups", + "description" : "${role_view-groups}", + "composite" : false, + "clientRole" : true, + "containerId" : "9847d217-bae0-4b98-8dcd-b23df8ccd7fd", + "attributes" : { } + }, { + "id" : "12f09590-8741-41f9-8351-05f91d237a92", + "name" : "view-profile", + "description" : "${role_view-profile}", + "composite" : false, + "clientRole" : true, + "containerId" : "9847d217-bae0-4b98-8dcd-b23df8ccd7fd", + "attributes" : { } + }, { + "id" : "57605e21-0e25-4bbd-a3e3-2f5654b46905", + "name" : "manage-account", + "description" : "${role_manage-account}", + "composite" : true, + "composites" : { + "client" : { + "account" : [ "manage-account-links" ] + } + }, + "clientRole" : true, + "containerId" : "9847d217-bae0-4b98-8dcd-b23df8ccd7fd", + "attributes" : { } + }, { + "id" : "f567df20-c686-4cc2-bdeb-bd28211c5845", + "name" : "manage-consent", + "description" : "${role_manage-consent}", + "composite" : true, + "composites" : { + "client" : { + "account" : [ "view-consent" ] + } + }, + "clientRole" : true, + "containerId" : "9847d217-bae0-4b98-8dcd-b23df8ccd7fd", + "attributes" : { } + }, { + "id" : "8db98d7d-2015-4e68-be6c-690a58aae9c7", + "name" : "view-applications", + "description" : "${role_view-applications}", + "composite" : false, + "clientRole" : true, + "containerId" : "9847d217-bae0-4b98-8dcd-b23df8ccd7fd", + "attributes" : { } + } ] + } + }, + "groups" : [ ], + "defaultRole" : { + "id" : "ae47c4c5-a140-414a-8100-686b74bb2564", + "name" : "default-roles-master", + "description" : "${role_default-roles}", + "composite" : true, + "clientRole" : false, + "containerId" : "460df8d4-5781-4777-9405-53c1f2bc9025" + }, + "requiredCredentials" : [ "password" ], + "otpPolicyType" : "totp", + "otpPolicyAlgorithm" : "HmacSHA1", + "otpPolicyInitialCounter" : 0, + "otpPolicyDigits" : 6, + "otpPolicyLookAheadWindow" : 1, + "otpPolicyPeriod" : 30, + "otpPolicyCodeReusable" : false, + "otpSupportedApplications" : [ "totpAppFreeOTPName", "totpAppGoogleName", "totpAppMicrosoftAuthenticatorName" ], + "localizationTexts" : { }, + "webAuthnPolicyRpEntityName" : "keycloak", + "webAuthnPolicySignatureAlgorithms" : [ "ES256" ], + "webAuthnPolicyRpId" : "", + "webAuthnPolicyAttestationConveyancePreference" : "not specified", + "webAuthnPolicyAuthenticatorAttachment" : "not specified", + "webAuthnPolicyRequireResidentKey" : "not specified", + "webAuthnPolicyUserVerificationRequirement" : "not specified", + "webAuthnPolicyCreateTimeout" : 0, + "webAuthnPolicyAvoidSameAuthenticatorRegister" : false, + "webAuthnPolicyAcceptableAaguids" : [ ], + "webAuthnPolicyExtraOrigins" : [ ], + "webAuthnPolicyPasswordlessRpEntityName" : "keycloak", + "webAuthnPolicyPasswordlessSignatureAlgorithms" : [ "ES256" ], + "webAuthnPolicyPasswordlessRpId" : "", + "webAuthnPolicyPasswordlessAttestationConveyancePreference" : "not specified", + "webAuthnPolicyPasswordlessAuthenticatorAttachment" : "not specified", + "webAuthnPolicyPasswordlessRequireResidentKey" : "not specified", + "webAuthnPolicyPasswordlessUserVerificationRequirement" : "not specified", + "webAuthnPolicyPasswordlessCreateTimeout" : 0, + "webAuthnPolicyPasswordlessAvoidSameAuthenticatorRegister" : false, + "webAuthnPolicyPasswordlessAcceptableAaguids" : [ ], + "webAuthnPolicyPasswordlessExtraOrigins" : [ ], + "scopeMappings" : [ { + "clientScope" : "offline_access", + "roles" : [ "offline_access" ] + } ], + "clientScopeMappings" : { + "account" : [ { + "client" : "account-console", + "roles" : [ "manage-account", "view-groups" ] + } ] + }, + "clients" : [ { + "id" : "9847d217-bae0-4b98-8dcd-b23df8ccd7fd", + "clientId" : "account", + "name" : "${client_account}", + "rootUrl" : "${authBaseUrl}", + "baseUrl" : "/realms/master/account/", + "surrogateAuthRequired" : false, + "enabled" : true, + "alwaysDisplayInConsole" : false, + "clientAuthenticatorType" : "client-secret", + "redirectUris" : [ "/realms/master/account/*" ], + "webOrigins" : [ ], + "notBefore" : 0, + "bearerOnly" : false, + "consentRequired" : false, + "standardFlowEnabled" : true, + "implicitFlowEnabled" : false, + "directAccessGrantsEnabled" : false, + "serviceAccountsEnabled" : false, + "publicClient" : true, + "frontchannelLogout" : false, + "protocol" : "openid-connect", + "attributes" : { + "post.logout.redirect.uris" : "+" + }, + "authenticationFlowBindingOverrides" : { }, + "fullScopeAllowed" : false, + "nodeReRegistrationTimeout" : 0, + "defaultClientScopes" : [ "web-origins", "acr", "profile", "roles", "email" ], + "optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ] + }, { + "id" : "33cc4a10-9631-483d-87bc-7615458846ab", + "clientId" : "account-console", + "name" : "${client_account-console}", + "rootUrl" : "${authBaseUrl}", + "baseUrl" : "/realms/master/account/", + "surrogateAuthRequired" : false, + "enabled" : true, + "alwaysDisplayInConsole" : false, + "clientAuthenticatorType" : "client-secret", + "redirectUris" : [ "/realms/master/account/*" ], + "webOrigins" : [ ], + "notBefore" : 0, + "bearerOnly" : false, + "consentRequired" : false, + "standardFlowEnabled" : true, + "implicitFlowEnabled" : false, + "directAccessGrantsEnabled" : false, + "serviceAccountsEnabled" : false, + "publicClient" : true, + "frontchannelLogout" : false, + "protocol" : "openid-connect", + "attributes" : { + "post.logout.redirect.uris" : "+", + "pkce.code.challenge.method" : "S256" + }, + "authenticationFlowBindingOverrides" : { }, + "fullScopeAllowed" : false, + "nodeReRegistrationTimeout" : 0, + "protocolMappers" : [ { + "id" : "f6e92a27-623b-4e91-95f6-232bbd9069fd", + "name" : "audience resolve", + "protocol" : "openid-connect", + "protocolMapper" : "oidc-audience-resolve-mapper", + "consentRequired" : false, + "config" : { } + } ], + "defaultClientScopes" : [ "web-origins", "acr", "profile", "roles", "email" ], + "optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ] + }, { + "id" : "2397bd0a-570c-467b-b551-9166f302a4db", + "clientId" : "admin-cli", + "name" : "${client_admin-cli}", + "surrogateAuthRequired" : false, + "enabled" : true, + "alwaysDisplayInConsole" : false, + "clientAuthenticatorType" : "client-secret", + "redirectUris" : [ ], + "webOrigins" : [ ], + "notBefore" : 