diff --git a/.docker/docker-compose.yml b/.docker/docker-compose.yml
index 65a739b2e0a4c212d0e4df4711e0a22b0784c063..16195084bd3c02649bd803cb6340b753d7cc3366 100644
--- a/.docker/docker-compose.yml
+++ b/.docker/docker-compose.yml
@@ -113,7 +113,7 @@ services:
init: true
restart: "no"
container_name: dbrepo-auth-service-init
- image: registry.datalab.tuwien.ac.at/dbrepo/metadata-service:1.7.0
+ image: registry.datalab.tuwien.ac.at/dbrepo/metadata-service:1.7.1
environment:
AUTH_SERVICE_ADMIN: ${AUTH_SERVICE_ADMIN:-admin}
AUTH_SERVICE_ADMIN_PASSWORD: ${AUTH_SERVICE_ADMIN_PASSWORD:-admin}
@@ -134,7 +134,7 @@ services:
restart: "no"
container_name: dbrepo-metadata-service
hostname: metadata-service
- image: registry.datalab.tuwien.ac.at/dbrepo/metadata-service:1.7.0
+ image: registry.datalab.tuwien.ac.at/dbrepo/metadata-service:1.7.1
volumes:
- "${SHARED_VOLUME:-/tmp}:/tmp"
environment:
@@ -197,7 +197,7 @@ services:
restart: "no"
container_name: dbrepo-analyse-service
hostname: analyse-service
- image: registry.datalab.tuwien.ac.at/dbrepo/analyse-service:1.7.0
+ image: registry.datalab.tuwien.ac.at/dbrepo/analyse-service:1.7.1
environment:
AUTH_SERVICE_CLIENT: ${AUTH_SERVICE_CLIENT:-dbrepo-client}
AUTH_SERVICE_CLIENT_SECRET: ${AUTH_SERVICE_CLIENT:-MUwRc7yfXSJwX8AdRMWaQC3Nep1VjwgG}
@@ -252,7 +252,7 @@ services:
restart: "no"
container_name: dbrepo-search-db
hostname: search-db
- image: registry.datalab.tuwien.ac.at/dbrepo/search-db:1.7.0
+ image: registry.datalab.tuwien.ac.at/dbrepo/search-db:1.7.1
healthcheck:
test: curl -sSL localhost:9200/_plugins/_security/health | jq .status | grep UP
interval: 10s
@@ -276,7 +276,7 @@ services:
restart: "no"
container_name: dbrepo-search-service
hostname: search-service
- image: registry.datalab.tuwien.ac.at/dbrepo/search-service:1.7.0
+ image: registry.datalab.tuwien.ac.at/dbrepo/search-service:1.7.1
environment:
AUTH_SERVICE_CLIENT: ${AUTH_SERVICE_CLIENT:-dbrepo-client}
AUTH_SERVICE_CLIENT_SECRET: ${AUTH_SERVICE_CLIENT_SECRET:-MUwRc7yfXSJwX8AdRMWaQC3Nep1VjwgG}
@@ -300,7 +300,7 @@ services:
restart: "no"
container_name: dbrepo-ui
hostname: ui
- image: registry.datalab.tuwien.ac.at/dbrepo/ui:1.7.0
+ image: registry.datalab.tuwien.ac.at/dbrepo/ui:1.7.1
environment:
NUXT_PUBLIC_API_CLIENT: "${BASE_URL:-http://localhost}"
NUXT_PUBLIC_API_SERVER: "${BASE_URL:-http://gateway-service}"
@@ -377,7 +377,7 @@ services:
init: true
container_name: dbrepo-search-service-init
hostname: search-service-init
- image: registry.datalab.tuwien.ac.at/dbrepo/search-service-init:1.7.0
+ image: registry.datalab.tuwien.ac.at/dbrepo/search-service-init:1.7.1
environment:
LOG_LEVEL: ${LOG_LEVEL:-info}
METADATA_SERVICE_ENDPOINT: ${METADATA_SERVICE_ENDPOINT:-http://metadata-service:8080}
@@ -434,7 +434,7 @@ services:
restart: "no"
container_name: dbrepo-dashboard-service
hostname: dashboard-service
- image: registry.datalab.tuwien.ac.at/dbrepo/dashboard-service:1.7.0
+ image: registry.datalab.tuwien.ac.at/dbrepo/dashboard-service:1.7.1
ports:
- "3000:3000"
volumes:
@@ -461,7 +461,7 @@ services:
init: true
container_name: dbrepo-storage-service-init
hostname: storage-service-init
- image: registry.datalab.tuwien.ac.at/dbrepo/storage-service-init:1.7.0
+ image: registry.datalab.tuwien.ac.at/dbrepo/storage-service-init:1.7.1
environment:
S3_ACCESS_KEY_ID: ${S3_ACCESS_KEY_ID:-seaweedfsadmin}
S3_BUCKET: "${S3_BUCKET:-dbrepo}"
@@ -477,7 +477,7 @@ services:
restart: "no"
container_name: dbrepo-data-service
hostname: data-service
- image: registry.datalab.tuwien.ac.at/dbrepo/data-service:1.7.0
+ image: registry.datalab.tuwien.ac.at/dbrepo/data-service:1.7.1
volumes:
- "${SHARED_VOLUME:-/tmp}:/tmp"
environment:
diff --git a/.docs/.openapi/api-data.yaml b/.docs/.openapi/api-data.yaml
index 8cc02b64c06695710ed39eddfa318e9f340dcd84..6d3e8693c52c8817f2d0243c22870005da54b556 100644
--- a/.docs/.openapi/api-data.yaml
+++ b/.docs/.openapi/api-data.yaml
@@ -8,10 +8,10 @@ info:
license:
name: Apache 2.0
url: https://www.apache.org/licenses/LICENSE-2.0
- version: 1.7.0
+ version: 1.7.1
externalDocs:
description: Sourcecode Documentation
- url: https://www.ifs.tuwien.ac.at/infrastructures/dbrepo/1.7.0/system-services-metadata/
+ url: https://www.ifs.tuwien.ac.at/infrastructures/dbrepo/1.7/system-services-metadata/
servers:
- url: http://localhost
description: Development instance
diff --git a/.docs/.openapi/api-metadata.yaml b/.docs/.openapi/api-metadata.yaml
index e4dabbdcfc4c0b4449f15dca80d41f4243c79542..b7f380213b76fcf6455cba3b309a6fcf85c59440 100644
--- a/.docs/.openapi/api-metadata.yaml
+++ b/.docs/.openapi/api-metadata.yaml
@@ -8,10 +8,10 @@ info:
license:
name: Apache 2.0
url: https://www.apache.org/licenses/LICENSE-2.0
- version: 1.7.0
+ version: 1.7.1
externalDocs:
description: Sourcecode Documentation
- url: https://www.ifs.tuwien.ac.at/infrastructures/dbrepo/1.7.0/system-services-metadata/
+ url: https://www.ifs.tuwien.ac.at/infrastructures/dbrepo/1.7/system-services-metadata/
servers:
- url: http://localhost
description: Development instance
diff --git a/.docs/.openapi/api.base.yaml b/.docs/.openapi/api.base.yaml
index abadb218e7fa3b74a11caea3b01d3f73f2fa988a..6cf9e007278f12039b4779d01f44eadded03dcd7 100644
--- a/.docs/.openapi/api.base.yaml
+++ b/.docs/.openapi/api.base.yaml
@@ -24,7 +24,7 @@ info:
name: Apache 2.0
url: https://www.apache.org/licenses/LICENSE-2.0
title: DBRepo REST API
- version: 1.7.0
+ version: 1.7.1
openapi: 3.1.0
servers:
- description: Test Instance
diff --git a/.docs/.openapi/api.yaml b/.docs/.openapi/api.yaml
index ef09abce99a63aa56fabda90e196224b0bbebadf..883a0efffe0d6959a2453e61f01e087e9bc0cf22 100644
--- a/.docs/.openapi/api.yaml
+++ b/.docs/.openapi/api.yaml
@@ -16,7 +16,7 @@ info:
name: Apache 2.0
url: 'https://www.apache.org/licenses/LICENSE-2.0'
title: DBRepo REST API
- version: 1.7.0
+ version: 1.7.1
servers:
- description: Test Instance
url: 'https://test.dbrepo.tuwien.ac.at'
diff --git a/.docs/changelog.md b/.docs/changelog.md
index e09b3c1139ff51f55fe986caf19be9b8894b9ba1..812f6f039df5123885433a75d8d109708c16e0ed 100644
--- a/.docs/changelog.md
+++ b/.docs/changelog.md
@@ -2,9 +2,16 @@
author: Martin Weise
---
+## v1.7.1 (2025-03-04)
+
+#### Fixes
+
+* Fixed a bug where quick interaction with the UI caused the user to trigger the brute-force login detection
+ in [#501](https://gitlab.phaidra.org/fair-data-austria-db-repository/fda-services/-/issues/501).
+
## v1.7.0 (2025-03-03)
-[:simple-gitlab: GitLab Release](https://gitlab.phaidra.org/fair-data-austria-db-repository/fda-services/-/tags/v1.7.0)
+[:simple-gitlab: GitLab Release](https://gitlab.phaidra.org/fair-data-austria-db-repository/fda-services/-/tags/v1.7.1)
!!! warning "Contains Breaking Changes"
diff --git a/.docs/index.md b/.docs/index.md
index aa9c6e7693f3758fadcddbe05cd5904c5e92b7da..6beb128e843e1bd5befb0808e99171b927b2c182 100644
--- a/.docs/index.md
+++ b/.docs/index.md
@@ -14,7 +14,7 @@ author: Martin Weise
-Documentation for version: [v1.7.0](https://gitlab.phaidra.org/fair-data-austria-db-repository/fda-services/-/releases).
+Documentation for version: [v1.7.1](https://gitlab.phaidra.org/fair-data-austria-db-repository/fda-services/-/releases).
DBRepo is a repository for data in databases that are used from the beginning until the end of a research
project supporting data evolution, -citation and -versioning. It implements the query store of the
diff --git a/.docs/kubernetes.md b/.docs/kubernetes.md
index 9413c784dfcccf6e14f527495243e33162922f23..16f21bd991e6850175f10da5539a7423609d6d3d 100644
--- a/.docs/kubernetes.md
+++ b/.docs/kubernetes.md
@@ -14,7 +14,7 @@ helm upgrade --install dbrepo \
-n dbrepo \
"oci://registry.datalab.tuwien.ac.at/dbrepo/helm/dbrepo" \
--values ./values.yaml \
- --version "1.7.0" \
+ --version "1.7.1" \
--create-namespace \
--cleanup-on-fail
```
diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index b07becabc3b9c2c3b0ca43f2ad5f358bf524ce61..b18c24c454472b3f495c6ad8f9bfe3bd88b9d499 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -11,8 +11,8 @@ variables:
SONARQUBE_VERSION: "10.0"
BUN_VERSION: "1.1.40"
DOC_VERSION: "1.7"
- APP_VERSION: "1.7.0"
- CHART_VERSION: "1.7.0"
+ APP_VERSION: "1.7.1"
+ CHART_VERSION: "1.7.1"
CACHE_FALLBACK_KEY: "${CI_DEFAULT_BRANCH}"
# This will supress any download for dependencies and plugins or upload messages which would clutter the console log.
# `showDateTime` will show the passed time in milliseconds. You need to specify `--batch-mode` to make this work.
@@ -119,11 +119,12 @@ lint-helm-readme:
- ./helm/dbrepo/README.md
expire_in: 1 days
-lint-metadata-schema:
+lint-helm-files:
image: docker.io/alpine:${ALPINE_VERSION}
stage: lint
script:
- diff dbrepo-metadata-db/1_setup-schema.sql helm/dbrepo/files/01-setup-schema.sql
+ - diff dbrepo-metadata-db/2_setup-data.sql helm/dbrepo/files/02-setup-data.sql
lint-open-api-version:
image: docker.io/alpine:${ALPINE_VERSION}
diff --git a/Makefile b/Makefile
index e8f2553784f38ea5e656d776e34043886ed1ed4c..c7ef9b35f9a668634ea7f587fd54ed247934a1a0 100644
--- a/Makefile
+++ b/Makefile
@@ -1,7 +1,7 @@
.PHONY: all
-APP_VERSION ?= 1.7.0
-CHART_VERSION ?= 1.7.0
+APP_VERSION ?= 1.7.1
+CHART_VERSION ?= 1.7.1
REPOSITORY_URL ?= registry.datalab.tuwien.ac.at/dbrepo
.PHONY: all
diff --git a/dbrepo-analyse-service/Pipfile b/dbrepo-analyse-service/Pipfile
index 6b144eec80011a340dbbaabc0c3bce5894e3c654..cb2c838e85fe758941d8a0fe504d99ed4d908db7 100644
--- a/dbrepo-analyse-service/Pipfile
+++ b/dbrepo-analyse-service/Pipfile
@@ -21,7 +21,7 @@ numpy = "*"
pandas = "*"
minio = "*"
pydantic = "*"
-dbrepo = {path = "./lib/dbrepo-1.7.0.tar.gz"}
+dbrepo = {path = "./lib/dbrepo-1.7.1.tar.gz"}
opensearch-py = "*"
[dev-packages]
diff --git a/dbrepo-analyse-service/Pipfile.lock b/dbrepo-analyse-service/Pipfile.lock
index e54efec237dc14ee3048bf0abb369eec540df337..ccad4d87dec7f7757ef51bfcd392885517ae0881 100644
--- a/dbrepo-analyse-service/Pipfile.lock
+++ b/dbrepo-analyse-service/Pipfile.lock
@@ -1,7 +1,7 @@
{
"_meta": {
"hash": {
- "sha256": "0af9d522f713554dd7996401992cffddf372ade320c11d7950bdcd5888aa1a03"
+ "sha256": "15b4fb696eabcc9059097bb4250de1545aa9c00211e2d50386e7ceead50aee4f"
},
"pipfile-spec": 6,
"requires": {
@@ -18,11 +18,11 @@
"default": {
"aiohappyeyeballs": {
"hashes": [
- "sha256:147ec992cf873d74f5062644332c539fcd42956dc69453fe5204195e560517e1",
- "sha256:9b05052f9042985d32ecbe4b59a77ae19c006a78f1344d7fdad69d28ded3d0b0"
+ "sha256:19728772cb12263077982d2f55453babd8bec6a052a926cd5c0c42796da8bf62",
+ "sha256:6cac4f5dd6e34a9644e69cf9021ef679e4394f54e58a183056d12009e42ea9e3"
],
"markers": "python_version >= '3.9'",
- "version": "==2.4.6"
+ "version": "==2.4.8"
},
"aiohttp": {
"hashes": [
@@ -180,20 +180,20 @@
},
"boto3": {
"hashes": [
- "sha256:024c37c2f85f4b907f5fc817d0db6fda7fd6ab3c6148ee4ed35fe7cecdf7db0c",
- "sha256:1bbf8bbacb3932956b7020d9a2c49d72c64e21bae9397ba6d3aadffab5e192eb"
+ "sha256:12166353519aca0cc8d9dcfbbb0d38f8915955a5912b8cb241b2b2314f0dbc14",
+ "sha256:ae6e7048beeaa4478368e554a4b290e3928beb0ae8d8767d108d72381a81af30"
],
"index": "pypi",
"markers": "python_version >= '3.8'",
- "version": "==1.37.4"
+ "version": "==1.37.5"
},
"botocore": {
"hashes": [
- "sha256:7e15cd487617440e9eac3144044b6a2bd833d7f3e2bed6a2865693cc11489cc3",
- "sha256:89130998c82d53f875a42646b692da507c9871b580fd1aea0f861bf9da36e41a"
+ "sha256:e5cfbb8026d5b4fadd9b3a18b61d238a41a8b8f620ab75873dc1467d456150d6",
+ "sha256:f8f526d33ae74d242c577e0440b57b9ec7d53edd41db211155ec8087fe7a5a21"
],
"markers": "python_version >= '3.8'",
- "version": "==1.37.4"
+ "version": "==1.37.5"
},
"certifi": {
"hashes": [
@@ -425,9 +425,9 @@
},
"dbrepo": {
"hashes": [
- "sha256:ec8454f24fbf720271305ad7ae88c5e8c2d4fe10600d027874df810f18b9e848"
+ "sha256:e7d2c9e77d038c4f058e026e2bf1ae5fc3a90fd6a574dc7861e32985e745d7bb"
],
- "path": "./lib/dbrepo-1.7.0.tar.gz"
+ "path": "./lib/dbrepo-1.7.1.tar.gz"
},
"events": {
"hashes": [
diff --git a/dbrepo-analyse-service/lib/dbrepo-1.7.0.tar.gz b/dbrepo-analyse-service/lib/dbrepo-1.7.0.tar.gz
deleted file mode 100644
index 56e2f0cd8d4a18039de95dbecfeafe997baab3ce..0000000000000000000000000000000000000000
Binary files a/dbrepo-analyse-service/lib/dbrepo-1.7.0.tar.gz and /dev/null differ
diff --git a/dbrepo-analyse-service/lib/dbrepo-1.7.0-py3-none-any.whl b/dbrepo-analyse-service/lib/dbrepo-1.7.1-py3-none-any.whl
similarity index 92%
rename from dbrepo-analyse-service/lib/dbrepo-1.7.0-py3-none-any.whl
rename to dbrepo-analyse-service/lib/dbrepo-1.7.1-py3-none-any.whl
index b58eb4bc6134164a5c99959cc35adc1160bdeff4..708d1faa89d04752658861d56c0501eb3b12f591 100644
Binary files a/dbrepo-analyse-service/lib/dbrepo-1.7.0-py3-none-any.whl and b/dbrepo-analyse-service/lib/dbrepo-1.7.1-py3-none-any.whl differ
diff --git a/dbrepo-analyse-service/lib/dbrepo-1.7.1.tar.gz b/dbrepo-analyse-service/lib/dbrepo-1.7.1.tar.gz
new file mode 100644
index 0000000000000000000000000000000000000000..e03ab1cb798ecc5deb85b095d519c6cf5e493823
Binary files /dev/null and b/dbrepo-analyse-service/lib/dbrepo-1.7.1.tar.gz differ
diff --git a/dbrepo-auth-service/dbrepo-realm.json b/dbrepo-auth-service/dbrepo-realm.json
index 9c6049095c2501876c686b3d03a5f3f92c42017d..7453ef4e4d3c2485a61ba2ffc50327ab10a809f0 100644
--- a/dbrepo-auth-service/dbrepo-realm.json
+++ b/dbrepo-auth-service/dbrepo-realm.json
@@ -2535,7 +2535,7 @@
"membership.user.ldap.attribute" : [ "uid" ],
"memberof.ldap.attribute" : [ "memberOf" ],
"group.object.classes" : [ "groupOfNames" ],
- "groups.dn" : [ "ou=users,dc=dbrepo,dc=at" ],
+ "groups.dn" : [ "ou=users,${LDAP_ROOT}" ],
"drop.non.existing.groups.during.sync" : [ "false" ],
"groups.path" : [ "/" ]
}
@@ -2572,13 +2572,13 @@
"fullSyncPeriod" : [ "-1" ],
"startTls" : [ "false" ],
"connectionPooling" : [ "true" ],
- "usersDn" : [ "ou=users,dc=dbrepo,dc=at" ],
+ "usersDn" : [ "ou=users,${LDAP_ROOT}" ],
"cachePolicy" : [ "DEFAULT" ],
"useKerberosForPasswordAuthentication" : [ "false" ],
"importEnabled" : [ "true" ],
"enabled" : [ "true" ],
- "bindCredential" : [ "admin" ],
- "bindDn" : [ "cn=admin,dc=dbrepo,dc=at" ],
+ "bindCredential" : [ "${LDAP_ADMIN_PASSWORD}" ],
+ "bindDn" : [ "${LDAP_ADMIN_DN}" ],
"usernameLDAPAttribute" : [ "uid" ],
"changedSyncPeriod" : [ "-1" ],
"lastSync" : [ "1719252666" ],
diff --git a/dbrepo-auth-service/listeners/target/create-event-listener.jar b/dbrepo-auth-service/listeners/target/create-event-listener.jar
index e95a1e41f167192c570fe210667a3fe5dac77305..71cf130b3c6057a04bc4525370d1e194b17b43fb 100644
Binary files a/dbrepo-auth-service/listeners/target/create-event-listener.jar and b/dbrepo-auth-service/listeners/target/create-event-listener.jar differ
diff --git a/dbrepo-auth-service/master-realm.json b/dbrepo-auth-service/master-realm.json
index 1cf53fe49cffabe7e5833675db95ebff6eec7034..3fd8c910b3c1c5b0021cb110c8ad9f07386315d4 100644
--- a/dbrepo-auth-service/master-realm.json
+++ b/dbrepo-auth-service/master-realm.json
@@ -1613,7 +1613,7 @@
"membership.user.ldap.attribute" : [ "uid" ],
"preserve.group.inheritance" : [ "false" ],
"membership.ldap.attribute" : [ "member" ],
- "groups.dn" : [ "ou=users,dc=dbrepo,dc=at" ],
+ "groups.dn" : [ "ou=users,${LDAP_ROOT}" ],
"memberof.ldap.attribute" : [ "memberOf" ],
"group.object.classes" : [ "groupOfNames" ],
"drop.non.existing.groups.during.sync" : [ "false" ],
@@ -1638,15 +1638,15 @@
"fullSyncPeriod" : [ "-1" ],
"startTls" : [ "false" ],
"connectionPooling" : [ "false" ],
- "usersDn" : [ "ou=users,dc=dbrepo,dc=at" ],
+ "usersDn" : [ "ou=users,${LDAP_ROOT}" ],
"cachePolicy" : [ "DEFAULT" ],
"useKerberosForPasswordAuthentication" : [ "false" ],
"importEnabled" : [ "true" ],
"enabled" : [ "true" ],
"changedSyncPeriod" : [ "-1" ],
"usernameLDAPAttribute" : [ "uid" ],
- "bindCredential" : [ "admin" ],
- "bindDn" : [ "cn=admin,dc=dbrepo,dc=at" ],
+ "bindCredential" : [ "${LDAP_ADMIN_PASSWORD}" ],
+ "bindDn" : [ "${LDAP_ADMIN_DN}" ],
"vendor" : [ "other" ],