0, + "bearerOnly" : false, + "consentRequired" : false, + "standardFlowEnabled" : false, + "implicitFlowEnabled" : false, + "directAccessGrantsEnabled" : true, + "serviceAccountsEnabled" : false, + "publicClient" : true, + "frontchannelLogout" : false, + "protocol" : "openid-connect", + "attributes" : { }, + "authenticationFlowBindingOverrides" : { }, + "fullScopeAllowed" : false, + "nodeReRegistrationTimeout" : 0, + "defaultClientScopes" : [ "web-origins", "acr", "profile", "roles", "email" ], + "optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ] + }, { + "id" : "d57146b7-43c9-4f33-aef6-8d55e3b8950b", + "clientId" : "broker", + "name" : "${client_broker}", + "surrogateAuthRequired" : false, + "enabled" : true, + "alwaysDisplayInConsole" : false, + "clientAuthenticatorType" : "client-secret", + "redirectUris" : [ ], + "webOrigins" : [ ], + "notBefore" : 0, + "bearerOnly" : true, + "consentRequired" : false, + "standardFlowEnabled" : true, + "implicitFlowEnabled" : false, + "directAccessGrantsEnabled" : false, + "serviceAccountsEnabled" : false, + "publicClient" : false, + "frontchannelLogout" : false, + "protocol" : "openid-connect", + "attributes" : { }, + "authenticationFlowBindingOverrides" : { }, + "fullScopeAllowed" : false, + "nodeReRegistrationTimeout" : 0, + "defaultClientScopes" : [ "web-origins", "acr", "profile", "roles", "email" ], + "optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ] + }, { + "id" : "b46bb03c-c38a-4928-a176-1b9beb318b81", + "clientId" : "master-realm", + "name" : "master Realm", + "surrogateAuthRequired" : false, + "enabled" : true, + "alwaysDisplayInConsole" : false, + "clientAuthenticatorType" : "client-secret", + "redirectUris" : [ ], + "webOrigins" : [ ], + "notBefore" : 0, + "bearerOnly" : true, + "consentRequired" : false, + "standardFlowEnabled" : true, + "implicitFlowEnabled" : false, + "directAccessGrantsEnabled" : false, + "serviceAccountsEnabled" : false, + "publicClient" : false, + "frontchannelLogout" : false, + "attributes" : { }, + "authenticationFlowBindingOverrides" : { }, + "fullScopeAllowed" : false, + "nodeReRegistrationTimeout" : 0, + "defaultClientScopes" : [ "web-origins", "acr", "profile", "roles", "email" ], + "optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ] + }, { + "id" : "cac6668d-6835-4328-94de-0cc0f2e9a1d0", + "clientId" : "security-admin-console", + "name" : "${client_security-admin-console}", + "rootUrl" : "${authAdminUrl}", + "baseUrl" : "/admin/master/console/", + "surrogateAuthRequired" : false, + "enabled" : true, + "alwaysDisplayInConsole" : false, + "clientAuthenticatorType" : "client-secret", + "redirectUris" : [ "/admin/master/console/*" ], + "webOrigins" : [ "+" ], + "notBefore" : 0, + "bearerOnly" : false, + "consentRequired" : false, + "standardFlowEnabled" : true, + "implicitFlowEnabled" : false, + "directAccessGrantsEnabled" : false, + "serviceAccountsEnabled" : false, + "publicClient" : true, + "frontchannelLogout" : false, + "protocol" : "openid-connect", + "attributes" : { + "post.logout.redirect.uris" : "+", + "pkce.code.challenge.method" : "S256" + }, + "authenticationFlowBindingOverrides" : { }, + "fullScopeAllowed" : false, + "nodeReRegistrationTimeout" : 0, + "protocolMappers" : [ { + "id" : "797133d4-9a7b-4780-bd20-a5f8c57d81b4", + "name" : "locale", + "protocol" : "openid-connect", + "protocolMapper" : "oidc-usermodel-attribute-mapper", + "consentRequired" : false, + "config" : { + "introspection.token.claim" : "true", + "userinfo.token.claim" : "true", + "user.attribute" : "locale", + "id.token.claim" : "true", + "access.token.claim" : "true", + "claim.name" : "locale", + "jsonType.label" : "String" + } + } ], + "defaultClientScopes" : [ "web-origins", "acr", "profile", "roles", "email" ], + "optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ] + } ], + "clientScopes" : [ { + "id" : "3f61feb3-bfd2-42f5-aa6e-f58b7c811ea9", + "name" : "profile", + "description" : "OpenID Connect built-in scope: profile", + "protocol" : "openid-connect", + "attributes" : { + "include.in.token.scope" : "true", + "display.on.consent.screen" : "true", + "consent.screen.text" : "${profileScopeConsentText}" + }, + "protocolMappers" : [ { + "id" : "4adf57e4-0e2e-4b9b-9412-1b0853b4a28d", + "name" : "website", + "protocol" : "openid-connect", + "protocolMapper" : "oidc-usermodel-attribute-mapper", + "consentRequired" : false, + "config" : { + "introspection.token.claim" : "true", + "userinfo.token.claim" : "true", + "user.attribute" : "website", + "id.token.claim" : "true", + "access.token.claim" : "true", + "claim.name" : "website", + "jsonType.label" : "String" + } + }, { + "id" : "54bf6c41-7902-4a2e-84b9-3e7342dd267f", + "name" : "picture", + "protocol" : "openid-connect", + "protocolMapper" : "oidc-usermodel-attribute-mapper", + "consentRequired" : false, + "config" : { + "introspection.token.claim" : "true", + "userinfo.token.claim" : "true", + "user.attribute" : "picture", + "id.token.claim" : "true", + "access.token.claim" : "true", + "claim.name" : "picture", + "jsonType.label" : "String" + } + }, { + "id" : "4703a740-a789-4f27-b240-1d071b3efc7d", + "name" : "birthdate", + "protocol" : "openid-connect", + "protocolMapper" : "oidc-usermodel-attribute-mapper", + "consentRequired" : false, + "config" : { + "introspection.token.claim" : "true", + "userinfo.token.claim" : "true", + "user.attribute" : "birthdate", + "id.token.claim" : "true", + "access.token.claim" : "true", + "claim.name" : "birthdate", + "jsonType.label" : "String" + } + }, { + "id" : "d05e726c-d92c-4519-a7c7-b86b1520a2f0", + "name" : "middle name", + "protocol" : "openid-connect", + "protocolMapper" : "oidc-usermodel-attribute-mapper", + "consentRequired" : false, + "config" : { + "introspection.token.claim" : "true", + "userinfo.token.claim" : "true", + "user.attribute" : "middleName", + "id.token.claim" : "true", + "access.token.claim" : "true", + "claim.name" : "middle_name", + "jsonType.label" : "String" + } + }, { + "id" : "7d86f966-bf97-45fc-bdd3-f830f860c5c3", + "name" : "full name", + "protocol" : "openid-connect", + "protocolMapper" : "oidc-full-name-mapper", + "consentRequired" : false, + "config" : { + "id.token.claim" : "true", + "introspection.token.claim" : "true", + "access.token.claim" : "true", + "userinfo.token.claim" : "true" + } + }, { + "id" : "f8c1655c-232b-4e6b-b920-e5dd2266d223", + "name" : "family name", + "protocol" : "openid-connect", + "protocolMapper" : "oidc-usermodel-attribute-mapper", + "consentRequired" : false, + "config" : { + "introspection.token.claim" : "true", + "userinfo.token.claim" : "true", + "user.attribute" : "lastName", + "id.token.claim" : "true", + "access.token.claim" : "true", + "claim.name" : "family_name", + "jsonType.label" : "String" + } + }, { + "id" : "7eb1577c-db2f-4103-a77e-0f81bea5bb17", + "name" : "gender", + "protocol" : "openid-connect", + "protocolMapper" : "oidc-usermodel-attribute-mapper", + "consentRequired" : false, + "config" : { + "introspection.token.claim" : "true", + "userinfo.token.claim" : "true", + "user.attribute" : "gender", + "id.token.claim" : "true", + "access.token.claim" : "true", + "claim.name" : "gender", + "jsonType.label" : "String" + } + }, { + "id" : "2a2a7194-e8c8-49c4-9aee-90c10f389d08", + "name" : "locale", + "protocol" : "openid-connect", + "protocolMapper" : "oidc-usermodel-attribute-mapper", + "consentRequired" : false, + "config" : { + "introspection.token.claim" : "true", + "userinfo.token.claim" : "true", + "user.attribute" : "locale", + "id.token.claim" : "true", + "access.token.claim" : "true", + "claim.name" : "locale", + "jsonType.label" : "String" + } + }, { + "id" : "d2716ab1-d89a-4162-90f5-153282463496", + "name" : "username", + "protocol" : "openid-connect", + "protocolMapper" : "oidc-usermodel-attribute-mapper", + "consentRequired" : false, + "config" : { + "introspection.token.claim" : "true", + "userinfo.token.claim" : "true", + "user.attribute" : "username", + "id.token.claim" : "true", + "access.token.claim" : "true", + "claim.name" : "preferred_username", + "jsonType.label" : "String" + } + }, { + "id" : "546d1d2e-e391-4b98-a2b2-280d5f02604a", + "name" : "zoneinfo", + "protocol" : "openid-connect", + "protocolMapper" : "oidc-usermodel-attribute-mapper", + "consentRequired" : false, + "config" : { + "introspection.token.claim" : "true", + "userinfo.token.claim" : "true", + "user.attribute" : "zoneinfo", + "id.token.claim" : "true", + "access.token.claim" : "true", + "claim.name" : "zoneinfo", + "jsonType.label" : "String" + } + }, { + "id" : "e9d8e22d-a1e5-4793-ae7e-67722530928b", + "name" : "given name", + "protocol" : "openid-connect", + "protocolMapper" : "oidc-usermodel-attribute-mapper", + "consentRequired" : false, + "config" : { + "introspection.token.claim" : "true", + "userinfo.token.claim" : "true", + "user.attribute" : "firstName", + "id.token.claim" : "true", + "access.token.claim" : "true", + "claim.name" : "given_name", + "jsonType.label" : "String" + } + }, { + "id" : "dda2ac16-ba91-4d02-8513-88b3e8b58a6d", + "name" : "profile", + "protocol" : "openid-connect", + "protocolMapper" : "oidc-usermodel-attribute-mapper", + "consentRequired" : false, + "config" : { + "introspection.token.claim" : "true", + "userinfo.token.claim" : "true", + "user.attribute" : "profile", + "id.token.claim" : "true", + "access.token.claim" : "true", + "claim.name" : "profile", + "jsonType.label" : "String" + } + }, { + "id" : "b9f8a325-bd51-46db-b0d3-59a03be50c68", + "name" : "updated at", + "protocol" : "openid-connect", + "protocolMapper" : "oidc-usermodel-attribute-mapper", + "consentRequired" : false, + "config" : { + "introspection.token.claim" : "true", + "userinfo.token.claim" : "true", + "user.attribute" : "updatedAt", + "id.token.claim" : "true", + "access.token.claim" : "true", + "claim.name" : "updated_at", + "jsonType.label" : "long" + } + }, { + "id" : "7c16b858-ab8d-41ea-b73e-9e55c171b960", + "name" : "nickname", + "protocol" : "openid-connect", + "protocolMapper" : "oidc-usermodel-attribute-mapper", + "consentRequired" : false, + "config" : { + "introspection.token.claim" : "true", + "userinfo.token.claim" : "true", + "user.attribute" : "nickname", + "id.token.claim" : "true", + "access.token.claim" : "true", + "claim.name" : "nickname", + "jsonType.label" : "String" + } + } ] + }, { + "id" : "3fc6ae5a-4269-49d9-9855-4bb12fed3b4b", + "name" : "web-origins", + "description" : "OpenID Connect scope for add allowed web origins to the access token", + "protocol" : "openid-connect", + "attributes" : { + "include.in.token.scope" : "false", + "display.on.consent.screen" : "false", + "consent.screen.text" : "" + }, + "protocolMappers" : [ { + "id" : "df3faef0-50e6-4c1c-9634-83c60c61bb68", + "name" : "allowed web origins", + "protocol" : "openid-connect", + "protocolMapper" : "oidc-allowed-origins-mapper", + "consentRequired" : false, + "config" : { + "introspection.token.claim" : "true", + "access.token.claim" : "true" + } + } ] + }, { + "id" : "7c885455-791f-40ea-854f-baf40bd084b3", + "name" : "microprofile-jwt", + "description" : "Microprofile - JWT built-in scope", + "protocol" : "openid-connect", + "attributes" : { + "include.in.token.scope" : "true", + "display.on.consent.screen" : "false" + }, + "protocolMappers" : [ { + "id" : "91d46c2f-f976-4413-89e9-72a6149c2301", + "name" : "groups", + "protocol" : "openid-connect", + "protocolMapper" : "oidc-usermodel-realm-role-mapper", + "consentRequired" : false, + "config" : { + "introspection.token.claim" : "true", + "multivalued" : "true", + "user.attribute" : "foo", + "id.token.claim" : "true", + "access.token.claim" : "true", + "claim.name" : "groups", + "jsonType.label" : "String" + } + }, { + "id" : "ddb57dad-aeb1-4f8c-bf57-d400882b871e", + "name" : "upn", + "protocol" : "openid-connect", + "protocolMapper" : "oidc-usermodel-attribute-mapper", + "consentRequired" : false, + "config" : { + "introspection.token.claim" : "true", + "userinfo.token.claim" : "true", + "user.attribute" : "username", + "id.token.claim" : "true", + "access.token.claim" : "true", + "claim.name" : "upn", + "jsonType.label" : "String" + } + } ] + }, { + "id" : "bfc1c3f7-12a1-4049-b4fc-d992f399d6da", + "name" : "role_list", + "description" : "SAML role list", + "protocol" : "saml", + "attributes" : { + "consent.screen.text" : "${samlRoleListScopeConsentText}", + "display.on.consent.screen" : "true" + }, + "protocolMappers" : [ { + "id" : "f8a38bc9-39e0-4db6-9952-f161849f5382", + "name" : "role list", + "protocol" : "saml", + "protocolMapper" : "saml-role-list-mapper", + "consentRequired" : false, + "config" : { + "single" : "false", + "attribute.nameformat" : "Basic", + "attribute.name" : "Role" + } + } ] + }, { + "id" : "ef05e94f-38b5-481d-b817-6edd20729e9a", + "name" : "email", + "description" : "OpenID