"uuidLDAPAttribute" : [ "entryUUID" ],
"allowKerberosAuthentication" : [ "false" ],
diff --git a/dbrepo-data-service/pom.xml b/dbrepo-data-service/pom.xml
index 35784c7d1f3167925a43cdab5104ab676189c950..519f3a613b550f33e166fa4414df86b4b0af6ad1 100644
--- a/dbrepo-data-service/pom.xml
+++ b/dbrepo-data-service/pom.xml
@@ -16,7 +16,7 @@
<groupId>at.tuwien</groupId>
<artifactId>dbrepo-data-service</artifactId>
<name>dbrepo-data-service</name>
- <version>1.7.0</version>
+ <version>1.7.1</version>
<description>Service that manages the data</description>
diff --git a/dbrepo-data-service/querystore/pom.xml b/dbrepo-data-service/querystore/pom.xml
index 1aa138f611c7fa5ec2fc4f6dc98beb8a177f24b5..12c1688ff501c9302c9aa6713c81b59c01d11622 100644
--- a/dbrepo-data-service/querystore/pom.xml
+++ b/dbrepo-data-service/querystore/pom.xml
@@ -6,12 +6,12 @@
<parent>
<groupId>at.tuwien</groupId>
<artifactId>dbrepo-data-service</artifactId>
- <version>1.7.0</version>
+ <version>1.7.1</version>
</parent>
<artifactId>dbrepo-data-service-querystore</artifactId>
<name>dbrepo-data-service-querystore</name>
- <version>1.7.0</version>
+ <version>1.7.1</version>
<dependencies/>
diff --git a/dbrepo-data-service/report/pom.xml b/dbrepo-data-service/report/pom.xml
index 98536501d3beb70b5c05f632e673a401b03ae2cd..5944f7cb39ee14d9f46182c541eb11c80f90aa76 100644
--- a/dbrepo-data-service/report/pom.xml
+++ b/dbrepo-data-service/report/pom.xml
@@ -6,12 +6,12 @@
<parent>
<groupId>at.tuwien</groupId>
<artifactId>dbrepo-data-service</artifactId>
- <version>1.7.0</version>
+ <version>1.7.1</version>
</parent>
<artifactId>report</artifactId>
<name>dbrepo-data-service-report</name>
- <version>1.7.0</version>
+ <version>1.7.1</version>
<description>
This module is only intended for the pipeline coverage report. See the detailed report in the
respective modules
diff --git a/dbrepo-data-service/rest-service/pom.xml b/dbrepo-data-service/rest-service/pom.xml
index 434c423ef056566305e2d72db984781e7b1429fc..4bc6e196144862161c4d7375d45840cfd6352103 100644
--- a/dbrepo-data-service/rest-service/pom.xml
+++ b/dbrepo-data-service/rest-service/pom.xml
@@ -6,18 +6,18 @@
<parent>
<groupId>at.tuwien</groupId>
<artifactId>dbrepo-data-service</artifactId>
- <version>1.7.0</version>
+ <version>1.7.1</version>
</parent>
<artifactId>rest-service</artifactId>
<name>dbrepo-data-service-rest-service</name>
- <version>1.7.0</version>
+ <version>1.7.1</version>
<dependencies>
<dependency>
<groupId>at.tuwien</groupId>
<artifactId>services</artifactId>
- <version>1.7.0</version>
+ <version>1.7.1</version>
</dependency>
</dependencies>
diff --git a/dbrepo-data-service/services/pom.xml b/dbrepo-data-service/services/pom.xml
index 5252e6a3d30439671d085b9ac2d6bca81bf462c0..57d2b2a7f6c9abcc47e436215b3027c540adc985 100644
--- a/dbrepo-data-service/services/pom.xml
+++ b/dbrepo-data-service/services/pom.xml
@@ -6,18 +6,18 @@
<parent>
<groupId>at.tuwien</groupId>
<artifactId>dbrepo-data-service</artifactId>
- <version>1.7.0</version>
+ <version>1.7.1</version>
</parent>
<artifactId>services</artifactId>
<name>dbrepo-data-service-services</name>
- <version>1.7.0</version>
+ <version>1.7.1</version>
<dependencies>
<dependency>
<groupId>at.tuwien</groupId>
<artifactId>dbrepo-data-service-querystore</artifactId>
- <version>1.7.0</version>
+ <version>1.7.1</version>
</dependency>
</dependencies>
diff --git a/dbrepo-data-service/services/src/main/java/at/tuwien/auth/BasicAuthenticationProvider.java b/dbrepo-data-service/services/src/main/java/at/tuwien/auth/BasicAuthenticationProvider.java
index f7f51c0b0d5eab1d06d5e83cc93256cf5211c911..7af0e8cab0d6f7726954eb807c8b95e5d58b006e 100644
--- a/dbrepo-data-service/services/src/main/java/at/tuwien/auth/BasicAuthenticationProvider.java
+++ b/dbrepo-data-service/services/src/main/java/at/tuwien/auth/BasicAuthenticationProvider.java
@@ -1,7 +1,7 @@
package at.tuwien.auth;
import at.tuwien.api.keycloak.TokenDto;
-import at.tuwien.gateway.KeycloakGateway;
+import at.tuwien.service.CredentialService;
import lombok.extern.log4j.Log4j2;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.authentication.AuthenticationManager;
@@ -15,18 +15,18 @@ import org.springframework.stereotype.Component;
@Component
public class BasicAuthenticationProvider implements AuthenticationManager {
+ private final CredentialService credentialService;
private final AuthTokenFilter authTokenFilter;
- private final KeycloakGateway keycloakGateway;
@Autowired
- public BasicAuthenticationProvider(AuthTokenFilter authTokenFilter, KeycloakGateway keycloakGateway) {
+ public BasicAuthenticationProvider(CredentialService credentialService, AuthTokenFilter authTokenFilter) {
+ this.credentialService = credentialService;
this.authTokenFilter = authTokenFilter;
- this.keycloakGateway = keycloakGateway;
}
@Override
public Authentication authenticate(Authentication auth) throws AuthenticationException {
- final TokenDto tokenDto = keycloakGateway.obtainUserToken(auth.getName(), auth.getCredentials().toString());
+ final TokenDto tokenDto = credentialService.getAccessToken(auth.getName(), auth.getCredentials().toString());
final UserDetails userDetails = authTokenFilter.verifyJwt(tokenDto.getAccessToken());
return new UsernamePasswordAuthenticationToken(userDetails, null, userDetails.getAuthorities());
}
diff --git a/dbrepo-data-service/services/src/main/java/at/tuwien/auth/InternalRequestInterceptor.java b/dbrepo-data-service/services/src/main/java/at/tuwien/auth/InternalRequestInterceptor.java
index b0edc929ed0097ce94e65153707dc47406f0f3c9..5ba81ea4b37212eee6e370a8779618d0b8be8a3d 100644
--- a/dbrepo-data-service/services/src/main/java/at/tuwien/auth/InternalRequestInterceptor.java
+++ b/dbrepo-data-service/services/src/main/java/at/tuwien/auth/InternalRequestInterceptor.java
@@ -2,8 +2,9 @@ package at.tuwien.auth;
import at.tuwien.api.keycloak.TokenDto;
import at.tuwien.config.GatewayConfig;
-import at.tuwien.gateway.KeycloakGateway;
+import at.tuwien.service.CredentialService;
import lombok.extern.log4j.Log4j2;
+import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.HttpHeaders;
import org.springframework.http.HttpRequest;
import org.springframework.http.MediaType;
@@ -17,12 +18,13 @@ import java.util.List;
@Log4j2
public class InternalRequestInterceptor implements ClientHttpRequestInterceptor {
+ private final CredentialService credentialService;
private final GatewayConfig gatewayConfig;
- private final KeycloakGateway keycloakGateway;
- public InternalRequestInterceptor(GatewayConfig gatewayConfig, KeycloakGateway keycloakGateway) {
+ @Autowired
+ public InternalRequestInterceptor(CredentialService credentialService, GatewayConfig gatewayConfig) {
+ this.credentialService = credentialService;
this.gatewayConfig = gatewayConfig;
- this.keycloakGateway = keycloakGateway;
}
@Override
@@ -30,7 +32,7 @@ public class InternalRequestInterceptor implements ClientHttpRequestInterceptor
throws IOException {
final HttpHeaders headers = request.getHeaders();
headers.setAccept(List.of(MediaType.APPLICATION_JSON));
- final TokenDto token = keycloakGateway.obtainUserToken(gatewayConfig.getSystemUsername(),
+ final TokenDto token = credentialService.getAccessToken(gatewayConfig.getSystemUsername(),
gatewayConfig.getSystemPassword());
headers.setBearerAuth(token.getAccessToken());
log.trace("set bearer token for internal user: {}", gatewayConfig.getSystemUsername());
diff --git a/dbrepo-data-service/services/src/main/java/at/tuwien/config/CacheConfig.java b/dbrepo-data-service/services/src/main/java/at/tuwien/config/CacheConfig.java
index 6fc7e7250cad33f8d2b9f81f3e2ec95f9fa934b9..603491c97005a2633885d7bff2be1b75a8625507 100644
--- a/dbrepo-data-service/services/src/main/java/at/tuwien/config/CacheConfig.java
+++ b/dbrepo-data-service/services/src/main/java/at/tuwien/config/CacheConfig.java
@@ -5,6 +5,7 @@ import at.tuwien.api.database.DatabaseAccessDto;
import at.tuwien.api.database.DatabaseDto;
import at.tuwien.api.database.ViewDto;
import at.tuwien.api.database.table.TableDto;
+import at.tuwien.api.keycloak.TokenDto;
import at.tuwien.api.user.UserDto;
import com.github.benmanes.caffeine.cache.Cache;
import com.github.benmanes.caffeine.cache.Caffeine;
@@ -51,6 +52,11 @@ public class CacheConfig {
return new ExpiryCache<UUID, ContainerDto>().build();
}
+ @Bean
+ public Cache<String, TokenDto> tokenCache() {
+ return new ExpiryCache<String, TokenDto>().build();
+ }
+
class ExpiryCache<K, T> {
Cache<K, T> build() {
diff --git a/dbrepo-data-service/services/src/main/java/at/tuwien/config/GatewayConfig.java b/dbrepo-data-service/services/src/main/java/at/tuwien/config/GatewayConfig.java
index 1a92faf86f39c5568b9fd927499a61874aacc09c..26f181c39d67fb81e37557f59bbd3522cc5d2278 100644
--- a/dbrepo-data-service/services/src/main/java/at/tuwien/config/GatewayConfig.java
+++ b/dbrepo-data-service/services/src/main/java/at/tuwien/config/GatewayConfig.java
@@ -1,11 +1,10 @@
package at.tuwien.config;
import at.tuwien.auth.InternalRequestInterceptor;
-import at.tuwien.gateway.KeycloakGateway;
+import at.tuwien.service.CredentialService;
import lombok.Getter;
import lombok.extern.log4j.Log4j2;
import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
@@ -29,11 +28,11 @@ public class GatewayConfig {
@Value("${dbrepo.system.password}")
private String systemPassword;
- private final KeycloakGateway keycloakGateway;
+ private final CredentialService credentialService;
@Autowired
- public GatewayConfig(KeycloakGateway keycloakGateway) {
- this.keycloakGateway = keycloakGateway;
+ public GatewayConfig(CredentialService credentialService) {
+ this.credentialService = credentialService;
}
@Bean
@@ -41,7 +40,7 @@ public class GatewayConfig {
final RestTemplate restTemplate = new RestTemplate();
restTemplate.setUriTemplateHandler(new DefaultUriBuilderFactory(metadataEndpoint));
restTemplate.getInterceptors()
- .add(new InternalRequestInterceptor(this, keycloakGateway));
+ .add(new InternalRequestInterceptor(credentialService, this));
return restTemplate;
}
diff --git a/dbrepo-data-service/services/src/main/java/at/tuwien/config/WebSecurityConfig.java b/dbrepo-data-service/services/src/main/java/at/tuwien/config/WebSecurityConfig.java
index e1f763b3b7924748fe80f4485bbef2d3b05cfa23..8dce6c3691a3f8523104f913cce9052833c5fd21 100644
--- a/dbrepo-data-service/services/src/main/java/at/tuwien/config/WebSecurityConfig.java
+++ b/dbrepo-data-service/services/src/main/java/at/tuwien/config/WebSecurityConfig.java
@@ -2,7 +2,7 @@ package at.tuwien.config;
import at.tuwien.auth.AuthTokenFilter;
import at.tuwien.auth.BasicAuthenticationProvider;
-import at.tuwien.gateway.KeycloakGateway;
+import at.tuwien.service.CredentialService;
import io.swagger.v3.oas.annotations.enums.SecuritySchemeType;
import io.swagger.v3.oas.annotations.security.SecurityScheme;
import jakarta.servlet.http.HttpServletResponse;
@@ -43,7 +43,7 @@ public class WebSecurityConfig {
}
@Bean
- public SecurityFilterChain filterChain(HttpSecurity http, KeycloakGateway keycloakGateway)
+ public SecurityFilterChain filterChain(HttpSecurity http, CredentialService credentialService)
throws Exception {
final OrRequestMatcher internalEndpoints = new OrRequestMatcher(
new AntPathRequestMatcher("/actuator/**", "GET"),
@@ -86,8 +86,8 @@ public class WebSecurityConfig {
http.addFilterBefore(authTokenFilter(),
UsernamePasswordAuthenticationFilter.class
);
- http.addFilterBefore(new BasicAuthenticationFilter(new BasicAuthenticationProvider(authTokenFilter(),
- keycloakGateway)),
+ http.addFilterBefore(new BasicAuthenticationFilter(new BasicAuthenticationProvider(credentialService,
+ authTokenFilter())),
UsernamePasswordAuthenticationFilter.class
);
return http.build();
diff --git a/dbrepo-data-service/services/src/main/java/at/tuwien/service/CacheService.java b/dbrepo-data-service/services/src/main/java/at/tuwien/service/CacheService.java
index c5ffcc1638253a942d7a04b562314082e94865dc..c61b1e1c917056194a67817573b40f01cf6491ba 100644
--- a/dbrepo-data-service/services/src/main/java/at/tuwien/service/CacheService.java
+++ b/dbrepo-data-service/services/src/main/java/at/tuwien/service/CacheService.java
@@ -5,6 +5,7 @@ import at.tuwien.api.database.DatabaseAccessDto;
import at.tuwien.api.database.DatabaseDto;
import at.tuwien.api.database.ViewDto;
import at.tuwien.api.database.table.TableDto;
+import at.tuwien.api.keycloak.TokenDto;
import at.tuwien.api.user.UserDto;
import at.tuwien.exception.*;
diff --git a/dbrepo-data-service/services/src/main/java/at/tuwien/service/CredentialService.java b/dbrepo-data-service/services/src/main/java/at/tuwien/service/CredentialService.java
new file mode 100644
index 0000000000000000000000000000000000000000..b1c28cf1701772eb16f3c79a8f155faf6e8261a9
--- /dev/null
+++ b/dbrepo-data-service/services/src/main/java/at/tuwien/service/CredentialService.java
@@ -0,0 +1,16 @@
+package at.tuwien.service;
+
+import at.tuwien.api.keycloak.TokenDto;
+
+public interface CredentialService {
+
+ /**
+ * Gets credentials for a user with given id in a database with given id either from the cache (if not expired) or
+ * retrieves them from the Metadata Service.
+ *
+ * @param username The username.
+ * @param password The user password.
+ * @return The credentials.
+ */
+ TokenDto getAccessToken(String username, String password);
+}
diff --git a/dbrepo-data-service/services/src/main/java/at/tuwien/service/impl/CacheServiceImpl.java b/dbrepo-data-service/services/src/main/java/at/tuwien/service/impl/CacheServiceImpl.java
index c23f77edd68af67fbe09d3d9c5b4746b3eebbd83..4abfc453e52e6f086572d32c193b35af36225506 100644
--- a/dbrepo-data-service/services/src/main/java/at/tuwien/service/impl/CacheServiceImpl.java
+++ b/dbrepo-data-service/services/src/main/java/at/tuwien/service/impl/CacheServiceImpl.java
@@ -5,6 +5,7 @@ import at.tuwien.api.database.DatabaseAccessDto;
import at.tuwien.api.database.DatabaseDto;
import at.tuwien.api.database.ViewDto;
import at.tuwien.api.database.table.TableDto;
+import at.tuwien.api.keycloak.TokenDto;
import at.tuwien.api.user.UserDto;
import at.tuwien.exception.*;
import at.tuwien.gateway.MetadataServiceGateway;
diff --git a/dbrepo-data-service/services/src/main/java/at/tuwien/service/impl/CredentialServiceImpl.java b/dbrepo-data-service/services/src/main/java/at/tuwien/service/impl/CredentialServiceImpl.java
new file mode 100644
index 0000000000000000000000000000000000000000..7cf7d1eff4394ae174b0e724fa8e34455b363578
--- /dev/null
+++ b/dbrepo-data-service/services/src/main/java/at/tuwien/service/impl/CredentialServiceImpl.java
@@ -0,0 +1,44 @@
+package at.tuwien.service.impl;
+
+import at.tuwien.api.keycloak.TokenDto;
+import at.tuwien.gateway.KeycloakGateway;
+import at.tuwien.service.CredentialService;
+import com.github.benmanes.caffeine.cache.Cache;
+import lombok.extern.log4j.Log4j2;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Service;
+
+@Log4j2
+@Service
+public class CredentialServiceImpl implements CredentialService {
+
+ private final KeycloakGateway keycloakGateway;
+ private final Cache<String, TokenDto> tokenCache;
+
+ @Autowired
+ public CredentialServiceImpl(KeycloakGateway keycloakGateway, Cache<String, TokenDto> tokenCache) {
+ this.tokenCache = tokenCache;
+ this.keycloakGateway = keycloakGateway;
+ }
+
+ @Override
+ public TokenDto getAccessToken(String username, String password) {
+ final TokenDto cacheAccessToken = tokenCache.getIfPresent(username);
+ if (cacheAccessToken != null) {
+ log.trace("found access token for user with username {} in cache", username);
+ return cacheAccessToken;
+ }
+ log.debug("access token for user with username {} not it cache (anymore): request new", username);
+ final TokenDto token = keycloakGateway.obtainUserToken(username, password);
+ tokenCache.put(username, token);
+ return token;
+ }
+
+ /**
+ * Method for test cases to remove all caches.