Connect built-in scope: email", + "protocol" : "openid-connect", + "attributes" : { + "include.in.token.scope" : "true", + "display.on.consent.screen" : "true", + "consent.screen.text" : "${emailScopeConsentText}" + }, + "protocolMappers" : [ { + "id" : "ce749bd1-f41d-4b31-a33f-51bcfd8a4056", + "name" : "email", + "protocol" : "openid-connect", + "protocolMapper" : "oidc-usermodel-attribute-mapper", + "consentRequired" : false, + "config" : { + "introspection.token.claim" : "true", + "userinfo.token.claim" : "true", + "user.attribute" : "email", + "id.token.claim" : "true", + "access.token.claim" : "true", + "claim.name" : "email", + "jsonType.label" : "String" + } + }, { + "id" : "124a65a3-0516-4f26-ac88-3cd9f0b61713", + "name" : "email verified", + "protocol" : "openid-connect", + "protocolMapper" : "oidc-usermodel-property-mapper", + "consentRequired" : false, + "config" : { + "introspection.token.claim" : "true", + "userinfo.token.claim" : "true", + "user.attribute" : "emailVerified", + "id.token.claim" : "true", + "access.token.claim" : "true", + "claim.name" : "email_verified", + "jsonType.label" : "boolean" + } + } ] + }, { + "id" : "211f8ae7-d975-4535-b77d-2f7d32a48240", + "name" : "address", + "description" : "OpenID Connect built-in scope: address", + "protocol" : "openid-connect", + "attributes" : { + "include.in.token.scope" : "true", + "display.on.consent.screen" : "true", + "consent.screen.text" : "${addressScopeConsentText}" + }, + "protocolMappers" : [ { + "id" : "7b1f21ee-54ba-4f3b-934e-04dc381991a1", + "name" : "address", + "protocol" : "openid-connect", + "protocolMapper" : "oidc-address-mapper", + "consentRequired" : false, + "config" : { + "user.attribute.formatted" : "formatted", + "user.attribute.country" : "country", + "introspection.token.claim" : "true", + "user.attribute.postal_code" : "postal_code", + "userinfo.token.claim" : "true", + "user.attribute.street" : "street", + "id.token.claim" : "true", + "user.attribute.region" : "region", + "access.token.claim" : "true", + "user.attribute.locality" : "locality" + } + } ] + }, { + "id" : "ab19500b-3974-4b90-b682-9e19f3c2a6e6", + "name" : "offline_access", + "description" : "OpenID Connect built-in scope: offline_access", + "protocol" : "openid-connect", + "attributes" : { + "consent.screen.text" : "${offlineAccessScopeConsentText}", + "display.on.consent.screen" : "true" + } + }, { + "id" : "e947e48c-415a-4b51-865f-936109adaace", + "name" : "roles", + "description" : "OpenID Connect scope for add user roles to the access token", + "protocol" : "openid-connect", + "attributes" : { + "include.in.token.scope" : "false", + "display.on.consent.screen" : "true", + "consent.screen.text" : "${rolesScopeConsentText}" + }, + "protocolMappers" : [ { + "id" : "69494fe0-0c14-4e36-aa57-193a5bf2739e", + "name" : "client roles", + "protocol" : "openid-connect", + "protocolMapper" : "oidc-usermodel-client-role-mapper", + "consentRequired" : false, + "config" : { + "introspection.token.claim" : "true", + "multivalued" : "true", + "user.attribute" : "foo", + "access.token.claim" : "true", + "claim.name" : "resource_access.${client_id}.roles", + "jsonType.label" : "String" + } + }, { + "id" : "aa279593-eaf2-45b4-a801-c0e2fe3fa344", + "name" : "realm roles", + "protocol" : "openid-connect", + "protocolMapper" : "oidc-usermodel-realm-role-mapper", + "consentRequired" : false, + "config" : { + "introspection.token.claim" : "true", + "multivalued" : "true", + "user.attribute" : "foo", + "access.token.claim" : "true", + "claim.name" : "realm_access.roles", + "jsonType.label" : "String" + } + }, { + "id" : "0c798738-85aa-445e-bab1-74da2dc9fa70", + "name" : "audience resolve", + "protocol" : "openid-connect", + "protocolMapper" : "oidc-audience-resolve-mapper", + "consentRequired" : false, + "config" : { + "introspection.token.claim" : "true", + "access.token.claim" : "true" + } + } ] + }, { + "id" : "cbf7973d-bdb1-4f70-bf04-e5d5d8a95007", + "name" : "acr", + "description" : "OpenID Connect scope for add acr (authentication context class reference) to the token", + "protocol" : "openid-connect", + "attributes" : { + "include.in.token.scope" : "false", + "display.on.consent.screen" : "false" + }, + "protocolMappers" : [ { + "id" : "a27550b1-2656-435c-b443-04b8c45ec912", + "name" : "acr loa level", + "protocol" : "openid-connect", + "protocolMapper" : "oidc-acr-mapper", + "consentRequired" : false, + "config" : { + "id.token.claim" : "true", + "introspection.token.claim" : "true", + "access.token.claim" : "true" + } + } ] + }, { + "id" : "f841bbb3-c4a5-42d8-8500-e2e9c752f430", + "name" : "phone", + "description" : "OpenID Connect built-in scope: phone", + "protocol" : "openid-connect", + "attributes" : { + "include.in.token.scope" : "true", + "display.on.consent.screen" : "true", + "consent.screen.text" : "${phoneScopeConsentText}" + }, + "protocolMappers" : [ { + "id" : "21a5bd3f-9e73-41a4-b789-7166ed0dea65", + "name" : "phone number verified", + "protocol" : "openid-connect", + "protocolMapper" : "oidc-usermodel-attribute-mapper", + "consentRequired" : false, + "config" : { + "introspection.token.claim" : "true", + "userinfo.token.claim" : "true", + "user.attribute" : "phoneNumberVerified", + "id.token.claim" : "true", + "access.token.claim" : "true", + "claim.name" : "phone_number_verified", + "jsonType.label" : "boolean" + } + }, { + "id" : "a086121e-8cbd-4ded-a4ac-148c994269b9", + "name" : "phone number", + "protocol" : "openid-connect", + "protocolMapper" : "oidc-usermodel-attribute-mapper", + "consentRequired" : false, + "config" : { + "introspection.token.claim" : "true", + "userinfo.token.claim" : "true", + "user.attribute" : "phoneNumber", + "id.token.claim" : "true", + "access.token.claim" : "true", + "claim.name" : "phone_number", + "jsonType.label" : "String" + } + } ] + } ], + "defaultDefaultClientScopes" : [ "role_list", "profile", "email", "roles", "web-origins", "acr" ], + "defaultOptionalClientScopes" : [ "offline_access", "address", "phone", "microprofile-jwt" ], + "browserSecurityHeaders" : { + "contentSecurityPolicyReportOnly" : "", + "xContentTypeOptions" : "nosniff", + "referrerPolicy" : "no-referrer", + "xRobotsTag" : "none", + "xFrameOptions" : "SAMEORIGIN", + "xXSSProtection" : "1; mode=block", + "contentSecurityPolicy" : "frame-src 