+ */
+ public void invalidateAll() {
+ tokenCache.invalidateAll();
+ }
+
+}
diff --git a/dbrepo-data-service/services/src/main/java/at/tuwien/service/impl/TableServiceMariaDbImpl.java b/dbrepo-data-service/services/src/main/java/at/tuwien/service/impl/TableServiceMariaDbImpl.java
index a646de02b3b560a7dc6967c108a4f7369e33fd65..4ca226ffdee8d9abe9023c540c46b2917d4a7458 100644
--- a/dbrepo-data-service/services/src/main/java/at/tuwien/service/impl/TableServiceMariaDbImpl.java
+++ b/dbrepo-data-service/services/src/main/java/at/tuwien/service/impl/TableServiceMariaDbImpl.java
@@ -79,7 +79,6 @@ public class TableServiceMariaDbImpl extends DataConnector implements TableServi
.filter(column -> !MariaDbUtil.numericDataTypes.contains(column.getColumnType()))
.forEach(column -> statistic.getColumns().put(column.getInternalName(), new ColumnStatisticDto()));
log.info("Obtained statistics for the table and {} column(s)", statistic.getColumns().size());
- log.trace("obtained statistics: {}", statistic);
}
} catch (SQLException e) {
connection.rollback();
diff --git a/dbrepo-metadata-service/api/pom.xml b/dbrepo-metadata-service/api/pom.xml
index 6c3b1aa13fbe0ccac21e0e0ce1ede0a78e6f340d..37662b64cbb9c65d104871a349ed2d6f127f89b1 100644
--- a/dbrepo-metadata-service/api/pom.xml
+++ b/dbrepo-metadata-service/api/pom.xml
@@ -6,18 +6,18 @@
<parent>
<groupId>at.tuwien</groupId>
<artifactId>dbrepo-metadata-service</artifactId>
- <version>1.7.0</version>
+ <version>1.7.1</version>
</parent>
<artifactId>dbrepo-metadata-service-api</artifactId>
<name>dbrepo-metadata-service-api</name>
- <version>1.7.0</version>
+ <version>1.7.1</version>
<dependencies>
<dependency>
<groupId>at.tuwien</groupId>
<artifactId>dbrepo-metadata-service-entities</artifactId>
- <version>1.7.0</version>
+ <version>1.7.1</version>
<scope>compile</scope>
</dependency>
</dependencies>
diff --git a/dbrepo-metadata-service/api/src/main/java/at/tuwien/api/keycloak/TokenDto.java b/dbrepo-metadata-service/api/src/main/java/at/tuwien/api/keycloak/TokenDto.java
index c20af4cc36e9064c70bc81906badc413e29af593..dcd14c4d2a469b0bdfe88166aae9afba8048ba4c 100644
--- a/dbrepo-metadata-service/api/src/main/java/at/tuwien/api/keycloak/TokenDto.java
+++ b/dbrepo-metadata-service/api/src/main/java/at/tuwien/api/keycloak/TokenDto.java
@@ -1,10 +1,14 @@
package at.tuwien.api.keycloak;
+import at.tuwien.api.CacheableDto;
import com.fasterxml.jackson.annotation.JsonProperty;
+import io.swagger.v3.oas.annotations.media.Schema;
import jakarta.validation.constraints.NotNull;
import lombok.*;
import lombok.extern.jackson.Jacksonized;
+import java.time.Instant;
+
@Getter
@Setter
@Builder
@@ -12,7 +16,7 @@ import lombok.extern.jackson.Jacksonized;
@AllArgsConstructor
@Jacksonized
@ToString
-public class TokenDto {
+public class TokenDto extends CacheableDto {
@NotNull
@JsonProperty("access_token")
@@ -49,4 +53,10 @@ public class TokenDto {
@JsonProperty("not-before-policy")
private Long notBeforePolicy;
+ /* lombok limitations prevent from convenient builder functions */
+
+ @JsonProperty("last_retrieved")
+ @Schema(example = "2025-01-23T12:09:01")
+ private Instant lastRetrieved;
+
}
diff --git a/dbrepo-metadata-service/entities/pom.xml b/dbrepo-metadata-service/entities/pom.xml
index 313309e18831501558a149cab52920bb90e89e91..76ef98f9f1f7100d5360326d9413466a35bf0add 100644
--- a/dbrepo-metadata-service/entities/pom.xml
+++ b/dbrepo-metadata-service/entities/pom.xml
@@ -6,12 +6,12 @@
<parent>
<groupId>at.tuwien</groupId>
<artifactId>dbrepo-metadata-service</artifactId>
- <version>1.7.0</version>
+ <version>1.7.1</version>
</parent>
<artifactId>dbrepo-metadata-service-entities</artifactId>
<name>dbrepo-metadata-service-entity</name>
- <version>1.7.0</version>
+ <version>1.7.1</version>
<dependencies/>
diff --git a/dbrepo-metadata-service/oai/pom.xml b/dbrepo-metadata-service/oai/pom.xml
index 54c464b11a31cea0e588f797fa38012c573a1d02..7a5df8b329e3ac371f65d28b2bae4a1532a329f0 100644
--- a/dbrepo-metadata-service/oai/pom.xml
+++ b/dbrepo-metadata-service/oai/pom.xml
@@ -6,12 +6,12 @@
<parent>
<groupId>at.tuwien</groupId>
<artifactId>dbrepo-metadata-service</artifactId>
- <version>1.7.0</version>
+ <version>1.7.1</version>
</parent>
<artifactId>dbrepo-metadata-service-oai</artifactId>
<name>dbrepo-metadata-service-oai</name>
- <version>1.7.0</version>
+ <version>1.7.1</version>
<dependencies/>
diff --git a/dbrepo-metadata-service/pom.xml b/dbrepo-metadata-service/pom.xml
index dec6e42b20ea0aa7c7c26d5ef3e08ff24f08c9fa..53198bb0dead1ab4c2975b6cbf02d18584dd5688 100644
--- a/dbrepo-metadata-service/pom.xml
+++ b/dbrepo-metadata-service/pom.xml
@@ -16,7 +16,7 @@
<groupId>at.tuwien</groupId>
<artifactId>dbrepo-metadata-service</artifactId>
<name>dbrepo-metadata-service</name>
- <version>1.7.0</version>
+ <version>1.7.1</version>
<description>Service that manages the metadata</description>
diff --git a/dbrepo-metadata-service/report/pom.xml b/dbrepo-metadata-service/report/pom.xml
index 6bcb8d579b67439ad4bcd590cf5af3819f70218e..dc6186ed9c30a034c9a18360c365a50c5771e51d 100644
--- a/dbrepo-metadata-service/report/pom.xml
+++ b/dbrepo-metadata-service/report/pom.xml
@@ -6,12 +6,12 @@
<parent>
<artifactId>dbrepo-metadata-service</artifactId>
<groupId>at.tuwien</groupId>
- <version>1.7.0</version>
+ <version>1.7.1</version>
</parent>
<artifactId>dbrepo-metadata-service-report</artifactId>
<name>dbrepo-metadata-service-report</name>
- <version>1.7.0</version>
+ <version>1.7.1</version>
<dependencies>
<dependency>
diff --git a/dbrepo-metadata-service/repositories/pom.xml b/dbrepo-metadata-service/repositories/pom.xml
index 4d3b5f933d2c39674b2f9e58461387c0a2cffdb8..273740f1d07c4c0575dd9b59754d27eb4335eaa8 100644
--- a/dbrepo-metadata-service/repositories/pom.xml
+++ b/dbrepo-metadata-service/repositories/pom.xml
@@ -6,12 +6,12 @@
<parent>
<artifactId>dbrepo-metadata-service</artifactId>
<groupId>at.tuwien</groupId>
- <version>1.7.0</version>
+ <version>1.7.1</version>
</parent>
<artifactId>dbrepo-metadata-service-repositories</artifactId>
<name>dbrepo-metadata-service-repositories</name>
- <version>1.7.0</version>
+ <version>1.7.1</version>
<dependencies>
<dependency>
diff --git a/dbrepo-metadata-service/rest-service/pom.xml b/dbrepo-metadata-service/rest-service/pom.xml
index 9e9f23d11fdbab4fc2308bead597a7626272ceb1..6427153b504248bda78827974eedae242e6e6c08 100644
--- a/dbrepo-metadata-service/rest-service/pom.xml
+++ b/dbrepo-metadata-service/rest-service/pom.xml
@@ -6,12 +6,12 @@
<parent>
<artifactId>dbrepo-metadata-service</artifactId>
<groupId>at.tuwien</groupId>
- <version>1.7.0</version>
+ <version>1.7.1</version>
</parent>
<artifactId>dbrepo-metadata-service-rest-service</artifactId>
<name>dbrepo-metadata-service-rest</name>
- <version>1.7.0</version>
+ <version>1.7.1</version>
<dependencies>
<dependency>
diff --git a/dbrepo-metadata-service/rest-service/src/main/java/at/tuwien/endpoints/ViewEndpoint.java b/dbrepo-metadata-service/rest-service/src/main/java/at/tuwien/endpoints/ViewEndpoint.java
index 432b84d50f125895287516e0e628110e207f1a83..2cc187c884e658a6d6dae8a76ce6ffdeb94a2d61 100644
--- a/dbrepo-metadata-service/rest-service/src/main/java/at/tuwien/endpoints/ViewEndpoint.java
+++ b/dbrepo-metadata-service/rest-service/src/main/java/at/tuwien/endpoints/ViewEndpoint.java
@@ -146,7 +146,7 @@ public class ViewEndpoint extends AbstractEndpoint {
MalformedException, DataServiceException, DataServiceConnectionException, DatabaseNotFoundException,
UserNotFoundException, SearchServiceException, SearchServiceConnectionException, TableNotFoundException,
ImageNotFoundException, ViewExistsException {
- log.debug("endpoint create view, databaseId={}, data={}", databaseId, data);
+ log.debug("endpoint create view, databaseId={}, data.name={}", databaseId, data.getName());
final Database database = databaseService.findById(databaseId);
if (!database.getOwner().getId().equals(getId(principal))) {
log.error("Failed to create view: not the database owner");
@@ -156,7 +156,6 @@ public class ViewEndpoint extends AbstractEndpoint {
log.error("Failed to create view: name exists");
throw new ViewExistsException("Failed to create view: name exists");
}
- log.trace("create view for database {}", database);
return ResponseEntity.status(HttpStatus.CREATED)
.body(metadataMapper.viewToViewBriefDto(
viewService.create(database, userService.findById(getId(principal)), data)));
diff --git a/dbrepo-metadata-service/rest-service/src/main/resources/application.yml b/dbrepo-metadata-service/rest-service/src/main/resources/application.yml
index 01d2de7d8a0f73dcc667b69ed499ae350a81d317..a8a16759829dcf376b75b1de02029cfb16fddc80 100644
--- a/dbrepo-metadata-service/rest-service/src/main/resources/application.yml
+++ b/dbrepo-metadata-service/rest-service/src/main/resources/application.yml
@@ -73,6 +73,7 @@ dbrepo:
password: "${AUTH_SERVICE_ADMIN_PASSWORD:admin}"
client: "${AUTH_SERVICE_CLIENT:dbrepo-client}"
clientSecret: "${AUTH_SERVICE_CLIENT_SECRET:MUwRc7yfXSJwX8AdRMWaQC3Nep1VjwgG}"
+ credentialCacheTimeout: "${CREDENTIAL_CACHE_TIMEOUT:60}"
website: "${BASE_URL:http://localhost}"
repository-name: "${REPOSITORY_NAME:Database Repository}"
base-url: "${BASE_URL:http://localhost}"
diff --git a/dbrepo-metadata-service/services/pom.xml b/dbrepo-metadata-service/services/pom.xml
index 906fa5258b02807565c4acc0e361d5c65bd65b77..f06002c2bad12d8ed2307167dff0478c8ac98222 100644
--- a/dbrepo-metadata-service/services/pom.xml
+++ b/dbrepo-metadata-service/services/pom.xml
@@ -6,12 +6,12 @@
<parent>
<artifactId>dbrepo-metadata-service</artifactId>
<groupId>at.tuwien</groupId>
- <version>1.7.0</version>
+ <version>1.7.1</version>
</parent>
<artifactId>dbrepo-metadata-service-services</artifactId>
<name>dbrepo-metadata-service-services</name>
- <version>1.7.0</version>
+ <version>1.7.1</version>
<dependencies>
<dependency>
diff --git a/dbrepo-metadata-service/services/src/main/java/at/tuwien/auth/BasicAuthenticationProvider.java b/dbrepo-metadata-service/services/src/main/java/at/tuwien/auth/BasicAuthenticationProvider.java
index 27a1c271af871b6253540674e9777368afa42e4a..963249b393895781f38c1770ca5392e09fa47d66 100644
--- a/dbrepo-metadata-service/services/src/main/java/at/tuwien/auth/BasicAuthenticationProvider.java
+++ b/dbrepo-metadata-service/services/src/main/java/at/tuwien/auth/BasicAuthenticationProvider.java
@@ -1,7 +1,7 @@
package at.tuwien.auth;
import at.tuwien.api.keycloak.TokenDto;
-import at.tuwien.gateway.KeycloakGateway;
+import at.tuwien.service.CredentialService;
import lombok.extern.log4j.Log4j2;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.authentication.AuthenticationManager;
@@ -15,18 +15,18 @@ import org.springframework.stereotype.Component;
@Component
public class BasicAuthenticationProvider implements AuthenticationManager {
+ private final CredentialService credentialService;
private final AuthTokenFilter authTokenFilter;
- private final KeycloakGateway keycloakGateway;
@Autowired
- public BasicAuthenticationProvider(AuthTokenFilter authTokenFilter, KeycloakGateway keycloakGateway) {
+ public BasicAuthenticationProvider(CredentialService credentialService, AuthTokenFilter authTokenFilter) {
+ this.credentialService = credentialService;
this.authTokenFilter = authTokenFilter;
- this.keycloakGateway = keycloakGateway;
}
@Override
public Authentication authenticate(Authentication auth) throws AuthenticationException {
- final TokenDto tokenDto = keycloakGateway.obtainUserToken(auth.getName(), auth.getCredentials().toString());
+ final TokenDto tokenDto = credentialService.getAccessToken(auth.getName(), auth.getCredentials().toString());
final UserDetails userDetails = authTokenFilter.verifyJwt(tokenDto.getAccessToken());
log.debug("set basic auth principal: {}", userDetails);
return new UsernamePasswordAuthenticationToken(userDetails, null, userDetails.getAuthorities());
diff --git a/dbrepo-metadata-service/services/src/main/java/at/tuwien/auth/InternalRequestInterceptor.java b/dbrepo-metadata-service/services/src/main/java/at/tuwien/auth/InternalRequestInterceptor.java
index b0edc929ed0097ce94e65153707dc47406f0f3c9..d6b5da373cd08436c1ab1a42031952f05faf6d12 100644
--- a/dbrepo-metadata-service/services/src/main/java/at/tuwien/auth/InternalRequestInterceptor.java
+++ b/dbrepo-metadata-service/services/src/main/java/at/tuwien/auth/InternalRequestInterceptor.java
@@ -2,7 +2,7 @@ package at.tuwien.auth;
import at.tuwien.api.keycloak.TokenDto;
import at.tuwien.config.GatewayConfig;
-import at.tuwien.gateway.KeycloakGateway;
+import at.tuwien.service.CredentialService;
import lombok.extern.log4j.Log4j2;
import org.springframework.http.HttpHeaders;
import org.springframework.http.HttpRequest;
@@ -17,12 +17,12 @@ import java.util.List;
@Log4j2
public class InternalRequestInterceptor implements ClientHttpRequestInterceptor {
+ private final CredentialService credentialService;
private final GatewayConfig gatewayConfig;
- private final KeycloakGateway keycloakGateway;
- public InternalRequestInterceptor(GatewayConfig gatewayConfig, KeycloakGateway keycloakGateway) {
+ public InternalRequestInterceptor(CredentialService credentialService, GatewayConfig gatewayConfig) {
+ this.credentialService = credentialService;
this.gatewayConfig = gatewayConfig;
- this.keycloakGateway = keycloakGateway;
}
@Override
@@ -30,7 +30,7 @@ public class InternalRequestInterceptor implements ClientHttpRequestInterceptor
throws IOException {
final HttpHeaders headers = request.getHeaders();
headers.setAccept(List.of(MediaType.APPLICATION_JSON));
- final TokenDto token = keycloakGateway.obtainUserToken(gatewayConfig.getSystemUsername(),
+ final TokenDto token = credentialService.getAccessToken(gatewayConfig.getSystemUsername(),
gatewayConfig.getSystemPassword());
headers.setBearerAuth(token.getAccessToken());
log.trace("set bearer token for internal user: {}", gatewayConfig.getSystemUsername());
diff --git a/dbrepo-metadata-service/services/src/main/java/at/tuwien/config/CacheConfig.java b/dbrepo-metadata-service/services/src/main/java/at/tuwien/config/CacheConfig.java
new file mode 100644
index 0000000000000000000000000000000000000000..9229927e83c19a8b73ca66f100a38091289750fb
--- /dev/null
+++ b/dbrepo-metadata-service/services/src/main/java/at/tuwien/config/CacheConfig.java
@@ -0,0 +1,33 @@
+package at.tuwien.config;
+
+import at.tuwien.api.keycloak.TokenDto;
+import com.github.benmanes.caffeine.cache.Cache;
+import com.github.benmanes.caffeine.cache.Caffeine;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+
+import java.util.concurrent.TimeUnit;
+
+@Configuration
+public class CacheConfig {
+
+ @Value("${dbrepo.credentialCacheTimeout}")
+ private Integer credentialCacheTimeout;
+
+ @Bean
+ public Cache<String, TokenDto> tokenCache() {
+ return new ExpiryCache<String, TokenDto>().build();
+ }
+
+ class ExpiryCache<K, T> {
+
+ Cache<K, T> build() {
+ return Caffeine.newBuilder()
+ .expireAfterWrite(credentialCacheTimeout, TimeUnit.SECONDS)
+ .build();
+ }
+
+ }
+
+}
diff --git a/dbrepo-metadata-service/services/src/main/java/at/tuwien/config/GatewayConfig.java b/dbrepo-metadata-service/services/src/main/java/at/tuwien/config/GatewayConfig.java
index 0bcace730e7753b1dd21d2e1d4a91f47bda6b9f3..34b0acbcb7dfc9164dda5b0408463a8c742b01d1 100644
--- a/dbrepo-metadata-service/services/src/main/java/at/tuwien/config/GatewayConfig.java
+++ b/dbrepo-metadata-service/services/src/main/java/at/tuwien/config/GatewayConfig.java
@@ -1,7 +1,7 @@
package at.tuwien.config;
import at.tuwien.auth.InternalRequestInterceptor;
-import at.tuwien.gateway.KeycloakGateway;
+import at.tuwien.service.CredentialService;
import lombok.Getter;
import lombok.extern.log4j.Log4j2;
import org.springframework.beans.factory.annotation.Autowired;
@@ -44,12 +44,12 @@ public class GatewayConfig {
@Value("${dbrepo.system.password}")
private String systemPassword;
-
- private final KeycloakGateway keycloakGateway;
+
+ private final CredentialService credentialService;
@Autowired
- public GatewayConfig(KeycloakGateway keycloakGateway) {
- this.keycloakGateway = keycloakGateway;
+ public GatewayConfig(CredentialService credentialService) {
+ this.credentialService = credentialService;
}
@Profile("!junit")
@@ -58,7 +58,7 @@ public class GatewayConfig {
final RestTemplate restTemplate = new RestTemplate();
restTemplate.setUriTemplateHandler(new DefaultUriBuilderFactory(brokerEndpoint));
restTemplate.getInterceptors()
- .add(new InternalRequestInterceptor(this, keycloakGateway));
+ .add(new InternalRequestInterceptor(credentialService, this));
return restTemplate;
}
@@ -67,7 +67,7 @@ public class GatewayConfig {
final RestTemplate restTemplate = new RestTemplate();
restTemplate.setUriTemplateHandler(new DefaultUriBuilderFactory(dataEndpoint));
restTemplate.getInterceptors()
- .add(new InternalRequestInterceptor(this, keycloakGateway));
+ .add(new InternalRequestInterceptor(credentialService, this));
return restTemplate;
}
@@ -76,7 +76,7 @@ public class GatewayConfig {
final RestTemplate restTemplate = new RestTemplate();
restTemplate.setUriTemplateHandler(new DefaultUriBuilderFactory(analyseEndpoint));
restTemplate.getInterceptors()
- .add(new InternalRequestInterceptor(this, keycloakGateway));
+ .add(new InternalRequestInterceptor(credentialService, this));
return restTemplate;
}
@@ -85,7 +85,7 @@ public class GatewayConfig {
final RestTemplate restTemplate = new RestTemplate();
restTemplate.setUriTemplateHandler(new DefaultUriBuilderFactory(searchEndpoint));
restTemplate.getInterceptors()
- .add(new InternalRequestInterceptor(this, keycloakGateway));
+ .add(new InternalRequestInterceptor(credentialService, this));
return restTemplate;
}
diff --git a/dbrepo-metadata-service/services/src/main/java/at/tuwien/config/WebSecurityConfig.java b/dbrepo-metadata-service/services/src/main/java/at/tuwien/config/WebSecurityConfig.java
index ae15c9df2d3406a09ec6aeafbfebf571a0325a78..24133846961d340df4e04a3cf425470d68519a74 100644
--- a/dbrepo-metadata-service/services/src/main/java/at/tuwien/config/WebSecurityConfig.java
+++ b/dbrepo-metadata-service/services/src/main/java/at/tuwien/config/WebSecurityConfig.java
@@ -2,7 +2,7 @@ package at.tuwien.config;
import at.tuwien.auth.AuthTokenFilter;
import at.tuwien.auth.BasicAuthenticationProvider;
-import at.tuwien.gateway.KeycloakGateway;
+import at.tuwien.service.CredentialService;
import io.swagger.v3.oas.annotations.enums.SecuritySchemeType;
import io.swagger.v3.oas.annotations.security.SecurityScheme;
import jakarta.servlet.http.HttpServletResponse;
@@ -43,7 +43,7 @@ public class WebSecurityConfig {
}
@Bean
- public SecurityFilterChain filterChain(HttpSecurity http, KeycloakGateway keycloakGateway)
+ public SecurityFilterChain filterChain(HttpSecurity http, CredentialService credentialService)
throws Exception {
final OrRequestMatcher internalEndpoints = new OrRequestMatcher(
new AntPathRequestMatcher("/actuator/**", "GET"),
@@ -88,8 +88,7 @@ public class WebSecurityConfig {
http.addFilterBefore(authTokenFilter(),
UsernamePasswordAuthenticationFilter.class
);
- http.addFilterBefore(new BasicAuthenticationFilter(new BasicAuthenticationProvider(authTokenFilter(),
- keycloakGateway)),
+ http.addFilterBefore(new BasicAuthenticationFilter(new BasicAuthenticationProvider(credentialService, authTokenFilter())),
UsernamePasswordAuthenticationFilter.class
);
return http.build();
diff --git a/dbrepo-metadata-service/services/src/main/java/at/tuwien/service/CredentialService.java b/dbrepo-metadata-service/services/src/main/java/at/tuwien/service/CredentialService.java
new file mode 100644
index 0000000000000000000000000000000000000000..b1c28cf1701772eb16f3c79a8f155faf6e8261a9
--- /dev/null
+++ b/dbrepo-metadata-service/services/src/main/java/at/tuwien/service/CredentialService.java
@@ -0,0 +1,16 @@
+package at.tuwien.service;
+
+import at.tuwien.api.keycloak.TokenDto;
+
+public interface CredentialService {
+
+ /**
+ * Gets credentials for a user with given id in a database with given id either from the cache (if not expired) or
+ * retrieves them from the Metadata Service.
+ *
+ * @param username The username.
+ * @param password The user password.
+ * @return The credentials.
+ */
+ TokenDto getAccessToken(String username, String password);
+}
diff --git a/dbrepo-metadata-service/services/src/main/java/at/tuwien/service/impl/CredentialServiceImpl.java b/dbrepo-metadata-service/services/src/main/java/at/tuwien/service/impl/CredentialServiceImpl.java
new file mode 100644
index 0000000000000000000000000000000000000000..7cf7d1eff4394ae174b0e724fa8e34455b363578
--- /dev/null
+++ b/dbrepo-metadata-service/services/src/main/java/at/tuwien/service/impl/CredentialServiceImpl.java
@@ -0,0 +1,44 @@
+package at.tuwien.service.impl;
+
+import at.tuwien.api.keycloak.TokenDto;
+import at.tuwien.gateway.KeycloakGateway;
+import at.tuwien.service.CredentialService;
+import com.github.benmanes.caffeine.cache.Cache;
+import lombok.extern.log4j.Log4j2;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Service;
+
+@Log4j2
+@Service
+public class CredentialServiceImpl implements CredentialService {
+
+ private final KeycloakGateway keycloakGateway;
+ private final Cache<String, TokenDto> tokenCache;
+
+ @Autowired
+ public CredentialServiceImpl(KeycloakGateway keycloakGateway, Cache<String, TokenDto> tokenCache) {
+ this.tokenCache = tokenCache;
+ this.keycloakGateway = keycloakGateway;
+ }
+
+ @Override
+ public TokenDto getAccessToken(String username, String password) {
+ final TokenDto cacheAccessToken = tokenCache.getIfPresent(username);
+ if (cacheAccessToken != null) {
+ log.trace("found access token for user with username {} in cache", username);
+ return cacheAccessToken;
+ }
+ log.debug("access token for user with username {} not it cache (anymore): request new", username);
+ final TokenDto token = keycloakGateway.obtainUserToken(username, password);
+ tokenCache.put(username, token);
+ return token;
+ }
+
+ /**
+ * Method for test cases to remove all caches.
+ */
+ public void invalidateAll() {
+ tokenCache.invalidateAll();
+ }
+
+}
diff --git a/dbrepo-metadata-service/services/src/main/java/at/tuwien/service/impl/TableServiceImpl.java b/dbrepo-metadata-service/services/src/main/java/at/tuwien/service/impl/TableServiceImpl.java
index f5e2821f2663b0ce18df27784638eda4a9cef767..3b0a530e52ea65ad79b118f309353d14c0141dd1 100644
--- a/dbrepo-metadata-service/services/src/main/java/at/tuwien/service/impl/TableServiceImpl.java
+++ b/dbrepo-metadata-service/services/src/main/java/at/tuwien/service/impl/TableServiceImpl.java
@@ -322,7 +322,6 @@ public class TableServiceImpl implements TableService {
/* update in open search service */
searchServiceGateway.update(database);
log.info("Updated statistics for the table and {} column(s)", table.getColumns().size());
- log.trace("updated statistics: {}", table);
}
}
diff --git a/dbrepo-metadata-service/test/pom.xml b/dbrepo-metadata-service/test/pom.xml
index 792523227eaa968b3dd8c340779bece2323cb461..3f68c6efdeebcebaea5f897aac65d6c22a43e2d6 100644
--- a/dbrepo-metadata-service/test/pom.xml
+++ b/dbrepo-metadata-service/test/pom.xml
@@ -6,12 +6,12 @@
<parent>
<groupId>at.tuwien</groupId>
<artifactId>dbrepo-metadata-service</artifactId>
- <version>1.7.0</version>
+ <version>1.7.1</version>
</parent>
<artifactId>dbrepo-metadata-service-test</artifactId>
<name>dbrepo-metadata-service-test</name>
- <version>1.7.0</version>
+ <version>1.7.1</version>
<dependencies>
<dependency>
diff --git a/dbrepo-search-service/Pipfile b/dbrepo-search-service/Pipfile
index 6284708cc1d7f99f10843ad47c05b35a25916bf4..605020f3ef6702ee9706a3cd87d34c3ad90cd424 100644
--- a/dbrepo-search-service/Pipfile
+++ b/dbrepo-search-service/Pipfile
@@ -18,7 +18,7 @@ jwt = "~=1.3"
testcontainers-opensearch = "*"
pytest = "*"
rdflib = "*"
-dbrepo = {path = "./lib/dbrepo-1.7.0.tar.gz"}
+dbrepo = {path = "./lib/dbrepo-1.7.1.tar.gz"}
gunicorn = "*"
[dev-packages]
diff --git a/dbrepo-search-service/Pipfile.lock b/dbrepo-search-service/Pipfile.lock
index 10925ebd2c296a21a9144c85d7dc5424e61c2296..e59d39f12ef70bc54c2afc627cdb88ef58d8d722 100644
--- a/dbrepo-search-service/Pipfile.lock
+++ b/dbrepo-search-service/Pipfile.lock
@@ -1,7 +1,7 @@
{
"_meta": {
"hash": {
- "sha256": "30aa6fefdbdbb9f57d58ebc8660eee64445a831cea44c6ca1fa605f2a2e1adc3"
+ "sha256": "26523c9bb9e0fc013fddc72cf725c325312b536cb9ea8440b3870b9ebd263b7b"
},
"pipfile-spec": 6,
"requires": {
@@ -18,11 +18,11 @@
"default": {
"aiohappyeyeballs": {
"hashes": [
- "sha256:147ec992cf873d74f5062644332c539fcd42956dc69453fe5204195e560517e1",
- "sha256:9b05052f9042985d32ecbe4b59a77ae19c006a78f1344d7fdad69d28ded3d0b0"
+ "sha256:19728772cb12263077982d2f55453babd8bec6a052a926cd5c0c42796da8bf62",
+ "sha256:6cac4f5dd6e34a9644e69cf9021ef679e4394f54e58a183056d12009e42ea9e3"
],
"markers": "python_version >= '3.9'",
- "version": "==2.4.6"
+ "version": "==2.4.8"
},
"aiohttp": {
"hashes": [
@@ -373,9 +373,9 @@
},
"dbrepo": {
"hashes": [
- "sha256:ec8454f24fbf720271305ad7ae88c5e8c2d4fe10600d027874df810f18b9e848"
+ "sha256:e7d2c9e77d038c4f058e026e2bf1ae5fc3a90fd6a574dc7861e32985e745d7bb"
],
- "path": "./lib/dbrepo-1.7.0.tar.gz"
+ "path": "./lib/dbrepo-1.7.1.tar.gz"
},
"docker": {
"hashes": [
diff --git a/dbrepo-search-service/init/Pipfile b/dbrepo-search-service/init/Pipfile
index fb1215f57667a4a54c344b54b047ebb4b00e8ad9..9a5559cf98006683941ab9dbf7bfe2309c43adcb 100644
--- a/dbrepo-search-service/init/Pipfile
+++ b/dbrepo-search-service/init/Pipfile
@@ -9,7 +9,7 @@ opensearch-py = "~=2.2"
python-dotenv = "~=1.0"
testcontainers-opensearch = "*"
pytest = "*"
-dbrepo = {path = "./lib/dbrepo-1.7.0.tar.gz"}
+dbrepo = {path = "./lib/dbrepo-1.7.1.tar.gz"}
rdflib = "*"
[dev-packages]
diff --git a/dbrepo-search-service/init/Pipfile.lock b/dbrepo-search-service/init/Pipfile.lock
index dd9eaacb19ded48cc4d82a416b6b4c7d94ded1b9..9cb2f00bfbdb76426457e8f003d1e9b008e8aee3 100644
--- a/dbrepo-search-service/init/Pipfile.lock
+++ b/dbrepo-search-service/init/Pipfile.lock
@@ -1,7 +1,7 @@
{
"_meta": {
"hash": {
- "sha256": "f2b08da6e7efe0ce8db0dd5a4a7d2ba9b2992b391f191cf60db744d0e353f614"
+ "sha256": "ed0f513080ab2ba2ac3f24121f21348ea1265e6722066cb6d9a0240fae2e76ae"
},
"pipfile-spec": 6,
"requires": {
@@ -18,11 +18,11 @@
"default": {
"aiohappyeyeballs": {
"hashes": [
- "sha256:147ec992cf873d74f5062644332c539fcd42956dc69453fe5204195e560517e1",
- "sha256:9b05052f9042985d32ecbe4b59a77ae19c006a78f1344d7fdad69d28ded3d0b0"
+ "sha256:19728772cb12263077982d2f55453babd8bec6a052a926cd5c0c42796da8bf62",
+ "sha256:6cac4f5dd6e34a9644e69cf9021ef679e4394f54e58a183056d12009e42ea9e3"
],
"markers": "python_version >= '3.9'",
- "version": "==2.4.6"
+ "version": "==2.4.8"
},
"aiohttp": {
"hashes": [
@@ -259,9 +259,9 @@
},
"dbrepo": {
"hashes": [
- "sha256:ec8454f24fbf720271305ad7ae88c5e8c2d4fe10600d027874df810f18b9e848"
+ "sha256:e7d2c9e77d038c4f058e026e2bf1ae5fc3a90fd6a574dc7861e32985e745d7bb"
],
- "path": "./lib/dbrepo-1.7.0.tar.gz"
+ "path": "./lib/dbrepo-1.7.1.tar.gz"
},
"docker": {
"hashes": [
diff --git a/dbrepo-search-service/init/lib/dbrepo-1.7.0.tar.gz b/dbrepo-search-service/init/lib/dbrepo-1.7.0.tar.gz
deleted file mode 100644
index 56e2f0cd8d4a18039de95dbecfeafe997baab3ce..0000000000000000000000000000000000000000
Binary files a/dbrepo-search-service/init/lib/dbrepo-1.7.0.tar.gz and /dev/null differ
diff --git a/dbrepo-search-service/lib/dbrepo-1.7.0-py3-none-any.whl b/dbrepo-search-service/init/lib/dbrepo-1.7.1-py3-none-any.whl
similarity index 92%
rename from dbrepo-search-service/lib/dbrepo-1.7.0-py3-none-any.whl
rename to dbrepo-search-service/init/lib/dbrepo-1.7.1-py3-none-any.whl
index b58eb4bc6134164a5c99959cc35adc1160bdeff4..708d1faa89d04752658861d56c0501eb3b12f591 100644
Binary files a/dbrepo-search-service/lib/dbrepo-1.7.0-py3-none-any.whl and b/dbrepo-search-service/init/lib/dbrepo-1.7.1-py3-none-any.whl differ
diff --git a/dbrepo-search-service/init/lib/dbrepo-1.7.1.tar.gz b/dbrepo-search-service/init/lib/dbrepo-1.7.1.tar.gz
new file mode 100644
index 0000000000000000000000000000000000000000..e03ab1cb798ecc5deb85b095d519c6cf5e493823
Binary files /dev/null and b/dbrepo-search-service/init/lib/dbrepo-1.7.1.tar.gz differ
diff --git a/dbrepo-search-service/lib/dbrepo-1.7.0.tar.gz b/dbrepo-search-service/lib/dbrepo-1.7.0.tar.gz
deleted file mode 100644
index 56e2f0cd8d4a18039de95dbecfeafe997baab3ce..0000000000000000000000000000000000000000
Binary files a/dbrepo-search-service/lib/dbrepo-1.7.0.tar.gz and /dev/null differ
diff --git a/dbrepo-search-service/init/lib/dbrepo-1.7.0-py3-none-any.whl b/dbrepo-search-service/lib/dbrepo-1.7.1-py3-none-any.whl
similarity index 92%
rename from dbrepo-search-service/init/lib/dbrepo-1.7.0-py3-none-any.whl
rename to dbrepo-search-service/lib/dbrepo-1.7.1-py3-none-any.whl
index b58eb4bc6134164a5c99959cc35adc1160bdeff4..708d1faa89d04752658861d56c0501eb3b12f591 100644
Binary files a/dbrepo-search-service/init/lib/dbrepo-1.7.0-py3-none-any.whl and b/dbrepo-search-service/lib/dbrepo-1.7.1-py3-none-any.whl differ
diff --git a/dbrepo-search-service/lib/dbrepo-1.7.1.tar.gz b/dbrepo-search-service/lib/dbrepo-1.7.1.tar.gz
new file mode 100644
index 0000000000000000000000000000000000000000..e03ab1cb798ecc5deb85b095d519c6cf5e493823
Binary files /dev/null and b/dbrepo-search-service/lib/dbrepo-1.7.1.tar.gz differ
diff --git a/dbrepo-storage-service/init/init.sh b/dbrepo-storage-service/init/init.sh
index 50ead671dba3a1f2058ee861e0d8569dc43f167f..91a1c41aada823caf661380b765c9fbcd709ad8f 100644
--- a/dbrepo-storage-service/init/init.sh
+++ b/dbrepo-storage-service/init/init.sh
@@ -9,4 +9,9 @@ use_https = False
# Enable S3 v4 signature APIs
signature_v2 = False
EOF
+s3cmd --config=/app/config/.s3cfg ls | grep "s3://${S3_BUCKET}"
+if s3cmd --config=/app/config/.s3cfg ls | grep -q "s3://${S3_BUCKET}"; then
+ echo "Bucket s3://${S3_BUCKET} already exists, skip."
+ exit 0
+fi
s3cmd --config=/app/config/.s3cfg mb s3://${S3_BUCKET}
\ No newline at end of file
diff --git a/docker-compose.yml b/docker-compose.yml
index 8f0d77334e466a512a7bd66d438a61f1149c5ddc..e8c5cd8de7795d1bcced37da11b80b94dc404315 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -89,6 +89,9 @@ services:
ports:
- "8080:8080"
environment:
+ LDAP_ROOT: "${IDENTITY_SERVICE_ROOT:-dc=dbrepo,dc=at}"
+ LDAP_ADMIN_DN: "${IDENTITY_SERVICE_ADMIN_DN:-cn=admin,dc=dbrepo,dc=at}"
+ LDAP_ADMIN_PASSWORD: "${IDENTITY_SERVICE_ADMIN_PASSWORD:-admin}"
KEYCLOAK_ENABLE_HEALTH_ENDPOINTS: "true"
KEYCLOAK_ENABLE_HTTPS: "false"
KEYCLOAK_ENABLE_STATISTICS: "true"
diff --git a/helm/dbrepo/Chart.yaml b/helm/dbrepo/Chart.yaml
index 6af1965b3f2f93250717913ce464ca975decc341..ddcbbcc3431d01f7d52cc435a2261b0800677d2a 100644
--- a/helm/dbrepo/Chart.yaml
+++ b/helm/dbrepo/Chart.yaml
@@ -7,8 +7,8 @@ description: Helm Chart for installing DBRepo
sources:
- https://gitlab.phaidra.org/fair-data-austria-db-repository/fda-services
type: application
-version: "1.7.0"
-appVersion: "1.7.0"
+version: "1.7.1"
+appVersion: "1.7.1"
keywords:
- dbrepo
maintainers:
diff --git a/helm/dbrepo/README.md b/helm/dbrepo/README.md
index c827d39943f2ce3b2cb262abee51842f4a572d74..52ce8ccf39b216f857f1e299dd603f58e2fb3aa8 100644
--- a/helm/dbrepo/README.md
+++ b/helm/dbrepo/README.md
@@ -11,7 +11,7 @@ sample [
for your deployment and update the variables, especially `hostname`.
```bash
-helm install my-release "oci://registry.datalab.tuwien.ac.at/dbrepo/helm/dbrepo" --values ./values.yaml --version "1.7.0"
+helm install my-release "oci://registry.datalab.tuwien.ac.at/dbrepo/helm/dbrepo" --values ./values.yaml --version "1.7.1"
```
## Prerequisites
@@ -34,7 +34,7 @@ variable when you increase the available Pod memory for performance.
To install the chart with the release name `my-release`:
```bash
-helm install my-release "oci://oci://registry.datalab.tuwien.ac.at/dbrepo/helm" --values ./values.yaml --version "1.7.0"
+helm install my-release "oci://oci://registry.datalab.tuwien.ac.at/dbrepo/helm" --values ./values.yaml --version "1.7.1"
```
The command deploys DBRepo on the Kubernetes cluster in the default configuration. The Parameters section lists the
diff --git a/helm/dbrepo/files/02-setup-data.sql b/helm/dbrepo/files/02-setup-data.sql
new file mode 100644
index 0000000000000000000000000000000000000000..dc4917cd8bd1ce95be2159bb225b1524383081e7
--- /dev/null
+++ b/helm/dbrepo/files/02-setup-data.sql
@@ -0,0 +1,8 @@
+BEGIN;
+
+INSERT INTO `mdb_containers` (id, name, internal_name, image_id, host, port, ui_host, ui_port, privileged_username,
+ privileged_password)
+VALUES ('6cfb3b8e-1792-4e46-871a-f3d103527203', 'mariadb:11.1.3-debian-11-r6', 'mariadb_11_1_3',
+ 'd79cb089-363c-488b-9717-649e44d8fcc5', 'data-db', 3306, 'localhost', 3306, 'root', 'dbrepo');
+
+COMMIT;
diff --git a/helm/dbrepo/files/create-event-listener.jar b/helm/dbrepo/files/create-event-listener.jar
index e95a1e41f167192c570fe210667a3fe5dac77305..71cf130b3c6057a04bc4525370d1e194b17b43fb 100644
Binary files a/helm/dbrepo/files/create-event-listener.jar and b/helm/dbrepo/files/create-event-listener.jar differ
diff --git a/helm/dbrepo/files/dbrepo-realm.json b/helm/dbrepo/files/dbrepo-realm.json
new file mode 100644
index 0000000000000000000000000000000000000000..7453ef4e4d3c2485a61ba2ffc50327ab10a809f0
--- /dev/null
+++ b/helm/dbrepo/files/dbrepo-realm.json
@@ -0,0 +1,3224 @@
+{
+ "id" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
+ "realm" : "dbrepo",
+ "notBefore" : 0,
+ "defaultSignatureAlgorithm" : "RS256",
+ "revokeRefreshToken" : false,
+ "refreshTokenMaxReuse" : 1,
+ "accessTokenLifespan" : 900,
+ "accessTokenLifespanForImplicitFlow" : 900,
+ "ssoSessionIdleTimeout" : 864000,
+ "ssoSessionMaxLifespan" : 2592000,
+ "ssoSessionIdleTimeoutRememberMe" : 0,
+ "ssoSessionMaxLifespanRememberMe" : 0,
+ "offlineSessionIdleTimeout" : 2592000,
+ "offlineSessionMaxLifespanEnabled" : false,
+ "offlineSessionMaxLifespan" : 5184000,
+ "clientSessionIdleTimeout" : 0,
+ "clientSessionMaxLifespan" : 0,
+ "clientOfflineSessionIdleTimeout" : 0,
+ "clientOfflineSessionMaxLifespan" : 0,
+ "accessCodeLifespan" : 60,
+ "accessCodeLifespanUserAction" : 300,
+ "accessCodeLifespanLogin" : 1800,
+ "actionTokenGeneratedByAdminLifespan" : 43200,
+ "actionTokenGeneratedByUserLifespan" : 1800,
+ "oauth2DeviceCodeLifespan" : 600,
+ "oauth2DevicePollingInterval" : 5,
+ "enabled" : true,
+ "sslRequired" : "none",
+ "registrationAllowed" : true,
+ "registrationEmailAsUsername" : false,
+ "rememberMe" : false,
+ "verifyEmail" : true,
+ "loginWithEmailAllowed" : false,
+ "duplicateEmailsAllowed" : false,
+ "resetPasswordAllowed" : false,
+ "editUsernameAllowed" : false,
+ "bruteForceProtected" : true,
+ "permanentLockout" : false,
+ "maxTemporaryLockouts" : 0,
+ "bruteForceStrategy" : "MULTIPLE",
+ "maxFailureWaitSeconds" : 900,
+ "minimumQuickLoginWaitSeconds" : 60,
+ "waitIncrementSeconds" : 60,
+ "quickLoginCheckMilliSeconds" : 1,
+ "maxDeltaTimeSeconds" : 1036800,
+ "failureFactor" : 10,
+ "roles" : {
+ "realm" : [ {
+ "id" : "48f38342-1e3f-427a-995d-c436eaee65cb",
+ "name" : "default-user-handling",
+ "description" : "${default-user-handling}",
+ "composite" : true,
+ "composites" : {
+ "realm" : [ "modify-user-theme", "modify-user-information" ]
+ },
+ "clientRole" : false,
+ "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
+ "attributes" : { }
+ }, {
+ "id" : "9bb4a8dc-28e0-4645-b62f-cc94425f0cb0",
+ "name" : "default-maintenance-handling",
+ "description" : "${default-maintenance-handling}",
+ "composite" : true,
+ "composites" : {
+ "realm" : [ "create-maintenance-message", "find-maintenance-message", "update-maintenance-message", "delete-maintenance-message", "list-maintenance-messages" ]
+ },
+ "clientRole" : false,
+ "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
+ "attributes" : { }
+ }, {
+ "id" : "74648f9a-777e-4ef9-b97b-4c5d749d862f",
+ "name" : "update-search-index",
+ "description" : "${update-search-index}",
+ "composite" : false,
+ "clientRole" : false,
+ "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
+ "attributes" : { }
+ }, {
+ "id" : "22492b64-c633-48a0-9678-b28669f2885b",
+ "name" : "execute-semantic-query",
+ "description" : "${execute-semantic-query}",
+ "composite" : false,
+ "clientRole" : false,
+ "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
+ "attributes" : { }
+ }, {
+ "id" : "4ed919fa-edc5-44e5-9411-607786e4a86d",
+ "name" : "view-table-history",
+ "description" : "${view-table-history}",
+ "composite" : false,
+ "clientRole" : false,
+ "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
+ "attributes" : { }
+ }, {
+ "id" : "fe4a01f3-6590-4df6-9ade-5a9c1fae4736",
+ "name" : "create-semantic-unit",
+ "description" : "${create-semantic-unit}",
+ "composite" : false,
+ "clientRole" : false,
+ "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
+ "attributes" : { }
+ }, {
+ "id" : "be4e1aba-e276-4241-b6ea-01dce6c52f8b",
+ "name" : "find-container",
+ "description" : "${find-container}",
+ "composite" : false,
+ "clientRole" : false,
+ "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
+ "attributes" : { }
+ }, {
+ "id" : "3a801b48-f3c2-4bc6-aa25-c7a91d5b32a7",
+ "name" : "default-researcher-roles",
+ "description" : "${default-researcher-roles}",
+ "composite" : true,
+ "composites" : {
+ "realm" : [ "default-table-handling", "default-semantics-handling", "default-container-handling", "default-query-handling", "default-user-handling", "default-database-handling", "default-broker-handling", "default-identifier-handling", "default-storage-roles", "default-view-handling" ]
+ },
+ "clientRole" : false,
+ "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
+ "attributes" : { }
+ }, {
+ "id" : "3d8104fb-8307-40f0-b4b2-c3e518957110",
+ "name" : "view-table-data",
+ "description" : "${view-table-data}",
+ "composite" : false,
+ "clientRole" : false,
+ "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
+ "attributes" : { }
+ }, {
+ "id" : "fe71b907-7020-44ab-9964-da2b87264582",
+ "name" : "create-database",
+ "description" : "${create-database}",
+ "composite" : false,
+ "clientRole" : false,
+ "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
+ "attributes" : { }
+ }, {
+ "id" : "e51b63c2-48dd-4bd6-95fb-d257d21b26ba",
+ "name" : "import-database-data",
+ "description" : "${import-database-data}",
+ "composite" : false,
+ "clientRole" : false,
+ "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
+ "attributes" : { }
+ }, {
+ "id" : "1f0a9b13-c2b8-474c-bc08-59dbd71835a6",
+ "name" : "modify-database-image",
+ "description" : "${modify-database-image}",
+ "composite" : false,
+ "clientRole" : false,
+ "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
+ "attributes" : { }
+ }, {
+ "id" : "a7ad038c-5c06-42fc-951c-15ac09d4df66",
+ "name" : "modify-database-owner",
+ "description" : "${modify-database-owner}",
+ "composite" : false,
+ "clientRole" : false,
+ "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
+ "attributes" : { }
+ }, {
+ "id" : "22449528-00c9-4e86-9400-4b8ae6fd8f4d",
+ "name" : "modify-view-visibility",
+ "description" : "${modify-view-visibility}",
+ "composite" : false,
+ "clientRole" : false,
+ "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
+ "attributes" : { }
+ }, {
+ "id" : "c12c1f4e-186f-4153-a795-26e79fb623d6",
+ "name" : "create-ontology",
+ "description" : "${create-ontology}",
+ "composite" : false,
+ "clientRole" : false,
+ "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
+ "attributes" : { }
+ }, {
+ "id" : "b60a5694-4099-4f7d-a7e9-4c433e0eb9c9",
+ "name" : "update-semantic-unit",
+ "description" : "${update-semantic-unit}",
+ "composite" : false,
+ "clientRole" : false,
+ "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
+ "attributes" : { }
+ }, {
+ "id" : "535f1484-4514-4d24-8d97-e3f6c11a426b",
+ "name" : "create-container",
+ "description" : "${create-container}",
+ "composite" : false,
+ "clientRole" : false,
+ "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
+ "attributes" : { }
+ }, {
+ "id" : "e1383fb7-d54c-4732-9146-93030eb2ca50",
+ "name" : "escalated-query-handling",
+ "description" : "${escalated-query-handling}",
+ "composite" : false,
+ "clientRole" : false,
+ "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
+ "attributes" : { }
+ }, {
+ "id" : "e4cfdc4d-2373-477b-a8df-161db99aba00",
+ "name" : "create-foreign-identifier",
+ "description" : "${create-foreign-identifier}",
+ "composite" : false,
+ "clientRole" : false,
+ "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
+ "attributes" : { }
+ }, {
+ "id" : "be051d45-cd74-4b13-8a45-f2d3351bd995",
+ "name" : "table-semantic-analyse",
+ "description" : "${table-semantic-analyse}",
+ "composite" : false,
+ "clientRole" : false,
+ "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
+ "attributes" : { }
+ }, {
+ "id" : "272a79a7-e282-4261-8f7d-5d5d1364243a",
+ "name" : "update-maintenance-message",
+ "description" : "${update-maintenance-message}",
+ "composite" : false,
+ "clientRole" : false,
+ "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
+ "attributes" : { }
+ }, {
+ "id" : "b05e9b2b-748d-490b-949b-e78655bf7805",
+ "name" : "check-foreign-database-access",
+ "description" : "${check-foreign-database-access}",
+ "composite" : false,
+ "clientRole" : false,
+ "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
+ "attributes" : { }
+ }, {
+ "id" : "c047d521-cec3-4444-86c4-aef098489b7b",
+ "name" : "delete-maintenance-message",
+ "description" : "${delete-maintenance-message}",
+ "composite" : false,
+ "clientRole" : false,
+ "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
+ "attributes" : { }
+ }, {
+ "id" : "df20b7d1-8d30-4a99-80eb-e8195fab0e76",
+ "name" : "update-database-view",
+ "description" : "${update-database-view}",
+ "composite" : false,
+ "clientRole" : false,
+ "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
+ "attributes" : { }
+ }, {
+ "id" : "88f82262-be80-4d18-9fb4-5529da031f33",
+ "name" : "system",
+ "description" : "${system}",
+ "composite" : false,
+ "clientRole" : false,
+ "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
+ "attributes" : { }
+ }, {
+ "id" : "e14ab76b-1c24-484d-ae2d-478b8457edea",
+ "name" : "list-licenses",
+ "description" : "${list-licenses}",
+ "composite" : false,
+ "clientRole" : false,
+ "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
+ "attributes" : { }
+ }, {
+ "id" : "d4f29937-3ca0-41e9-9786-2b7b921b6cdd",
+ "name" : "modify-foreign-table-column-semantics",