'self'; frame-ancestors 'self'; object-src 'none';", + "strictTransportSecurity" : "max-age=31536000; includeSubDomains" + }, + "smtpServer" : { }, + "eventsEnabled" : false, + "eventsListeners" : [ "jboss-logging" ], + "enabledEventTypes" : [ ], + "adminEventsEnabled" : false, + "adminEventsDetailsEnabled" : false, + "identityProviders" : [ ], + "identityProviderMappers" : [ ], + "components" : { + "org.keycloak.services.clientregistration.policy.ClientRegistrationPolicy" : [ { + "id" : "200f08ba-1c53-440e-a425-36150a80b5fc", + "name" : "Allowed Client Scopes", + "providerId" : "allowed-client-templates", + "subType" : "anonymous", + "subComponents" : { }, + "config" : { + "allow-default-scopes" : [ "true" ] + } + }, { + "id" : "27bfc386-78c1-43b8-b0a3-e1ecbbfcb99f", + "name" : "Allowed Protocol Mapper Types", + "providerId" : "allowed-protocol-mappers", + "subType" : "authenticated", + "subComponents" : { }, + "config" : { + "allowed-protocol-mapper-types" : [ "oidc-usermodel-property-mapper", "oidc-full-name-mapper", "oidc-address-mapper", "oidc-usermodel-attribute-mapper", "oidc-sha256-pairwise-sub-mapper", "saml-user-property-mapper", "saml-user-attribute-mapper", "saml-role-list-mapper" ] + } + }, { + "id" : "b46f9c8a-8f0d-41a2-a239-09d8cef8a270", + "name" : "Trusted Hosts", + "providerId" : "trusted-hosts", + "subType" : "anonymous", + "subComponents" : { }, + "config" : { + "host-sending-registration-request-must-match" : [ "true" ], + "client-uris-must-match" : [ "true" ] + } + }, { + "id" : "d22ae4d5-1a3e-4291-904f-087abd6cb7a9", + "name" : "Max Clients Limit", + "providerId" : "max-clients", + "subType" : "anonymous", + "subComponents" : { }, + "config" : { + "max-clients" : [ "200" ] + } + }, { + "id" : "f8869c9f-54b9-4754-96bc-1e3b7476cbd7", + "name" : "Allowed Protocol Mapper Types", + "providerId" : "allowed-protocol-mappers", + "subType" : "anonymous", + "subComponents" : { }, + "config" : { + "allowed-protocol-mapper-types" : [ "saml-user-property-mapper", "oidc-sha256-pairwise-sub-mapper", "oidc-address-mapper", "oidc-full-name-mapper", "saml-role-list-mapper", "oidc-usermodel-attribute-mapper", "oidc-usermodel-property-mapper", "saml-user-attribute-mapper" ] + } + }, { + "id" : "f8d35e75-f270-4629-8466-4c1847dd9e26", + "name" : "Full Scope Disabled", + "providerId" : "scope", + "subType" : "anonymous", + "subComponents" : { }, + "config" : { } + }, { + "id" : "82e3ba27-bdf0-4771-be83-859b8c66cdd6", + "name" : "Consent Required", + "providerId" : "consent-required", + "subType" : "anonymous", + "subComponents" : { }, + "config" : { } + }, { + "id" : "34c19cee-9628-4bff-a4cd-475e83efa7ba", + "name" : "Allowed Client Scopes", + "providerId" : "allowed-client-templates", + "subType" : "authenticated", + "subComponents" : { }, + "config" : { + "allow-default-scopes" : [ "true" ] + } + } ], + "org.keycloak.keys.KeyProvider" : [ { + "id" : "5dae4597-a588-4ae6-9457-9891750b6626", + "name" : "rsa-generated", + "providerId" : "rsa-generated", + "subComponents" : { }, + "config" : { + "privateKey" : [ "MIIEogIBAAKCAQEAxITCkusvYny8Far+/bu+1TEEWrp9ci89oCHQUAmQKH23IWoUm7v0M0EtnihKWtsS/3vheLbra0xH1wpG1cMg+MvWBgtsR7zvqefcisTMUs55hPyzys4iCuJKjmzgelh7ZQYsGfgurPrsPjYoaAQgrBCU95TOUzIId9ajCT6K4P4795pvpjtvrFou1+FVHAVGVollSIIM/NTsiE5nFOioW3ME6thdP3i2WpwdPTXLRjOW6fdRdW0Mj9hXF+KLjlw9jDOvyrZhKtc/dAfwy7SNqOTbuNGFR0e3x/uKBEnUjkE5eIahSMwmkP2N/87JELLy792qDXeazs1yoamNYyGXiwIDAQABAoIBABuT+e4+PPcYRBjSV1hqOXyXlWHaG/KjOIW5WQ9yWB2mjsWMqnm0Za+vrOQuCUk4xzC9RMX4/Y6gNNCzq38iFAV2LYHJppdmp0dzt1puBbJ1MU59XAnQ5awbV5UnKFVjB2YE+LloP7yctfyBAyids6wR46Xe5xl7wv52S4jnkvvB0rXOn2AVVIPrWu4M8IVLs+1IbziyEmhkUgfjHBgStFWdsGR0GOINgmZRXZqNliOKK/bYLM4RjO1NSNeSlSBj6ck8CUFg+gdVKvWawaOq6ru5UIo8FH32qSZmAw5p/37BOXL6s3/MAIO3OrDfrgjHcjtIup/3o3Fav7rXz75udekCgYEA7/RrD0MNB1H4E5cwN8A05I2Z67qRPMKbrpMcBnCgpvEU2KZMF6wxk3L2USsb0ljprJyvrvk7CWnfrGHZEA5g9KeO6WCB+5HGzo+9acZqW3GLtIf8//guJLIE0p66nV/AWY+HecqUJy1dT1K3hei7b1+rFwOxut0i7c8CGMb9XI0CgYEA0ajLhtYCcHI2tzOrK34LhocYYOONsIKhY7JOEvLdlJIzBzcXBUy7juj9gggMM9m2Q3Ubqjduv64UVLtz/PZHqNY64F+e8EOa1Ewm62Ho5q57Pmr15xe7RA9j340OV12xG3jC2ZitEEr/vGeannhz6LIoVWRJGy1sP82Ss7SaWncCgYAItOu1kA9G9rhzrYa4XycMK/8ryIdAlyci/H+F1ExgAltpSQ91xG/AE+nQJCpMRaGk+8J8LNrxin/tN1ey93KZLgNHgJL21+FI2Xpb/jEZxFL3Z//MIes6taLrKYtH7pOCLG0UBD+/9Ctwl2XFXB6A+g2xNhca2q9LxbkjwQSseQKBgEF+wn3PsxlfhJo8iNdgW8ddwo7Z5zRhynrzg5JFzlSQS2KQoh9kth7RyAfr7avw8hAmsEq/YFh+0BkcKgK3CPHEYsYe+O7Dn8V8OJhFkNUnYpbAIStc7YI4cJGwZe+C9EXJtsz09fNmCnfXwaSJqmPh69mpJ3FXAj74QEDlRWbHAoGAEQKaPBPVQFjlxzVg8piHMWgNVXT8xojciglVvv5hD8+9Dzm2p3q+ZckVpXybp+Bbni756CYfzZfPtTFe77MZD9P+gH6YGYNrubkZ7T3D/9jr0+geq4L0XGjiKwUtAw5UFUOPG/xuQvU6q/agsyjgEoxn93emM25xjD8GRDVWQnQ=" ], + "keyUse" : [ "SIG" ], + "certificate" : [ "MIICmzCCAYMCBgGMOUvBATANBgkqhkiG9w0BAQsFADARMQ8wDQYDVQQDDAZtYXN0ZXIwHhcNMjMxMjA1MDkyMzM1WhcNMzMxMjA1MDkyNTE1WjARMQ8wDQYDVQQDDAZtYXN0ZXIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDEhMKS6y9ifLwVqv79u77VMQRaun1yLz2gIdBQCZAofbchahSbu/QzQS2eKEpa2xL/e+F4tutrTEfXCkbVwyD4y9YGC2xHvO+p59yKxMxSznmE/LPKziIK4kqObOB6WHtlBiwZ+C6s+uw+NihoBCCsEJT3lM5TMgh31qMJPorg/jv3mm+mO2+sWi7X4VUcBUZWiWVIggz81OyITmcU6KhbcwTq2F0/eLZanB09NctGM5bp91F1bQyP2FcX4ouOXD2MM6/KtmEq1z90B/DLtI2o5Nu40YVHR7fH+4oESdSOQTl4hqFIzCaQ/Y3/zskQsvLv3aoNd5rOzXKhqY1jIZeLAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAKHhMCH4BbVSxL4wn0nUvwyRN2rKHCOz4c4NK7UkWuCAN90Ri4nAnLJjdmKxuV81OF7lTxMpSyTVJfAfBRT3Rozq+SJifaRd6unwx7cBFm3A2XKYBAEkGJeSeabktDVbArwlV4qgUnWIjE+69H2huMTLy7BiP9ff6iF+SXt4kB8loHNXZ2Zx9SEBCuj8787/n09u41+nMtgiKogHddkrvYNNsop2VDZx3slF3BBccLYR/rVMJ+87VQOHFhcHW5EmTp2SITH6Eg50S1T79sCpLtCwHMSmLabQV6Y3mHXvsIVZmSarZTw03zLCvE4BGUy1qi33SbRFoSYrAQTPeTQaIFk=" ], + "priority" : [ "100" ] + } + }, { + "id" : "c8ccaa3f-8f65-42e9-b6dd-fb7ab23cefa2", + "name" : "hmac-generated", + "providerId" : "hmac-generated", + "subComponents" : { }, + "config" : { + "kid" : [ "8fda1bcf-460b-420b-b6ba-7f1a7b296d88" ], + "secret" : [ "NRuY5GwAPHQIrDBd72r9_U9yWYtVXL1IzbIGA3tcaMLLbg-aovzGkCs1DteE7H8S92ewxD3Y4E_pYcFpunB3PQ" ], + "priority" : [ "100" ], + "algorithm" : [ "HS256" ] + } + }, { + "id" : "d00d5bb3-b6b5-4ec4-a2e5-308c13db1bb0", + "name" : "aes-generated", + "providerId" : "aes-generated", + "subComponents" : { }, + "config" : { + "kid" : [ "a3c21f36-e27b-402b-8145-1b6fc602b595" ], + "secret" : [ "NRRPySMQ3nvQO7Nfzw2E5g" ], + "priority" : [ "100" ] + } + }, { + "id" : "5e8ffb9d-bf6c-4304-9b35-e1b47ce182e4", + "name" : "rsa-enc-generated", + "providerId" : "rsa-enc-generated", + "subComponents" : { }, + "config" : { + "privateKey" : [ "MIIEowIBAAKCAQEAw2eg6vqGfBubbf1410g8Pqvy7TXHifXzJqJ4CMuE+Dsm7t3HP419w+BOdOQu/sivW7y1Q9vxJojgJApimxq/sfhSoQ49LVJ5pTsohO4PRQ+toNSbpg7J0zUp3kdkS4iHbf4XyNjsB6ZG9bQBxOIleHXSxFPiPiIIe0V7g43IELeQABokR0TFQM0bLwzPoKD/7acnBWAKKmcANkyVMbEKiH7jwftyUfaI1ssdLdAA75ePEPslydKGvoVaDyndbh1B4p9WK9VyjONB7YHgawHTOLoqp2of1+a5lfXCqE6pioU7iH6lVTk6GrcacD5wCixGNJJAkNdkL9vfjWaEW8i5/QIDAQABAoIBAB0zdI0A/M15q6/Tb/ZODXC5Lf+saIIRrvFAWMtJrLiS0GXkXyT8bkWyFM9rlSlOkMQXDoiSSvadAE/qfGNc6zY7m4+FaveFqneagFrjH4WMyv/snckCTz9go73bsd2GzORPUzsYzabz/okzygrj18EpbGKZ/YaW++j+EG/vpWz32pt6m0UucfenyWNkn4QQvBCInHWM0B2jbKWcM5Od5m2YI5nLskLmF1V9Gk1uyzPhQAMsQk/e34BHJHyWxj1nSB2/QoDz0+tKWA2inAPfFaw49EcrblMF/xNMqh3eP7djDHguKigiJRqvxJv2XxvBpghtQlH+1vgY0KHjm2Cgm4ECgYEA7A3bPlm2qmDwWtI8KrwZZMPijKUyGLnyXrzIz1VgBvMLFEDivYg8iwv+zmxKl8Zkd64ZPWfb0KiTCqKLfU+zo4WxyRny81c56a9iJ2p7oCvNINZAjMHzP30l0TN8cNHlXmER/ti4H3bcYhcn3DOd/m+kXPMGxPULr4Fp2HldUH0CgYEA0+p6DrrpVUlGVSylmGmyCHT1h3QLbA144/jAOKRpeqJyxDUVLQnc2tk/hXHQXHWV+nwlNbfpLLAjLvkaYkigbowZZj9qvm/i1CYwdfmuAGk2m1zqkP1BGdunTjrQwWzcHkllLcZOiB8i5u9Zc9wumoYTnvtHF4lkoDD+ZWuax4ECgYAruQlSDDX8awY6HFTOqZaehnXxDSwxTkfpalhbpvmpb90ufDJDXvev3aHtxDswz6uOS24bZKBfjsnln2Ps6xVgBYR/tlG85vwwH68zk9KgQVy2Z1j/eXE/4kNd84ZqM0aj66D0rlm0YkTB2n4kmF78YNt16AHp+2WVtYfQc/Jn1QKBgQCTJE8F5VBYkJ1OTMbaciFU7+j/2VqI9z3GhRTq/3Xh2eP4Sqdec2evaYNKpAE6AcdWelbX2tAD4HU9i2d/cNA8kfic31G90zBbf/zMHcZssKFi9PxGGiLW0oZzsjD67RxVxz6CrxweNghk8zJYWTzevFPpYq41MIf3Fq29PB7ngQKBgBSS6+R9P+1TmVep5lf6qi/1dwHi/D99CJbfb8wJM/fXteP0jCVAJPssFSFc4oEUpi7aR3o7oaCO3JSqaSluCNPd/q7IsqS8/6S5BsRMbEgNWlLPbATWQ3MHHFNEavub7GUi+y6rRUEqZ0RiXwae1wZmNahtAsusTZRJPiM0NaLL" ], + "keyUse" : [ "ENC" ], + "certificate" : [ "MIICmzCCAYMCBgGMOUvB5jANBgkqhkiG9w0BAQsFADARMQ8wDQYDVQQDDAZtYXN0ZXIwHhcNMjMxMjA1MDkyMzM1WhcNMzMxMjA1MDkyNTE1WjARMQ8wDQYDVQQDDAZtYXN0ZXIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDZ6Dq+oZ8G5tt/XjXSDw+q/LtNceJ9fMmongIy4T4Oybu3cc/jX3D4E505C7+yK9bvLVD2/EmiOAkCmKbGr+x+FKhDj0tUnmlOyiE7g9FD62g1JumDsnTNSneR2RLiIdt/hfI2OwHpkb1tAHE4iV4ddLEU+I+Igh7RXuDjcgQt5AAGiRHRMVAzRsvDM+goP/tpycFYAoqZwA2TJUxsQqIfuPB+3JR9ojWyx0t0ADvl48Q+yXJ0oa+hVoPKd1uHUHin1Yr1XKM40HtgeBrAdM4uiqnah/X5rmV9cKoTqmKhTuIfqVVOToatxpwPnAKLEY0kkCQ12Qv29+NZoRbyLn9AgMBAAEwDQYJKoZIhvcNAQELBQADggEBAFwEp6PYVCpLQobmuMzj1de7C1qdH4xlDELRhP2psth6pivSgcJLHbS/rZebZOCGBzrS6iUEvApUBKh3vBCH/NmzUySXjIa+XKRbA3joNHR3PIPQtyUc6u70XbX4QYazL6tIJMruNSvfrCpNTah4oKj8y6I0MOSDUP3cO7BpRw47THuaKiKARy1h12w47bkMEaHy/5Mf06wkExnsYP1Nzh9TnhOShaBFMfGcY/7u/Tpz1VtZ45Izm+lmHyEr/Hg3paJSH0dQk11ZfyjrC3Bsi1oHDSXRkuWh00xFgWTBWZCiWfP+tHNfMYv4ChEW+ggPqJBaOZO/rkhr8jJY/8tZn9o=" ], + "priority" : [ "100" ], + "algorithm" : [ "RSA-OAEP" ] + } + } ] + }, + "internationalizationEnabled" : false, + "supportedLocales" : [ ], + "authenticationFlows" : [ { + "id" : "7f4e7860-8e1c-4f80-a679-ab43b5b417d1", + "alias" : "Account verification options", + "description" : "Method with which to verity the existing account", + "providerId" : "basic-flow", + "topLevel" : false, + "builtIn" : true, + "authenticationExecutions" : [ { + "authenticator" : "idp-email-verification", + "authenticatorFlow" : false, + "requirement" : "ALTERNATIVE", + "priority" : 10, + "autheticatorFlow" : false, + "userSetupAllowed" : false + }, { + "authenticatorFlow" : true, + "requirement" : "ALTERNATIVE", + "priority" : 20, + "autheticatorFlow" : true, + "flowAlias" : "Verify Existing Account by Re-authentication", + "userSetupAllowed" : false + } ] + }, { + "id" : "86116113-15c8-46a3-b38e-ae957cb9f523", + "alias" : "Browser - Conditional OTP", + "description" : "Flow to determine if the OTP is required for the authentication", + "providerId" : "basic-flow", + "topLevel" : false, + "builtIn" : true, + "authenticationExecutions" : [ { + "authenticator" : "conditional-user-configured", + "authenticatorFlow" : false, + "requirement" : "REQUIRED", + "priority" : 10, + "autheticatorFlow" : false, + "userSetupAllowed" : false + }, { + "authenticator" : "auth-otp-form", + "authenticatorFlow" : false, + "requirement" : "REQUIRED", + "priority" : 20, + "autheticatorFlow" : false, + "userSetupAllowed" : false + } ] + }, { + "id" : "2bce88d2-4504-4b13-8695-7274aa97db65", + "alias" : "Direct Grant - Conditional OTP", + "description" : "Flow to determine if the OTP is required for the authentication", + "providerId" : "basic-flow", + "topLevel" : false, + "builtIn" : true, + "authenticationExecutions" : [ { + "authenticator" : "conditional-user-configured", + "authenticatorFlow" : false, + "requirement" : "REQUIRED", + "priority" : 10, + "autheticatorFlow" : false, + "userSetupAllowed" : false + }, { + "authenticator" : "direct-grant-validate-otp", + "authenticatorFlow" : false, + "requirement" : "REQUIRED", + "priority" : 20, + "autheticatorFlow" : false, + "userSetupAllowed" : false + } ] + }, { + "id" : "ee22dacf-1704-4134-a8c4-8fcf0dd29b04", + "alias" : "First broker login - Conditional OTP", + "description" : "Flow to determine if the OTP is required for the authentication", + "providerId" : "basic-flow", + "topLevel" : false, + "builtIn" : true, + "authenticationExecutions" : [ { + "authenticator" : "conditional-user-configured", + "authenticatorFlow" : false, + "requirement" : "REQUIRED", + "priority" : 10, + "autheticatorFlow" : false, + "userSetupAllowed" : false + }, { + "authenticator" : "auth-otp-form", + "authenticatorFlow" : false, + "requirement" : "REQUIRED", + "priority" : 20, + "autheticatorFlow" : false, + "userSetupAllowed" : false + } ] + }, { + "id" : "a0ed7889-bdba-4430-8f2d-556b6c68b790", + "alias" : "Handle Existing Account", + "description" : "Handle what to do if there is existing account with same email/username like authenticated identity provider", + "providerId" : "basic-flow", + "topLevel" : false, + "builtIn" : true, + "authenticationExecutions" : [ { + "authenticator" : "idp-confirm-link", + "authenticatorFlow" : false, + "requirement" : "REQUIRED", + "priority" : 10, + "autheticatorFlow" : false, + "userSetupAllowed" : false + }, { + "authenticatorFlow" : true, + "requirement" : "REQUIRED", + "priority" : 20, + "autheticatorFlow" : true, + "flowAlias" : "Account verification options", + "userSetupAllowed" : false + } ] + }, { + "id" : "2aa49d34-1726-4c34-a24b-47e5a817585c", + "alias" : "Reset - Conditional OTP", + "description" : "Flow to determine if the OTP should be reset or not. Set to REQUIRED to force.", + "providerId" : "basic-flow", + "topLevel" : false, + "builtIn" : true, + "authenticationExecutions" : [ { + "authenticator" : "conditional-user-configured", + "authenticatorFlow" : false, + "requirement" : "REQUIRED", + "priority" : 10, + "autheticatorFlow" : false, + "userSetupAllowed" : false + }, { + "authenticator" : "reset-otp", + "authenticatorFlow" : false, + "requirement" : "REQUIRED", + "priority" : 20, + "autheticatorFlow" : false, + "userSetupAllowed" : false + } ] + }, { + "id" : "bffe4dd7-984e-4ec7-aeae-ae48f8b1daed", + "alias" : "User creation or linking", + "description" : "Flow for the existing/non-existing user alternatives", + "providerId" : "basic-flow", + "topLevel" : false, + "builtIn" : true, + "authenticationExecutions" : [ { + "authenticatorConfig" : "create unique user config", + "authenticator" : "idp-create-user-if-unique", + "authenticatorFlow" : false, + "requirement" : "ALTERNATIVE", + "priority" : 10, + "autheticatorFlow" : false, + "userSetupAllowed" : false + }, { + "authenticatorFlow" : true, + "requirement" : "ALTERNATIVE", + "priority" : 20, + "autheticatorFlow" : true, + "flowAlias" : "Handle Existing Account", + "userSetupAllowed" : false + } ] + }, { + "id" : "c4794e73-5192-4f1e-813f-280ca0d02d72", + "alias" : "Verify Existing Account by Re-authentication", + "description" : "Reauthentication of existing account", + "providerId" : "basic-flow", + "topLevel" : false, + "builtIn" : true, + "authenticationExecutions" : [ { + "authenticator" : "idp-username-password-form", + "authenticatorFlow" : false, + "requirement" : "REQUIRED", + "priority" : 10, + "autheticatorFlow" : false, + "userSetupAllowed" : false + }, { + "authenticatorFlow" : true, + "requirement" : "CONDITIONAL", + "priority" : 20, + "autheticatorFlow" : true, + "flowAlias" : "First broker login - Conditional OTP", + "userSetupAllowed" : false + } ] + }, { + "id" : "e29fc294-7601-46c8-8711-08076eec3014", + "alias" : "browser", + "description" : "browser based authentication", + "providerId" : "basic-flow", + "topLevel" : true, + "builtIn" : true, + "authenticationExecutions" : [ { + "authenticator" : "auth-cookie", + "authenticatorFlow" : false, + "requirement" : "ALTERNATIVE", + "priority" : 10, + "autheticatorFlow" : false, + "userSetupAllowed" : false + }, { + "authenticator" : "auth-spnego", + "authenticatorFlow" : false, + "requirement" : "DISABLED", + "priority" : 20, + "autheticatorFlow" : false, + "userSetupAllowed" : false + }, { + "authenticator" : "identity-provider-redirector", + "authenticatorFlow" : false, + "requirement" : "ALTERNATIVE", + "priority" : 25, + "autheticatorFlow" : false, + "userSetupAllowed" : false + }, { + "authenticatorFlow" : true, + "requirement" : "ALTERNATIVE", + "priority" : 30, + "autheticatorFlow" : true, + "flowAlias" : "forms", + "userSetupAllowed" : false + } ] + }, { + "id" : "cdf104d0-8f8e-4d21-95de-65b4d239cd00", + "alias" : "clients", + "description" : "Base authentication for clients", + "providerId" : "client-flow", + "topLevel" : true, + "builtIn" : true, + "authenticationExecutions" : [ { + "authenticator" : "client-secret", + "authenticatorFlow" : false, + "requirement" : "ALTERNATIVE", + "priority" : 10, + "autheticatorFlow" : false, + "userSetupAllowed" : false + }, { + "authenticator" : "client-jwt", + "authenticatorFlow" : false, + "requirement" : "ALTERNATIVE", + "priority" : 20, + "autheticatorFlow" : false, + "userSetupAllowed" : false + }, { + "authenticator" : "client-secret-jwt", + "authenticatorFlow" : false, + "requirement" : "ALTERNATIVE", + "priority" : 30, + "autheticatorFlow" : false, + "userSetupAllowed" : false + }, { + "authenticator" : "client-x509", + "authenticatorFlow" : false, + "requirement" : "ALTERNATIVE", + "priority" : 40, + "autheticatorFlow" : false, + "userSetupAllowed" : false + } ] + }, { + "id" : "37f3d132-52bd-4a3a-8226-ec83bc30976c", + "alias" : "direct grant", + "description" : "OpenID Connect Resource Owner Grant", + "providerId" : "basic-flow", + "topLevel" : true, + "builtIn" : true, + "authenticationExecutions" : [ { + "authenticator" : "direct-grant-validate-username", + "authenticatorFlow" : false, + "requirement" : "REQUIRED", + "priority" : 10, + "autheticatorFlow" : false, + "userSetupAllowed" : false + }, { + "authenticator" : "direct-grant-validate-password", + "authenticatorFlow" : false, + "requirement" : "REQUIRED", + "priority" : 20, + "autheticatorFlow" : false, + "userSetupAllowed" : false + }, { + "authenticatorFlow" : true, + "requirement" : "CONDITIONAL", + "priority" : 30, + "autheticatorFlow" : true, + "flowAlias" : "Direct Grant - Conditional OTP", + "userSetupAllowed" : false + } ] + }, { + "id" : "51bac9c3-1189-4ca3-96d7-b1ac3405fd18", + "alias" : "docker auth", + "description" : "Used by Docker clients to authenticate against the IDP", + "providerId" : "basic-flow", + "topLevel" : true, + "builtIn" : true, + "authenticationExecutions" : [ { + "authenticator" : "docker-http-basic-authenticator", + "authenticatorFlow" : false, + "requirement" : "REQUIRED", + "priority" : 10, + "autheticatorFlow" : false, + "userSetupAllowed" : false + } ] + }, { + "id" : "83880073-c7bf-4e20-98ae-7c887b40698f", + "alias" : "first broker login", + "description" : "Actions taken after first broker login with identity provider account, which is not yet linked to any Keycloak account", + "providerId" : "basic-flow", + "topLevel" : true, + "builtIn" : true, + "authenticationExecutions" : [ { + "authenticatorConfig" : "review profile config", + "authenticator" : "idp-review-profile", + "authenticatorFlow" : false, + "requirement" : "REQUIRED", + "priority" : 10, + "autheticatorFlow" : false, + "userSetupAllowed" : false + }, { + "authenticatorFlow" : true, + "requirement" : "REQUIRED", + "priority" : 20, + "autheticatorFlow" : true, + "flowAlias" : "User creation or linking", + "userSetupAllowed" : false + } ] + }, { + "id" : "0c7e08bd-0957-4722-896d-a61a83f442ec", + "alias" : "forms", + "description" : "Username, password, otp