+ "description" : "${modify-foreign-table-column-semantics}",
+ "composite" : false,
+ "clientRole" : false,
+ "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
+ "attributes" : { }
+ }, {
+ "id" : "8eda9f5c-938c-4915-bed5-6a81a1de15a8",
+ "name" : "list-database-views",
+ "description" : "${list-database-views}",
+ "composite" : false,
+ "clientRole" : false,
+ "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
+ "attributes" : { }
+ }, {
+ "id" : "abd2d9ee-ebc4-4d0a-839e-6b588a6d442a",
+ "name" : "default-roles-dbrepo",
+ "description" : "${role_default-roles}",
+ "composite" : false,
+ "clientRole" : false,
+ "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
+ "attributes" : { }
+ }, {
+ "id" : "76e38f7b-99bf-4d12-8d74-1c7d8812f443",
+ "name" : "update-ontology",
+ "description" : "${update-ontology}",
+ "composite" : false,
+ "clientRole" : false,
+ "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
+ "attributes" : { }
+ }, {
+ "id" : "f392bfcb-0be5-4fad-9ce4-8ac6396f176d",
+ "name" : "export-query-data",
+ "description" : "${export-query-data}",
+ "composite" : false,
+ "clientRole" : false,
+ "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
+ "attributes" : { }
+ }, {
+ "id" : "47f5eee7-9821-4bf8-b434-0da1f81c3e5a",
+ "name" : "default-broker-handling",
+ "description" : "${default-broker-handling}",
+ "composite" : false,
+ "clientRole" : false,
+ "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
+ "attributes" : { }
+ }, {
+ "id" : "71874bde-64a5-4a69-8685-d8998303a80c",
+ "name" : "delete-table-data",
+ "description" : "${delete-table-data}",
+ "composite" : false,
+ "clientRole" : false,
+ "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
+ "attributes" : { }
+ }, {
+ "id" : "cd0ee04c-4a5e-4035-a11b-f6a1165f7829",
+ "name" : "delete-container",
+ "description" : "${delete-container}",
+ "composite" : false,
+ "clientRole" : false,
+ "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
+ "attributes" : { }
+ }, {
+ "id" : "67ee39c0-d601-4a67-a0fe-c4f0021d557e",
+ "name" : "list-containers",
+ "description" : "${list-containers}",
+ "composite" : false,
+ "clientRole" : false,
+ "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
+ "attributes" : { }
+ }, {
+ "id" : "d05e7698-ddf5-4f20-9027-771afb2cc3c7",
+ "name" : "list-identifiers",
+ "description" : "${list-identifiers}",
+ "composite" : false,
+ "clientRole" : false,
+ "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
+ "attributes" : { }
+ }, {
+ "id" : "e2cb054e-ea41-4ab0-881b-e6f576f7424e",
+ "name" : "create-semantic-concept",
+ "description" : "${create-semantic-concept}",
+ "composite" : false,
+ "clientRole" : false,
+ "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
+ "attributes" : { }
+ }, {
+ "id" : "feb612cc-96a6-4ed2-aaa5-01f39b25beb5",
+ "name" : "insert-table-data",
+ "description" : "${insert-table-data}",
+ "composite" : false,
+ "clientRole" : false,
+ "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
+ "attributes" : { }
+ }, {
+ "id" : "a0942e33-441b-4343-9f02-4353d03f7bbb",
+ "name" : "find-database",
+ "description" : "${find-database}",
+ "composite" : false,
+ "clientRole" : false,
+ "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
+ "attributes" : { }
+ }, {
+ "id" : "7f3652c7-3073-4566-ab63-25385495ebc3",
+ "name" : "modify-database-visibility",
+ "description" : "${modify-database-visibility}",
+ "composite" : false,
+ "clientRole" : false,
+ "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
+ "attributes" : { }
+ }, {
+ "id" : "2963c2bb-b129-4224-b98f-c8eeab8e72d1",
+ "name" : "create-table",
+ "description" : "${create-table}",
+ "composite" : false,
+ "clientRole" : false,
+ "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
+ "attributes" : { }
+ }, {
+ "id" : "0c487c93-448f-4a82-8b9f-ebd8a0904bf8",
+ "name" : "find-foreign-user",
+ "description" : "${find-foreign-user}",
+ "composite" : false,
+ "clientRole" : false,
+ "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
+ "attributes" : { }
+ }, {
+ "id" : "cf9735a9-fb70-4cc5-b5f4-75afc4e5654b",
+ "name" : "modify-identifier-metadata",
+ "description" : "${modify-identifier-metadata}",
+ "composite" : false,
+ "clientRole" : false,
+ "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
+ "attributes" : { }
+ }, {
+ "id" : "64c2b8f2-1527-4928-81ea-b2651512d028",
+ "name" : "delete-ontology",
+ "description" : "${delete-ontology}",
+ "composite" : false,
+ "clientRole" : false,
+ "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
+ "attributes" : { }
+ }, {
+ "id" : "fd1cc463-3e67-49d9-81b8-2cd90c1daa9c",
+ "name" : "check-database-access",
+ "description" : "${check-database-access}",
+ "composite" : false,
+ "clientRole" : false,
+ "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
+ "attributes" : { }
+ }, {
+ "id" : "a2cc60df-d280-46c5-a539-92e2aa249b4a",
+ "name" : "modify-user-information",
+ "description" : "${modify-user-information}",
+ "composite" : false,
+ "clientRole" : false,
+ "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
+ "attributes" : { }
+ }, {
+ "id" : "ba1ad8f2-39aa-487d-987f-645e8a459559",
+ "name" : "delete-table",
+ "description" : "${delete-table}",
+ "composite" : false,
+ "clientRole" : false,
+ "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
+ "attributes" : { }
+ }, {
+ "id" : "fe3bc45c-61c2-4ece-bcaf-d410dc7de501",
+ "name" : "update-database-access",
+ "description" : "${update-database-access}",
+ "composite" : false,
+ "clientRole" : false,
+ "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
+ "attributes" : { }
+ }, {
+ "id" : "6f044bad-6651-4408-bffa-20c2d8f92eee",
+ "name" : "create-identifier",
+ "description" : "${create-identifier}",
+ "composite" : false,
+ "clientRole" : false,
+ "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
+ "attributes" : { }
+ }, {
+ "id" : "be91195a-e30a-4d15-a8da-0aca0a68782f",
+ "name" : "escalated-table-handling",
+ "description" : "${escalated-table-handling}",
+ "composite" : true,
+ "composites" : {
+ "realm" : [ "delete-foreign-table" ]
+ },
+ "clientRole" : false,
+ "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
+ "attributes" : { }
+ }, {
+ "id" : "15720c6b-027d-4d53-a0ff-0124bfab7c4c",
+ "name" : "re-execute-query",
+ "description" : "${re-execute-query}",
+ "composite" : false,
+ "clientRole" : false,
+ "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
+ "attributes" : { }
+ }, {
+ "id" : "7ee1c424-11b0-46a9-b0ed-725e9b7fc40c",
+ "name" : "default-system-roles",
+ "description" : "${default-system-roles}",
+ "composite" : true,
+ "composites" : {
+ "realm" : [ "delete-database-view", "update-semantic-unit", "export-query-data", "check-foreign-database-access", "default-data-steward-roles", "execute-query", "default-user-handling", "delete-table-data", "find-query", "list-database-views", "persist-query", "update-search-index", "delete-database-access", "view-table-history", "create-ontology", "update-ontology", "modify-user-theme", "default-system-roles", "create-semantic-concept", "default-container-handling", "create-container", "create-table", "default-broker-handling", "default-maintenance-handling", "execute-semantic-query", "uma_authorization", "table-semantic-analyse", "list-containers", "check-database-access", "escalated-query-handling", "delete-identifier", "modify-database-owner", "list-tables", "export-table-data", "create-database-access", "delete-container", "re-execute-query", "create-semantic-unit", "escalated-identifier-handling", "system", "update-table-statistic", "escalated-semantics-handling", "default-database-handling", "delete-ontology", "find-database", "find-database-view", "update-semantic-concept", "find-user", "import-database-data", "publish-identifier", "default-roles-dbrepo", "find-foreign-user", "create-database", "create-maintenance-message", "find-maintenance-message", "escalated-container-handling", "default-researcher-roles", "default-identifier-handling", "escalated-user-handling", "modify-user-information", "create-database-view", "update-maintenance-message", "delete-foreign-table", "offline_access", "modify-foreign-table-column-semantics", "delete-maintenance-message", "find-container", "insert-table-data", "modify-identifier-metadata", "modify-database-image", "escalated-broker-handling", "modify-table-column-semantics", "escalated-database-handling", "default-semantics-handling", "update-database-access", "default-query-handling", "find-table", "list-queries", "default-developer-roles", "create-identifier", "escalated-table-handling", "find-identifier", "view-table-data", "default-storage-roles", "list-licenses", "default-table-handling", "list-identifiers", "create-foreign-identifier", "list-databases", "list-ontologies", "modify-database-visibility", "list-maintenance-messages", "delete-table" ]
+ },
+ "clientRole" : false,
+ "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
+ "attributes" : { }
+ }, {
+ "id" : "143ba359-5fa2-451e-8296-43ecf20bb251",
+ "name" : "update-semantic-concept",
+ "description" : "${update-semantic-concept}",
+ "composite" : false,
+ "clientRole" : false,
+ "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
+ "attributes" : { }
+ }, {
+ "id" : "5136d7a3-e3f0-4585-bacd-15cb8a56095c",
+ "name" : "escalated-container-handling",
+ "description" : "${escalated-container-handling}",
+ "composite" : true,
+ "composites" : {
+ "realm" : [ "create-container", "delete-container" ]
+ },
+ "clientRole" : false,
+ "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
+ "attributes" : { }
+ }, {
+ "id" : "b0bc8649-7d84-4dd3-84f0-7f174425babe",
+ "name" : "list-tables",
+ "description" : "${list-tables}",
+ "composite" : false,
+ "clientRole" : false,
+ "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
+ "attributes" : { }
+ }, {
+ "id" : "bfd85d9c-2772-4660-a8f0-cdc0cd8252b3",
+ "name" : "default-database-handling",
+ "description" : "${default-database-handling}",
+ "composite" : true,
+ "composites" : {
+ "realm" : [ "modify-database-image", "modify-database-owner", "update-database-access", "create-database", "list-databases", "create-database-access", "find-database", "modify-database-visibility", "import-database-data", "delete-database-access", "check-database-access" ]
+ },
+ "clientRole" : false,
+ "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
+ "attributes" : { }
+ }, {
+ "id" : "d89a2881-b642-4abb-b990-196e71372f6b",
+ "name" : "default-table-handling",
+ "description" : "${default-table-handling}",
+ "composite" : true,
+ "composites" : {
+ "realm" : [ "modify-table-column-semantics", "list-tables", "update-table-statistic", "find-table", "create-table", "delete-table", "update-table" ]
+ },
+ "clientRole" : false,
+ "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
+ "attributes" : { }
+ }, {
+ "id" : "f5ea431a-9b2c-4195-bcb4-9511f38e4b44",
+ "name" : "create-database-view",
+ "description" : "${create-database-view}",
+ "composite" : false,
+ "clientRole" : false,
+ "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
+ "attributes" : { }
+ }, {
+ "id" : "a5ffc20e-8b11-498c-9f3b-b5740aec24c7",
+ "name" : "default-semantics-handling",
+ "description" : "${default-semantics-handling}",
+ "composite" : true,
+ "composites" : {
+ "realm" : [ "create-semantic-unit", "create-semantic-concept", "execute-semantic-query", "table-semantic-analyse" ]
+ },
+ "clientRole" : false,
+ "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
+ "attributes" : { }
+ }, {
+ "id" : "0e12eedf-545d-4d32-ac4d-2821dcb118b8",
+ "name" : "update-table-statistic",
+ "description" : "${update-table-statistic}",
+ "composite" : false,
+ "clientRole" : false,
+ "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
+ "attributes" : { }
+ }, {
+ "id" : "e63e61a2-d852-4ad3-bfb5-92d9ceafef6a",
+ "name" : "escalated-user-handling",
+ "description" : "${escalated-user-handling}",
+ "composite" : true,
+ "composites" : {
+ "realm" : [ "find-user" ]
+ },
+ "clientRole" : false,
+ "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
+ "attributes" : { }
+ }, {
+ "id" : "e9854bbb-4580-4757-b1ae-305934173249",
+ "name" : "create-database-access",
+ "description" : "${create-database-access}",
+ "composite" : false,
+ "clientRole" : false,
+ "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
+ "attributes" : { }
+ }, {
+ "id" : "50c604c1-7c6e-43f3-9c43-2398f5eff66e",
+ "name" : "list-databases",
+ "description" : "${list-databases}",
+ "composite" : false,
+ "clientRole" : false,
+ "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
+ "attributes" : { }
+ }, {
+ "id" : "d75e7938-9d5e-4cb3-8c57-18a446867d3a",
+ "name" : "default-view-handling",
+ "description" : "${default-view-handling}",
+ "composite" : true,
+ "composites" : {
+ "realm" : [ "delete-database-view", "update-database-view", "create-database-view", "modify-view-visibility", "find-database-view", "list-database-views" ]
+ },
+ "clientRole" : false,
+ "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
+ "attributes" : { }
+ }, {
+ "id" : "f4116230-8642-4bb7-bbc8-db9c5c07b558",
+ "name" : "create-maintenance-message",
+ "description" : "${create-maintenance-message}",
+ "composite" : false,
+ "clientRole" : false,
+ "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
+ "attributes" : { }
+ }, {
+ "id" : "973f0999-cc70-4b28-9f43-979c470bea8e",
+ "name" : "default-data-steward-roles",
+ "description" : "${default-data-steward-roles}",
+ "composite" : true,
+ "composites" : {
+ "realm" : [ "escalated-identifier-handling", "default-semantics-handling", "escalated-semantics-handling", "default-user-handling", "default-storage-roles" ]
+ },
+ "clientRole" : false,
+ "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
+ "attributes" : { }
+ }, {
+ "id" : "993b5c69-9eb2-42af-ac28-b4a46c6b61f2",
+ "name" : "find-user",
+ "description" : "${find-user}",
+ "composite" : false,
+ "clientRole" : false,
+ "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
+ "attributes" : { }
+ }, {
+ "id" : "6a5872a5-2b51-415d-ae2d-25a6db4a35df",
+ "name" : "escalated-semantics-handling",
+ "description" : "${escalated-semantics-handling}",
+ "composite" : true,
+ "composites" : {
+ "realm" : [ "update-semantic-unit", "create-ontology", "update-ontology", "list-ontologies", "delete-ontology", "modify-foreign-table-column-semantics", "update-semantic-concept" ]
+ },
+ "clientRole" : false,
+ "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
+ "attributes" : { }
+ }, {
+ "id" : "09147c48-273b-450b-8b11-7ef9b9245244",
+ "name" : "export-table-data",
+ "description" : "${export-table-data}",
+ "composite" : false,
+ "clientRole" : false,
+ "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
+ "attributes" : { }
+ }, {
+ "id" : "d14af590-60a8-4d75-b864-40ee0165bd7f",
+ "name" : "delete-database-access",
+ "description" : "${delete-database-access}",
+ "composite" : false,
+ "clientRole" : false,
+ "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
+ "attributes" : { }
+ }, {
+ "id" : "6ae766b0-b8b4-4067-a95d-c8576bc4ac77",
+ "name" : "update-table",
+ "description" : "${update-table}",
+ "composite" : false,
+ "clientRole" : false,
+ "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
+ "attributes" : { }
+ }, {
+ "id" : "64c16bfb-2015-48ad-a23f-637ff24419cb",
+ "name" : "default-query-handling",
+ "description" : "${default-query-handling}",
+ "composite" : true,
+ "composites" : {
+ "realm" : [ "delete-database-view", "export-query-data", "execute-query", "delete-table-data", "export-table-data", "list-queries", "find-query", "list-database-views", "persist-query", "view-table-data", "re-execute-query", "view-table-history", "create-database-view", "find-database-view", "insert-table-data" ]
+ },
+ "clientRole" : false,
+ "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
+ "attributes" : { }
+ }, {
+ "id" : "b372f8f7-d203-4293-b991-ad93fb505917",
+ "name" : "escalated-database-handling",
+ "description" : "${escalated-database-handling}",
+ "composite" : false,
+ "clientRole" : false,
+ "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
+ "attributes" : { }
+ }, {
+ "id" : "3293799a-82b9-4f47-8f25-1aad2e0222fd",
+ "name" : "find-identifier",
+ "description" : "${find-identifier}",
+ "composite" : false,
+ "clientRole" : false,
+ "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
+ "attributes" : { }
+ }, {
+ "id" : "aaa3f804-38a0-4474-b8e9-f1020c4b3f62",
+ "name" : "list-queries",
+ "description" : "${list-queries}",
+ "composite" : false,
+ "clientRole" : false,
+ "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
+ "attributes" : { }
+ }, {
+ "id" : "11f7973e-d1eb-42cb-a35d-c59dfc122775",
+ "name" : "modify-user-theme",
+ "description" : "${modify-user-theme}",
+ "composite" : false,
+ "clientRole" : false,
+ "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
+ "attributes" : { }
+ }, {
+ "id" : "da493b7e-fb9b-43ca-82a5-e274ad2e6b39",
+ "name" : "find-query",
+ "description" : "${find-query}",
+ "composite" : false,
+ "clientRole" : false,
+ "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
+ "attributes" : { }
+ }, {
+ "id" : "a4d4a788-ebcf-4d32-baed-4a85616ca037",
+ "name" : "escalated-identifier-handling",
+ "description" : "${escalated-identifier-handling}",
+ "composite" : true,
+ "composites" : {
+ "realm" : [ "create-foreign-identifier", "modify-identifier-metadata" ]
+ },
+ "clientRole" : false,
+ "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
+ "attributes" : { }
+ }, {
+ "id" : "ea38d69d-17b8-4c65-95e8-1c3501b83618",
+ "name" : "default-container-handling",
+ "description" : "${default-container-handling}",
+ "composite" : true,
+ "composites" : {
+ "realm" : [ "find-container" ]
+ },
+ "clientRole" : false,
+ "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
+ "attributes" : { }
+ }, {
+ "id" : "8b8813e0-af07-4d04-a8c1-e3f37192bace",
+ "name" : "publish-identifier",
+ "description" : "${publish-identifier}",
+ "composite" : false,
+ "clientRole" : false,
+ "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
+ "attributes" : { }
+ }, {
+ "id" : "7c0306fc-3b03-4c64-87d1-9a34f2073977",
+ "name" : "modify-table-column-semantics",
+ "description" : "${modify-table-column-semantics}",
+ "composite" : false,
+ "clientRole" : false,
+ "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
+ "attributes" : { }
+ }, {
+ "id" : "795c7bb8-3502-414a-a97b-2ba1cfd6a79c",
+ "name" : "persist-query",
+ "description" : "${persist-query}",
+ "composite" : false,
+ "clientRole" : false,
+ "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
+ "attributes" : { }
+ }, {
+ "id" : "e4bfaf36-9a5d-43e0-9fa3-0f4ea7bad8d0",
+ "name" : "default-developer-roles",
+ "description" : "${default-developer-roles}",
+ "composite" : true,
+ "composites" : {
+ "realm" : [ "escalated-query-handling", "escalated-broker-handling", "escalated-database-handling", "default-query-handling", "default-user-handling", "escalated-container-handling", "escalated-table-handling", "default-identifier-handling", "default-storage-roles", "default-table-handling", "default-container-handling", "default-database-handling", "default-maintenance-handling" ]
+ },
+ "clientRole" : false,
+ "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
+ "attributes" : { }
+ }, {
+ "id" : "674ea174-a165-441e-a01c-6b0010354474",
+ "name" : "upload-file",
+ "description" : "${upload-file}",
+ "composite" : false,
+ "clientRole" : false,
+ "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
+ "attributes" : { }
+ }, {
+ "id" : "6a0bb740-4448-49be-aee8-6dd183325be5",
+ "name" : "delete-foreign-table",
+ "description" : "${delete-foreign-table}",
+ "composite" : false,
+ "clientRole" : false,
+ "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
+ "attributes" : { }
+ }, {
+ "id" : "4a5df51d-f14d-41a2-ad70-6521df5a5b4f",
+ "name" : "offline_access",
+ "description" : "${role_offline-access}",
+ "composite" : false,
+ "clientRole" : false,
+ "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
+ "attributes" : { }
+ }, {
+ "id" : "fd41c4c3-d2f8-4f49-84c7-dba84e9a5575",
+ "name" : "execute-query",
+ "description" : "${execute-query}",
+ "composite" : false,
+ "clientRole" : false,
+ "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
+ "attributes" : { }
+ }, {
+ "id" : "d6e38368-b40f-423b-82e4-e8aa595237c9",
+ "name" : "find-maintenance-message",
+ "description" : "${find-maintenance-message}",
+ "composite" : false,