and other auth forms.", + "providerId" : "basic-flow", + "topLevel" : false, + "builtIn" : true, + "authenticationExecutions" : [ { + "authenticator" : "auth-username-password-form", + "authenticatorFlow" : false, + "requirement" : "REQUIRED", + "priority" : 10, + "autheticatorFlow" : false, + "userSetupAllowed" : false + }, { + "authenticatorFlow" : true, + "requirement" : "CONDITIONAL", + "priority" : 20, + "autheticatorFlow" : true, + "flowAlias" : "Browser - Conditional OTP", + "userSetupAllowed" : false + } ] + }, { + "id" : "9d462aa2-39a7-4faa-b4d4-08dbea2f9e3e", + "alias" : "registration", + "description" : "registration flow", + "providerId" : "basic-flow", + "topLevel" : true, + "builtIn" : true, + "authenticationExecutions" : [ { + "authenticator" : "registration-page-form", + "authenticatorFlow" : true, + "requirement" : "REQUIRED", + "priority" : 10, + "autheticatorFlow" : true, + "flowAlias" : "registration form", + "userSetupAllowed" : false + } ] + }, { + "id" : "0b0b84a6-efc2-4e58-a3f1-480587099208", + "alias" : "registration form", + "description" : "registration form", + "providerId" : "form-flow", + "topLevel" : false, + "builtIn" : true, + "authenticationExecutions" : [ { + "authenticator" : "registration-user-creation", + "authenticatorFlow" : false, + "requirement" : "REQUIRED", + "priority" : 20, + "autheticatorFlow" : false, + "userSetupAllowed" : false + }, { + "authenticator" : "registration-password-action", + "authenticatorFlow" : false, + "requirement" : "REQUIRED", + "priority" : 50, + "autheticatorFlow" : false, + "userSetupAllowed" : false + }, { + "authenticator" : "registration-recaptcha-action", + "authenticatorFlow" : false, + "requirement" : "DISABLED", + "priority" : 60, + "autheticatorFlow" : false, + "userSetupAllowed" : false + }, { + "authenticator" : "registration-terms-and-conditions", + "authenticatorFlow" : false, + "requirement" : "DISABLED", + "priority" : 70, + "autheticatorFlow" : false, + "userSetupAllowed" : false + } ] + }, { + "id" : "ed33c8e0-b9ce-4497-93e5-003633b5f4b8", + "alias" : "reset credentials", + "description" : "Reset credentials for a user if they forgot their password or something", + "providerId" : "basic-flow", + "topLevel" : true, + "builtIn" : true, + "authenticationExecutions" : [ { + "authenticator" : "reset-credentials-choose-user", + "authenticatorFlow" : false, + "requirement" : "REQUIRED", + "priority" : 10, + "autheticatorFlow" : false, + "userSetupAllowed" : false + }, { + "authenticator" : "reset-credential-email", + "authenticatorFlow" : false, + "requirement" : "REQUIRED", + "priority" : 20, + "autheticatorFlow" : false, + "userSetupAllowed" : false + }, { + "authenticator" : "reset-password", + "authenticatorFlow" : false, + "requirement" : "REQUIRED", + "priority" : 30, + "autheticatorFlow" : false, + "userSetupAllowed" : false + }, { + "authenticatorFlow" : true, + "requirement" : "CONDITIONAL", + "priority" : 40, + "autheticatorFlow" : true, + "flowAlias" : "Reset - Conditional OTP", + "userSetupAllowed" : false + } ] + }, { + "id" : "56a5754b-088e-4fa5-990c-72b8d8d32d4b", + "alias" : "saml ecp", + "description" : "SAML ECP Profile Authentication Flow", + "providerId" : "basic-flow", + "topLevel" : true, + "builtIn" : true, + "authenticationExecutions" : [ { + "authenticator" : "http-basic-authenticator", + "authenticatorFlow" : false, + "requirement" : "REQUIRED", + "priority" : 10, + "autheticatorFlow" : false, + "userSetupAllowed" : false + } ] + } ], + "authenticatorConfig" : [ { + "id" : "2deab62f-954b-4f47-8a25-a6ca50570dad", + "alias" : "create unique user config", + "config" : { + "require.password.update.after.registration" : "false" + } + }, { + "id" : "3c26e067-1e9b-4fb8-9960-9d3ba8014e0f", + "alias" : "review profile config", + "config" : { + "update.profile.on.first.login" : "missing" + } + } ], + "requiredActions" : [ { + "alias" : "CONFIGURE_TOTP", + "name" : "Configure OTP", + "providerId" : "CONFIGURE_TOTP", + "enabled" : true, + "defaultAction" : false, + "priority" : 10, + "config" : { } + }, { + "alias" : "TERMS_AND_CONDITIONS", + "name" : "Terms and Conditions", + "providerId" : "TERMS_AND_CONDITIONS", + "enabled" : false, + "defaultAction" : false, + "priority" : 20, + "config" : { } + }, { + "alias" : "UPDATE_PASSWORD", + "name" : "Update Password", + "providerId" : "UPDATE_PASSWORD", + "enabled" : true, + "defaultAction" : false, + "priority" : 30, + "config" : { } + }, { + "alias" : "UPDATE_PROFILE", + "name" : "Update Profile", + "providerId" : "UPDATE_PROFILE", + "enabled" : true, + "defaultAction" : false, + "priority" : 40, + "config" : { } + }, { + "alias" : "VERIFY_EMAIL", + "name" : "Verify Email", + "providerId" : "VERIFY_EMAIL", + "enabled" : true, + "defaultAction" : false, + "priority" : 50, + "config" : { } + }, { + "alias" : "delete_account", + "name" : "Delete Account", + "providerId" : "delete_account", + "enabled" : false, + "defaultAction" : false, + "priority" : 60, + "config" : { } + }, { + "alias" : "webauthn-register", + "name" : "Webauthn Register", + "providerId" : "webauthn-register", + "enabled" : true, + "defaultAction" : false, + "priority" : 70, + "config" : { } + }, { + "alias" : "webauthn-register-passwordless", + "name" : "Webauthn Register Passwordless", + "providerId" : "webauthn-register-passwordless", + "enabled" : true, + "defaultAction" : false, + "priority" : 80, + "config" : { } + }, { + "alias" : "update_user_locale", + "name" : "Update User Locale", + "providerId" : "update_user_locale", + "enabled" : true, + "defaultAction" : false, + "priority" : 1000, + "config" : { } + } ], + "browserFlow" : "browser", + "registrationFlow" : "registration", + "directGrantFlow" : "direct grant", + "resetCredentialsFlow" : "reset credentials", + "clientAuthenticationFlow" : "clients", + "dockerAuthenticationFlow" : "docker auth", + "attributes" : { + "cibaBackchannelTokenDeliveryMode" : "poll", + "cibaExpiresIn" : "120", + "cibaAuthRequestedUserHint" : "login_hint", + "parRequestUriLifespan" : "60", + "cibaInterval" : "5", + "realmReusableOtpCode" : "false" + }, + "keycloakVersion" : "23.0.1", + "userManagedAccessAllowed" : false, + "clientProfiles" : { + "profiles" : [ ] + }, + "clientPolicies" : { + "policies" : [ ] + } +} \ No newline at end of file