+ "clientRole" : false,
+ "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
+ "attributes" : { }
+ }, {
+ "id" : "74013867-e426-46cc-ab98-2f4a9225ad1e",
+ "name" : "find-table",
+ "description" : "${find-table}",
+ "composite" : false,
+ "clientRole" : false,
+ "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
+ "attributes" : { }
+ }, {
+ "id" : "c367241f-b5b5-491f-84d5-07fe1bef3877",
+ "name" : "default-identifier-handling",
+ "description" : "${default-identifier-handling}",
+ "composite" : true,
+ "composites" : {
+ "realm" : [ "delete-identifier", "list-identifiers", "create-identifier", "find-identifier", "publish-identifier" ]
+ },
+ "clientRole" : false,
+ "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
+ "attributes" : { }
+ }, {
+ "id" : "09f7bdb0-296f-46c8-a3a3-8f9254fb17e4",
+ "name" : "list-maintenance-messages",
+ "description" : "${list-maintenance-messages}",
+ "composite" : false,
+ "clientRole" : false,
+ "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
+ "attributes" : { }
+ }, {
+ "id" : "f43e86ed-76de-4ca8-9b5e-c292c9359bfe",
+ "name" : "escalated-broker-handling",
+ "description" : "${escalated-broker-handling}",
+ "composite" : false,
+ "clientRole" : false,
+ "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
+ "attributes" : { }
+ }, {
+ "id" : "916b1e65-f60c-42cd-96e4-5c98ffc1ba3c",
+ "name" : "uma_authorization",
+ "description" : "${role_uma_authorization}",
+ "composite" : false,
+ "clientRole" : false,
+ "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
+ "attributes" : { }
+ }, {
+ "id" : "d1afa3ed-bf4f-469a-a061-ad7325fb8d9e",
+ "name" : "delete-database-view",
+ "description" : "${delete-database-view}",
+ "composite" : false,
+ "clientRole" : false,
+ "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
+ "attributes" : { }
+ }, {
+ "id" : "98bee7d6-d78c-4e7f-b6a3-3705968b248c",
+ "name" : "list-ontologies",
+ "description" : "${list-ontologies}",
+ "composite" : false,
+ "clientRole" : false,
+ "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
+ "attributes" : { }
+ }, {
+ "id" : "a4645bb5-e0b8-43a7-9a76-21ac252a0ac1",
+ "name" : "default-storage-roles",
+ "description" : "${default-storage-roles}",
+ "composite" : true,
+ "composites" : {
+ "realm" : [ "upload-file" ]
+ },
+ "clientRole" : false,
+ "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
+ "attributes" : { }
+ }, {
+ "id" : "a9b5181a-8135-41d3-9862-ef80af42211d",
+ "name" : "delete-identifier",
+ "description" : "${delete-identifier}",
+ "composite" : false,
+ "clientRole" : false,
+ "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
+ "attributes" : { }
+ }, {
+ "id" : "469c2e63-cda6-48d4-ab8f-eb59a2c69798",
+ "name" : "find-database-view",
+ "description" : "${find-database-view}",
+ "composite" : false,
+ "clientRole" : false,
+ "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
+ "attributes" : { }
+ } ],
+ "client" : {
+ "realm-management" : [ {
+ "id" : "4628f654-f8f3-483b-8f92-2a7fc5930b14",
+ "name" : "query-realms",
+ "description" : "${role_query-realms}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "cfffd5d0-aa19-4057-8ca0-f2c51ca0e930",
+ "attributes" : { }
+ }, {
+ "id" : "95c2cc47-12f5-4d73-8b74-67e270c45ade",
+ "name" : "manage-authorization",
+ "description" : "${role_manage-authorization}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "cfffd5d0-aa19-4057-8ca0-f2c51ca0e930",
+ "attributes" : { }
+ }, {
+ "id" : "824791f3-c345-42f8-b103-b7e6d7e40114",
+ "name" : "manage-identity-providers",
+ "description" : "${role_manage-identity-providers}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "cfffd5d0-aa19-4057-8ca0-f2c51ca0e930",
+ "attributes" : { }
+ }, {
+ "id" : "1f840202-b7e2-4195-bac9-64e64dad2037",
+ "name" : "view-identity-providers",
+ "description" : "${role_view-identity-providers}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "cfffd5d0-aa19-4057-8ca0-f2c51ca0e930",
+ "attributes" : { }
+ }, {
+ "id" : "3c32c096-bb13-44c9-a080-d756a48a9ea3",
+ "name" : "query-clients",
+ "description" : "${role_query-clients}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "cfffd5d0-aa19-4057-8ca0-f2c51ca0e930",
+ "attributes" : { }
+ }, {
+ "id" : "e4b85a68-7f31-4fcf-89a2-f10d7df358e9",
+ "name" : "view-authorization",
+ "description" : "${role_view-authorization}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "cfffd5d0-aa19-4057-8ca0-f2c51ca0e930",
+ "attributes" : { }
+ }, {
+ "id" : "7d317752-ae56-46f2-a2ce-67c64d1b35f6",
+ "name" : "view-users",
+ "description" : "${role_view-users}",
+ "composite" : true,
+ "composites" : {
+ "client" : {
+ "realm-management" : [ "query-users", "query-groups" ]
+ }
+ },
+ "clientRole" : true,
+ "containerId" : "cfffd5d0-aa19-4057-8ca0-f2c51ca0e930",
+ "attributes" : { }
+ }, {
+ "id" : "28824208-976e-4622-b4d7-3d18efbb46fa",
+ "name" : "realm-admin",
+ "description" : "${role_realm-admin}",
+ "composite" : true,
+ "composites" : {
+ "client" : {
+ "realm-management" : [ "query-realms", "manage-authorization", "manage-identity-providers", "view-identity-providers", "query-clients", "view-authorization", "view-users", "manage-users", "view-realm", "query-users", "view-clients", "create-client", "query-groups", "impersonation", "manage-clients", "manage-events", "view-events", "manage-realm" ]
+ }
+ },
+ "clientRole" : true,
+ "containerId" : "cfffd5d0-aa19-4057-8ca0-f2c51ca0e930",
+ "attributes" : { }
+ }, {
+ "id" : "57e846a2-930d-4621-819d-c35086507146",
+ "name" : "manage-users",
+ "description" : "${role_manage-users}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "cfffd5d0-aa19-4057-8ca0-f2c51ca0e930",
+ "attributes" : { }
+ }, {
+ "id" : "7fad9cde-bf96-475a-9174-14a87da51f95",
+ "name" : "view-realm",
+ "description" : "${role_view-realm}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "cfffd5d0-aa19-4057-8ca0-f2c51ca0e930",
+ "attributes" : { }
+ }, {
+ "id" : "bbcac294-d78a-4ea1-a4bf-0384266d2fe1",
+ "name" : "query-users",
+ "description" : "${role_query-users}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "cfffd5d0-aa19-4057-8ca0-f2c51ca0e930",
+ "attributes" : { }
+ }, {
+ "id" : "480e1437-ab9e-47de-b47a-edc6b6e285de",
+ "name" : "view-clients",
+ "description" : "${role_view-clients}",
+ "composite" : true,
+ "composites" : {
+ "client" : {
+ "realm-management" : [ "query-clients" ]
+ }
+ },
+ "clientRole" : true,
+ "containerId" : "cfffd5d0-aa19-4057-8ca0-f2c51ca0e930",
+ "attributes" : { }
+ }, {
+ "id" : "b9a9a8f5-f91e-4e73-9e88-1cdf42bd49f9",
+ "name" : "create-client",
+ "description" : "${role_create-client}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "cfffd5d0-aa19-4057-8ca0-f2c51ca0e930",
+ "attributes" : { }
+ }, {
+ "id" : "4d1397fb-247c-436f-b26f-124cd89afb08",
+ "name" : "query-groups",
+ "description" : "${role_query-groups}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "cfffd5d0-aa19-4057-8ca0-f2c51ca0e930",
+ "attributes" : { }
+ }, {
+ "id" : "e31f522b-b283-4ae1-b875-52afcd98b1d2",
+ "name" : "impersonation",
+ "description" : "${role_impersonation}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "cfffd5d0-aa19-4057-8ca0-f2c51ca0e930",
+ "attributes" : { }
+ }, {
+ "id" : "51822d02-fa28-4a49-89da-bc534719d8a8",
+ "name" : "manage-clients",
+ "description" : "${role_manage-clients}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "cfffd5d0-aa19-4057-8ca0-f2c51ca0e930",
+ "attributes" : { }
+ }, {
+ "id" : "b2743ce5-0ce8-4157-ae00-f693560f0b39",
+ "name" : "manage-events",
+ "description" : "${role_manage-events}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "cfffd5d0-aa19-4057-8ca0-f2c51ca0e930",
+ "attributes" : { }
+ }, {
+ "id" : "7ea3d7e0-9bf4-438a-b773-243daf622aaa",
+ "name" : "view-events",
+ "description" : "${role_view-events}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "cfffd5d0-aa19-4057-8ca0-f2c51ca0e930",
+ "attributes" : { }
+ }, {
+ "id" : "fb73f6f5-0ed5-41d0-852c-0eb3b195b15a",
+ "name" : "manage-realm",
+ "description" : "${role_manage-realm}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "cfffd5d0-aa19-4057-8ca0-f2c51ca0e930",
+ "attributes" : { }
+ } ],
+ "security-admin-console" : [ ],
+ "dbrepo-client" : [ ],
+ "admin-cli" : [ ],
+ "rabbitmq-client" : [ ],
+ "account-console" : [ ],
+ "broker" : [ {
+ "id" : "de0cfd5e-c2fe-4082-ac39-e3b092139a0f",
+ "name" : "read-token",
+ "description" : "${role_read-token}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "88694c91-753d-4c44-9740-ec9ac06bba45",
+ "attributes" : { }
+ } ],
+ "account" : [ {
+ "id" : "acd78c04-eefc-4344-a5b4-3fc83d848936",
+ "name" : "delete-account",
+ "description" : "${role_delete-account}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "e767a4a6-79e9-4e08-82b7-1076e1a09142",
+ "attributes" : { }
+ }, {
+ "id" : "939be844-8c49-45b3-9ca1-4b10a454b346",
+ "name" : "view-profile",
+ "description" : "${role_view-profile}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "e767a4a6-79e9-4e08-82b7-1076e1a09142",
+ "attributes" : { }
+ }, {
+ "id" : "e52fdf00-3e73-4c17-bc1c-643493710a6b",
+ "name" : "view-applications",
+ "description" : "${role_view-applications}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "e767a4a6-79e9-4e08-82b7-1076e1a09142",
+ "attributes" : { }
+ }, {
+ "id" : "b02a822e-a708-420a-bddc-1a315033fd7c",
+ "name" : "view-consent",
+ "description" : "${role_view-consent}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "e767a4a6-79e9-4e08-82b7-1076e1a09142",
+ "attributes" : { }
+ }, {
+ "id" : "c590e5f5-2cbf-4151-b1dc-96c454f1f654",
+ "name" : "view-groups",
+ "description" : "${role_view-groups}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "e767a4a6-79e9-4e08-82b7-1076e1a09142",
+ "attributes" : { }
+ }, {
+ "id" : "15974151-6c13-426b-8cc3-7683dd1311e1",
+ "name" : "manage-account-links",
+ "description" : "${role_manage-account-links}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "e767a4a6-79e9-4e08-82b7-1076e1a09142",
+ "attributes" : { }
+ }, {
+ "id" : "c12d8d94-c2df-498e-bbe4-2f934a83ae92",
+ "name" : "manage-consent",
+ "description" : "${role_manage-consent}",
+ "composite" : true,
+ "composites" : {
+ "client" : {
+ "account" : [ "view-consent" ]
+ }
+ },
+ "clientRole" : true,
+ "containerId" : "e767a4a6-79e9-4e08-82b7-1076e1a09142",
+ "attributes" : { }
+ }, {
+ "id" : "55f85811-bded-4d6b-8f7b-45844b963875",
+ "name" : "manage-account",
+ "description" : "${role_manage-account}",
+ "composite" : true,
+ "composites" : {
+ "client" : {
+ "account" : [ "manage-account-links" ]
+ }
+ },
+ "clientRole" : true,
+ "containerId" : "e767a4a6-79e9-4e08-82b7-1076e1a09142",
+ "attributes" : { }
+ } ]
+ }
+ },
+ "groups" : [ {
+ "id" : "f2ce17fe-7b15-47a4-bbf8-86f415298fa9",
+ "name" : "data-stewards",
+ "path" : "/data-stewards",
+ "subGroups" : [ ],
+ "attributes" : { },
+ "realmRoles" : [ "default-data-steward-roles" ],
+ "clientRoles" : { }
+ }, {
+ "id" : "124d9888-0b6e-46aa-8225-077dcedaf16e",
+ "name" : "developers",
+ "path" : "/developers",
+ "subGroups" : [ ],
+ "attributes" : { },
+ "realmRoles" : [ "default-developer-roles" ],
+ "clientRoles" : { }
+ }, {
+ "id" : "f467c38e-9041-4faa-ae0b-39cec65ff4db",
+ "name" : "researchers",
+ "path" : "/researchers",
+ "subGroups" : [ ],
+ "attributes" : { },
+ "realmRoles" : [ "default-researcher-roles" ],
+ "clientRoles" : { }
+ }, {
+ "id" : "2b9f94b4-d434-4a98-8eab-25678cfee983",
+ "name" : "system",
+ "path" : "/system",
+ "subGroups" : [ ],
+ "attributes" : { },
+ "realmRoles" : [ "default-system-roles" ],
+ "clientRoles" : { }
+ } ],
+ "defaultRole" : {
+ "id" : "abd2d9ee-ebc4-4d0a-839e-6b588a6d442a",
+ "name" : "default-roles-dbrepo",
+ "description" : "${role_default-roles}",
+ "composite" : false,
+ "clientRole" : false,
+ "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0"
+ },
+ "defaultGroups" : [ "/researchers" ],
+ "requiredCredentials" : [ "password" ],
+ "passwordPolicy" : "length(8) and maxLength(64) and specialChars(1) and lowerCase(1) and upperCase(1) and digits(1)",
+ "otpPolicyType" : "totp",
+ "otpPolicyAlgorithm" : "HmacSHA1",
+ "otpPolicyInitialCounter" : 0,
+ "otpPolicyDigits" : 6,
+ "otpPolicyLookAheadWindow" : 1,
+ "otpPolicyPeriod" : 30,
+ "otpPolicyCodeReusable" : false,
+ "otpSupportedApplications" : [ "totpAppFreeOTPName", "totpAppGoogleName", "totpAppMicrosoftAuthenticatorName" ],
+ "localizationTexts" : { },
+ "webAuthnPolicyRpEntityName" : "keycloak",
+ "webAuthnPolicySignatureAlgorithms" : [ "ES256" ],
+ "webAuthnPolicyRpId" : "",
+ "webAuthnPolicyAttestationConveyancePreference" : "not specified",
+ "webAuthnPolicyAuthenticatorAttachment" : "not specified",
+ "webAuthnPolicyRequireResidentKey" : "not specified",
+ "webAuthnPolicyUserVerificationRequirement" : "not specified",
+ "webAuthnPolicyCreateTimeout" : 0,
+ "webAuthnPolicyAvoidSameAuthenticatorRegister" : false,
+ "webAuthnPolicyAcceptableAaguids" : [ ],
+ "webAuthnPolicyExtraOrigins" : [ ],
+ "webAuthnPolicyPasswordlessRpEntityName" : "keycloak",
+ "webAuthnPolicyPasswordlessSignatureAlgorithms" : [ "ES256" ],
+ "webAuthnPolicyPasswordlessRpId" : "",
+ "webAuthnPolicyPasswordlessAttestationConveyancePreference" : "not specified",
+ "webAuthnPolicyPasswordlessAuthenticatorAttachment" : "not specified",
+ "webAuthnPolicyPasswordlessRequireResidentKey" : "not specified",
+ "webAuthnPolicyPasswordlessUserVerificationRequirement" : "not specified",
+ "webAuthnPolicyPasswordlessCreateTimeout" : 0,
+ "webAuthnPolicyPasswordlessAvoidSameAuthenticatorRegister" : false,
+ "webAuthnPolicyPasswordlessAcceptableAaguids" : [ ],
+ "webAuthnPolicyPasswordlessExtraOrigins" : [ ],
+ "scopeMappings" : [ {
+ "clientScope" : "rabbitmq.tag:administrator",
+ "roles" : [ "escalated-broker-handling" ]
+ }, {
+ "clientScope" : "rabbitmq.tag:management",
+ "roles" : [ "default-broker-handling" ]
+ } ],
+ "clientScopeMappings" : {
+ "account" : [ {
+ "client" : "account-console",
+ "roles" : [ "manage-account", "view-groups" ]
+ } ]
+ },
+ "clients" : [ {
+ "id" : "e767a4a6-79e9-4e08-82b7-1076e1a09142",
+ "clientId" : "account",
+ "name" : "${client_account}",
+ "rootUrl" : "${authBaseUrl}",
+ "baseUrl" : "/realms/dbrepo/account/",
+ "surrogateAuthRequired" : false,
+ "enabled" : true,
+ "alwaysDisplayInConsole" : false,
+ "clientAuthenticatorType" : "client-secret",
+ "redirectUris" : [ "/realms/dbrepo/account/*" ],
+ "webOrigins" : [ ],
+ "notBefore" : 0,
+ "bearerOnly" : false,
+ "consentRequired" : false,
+ "standardFlowEnabled" : true,
+ "implicitFlowEnabled" : false,
+ "directAccessGrantsEnabled" : false,
+ "serviceAccountsEnabled" : false,
+ "publicClient" : true,
+ "frontchannelLogout" : false,
+ "protocol" : "openid-connect",
+ "attributes" : {
+ "realm_client" : "false",
+ "post.logout.redirect.uris" : "+"
+ },
+ "authenticationFlowBindingOverrides" : { },
+ "fullScopeAllowed" : false,
+ "nodeReRegistrationTimeout" : 0,
+ "defaultClientScopes" : [ "web-origins", "acr", "profile", "roles", "basic", "email" ],
+ "optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ]
+ }, {
+ "id" : "d3c4a04e-39ce-4549-a34a-11e25774cd96",
+ "clientId" : "account-console",
+ "name" : "${client_account-console}",
+ "rootUrl" : "${authBaseUrl}",
+ "baseUrl" : "/realms/dbrepo/account/",
+ "surrogateAuthRequired" : false,
+ "enabled" : true,
+ "alwaysDisplayInConsole" : false,
+ "clientAuthenticatorType" : "client-secret",
+ "redirectUris" : [ "/realms/dbrepo/account/*" ],
+ "webOrigins" : [ ],
+ "notBefore" : 0,
+ "bearerOnly" : false,
+ "consentRequired" : false,
+ "standardFlowEnabled" : true,
+ "implicitFlowEnabled" : false,
+ "directAccessGrantsEnabled" : false,
+ "serviceAccountsEnabled" : false,
+ "publicClient" : true,
+ "frontchannelLogout" : false,
+ "protocol" : "openid-connect",
+ "attributes" : {
+ "realm_client" : "false",
+ "post.logout.redirect.uris" : "+",
+ "pkce.code.challenge.method" : "S256"
+ },
+ "authenticationFlowBindingOverrides" : { },
+ "fullScopeAllowed" : false,
+ "nodeReRegistrationTimeout" : 0,
+ "protocolMappers" : [ {
+ "id" : "22d90d9c-9881-474c-8dfd-a62c808a9f1c",
+ "name" : "audience resolve",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-audience-resolve-mapper",
+ "consentRequired" : false,
+ "config" : { }
+ } ],
+ "defaultClientScopes" : [ "web-origins", "acr", "profile", "roles", "basic", "email" ],
+ "optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ]
+ }, {
+ "id" : "81ef0f59-a5ca-4be4-a1d1-0c32edf1cfd6",
+ "clientId" : "admin-cli",
+ "name" : "${client_admin-cli}",
+ "surrogateAuthRequired" : false,
+ "enabled" : true,
+ "alwaysDisplayInConsole" : false,
+ "clientAuthenticatorType" : "client-secret",
+ "redirectUris" : [ ],
+ "webOrigins" : [ ],
+ "notBefore" : 0,
+ "bearerOnly" : false,
+ "consentRequired" : false,
+ "standardFlowEnabled" : false,
+ "implicitFlowEnabled" : false,
+ "directAccessGrantsEnabled" : true,
+ "serviceAccountsEnabled" : false,
+ "publicClient" : true,
+ "frontchannelLogout" : false,
+ "protocol" : "openid-connect",
+ "attributes" : {
+ "realm_client" : "false",
+ "client.use.lightweight.access.token.enabled" : "true",
+ "post.logout.redirect.uris" : "+"
+ },
+ "authenticationFlowBindingOverrides" : { },
+ "fullScopeAllowed" : true,
+ "nodeReRegistrationTimeout" : 0,
+ "defaultClientScopes" : [ "web-origins", "acr", "profile", "roles", "basic", "email" ],
+ "optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ]
+ }, {
+ "id" : "88694c91-753d-4c44-9740-ec9ac06bba45",
+ "clientId" : "broker",
+ "name" : "${client_broker}",
+ "surrogateAuthRequired" : false,
+ "enabled" : true,
+ "alwaysDisplayInConsole" : false,
+ "clientAuthenticatorType" : "client-secret",
+ "redirectUris" : [ ],
+ "webOrigins" : [ ],
+ "notBefore" : 0,
+ "bearerOnly" : true,
+ "consentRequired" : false,
+ "standardFlowEnabled" : true,
+ "implicitFlowEnabled" : false,
+ "directAccessGrantsEnabled" : false,
+ "serviceAccountsEnabled" : false,
+ "publicClient" : false,
+ "frontchannelLogout" : false,
+ "protocol" : "openid-connect",
+ "attributes" : {
+ "realm_client" : "true",
+ "post.logout.redirect.uris" : "+"
+ },
+ "authenticationFlowBindingOverrides" : { },
+ "fullScopeAllowed" : false,
+ "nodeReRegistrationTimeout" : 0,
+ "defaultClientScopes" : [ "web-origins", "acr", "profile", "roles", "email" ],
+ "optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ]
+ }, {
+ "id" : "6b7ef364-4132-4831-b4e2-b6e9e9dc63ee",
+ "clientId" : "dbrepo-client",
+ "name" : "${dbrepo-client}",
+ "description" : "",
+ "rootUrl" : "",
+ "adminUrl" : "",
+ "baseUrl" : "",
+ "surrogateAuthRequired" : false,
+ "enabled" : true,
+ "alwaysDisplayInConsole" : true,
+ "clientAuthenticatorType" : "client-secret",
+ "secret" : "MUwRc7yfXSJwX8AdRMWaQC3Nep1VjwgG",
+ "redirectUris" : [ "*" ],
+ "webOrigins" : [ "*" ],
+ "notBefore" : 0,
+ "bearerOnly" : false,
+ "consentRequired" : false,
+ "standardFlowEnabled" : true,
+ "implicitFlowEnabled" : false,
+ "directAccessGrantsEnabled" : true,
+ "serviceAccountsEnabled" : false,
+ "publicClient" : false,
+ "frontchannelLogout" : true,
+ "protocol" : "openid-connect",
+ "attributes" : {
+ "realm_client" : "false",
+ "oidc.ciba.grant.enabled" : "false",
+ "client.secret.creation.time" : "1680085365",
+ "backchannel.logout.session.required" : "true",
+ "post.logout.redirect.uris" : "*",
+ "oauth2.device.authorization.grant.enabled" : "false",
+ "backchannel.logout.revoke.offline.tokens" : "false"
+ },
+ "authenticationFlowBindingOverrides" : { },
+ "fullScopeAllowed" : true,
+ "nodeReRegistrationTimeout" : -1,
+ "protocolMappers" : [ {
+ "id" : "266edf62-a19a-483b-b594-81428e4af792",
+ "name" : "orcid",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usermodel-attribute-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "introspection.token.claim" : "true",
+ "userinfo.token.claim" : "true",
+ "user.attribute" : "ORCID",
+ "id.token.claim" : "true",
+ "lightweight.claim" : "false",
+ "access.token.claim" : "true",
+ "claim.name" : "orcid",
+ "jsonType.label" : "String"
+ }
+ }, {
+ "id" : "1a21798a-38b6-4df5-89f0-86942415246f",
+ "name" : "theme",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usermodel-attribute-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "introspection.token.claim" : "true",
+ "userinfo.token.claim" : "true",
+ "user.attribute" : "THEME",
+ "id.token.claim" : "true",
+ "lightweight.claim" : "false",
+ "access.token.claim" : "true",
+ "claim.name" : "theme",
+ "jsonType.label" : "String"
+ }
+ }, {
+ "id" : "da0b27c1-ae2e-4baa-bf78-db233e15c78d",
+ "name" : "preferred_username",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usermodel-property-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "user.attribute" : "username",
+ "id.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "preferred_username",
+ "userinfo.token.claim" : "true"
+ }
+ }, {
+ "id" : "1bc6a1f4-4be2-439c-8c7f-b3fb0bb9956a",
+ "name" : "affiliation",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usermodel-attribute-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "introspection.token.claim" : "true",
+ "userinfo.token.claim" : "true",
+ "user.attribute" : "AFFILIATION",
+ "id.token.claim" : "true",
+ "lightweight.claim" : "false",
+ "access.token.claim" : "true",
+ "claim.name" : "affiliation",
+ "jsonType.label" : "String"
+ }
+ }, {
+ "id" : "7cbf6dc6-653e-40a9-9974-0e5bf7a363c3",
+ "name" : "given name",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usermodel-attribute-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "introspection.token.claim" : "true",
+ "userinfo.token.claim" : "true",
+ "user.attribute" : "firstName",
+ "id.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "given_name",
+ "jsonType.label" : "String"
+ }
+ }, {
+ "id" : "70bbd779-d085-4204-ac4b-3a40abab9d88",
+ "name" : "language",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usermodel-attribute-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "introspection.token.claim" : "true",
+ "userinfo.token.claim" : "true",
+ "user.attribute" : "LANGUAGE",
+ "id.token.claim" : "true",
+ "lightweight.claim" : "false",
+ "access.token.claim" : "true",
+ "claim.name" : "language",
+ "jsonType.label" : "String"
+ }
+ }, {
+ "id" : "9bdc3e60-09b8-4241-915e-29f083434026",
+ "name" : "provider",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usersessionmodel-note-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "user.session.note" : "identity_provider",
+ "introspection.token.claim" : "true",
+ "userinfo.token.claim" : "true",
+ "id.token.claim" : "true",
+ "lightweight.claim" : "false",
+ "access.token.claim" : "true",
+ "claim.name" : "identity_provider",
+ "jsonType.label" : "String",
+ "access.tokenResponse.claim" : "false"
+ }
+ }, {
+ "id" : "e567cb5c-8856-4124-8b86-f19cd53d7c71",
+ "name" : "setup_finished",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usermodel-attribute-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "introspection.token.claim" : "true",
+ "userinfo.token.claim" : "true",
+ "user.attribute" : "SETUP_FINISHED",
+ "id.token.claim" : "true",
+ "lightweight.claim" : "false",
+ "access.token.claim" : "true",
+ "claim.name" : "setup_finished",
+ "jsonType.label" : "boolean"
+ }
+ }, {
+ "id" : "b817424d-7f91-43d8-b7d0-6a32582377fb",
+ "name" : "family name",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usermodel-attribute-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "introspection.token.claim" : "true",
+ "userinfo.token.claim" : "true",
+ "user.attribute" : "lastName",
+ "id.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "family_name",
+ "jsonType.label" : "String"
+ }
+ }, {
+ "id" : "030a1cd9-53d1-4a62-a375-94d50a2dc6fc",
+ "name" : "uid",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usermodel-attribute-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "aggregate.attrs" : "false",
+ "multivalued" : "false",
+ "userinfo.token.claim" : "true",
+ "user.attribute" : "LDAP_ID",
+ "id.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "uid"
+ }
+ }, {
+ "id" : "c304ed2f-5952-4772-838d-91998a45f154",
+ "name" : "aud",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-hardcoded-claim-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "introspection.token.claim" : "true",
+ "claim.value" : "account",
+ "userinfo.token.claim" : "true",
+ "id.token.claim" : "true",
+ "lightweight.claim" : "false",
+ "access.token.claim" : "true",
+ "claim.name" : "aud",
+ "jsonType.label" : "String",
+ "access.tokenResponse.claim" : "false"
+ }
+ } ],
+ "defaultClientScopes" : [ "roles", "basic" ],
+ "optionalClientScopes" : [ "rabbitmq.read:*/*", "web-origins", "acr", "rabbitmq.write:*/*", "address", "phone", "offline_access", "profile", "attributes", "microprofile-jwt", "email", "rabbitmq.configure:*/*" ]
+ }, {
+ "id" : "25741f6b-4867-4138-8238-6345c6ba8702",
+ "clientId" : "rabbitmq-client",
+ "name" : "${rabbitmq-client}",
+ "description" : "",
+ "rootUrl" : "",
+ "adminUrl" : "",
+ "baseUrl" : "",
+ "surrogateAuthRequired" : false,
+ "enabled" : true,
+ "alwaysDisplayInConsole" : false,
+ "clientAuthenticatorType" : "client-secret",
+ "secret" : "JEC2FexxrX4N65fLeDGukAl6R3Lc9y0u",
+ "redirectUris" : [ "*" ],
+ "webOrigins" : [ ],
+ "notBefore" : 0,
+ "bearerOnly" : false,
+ "consentRequired" : false,
+ "standardFlowEnabled" : true,
+ "implicitFlowEnabled" : false,
+ "directAccessGrantsEnabled" : true,
+ "serviceAccountsEnabled" : false,
+ "publicClient" : false,
+ "frontchannelLogout" : true,
+ "protocol" : "openid-connect",
+ "attributes" : {
+ "realm_client" : "false",
+ "oidc.ciba.grant.enabled" : "false",
+ "client.secret.creation.time" : "1680000860",
+ "backchannel.logout.session.required" : "true",
+ "post.logout.redirect.uris" : "*",
+ "oauth2.device.authorization.grant.enabled" : "false",
+ "backchannel.logout.revoke.offline.tokens" : "false"
+ },
+ "authenticationFlowBindingOverrides" : { },
+ "fullScopeAllowed" : false,
+ "nodeReRegistrationTimeout" : -1,
+ "protocolMappers" : [ {
+ "id" : "01a937ed-f0e8-4137-80f3-3be3c447f7fb",
+ "name" : "username",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usermodel-property-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "user.attribute" : "username",
+ "id.token.claim" : "false",
+ "access.token.claim" : "true",
+ "claim.name" : "client_id",
+ "jsonType.label" : "String",
+ "userinfo.token.claim" : "false"
+ }
+ }, {
+ "id" : "f1afc22d-f595-403b-ba2e-6ab19d98205e",
+ "name" : "Audience",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-hardcoded-claim-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "id.token.claim" : "false",
+ "access.token.claim" : "true",
+ "claim.name" : "aud",
+ "claim.value" : "rabbitmq",
+ "userinfo.token.claim" : "false",
+ "access.tokenResponse.claim" : "false"
+ }
+ } ],
+ "defaultClientScopes" : [ "web-origins", "acr", "rabbitmq.tag:management", "basic" ],
+ "optionalClientScopes" : [ "rabbitmq.read:*/*", "rabbitmq.write:*/*", "address", "phone", "offline_access", "profile", "roles", "microprofile-jwt", "email", "rabbitmq.configure:*/*" ]
+ }, {
+ "id" : "cfffd5d0-aa19-4057-8ca0-f2c51ca0e930",
+ "clientId" : "realm-management",
+ "name" : "${client_realm-management}",
+ "surrogateAuthRequired" : false,
+ "enabled" : true,
+ "alwaysDisplayInConsole" : false,
+ "clientAuthenticatorType" : "client-secret",
+ "redirectUris" : [ ],
+ "webOrigins" : [ ],
+ "notBefore" : 0,
+ "bearerOnly" : true,
+ "consentRequired" : false,
+ "standardFlowEnabled" : true,
+ "implicitFlowEnabled" : false,
+ "directAccessGrantsEnabled" : false,
+ "serviceAccountsEnabled" : false,
+ "publicClient" : false,
+ "frontchannelLogout" : false,
+ "protocol" : "openid-connect",
+ "attributes" : {
+ "realm_client" : "true",
+ "post.logout.redirect.uris" : "+"
+ },
+ "authenticationFlowBindingOverrides" : { },
+ "fullScopeAllowed" : false,
+ "nodeReRegistrationTimeout" : 0,
+ "defaultClientScopes" : [ "web-origins", "acr", "profile", "roles", "email" ],
+ "optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ]
+ }, {
+ "id" : "f205c451-9524-4380-acc3-947f7ecb6b7c",
+ "clientId" : "security-admin-console",
+ "name" : "${client_security-admin-console}",
+ "rootUrl" : "${authAdminUrl}",
+ "baseUrl" : "/admin/dbrepo/console/",
+ "surrogateAuthRequired" : false,
+ "enabled" : true,
+ "alwaysDisplayInConsole" : false,
+ "clientAuthenticatorType" : "client-secret",
+ "redirectUris" : [ "/admin/dbrepo/console/*" ],
+ "webOrigins" : [ "+" ],
+ "notBefore" : 0,
+ "bearerOnly" : false,
+ "consentRequired" : false,
+ "standardFlowEnabled" : true,
+ "implicitFlowEnabled" : false,
+ "directAccessGrantsEnabled" : false,
+ "serviceAccountsEnabled" : false,
+ "publicClient" : true,
+ "frontchannelLogout" : false,
+ "protocol" : "openid-connect",
+ "attributes" : {
+ "realm_client" : "false",
+ "client.use.lightweight.access.token.enabled" : "true",
+ "post.logout.redirect.uris" : "+",
+ "pkce.code.challenge.method" : "S256"
+ },
+ "authenticationFlowBindingOverrides" : { },
+ "fullScopeAllowed" : true,
+ "nodeReRegistrationTimeout" : 0,
+ "protocolMappers" : [ {
+ "id" : "c4d54410-3f22-4259-9571-94da2c43b752",
+ "name" : "locale",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usermodel-attribute-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "user.attribute" : "locale",
+ "id.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "locale",
+ "jsonType.label" : "String",
+ "userinfo.token.claim" : "true"
+ }
+ } ],
+ "defaultClientScopes" : [ "web-origins", "acr", "profile", "roles", "basic", "email" ],
+ "optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ]
+ } ],
+ "clientScopes" : [ {
+ "id" : "69f4ecf0-4165-49ab-bf0d-38409b15b706",
+ "name" : "rabbitmq.tag:administrator",
+ "description" : "administrator",
+ "protocol" : "openid-connect",
+ "attributes" : {
+ "include.in.token.scope" : "true",
+ "display.on.consent.screen" : "true",
+ "gui.order" : "",
+ "consent.screen.text" : ""
+ }
+ }, {
+ "id" : "7f6e9b44-e2eb-417d-b0fe-db820c9a6564",
+ "name" : "email",
+ "description" : "OpenID Connect built-in scope: email",
+ "protocol" : "openid-connect",
+ "attributes" : {
+ "include.in.token.scope" : "true",
+ "consent.screen.text" : "${emailScopeConsentText}",
+ "display.on.consent.screen" : "true"
+ },
+ "protocolMappers" : [ {
+ "id" : "782819fe-ba5d-4ddb-9f95-cabb69d79c8d",
+ "name" : "email verified",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usermodel-property-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "user.attribute" : "emailVerified",
+ "id.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "email_verified",
+ "jsonType.label" : "boolean",
+ "userinfo.token.claim" : "true"
+ }
+ }, {
+ "id" : "ca613fc8-bbf2-4240-8b33-a1874f1559f3",
+ "name" : "email",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usermodel-property-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "user.attribute" : "email",
+ "id.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "email",
+ "jsonType.label" : "String",
+ "userinfo.token.claim" : "true"
+ }
+ } ]
+ }, {
+ "id" : "b9da268f-6745-49dc-a764-3c54e385accc",
+ "name" : "profile",
+ "description" : "OpenID Connect built-in scope: profile",
+ "protocol" : "openid-connect",
+ "attributes" : {
+ "include.in.token.scope" : "true",
+ "consent.screen.text" : "${profileScopeConsentText}",
+ "display.on.consent.screen" : "true"
+ },
+ "protocolMappers" : [ {
+ "id" : "84f0487a-1d7d-470c-9b8e-5835294ae235",
+ "name" : "username",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usermodel-property-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "user.attribute" : "username",
+ "id.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "preferred_username",
+ "jsonType.label" : "String",
+ "userinfo.token.claim" : "true"
+ }
+ }, {
+ "id" : "bbdcdb36-3ec0-443d-b1af-9993d40f0567",
+ "name" : "gender",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usermodel-attribute-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "user.attribute" : "gender",
+ "id.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "gender",
+ "jsonType.label" : "String",
+ "userinfo.token.claim" : "true"
+ }
+ }, {
+ "id" : "9faa870b-5491-4ce9-b27d-c9ce07d6a95e",
+ "name" : "birthdate",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usermodel-attribute-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "user.attribute" : "birthdate",
+ "id.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "birthdate",
+ "jsonType.label" : "String",
+ "userinfo.token.claim" : "true"
+ }
+ }, {
+ "id" : "f0e3c012-9523-4076-83ae-e466e2d08220",
+ "name" : "full name",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-full-name-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "id.token.claim" : "true",
+ "access.token.claim" : "true",
+ "userinfo.token.claim" : "true"
+ }
+ }, {
+ "id" : "f757d8ec-e181-429c-9287-9ad0600b061f",
+ "name" : "profile",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usermodel-attribute-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "user.attribute" : "profile",
+ "id.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "profile",
+ "jsonType.label" : "String",
+ "userinfo.token.claim" : "true"
+ }
+ }, {
+ "id" : "18cfbf4b-0a8e-45c7-a832-c0f72c92f3f3",
+ "name" : "updated at",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usermodel-attribute-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "user.attribute" : "updatedAt",
+ "id.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "updated_at",
+ "jsonType.label" : "long",
+ "userinfo.token.claim" : "true"
+ }
+ }, {
+ "id" : "841ea785-26ab-429a-a420-09ce3948924d",
+ "name" : "family name",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usermodel-property-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "user.attribute" : "lastName",
+ "id.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "family_name",
+ "jsonType.label" : "String",
+ "userinfo.token.claim" : "true"
+ }
+ }, {
+ "id" : "bfba13ff-f952-4e89-bbb1-a693fdebfae8",
+ "name" : "website",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usermodel-attribute-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "user.attribute" : "website",
+ "id.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "website",
+ "jsonType.label" : "String",
+ "userinfo.token.claim" : "true"
+ }
+ }, {
+ "id" : "475f071d-5149-4379-b928-76482f5f519c",
+ "name" : "zoneinfo",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usermodel-attribute-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "user.attribute" : "zoneinfo",
+ "id.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "zoneinfo",
+ "jsonType.label" : "String",
+ "userinfo.token.claim" : "true"
+ }
+ }, {
+ "id" : "b8bebfed-b5e9-4604-a0ee-9817f7d439ac",
+ "name" : "middle name",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usermodel-attribute-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "user.attribute" : "middleName",
+ "id.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "middle_name",
+ "jsonType.label" : "String",
+ "userinfo.token.claim" : "true"
+ }
+ }, {
+ "id" : "445232c8-6830-476c-a6f1-8bbef167595a",
+ "name" : "picture",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usermodel-attribute-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "user.attribute" : "picture",
+ "id.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "picture",
+ "jsonType.label" : "String",
+ "userinfo.token.claim" : "true"
+ }
+ }, {
+ "id" : "65f2e474-6ede-4872-86e4-e49504dd0f2a",
+ "name" : "locale",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usermodel-attribute-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "user.attribute" : "locale",
+ "id.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "locale",
+ "jsonType.label" : "String",
+ "userinfo.token.claim" : "true"
+ }
+ }, {
+ "id" : "16cd5a27-ccf3-453c-ae1e-8621813ab73c",
+ "name" : "given name",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usermodel-property-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "user.attribute" : "firstName",
+ "id.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "given_name",
+ "jsonType.label" : "String",
+ "userinfo.token.claim" : "true"
+ }
+ }, {
+ "id" : "f9efedfc-3388-457c-b10a-1dff4525ff9b",
+ "name" : "nickname",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usermodel-attribute-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "user.attribute" : "nickname",
+ "id.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "nickname",
+ "jsonType.label" : "String",
+ "userinfo.token.claim" : "true"
+ }
+ } ]
+ }, {
+ "id" : "627fa054-08eb-4206-af71-9e838e984b8b",
+ "name" : "microprofile-jwt",
+ "description" : "Microprofile - JWT built-in scope",
+ "protocol" : "openid-connect",
+ "attributes" : {
+ "include.in.token.scope" : "true",
+ "display.on.consent.screen" : "false"
+ },
+ "protocolMappers" : [ {
+ "id" : "e6cc53e5-5d7e-468e-88c8-0737dd3dc759",
+ "name" : "groups",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usermodel-realm-role-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "multivalued" : "true",
+ "userinfo.token.claim" : "true",
+ "user.attribute" : "foo",
+ "id.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "groups",
+ "jsonType.label" : "String"
+ }
+ }, {
+ "id" : "83b4444c-10fc-44e8-a0c0-0c1da1f9bba3",
+ "name" : "upn",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usermodel-property-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "user.attribute" : "username",
+ "id.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "upn",
+ "jsonType.label" : "String",
+ "userinfo.token.claim" : "true"
+ }
+ } ]
+ }, {
+ "id" : "4122ff9e-ad3c-4142-afc6-9aefdecfc86d",
+ "name" : "role_list",
+ "description" : "SAML role list",
+ "protocol" : "saml",
+ "attributes" : {
+ "consent.screen.text" : "${samlRoleListScopeConsentText}",
+ "display.on.consent.screen" : "true"
+ },
+ "protocolMappers" : [ {
+ "id" : "bb0747fa-c008-4af3-93be-e7739650ebd5",
+ "name" : "role list",
+ "protocol" : "saml",
+ "protocolMapper" : "saml-role-list-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "single" : "false",
+ "attribute.nameformat" : "Basic",
+ "attribute.name" : "Role"
+ }
+ } ]
+ }, {
+ "id" : "2e76447d-fbe7-4fa7-a16c-54a381b960ae",
+ "name" : "rabbitmq.configure:*/*",
+ "description" : "",
+ "protocol" : "openid-connect",
+ "attributes" : {
+ "include.in.token.scope" : "true",
+ "display.on.consent.screen" : "false",
+ "gui.order" : "",
+ "consent.screen.text" : ""
+ }
+ }, {
+ "id" : "52aad832-c6c4-49df-8a04-6ad4a406fdfa",
+ "name" : "phone",
+ "description" : "OpenID Connect built-in scope: phone",
+ "protocol" : "openid-connect",
+ "attributes" : {
+ "include.in.token.scope" : "true",
+ "consent.screen.text" : "${phoneScopeConsentText}",
+ "display.on.consent.screen" : "true"
+ },
+ "protocolMappers" : [ {
+ "id" : "dae802fb-9138-408a-b80e-a40eb0f56814",
+ "name" : "phone number",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usermodel-attribute-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "user.attribute" : "phoneNumber",
+ "id.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "phone_number",
+ "jsonType.label" : "String",
+ "userinfo.token.claim" : "true"
+ }
+ }, {
+ "id" : "feb06a8d-b0eb-4911-8464-368d93f566fa",
+ "name" : "phone number verified",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usermodel-attribute-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "user.attribute" : "phoneNumberVerified",
+ "id.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "phone_number_verified",
+ "jsonType.label" : "boolean",
+ "userinfo.token.claim" : "true"
+ }
+ } ]
+ }, {
+ "id" : "f64d64e8-57ce-4eb2-b99e-9f02fdbd99f9",
+ "name" : "web-origins",
+ "description" : "OpenID Connect scope for add allowed web origins to the access token",
+ "protocol" : "openid-connect",
+ "attributes" : {
+ "include.in.token.scope" : "false",
+ "consent.screen.text" : "",
+ "display.on.consent.screen" : "false"
+ },
+ "protocolMappers" : [ {
+ "id" : "c6411e3b-6478-453d-b530-5fe175a4d786",
+ "name" : "allowed web origins",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-allowed-origins-mapper",
+ "consentRequired" : false,
+ "config" : { }
+ } ]
+ }, {
+ "id" : "55341d34-0086-4173-ae61-d9b175b179d8",
+ "name" : "acr",
+ "description" : "OpenID Connect scope for add acr (authentication context class reference) to the token",
+ "protocol" : "openid-connect",
+ "attributes" : {
+ "include.in.token.scope" : "false",
+ "display.on.consent.screen" : "false"
+ },
+ "protocolMappers" : [ {
+ "id" : "58ea3217-0fff-4207-9d08-919f5493b629",
+ "name" : "acr loa level",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-acr-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "id.token.claim" : "true",
+ "access.token.claim" : "true",
+ "userinfo.token.claim" : "true"
+ }
+ } ]
+ }, {
+ "id" : "a02c2c38-923c-46ec-9899-321412b388e5",
+ "name" : "attributes",
+ "description" : "User Attributes",
+ "protocol" : "openid-connect",
+ "attributes" : {
+ "include.in.token.scope" : "false",
+ "display.on.consent.screen" : "false",
+ "gui.order" : "",
+ "consent.screen.text" : ""
+ },
+ "protocolMappers" : [ {
+ "id" : "78c461c1-f3f9-4d10-8835-097f13bdcd60",
+ "name" : "Theme",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usermodel-attribute-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "aggregate.attrs" : "false",
+ "multivalued" : "false",
+ "userinfo.token.claim" : "true",
+ "user.attribute" : "theme_dark",
+ "id.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "attributes.theme_dark"
+ }
+ } ]
+ }, {
+ "id" : "06062e22-89c0-4e1d-a25b-2483903b02d5",
+ "name" : "rabbitmq.write:*/*",
+ "description" : "",
+ "protocol" : "openid-connect",
+ "attributes" : {
+ "include.in.token.scope" : "true",
+ "display.on.consent.screen" : "false",
+ "gui.order" : "",
+ "consent.screen.text" : ""
+ }
+ }, {
+ "id" : "db63e03b-7918-492f-997b-f2dda98f3b39",
+ "name" : "rabbitmq.tag:management",
+ "description" : "management",
+ "protocol" : "openid-connect",
+ "attributes" : {
+ "include.in.token.scope" : "true",
+ "display.on.consent.screen" : "true",
+ "gui.order" : "",
+ "consent.screen.text" : ""
+ }
+ }, {
+ "id" : "aa5c6ca7-812d-4fff-80b9-f5095ca82ce6",
+ "name" : "service_account",
+ "description" : "Specific scope for a client enabled for service accounts",
+ "protocol" : "openid-connect",
+ "attributes" : {
+ "include.in.token.scope" : "false",
+ "display.on.consent.screen" : "false"
+ },
+ "protocolMappers" : [ {
+ "id" : "bb359b0f-97dc-4d6a-9a2f-89458b53c512",
+ "name" : "Client IP Address",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usersessionmodel-note-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "user.session.note" : "clientAddress",
+ "introspection.token.claim" : "true",
+ "userinfo.token.claim" : "true",
+ "id.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "clientAddress",
+ "jsonType.label" : "String"
+ }
+ }, {
+ "id" : "7aa3a4d2-3dd1-48dd-8886-562906eadb2a",
+ "name" : "Client Host",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usersessionmodel-note-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "user.session.note" : "clientHost",
+ "introspection.token.claim" : "true",
+ "userinfo.token.claim" : "true",
+ "id.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "clientHost",
+ "jsonType.label" : "String"
+ }
+ }, {
+ "id" : "c4882d39-e815-49f5-8a73-eb8b83572eae",
+ "name" : "Client ID",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usersessionmodel-note-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "user.session.note" : "client_id",
+ "introspection.token.claim" : "true",
+ "userinfo.token.claim" : "true",
+ "id.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "client_id",
+ "jsonType.label" : "String"
+ }
+ } ]
+ }, {
+ "id" : "210cc792-6c07-45a6-a77e-827cdf3b41ba",
+ "name" : "offline_access",
+ "description" : "OpenID Connect built-in scope: offline_access",
+ "protocol" : "openid-connect",
+ "attributes" : {
+ "consent.screen.text" : "${offlineAccessScopeConsentText}",
+ "display.on.consent.screen" : "true"
+ }
+ }, {
+ "id" : "c96f0b73-ea79-4b46-93ef-d1092297f855",
+ "name" : "rabbitmq.read:*/*",
+ "description" : "",
+ "protocol" : "openid-connect",
+ "attributes" : {
+ "include.in.token.scope" : "true",
+ "display.on.consent.screen" : "false",
+ "gui.order" : "",
+ "consent.screen.text" : ""
+ }
+ }, {
+ "id" : "ba11267a-478b-4b32-872f-4eb2d125d116",
+ "name" : "basic",
+ "description" : "OpenID Connect scope for add all basic claims to the token",
+ "protocol" : "openid-connect",
+ "attributes" : {
+ "include.in.token.scope" : "false",
+ "display.on.consent.screen" : "false"
+ },
+ "protocolMappers" : [ {
+ "id" : "1445e14f-49b0-4666-8ddc-691493c24ad9",
+ "name" : "sub",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-sub-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "introspection.token.claim" : "true",
+ "access.token.claim" : "true"
+ }
+ }, {
+ "id" : "846f1ef0-2b86-4e07-9d25-691d25af5fce",
+ "name" : "auth_time",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usersessionmodel-note-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "user.session.note" : "AUTH_TIME",
+ "introspection.token.claim" : "true",
+ "userinfo.token.claim" : "true",
+ "id.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "auth_time",
+ "jsonType.label" : "long"
+ }
+ } ]
+ }, {
+ "id" : "425abf4a-2ee2-431d-aa92-e373a36fe556",
+ "name" : "address",
+ "description" : "OpenID Connect built-in scope: address",
+ "protocol" : "openid-connect",
+ "attributes" : {
+ "include.in.token.scope" : "true",
+ "consent.screen.text" : "${addressScopeConsentText}",
+ "display.on.consent.screen" : "true"
+ },
+ "protocolMappers" : [ {
+ "id" : "8d4ffe4d-1d01-4ca1-8ff4-44eacca61b30",
+ "name" : "address",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-address-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "user.attribute.formatted" : "formatted",
+ "user.attribute.country" : "country",
+ "user.attribute.postal_code" : "postal_code",
+ "userinfo.token.claim" : "true",
+ "user.attribute.street" : "street",
+ "id.token.claim" : "true",
+ "user.attribute.region" : "region",
+ "access.token.claim" : "true",
+ "user.attribute.locality" : "locality"
+ }
+ } ]
+ }, {
+ "id" : "37f61543-dad7-4a82-8e10-77acdd1eefdc",
+ "name" : "roles",
+ "description" : "OpenID Connect scope for add user roles to the access token",
+ "protocol" : "openid-connect",
+ "attributes" : {
+ "include.in.token.scope" : "false",
+ "consent.screen.text" : "${rolesScopeConsentText}",
+ "display.on.consent.screen" : "true"
+ },
+ "protocolMappers" : [ {
+ "id" : "3b6b6914-8ad1-4a71-88ec-444f754aaacb",
+ "name" : "audience resolve",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-audience-resolve-mapper",
+ "consentRequired" : false,
+ "config" : { }
+ }, {
+ "id" : "2defedf5-9af3-4531-822c-a879dedcd29d",
+ "name" : "realm roles",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usermodel-realm-role-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "introspection.token.claim" : "true",
+ "userinfo.token.claim" : "false",
+ "multivalued" : "true",
+ "user.attribute" : "foo",
+ "id.token.claim" : "true",
+ "lightweight.claim" : "false",
+ "access.token.claim" : "true",
+ "claim.name" : "realm_access.roles",
+ "jsonType.label" : "String"
+ }
+ }, {
+ "id" : "a7bd6723-e58e-47f7-95c0-2925ce99283d",
+ "name" : "client roles",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usermodel-client-role-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "user.attribute" : "foo",
+ "access.token.claim" : "true",
+ "claim.name" : "resource_access.${client_id}.roles",
+ "jsonType.label" : "String",
+ "multivalued" : "true"
+ }
+ } ]
+ } ],
+ "defaultDefaultClientScopes" : [ "rabbitmq.tag:administrator", "rabbitmq.tag:management", "basic" ],
+ "defaultOptionalClientScopes" : [ "rabbitmq.write:*/*", "offline_access", "rabbitmq.configure:*/*", "roles", "role_list", "address", "phone", "acr", "microprofile-jwt", "email", "attributes", "profile", "rabbitmq.read:*/*", "web-origins" ],
+ "browserSecurityHeaders" : {
+ "contentSecurityPolicyReportOnly" : "",
+ "xContentTypeOptions" : "nosniff",
+ "referrerPolicy" : "no-referrer",
+ "xRobotsTag" : "none",
+ "xFrameOptions" : "SAMEORIGIN",
+ "contentSecurityPolicy" : "frame-src 'self'; frame-ancestors 'self'; object-src 'none';",
+ "xXSSProtection" : "1; mode=block",
+ "strictTransportSecurity" : "max-age=31536000; includeSubDomains"
+ },
+ "smtpServer" : { },
+ "loginTheme" : "keycloak.v2",
+ "accountTheme" : "",
+ "adminTheme" : "",
+ "emailTheme" : "",
+ "eventsEnabled" : false,
+ "eventsListeners" : [ "create-event-listener", "jboss-logging" ],
+ "enabledEventTypes" : [ "SEND_RESET_PASSWORD", "UPDATE_CONSENT_ERROR", "GRANT_CONSENT", "VERIFY_PROFILE_ERROR", "REMOVE_TOTP", "REVOKE_GRANT", "UPDATE_TOTP", "LOGIN_ERROR", "CLIENT_LOGIN", "RESET_PASSWORD_ERROR", "IMPERSONATE_ERROR", "CODE_TO_TOKEN_ERROR", "CUSTOM_REQUIRED_ACTION", "OAUTH2_DEVICE_CODE_TO_TOKEN_ERROR", "RESTART_AUTHENTICATION", "IMPERSONATE", "UPDATE_PROFILE_ERROR", "LOGIN", "OAUTH2_DEVICE_VERIFY_USER_CODE", "UPDATE_PASSWORD_ERROR", "CLIENT_INITIATED_ACCOUNT_LINKING", "TOKEN_EXCHANGE", "AUTHREQID_TO_TOKEN", "LOGOUT", "REGISTER", "DELETE_ACCOUNT_ERROR", "CLIENT_REGISTER", "IDENTITY_PROVIDER_LINK_ACCOUNT", "DELETE_ACCOUNT", "UPDATE_PASSWORD", "CLIENT_DELETE", "FEDERATED_IDENTITY_LINK_ERROR", "IDENTITY_PROVIDER_FIRST_LOGIN", "CLIENT_DELETE_ERROR", "VERIFY_EMAIL", "CLIENT_LOGIN_ERROR", "RESTART_AUTHENTICATION_ERROR", "EXECUTE_ACTIONS", "REMOVE_FEDERATED_IDENTITY_ERROR", "TOKEN_EXCHANGE_ERROR", "PERMISSION_TOKEN", "SEND_IDENTITY_PROVIDER_LINK_ERROR", "EXECUTE_ACTION_TOKEN_ERROR", "SEND_VERIFY_EMAIL", "OAUTH2_DEVICE_AUTH", "EXECUTE_ACTIONS_ERROR", "REMOVE_FEDERATED_IDENTITY", "OAUTH2_DEVICE_CODE_TO_TOKEN", "IDENTITY_PROVIDER_POST_LOGIN", "IDENTITY_PROVIDER_LINK_ACCOUNT_ERROR", "OAUTH2_DEVICE_VERIFY_USER_CODE_ERROR", "UPDATE_EMAIL", "REGISTER_ERROR", "REVOKE_GRANT_ERROR", "EXECUTE_ACTION_TOKEN", "LOGOUT_ERROR", "UPDATE_EMAIL_ERROR", "CLIENT_UPDATE_ERROR", "AUTHREQID_TO_TOKEN_ERROR", "UPDATE_PROFILE", "CLIENT_REGISTER_ERROR", "FEDERATED_IDENTITY_LINK", "SEND_IDENTITY_PROVIDER_LINK", "SEND_VERIFY_EMAIL_ERROR", "RESET_PASSWORD", "CLIENT_INITIATED_ACCOUNT_LINKING_ERROR", "OAUTH2_DEVICE_AUTH_ERROR", "UPDATE_CONSENT", "REMOVE_TOTP_ERROR", "VERIFY_EMAIL_ERROR", "SEND_RESET_PASSWORD_ERROR", "CLIENT_UPDATE", "CUSTOM_REQUIRED_ACTION_ERROR", "IDENTITY_PROVIDER_POST_LOGIN_ERROR", "UPDATE_TOTP_ERROR", "CODE_TO_TOKEN", "VERIFY_PROFILE", "GRANT_CONSENT_ERROR", "IDENTITY_PROVIDER_FIRST_LOGIN_ERROR" ],
+ "adminEventsEnabled" : false,
+ "adminEventsDetailsEnabled" : false,
+ "identityProviders" : [ ],
+ "identityProviderMappers" : [ ],
+ "components" : {
+ "org.keycloak.services.clientregistration.policy.ClientRegistrationPolicy" : [ {
+ "id" : "4d3f9f14-f5d2-4b0c-8ea7-e6d078aa2191",
+ "name" : "Max Clients Limit",
+ "providerId" : "max-clients",
+ "subType" : "anonymous",
+ "subComponents" : { },
+ "config" : {
+ "max-clients" : [ "200" ]
+ }
+ }, {
+ "id" : "f35bce67-1e75-408b-b065-52183368d4fd",
+ "name" : "Allowed Client Scopes",
+ "providerId" : "allowed-client-templates",
+ "subType" : "anonymous",
+ "subComponents" : { },
+ "config" : {
+ "allow-default-scopes" : [ "true" ]
+ }
+ }, {
+ "id" : "0efa669d-1017-4b4a-82e1-c2eaf72de2c9",
+ "name" : "Allowed Client Scopes",
+ "providerId" : "allowed-client-templates",
+ "subType" : "authenticated",
+ "subComponents" : { },
+ "config" : {
+ "allow-default-scopes" : [ "true" ]
+ }
+ }, {
+ "id" : "528fb423-d66e-472e-9120-1f03ba9e0f18",
+ "name" : "Consent Required",
+ "providerId" : "consent-required",
+ "subType" : "anonymous",
+ "subComponents" : { },
+ "config" : { }
+ }, {
+ "id" : "3ab11d74-5e76-408a-b85a-26bf8950f979",
+ "name" : "Allowed Protocol Mapper Types",
+ "providerId" : "allowed-protocol-mappers",
+ "subType" : "anonymous",
+ "subComponents" : { },
+ "config" : {
+ "allowed-protocol-mapper-types" : [ "oidc-sha256-pairwise-sub-mapper", "oidc-address-mapper", "oidc-usermodel-attribute-mapper", "oidc-full-name-mapper", "saml-role-list-mapper", "saml-user-attribute-mapper", "oidc-usermodel-property-mapper", "saml-user-property-mapper" ]
+ }
+ }, {
+ "id" : "1849e52a-b8c9-44a8-af3d-ee19376a1ed1",
+ "name" : "Trusted Hosts",
+ "providerId" : "trusted-hosts",
+ "subType" : "anonymous",
+ "subComponents" : { },
+ "config" : {
+ "host-sending-registration-request-must-match" : [ "true" ],
+ "client-uris-must-match" : [ "true" ]
+ }
+ }, {
+ "id" : "f565cb47-3bcf-4078-8f94-eb4179c375b8",
+ "name" : "Full Scope Disabled",
+ "providerId" : "scope",
+ "subType" : "anonymous",
+ "subComponents" : { },
+ "config" : { }
+ }, {
+ "id" : "104ec5a9-025b-4c44-8ac0-82d22887ca3e",
+ "name" : "Allowed Protocol Mapper Types",
+ "providerId" : "allowed-protocol-mappers",
+ "subType" : "authenticated",
+ "subComponents" : { },
+ "config" : {
+ "allowed-protocol-mapper-types" : [ "oidc-full-name-mapper", "oidc-sha256-pairwise-sub-mapper", "saml-user-property-mapper", "oidc-address-mapper", "oidc-usermodel-property-mapper", "saml-role-list-mapper", "oidc-usermodel-attribute-mapper", "saml-user-attribute-mapper" ]
+ }
+ } ],
+ "org.keycloak.userprofile.UserProfileProvider" : [ {
+ "id" : "a407a1d6-a7f6-4a72-ba3a-149de03d5a43",
+ "providerId" : "declarative-user-profile",
+ "subComponents" : { },
+ "config" : {
+ "kc.user.profile.config" : [ "{\"attributes\":[{\"name\":\"username\",\"displayName\":\"${username}\",\"validations\":{\"length\":{\"min\":3,\"max\":255},\"username-prohibited-characters\":{},\"up-username-not-idn-homograph\":{}},\"permissions\":{\"view\":[\"admin\",\"user\"],\"edit\":[\"admin\",\"user\"]},\"multivalued\":false},{\"name\":\"email\",\"displayName\":\"${email}\",\"validations\":{\"email\":{},\"length\":{\"max\":255}},\"required\":{\"roles\":[\"user\"]},\"permissions\":{\"view\":[\"admin\",\"user\"],\"edit\":[\"admin\",\"user\"]},\"multivalued\":false},{\"name\":\"firstName\",\"displayName\":\"${firstName}\",\"validations\":{\"length\":{\"max\":255},\"person-name-prohibited-characters\":{}},\"required\":{\"roles\":[\"user\"]},\"permissions\":{\"view\":[\"admin\",\"user\"],\"edit\":[\"admin\",\"user\"]},\"multivalued\":false},{\"name\":\"lastName\",\"displayName\":\"${lastName}\",\"validations\":{\"length\":{\"max\":255},\"person-name-prohibited-characters\":{}},\"required\":{\"roles\":[\"user\"]},\"permissions\":{\"view\":[\"admin\",\"user\"],\"edit\":[\"admin\",\"user\"]},\"multivalued\":false}],\"groups\":[{\"name\":\"user-metadata\",\"displayHeader\":\"User metadata\",\"displayDescription\":\"Attributes, which refer to user metadata\"}],\"unmanagedAttributePolicy\":\"ENABLED\"}" ]
+ }
+ } ],
+ "org.keycloak.storage.UserStorageProvider" : [ {
+ "id" : "c109d473-5ce1-4032-af7b-02e5442f5c07",
+ "name" : "Identity Service",
+ "providerId" : "ldap",
+ "subComponents" : {
+ "org.keycloak.storage.ldap.mappers.LDAPStorageMapper" : [ {
+ "id" : "db9963a3-03d1-468e-998c-9f3338fdb493",
+ "name" : "creation date",
+ "providerId" : "user-attribute-ldap-mapper",
+ "subComponents" : { },
+ "config" : {
+ "ldap.attribute" : [ "createTimestamp" ],
+ "is.mandatory.in.ldap" : [ "false" ],
+ "always.read.value.from.ldap" : [ "true" ],
+ "read.only" : [ "true" ],
+ "user.model.attribute" : [ "createTimestamp" ]
+ }
+ }, {
+ "id" : "9d7b9abc-321e-4674-ba36-b104b9990641",
+ "name" : "last name",
+ "providerId" : "user-attribute-ldap-mapper",
+ "subComponents" : { },
+ "config" : {
+ "ldap.attribute" : [ "sn" ],
+ "is.mandatory.in.ldap" : [ "true" ],
+ "read.only" : [ "false" ],
+ "always.read.value.from.ldap" : [ "true" ],
+ "user.model.attribute" : [ "lastName" ]
+ }
+ }, {
+ "id" : "b5b7253b-984e-4aa3-b862-20dbe06e4cf9",
+ "name" : "first name",
+ "providerId" : "user-attribute-ldap-mapper",
+ "subComponents" : { },
+ "config" : {
+ "ldap.attribute" : [ "cn" ],
+ "is.mandatory.in.ldap" : [ "true" ],
+ "read.only" : [ "false" ],
+ "always.read.value.from.ldap" : [ "true" ],
+ "user.model.attribute" : [ "firstName" ]
+ }
+ }, {
+ "id" : "ea383c2f-3bfe-4117-a8fd-f012d6ebbf9e",
+ "name" : "email",
+ "providerId" : "user-attribute-ldap-mapper",
+ "subComponents" : { },
+ "config" : {
+ "ldap.attribute" : [ "mail" ],
+ "is.mandatory.in.ldap" : [ "false" ],
+ "read.only" : [ "false" ],
+ "always.read.value.from.ldap" : [ "false" ],
+ "user.model.attribute" : [ "email" ]
+ }
+ }, {
+ "id" : "5692d060-55b8-4cb1-b68f-0ae123cd9d02",
+ "name" : "system",
+ "providerId" : "group-ldap-mapper",
+ "subComponents" : { },
+ "config" : {
+ "mode" : [ "LDAP_ONLY" ],
+ "membership.attribute.type" : [ "DN" ],
+ "user.roles.retrieve.strategy" : [ "LOAD_GROUPS_BY_MEMBER_ATTRIBUTE" ],
+ "group.name.ldap.attribute" : [ "cn" ],
+ "membership.ldap.attribute" : [ "member" ],
+ "ignore.missing.groups" : [ "false" ],
+ "preserve.group.inheritance" : [ "false" ],
+ "membership.user.ldap.attribute" : [ "uid" ],
+ "memberof.ldap.attribute" : [ "memberOf" ],
+ "group.object.classes" : [ "groupOfNames" ],
+ "groups.dn" : [ "ou=users,${LDAP_ROOT}" ],
+ "drop.non.existing.groups.during.sync" : [ "false" ],
+ "groups.path" : [ "/" ]
+ }
+ }, {
+ "id" : "b6ff3285-35af-4e86-8bb4-d94b8e0d70bb",
+ "name" : "modify date",
+ "providerId" : "user-attribute-ldap-mapper",
+ "subComponents" : { },
+ "config" : {
+ "ldap.attribute" : [ "modifyTimestamp" ],
+ "is.mandatory.in.ldap" : [ "false" ],
+ "always.read.value.from.ldap" : [ "true" ],
+ "read.only" : [ "true" ],
+ "user.model.attribute" : [ "modifyTimestamp" ]
+ }
+ }, {
+ "id" : "b5d08699-ba3a-4ffd-bf2e-36d1bcac48d9",
+ "name" : "username",
+ "providerId" : "user-attribute-ldap-mapper",
+ "subComponents" : { },
+ "config" : {
+ "ldap.attribute" : [ "uid" ],
+ "attribute.force.default" : [ "false" ],
+ "is.mandatory.in.ldap" : [ "true" ],
+ "is.binary.attribute" : [ "false" ],
+ "always.read.value.from.ldap" : [ "false" ],
+ "read.only" : [ "false" ],
+ "user.model.attribute" : [ "username" ]
+ }
+ } ]
+ },
+ "config" : {
+ "pagination" : [ "false" ],
+ "fullSyncPeriod" : [ "-1" ],
+ "startTls" : [ "false" ],
+ "connectionPooling" : [ "true" ],
+ "usersDn" : [ "ou=users,${LDAP_ROOT}" ],
+ "cachePolicy" : [ "DEFAULT" ],
+ "useKerberosForPasswordAuthentication" : [ "false" ],
+ "importEnabled" : [ "true" ],
+ "enabled" : [ "true" ],
+ "bindCredential" : [ "${LDAP_ADMIN_PASSWORD}" ],
+ "bindDn" : [ "${LDAP_ADMIN_DN}" ],
+ "usernameLDAPAttribute" : [ "uid" ],
+ "changedSyncPeriod" : [ "-1" ],
+ "lastSync" : [ "1719252666" ],
+ "vendor" : [ "other" ],
+ "uuidLDAPAttribute" : [ "entryUUID" ],
+ "connectionUrl" : [ "ldap://identity-service:1389" ],
+ "allowKerberosAuthentication" : [ "false" ],
+ "syncRegistrations" : [ "true" ],
+ "authType" : [ "simple" ],
+ "useTruststoreSpi" : [ "always" ],
+ "usePasswordModifyExtendedOp" : [ "false" ],
+ "trustEmail" : [ "false" ],
+ "userObjectClasses" : [ "inetOrgPerson, organizationalPerson, person" ],
+ "rdnLDAPAttribute" : [ "uid" ],
+ "editMode" : [ "WRITABLE" ],
+ "validatePasswordPolicy" : [ "false" ]
+ }
+ } ],
+ "org.keycloak.keys.KeyProvider" : [ {
+ "id" : "2f53ccf3-37b0-4d34-83e7-ed497499ee51",
+ "name" : "rsa-enc-generated",
+ "providerId" : "rsa-enc-generated",
+ "subComponents" : { },
+ "config" : {
+ "privateKey" : [ "MIIEowIBAAKCAQEA3b1tNLfcjFLUw9UShVDNf+ZD8sQqb4YBaIXcSJTX/zDQUPiCp176BBGI3s4VplDArnOW+LumozmKogeoHEnGEIDW8ovgK5uMU9tSA2p0qqGBUMOdR8YATTIfCJe7qGiiuGa3WZy3sQLM70SuRzx02YU8gvUcvl2Js4KyqAziOUX/w3Wa59H9jjGNUXYyqaPWJp73eHzbVYWySzyLG22mVlcUtBx5siL5T2/Xu0p9z4l7/bapwwmOVi1ZrcHjbEAwdGEiSMGI/uWqAF+r1BRpmJLR7HNXcL3eK4/56VYLaiwSejfyYeRFMITEn/UxGYhcXZ5xMUUCG0TxjBhLYpTBuwIDAQABAoIBAA4dwebcxkrH99Poa8+WkiE7JgaS9sahx9OBI2xwJANoIU2TpzGuNLQZ76uLgB+rPWZTD9Xm5a1iJjwOyQ9/937TzPCk91D0tpgcusRikb8jx/6TGB9acL4kBjYUVCCHr3BA2G75MKKGtJ2OMvAbCQSosZj+r2VDwYFEPUkV2jheE5JHSBkwyIRrus3JCwu8gu5fyCg9z8ljcxJxI5HIsi4v8Z21aCw/cLj7h5cMt44wCjQz4rOfYNBEFeHDtlfR1QtWKgjm4ZHHJbKrzf9b2kQXclziceEbSM0tYbROEXKi+s0Zc+z3HEG89vv0vfN400clmzzIAijKY6gg3pPRWdECgYEA+lnWYbSlXDMNYx6RBXm1RnlMUYIm4oy4/9ljgnoGJ6WCn3SjFkgaDtiKfGIG1BSB85r04pAPANgcWHf5tWDnq0ARvBVG0BX2bKd++7B3D4d3CRYKCwm88SslJXv9dfHVhq4+zViFPiUWwT20A72jCuUCvL88y5fh/YBecfdh+jECgYEA4r5RD0NB9dMaeg5/jk/GEHIo4Z9KLc6FrSoOFo2xFkPOy1sgDpDOiNtypuWvniO7k7Ose3DS3hlfTMsKzIW/CgQJ20+Y4cvBWDaOsRxfjj7w3d+jH5OSJdKKSzTrgLKc9ZhlRzVXy0J0hipIA6HG5kdVdLXmh85ITmf1CbJhE6sCgYBjPVeBNbXTHZ2x6/z62aslO5IoQVqetb/kE82hfDOSZcao5Ph9Lam+ttH2ynkAevykj4mBgi+gWwqpey2uW7KaLPSaxShj9kDQA3mP1fzsV/u0y1rB02Nlin/YIxVvOqU1FT9p8SwoXVVu1sHUNck62VtDbN9xqUx5S/ikXrclEQKBgQCoTssOwEcK+Vty9KYcdfy4onTUHZBLdjxl8Iyqkxy7QTQUYRznkvesQPDXEDGO+kk3dyx2KKZt9Hl4IFNww2quPZcvcuMx4DQxjbXXpA8OIIxcta95NepLJwA+mRai3nKCH1A2TlNP7pFeMa5o+8IPly3Ix2lKr4Wepa4PN5i1pwKBgCZ1QP6XAOERl9NznNmU0rXVcvYNP4PIIfQWfvGsldZ4QKkmjjAGiS0/oYqdWs+UDRZyCRChaVjDXO9fk0PEG5OGKAj9nyiYCT/M8xtJ3UeP5ffZZvJ/vnye3QdDIo1e38ZzsWwJHmLYw7fRqY9W5Vxo0Vsy22U3CJY70KTxVdTy" ],
+ "keyUse" : [ "ENC" ],
+ "certificate" : [ "MIICmzCCAYMCBgGG3GWycDANBgkqhkiG9w0BAQsFADARMQ8wDQYDVQQDDAZkYnJlcG8wHhcNMjMwMzEzMTkxMzE3WhcNMzMwMzEzMTkxNDU3WjARMQ8wDQYDVQQDDAZkYnJlcG8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDdvW00t9yMUtTD1RKFUM1/5kPyxCpvhgFohdxIlNf/MNBQ+IKnXvoEEYjezhWmUMCuc5b4u6ajOYqiB6gcScYQgNbyi+Arm4xT21IDanSqoYFQw51HxgBNMh8Il7uoaKK4ZrdZnLexAszvRK5HPHTZhTyC9Ry+XYmzgrKoDOI5Rf/DdZrn0f2OMY1RdjKpo9Ymnvd4fNtVhbJLPIsbbaZWVxS0HHmyIvlPb9e7Sn3PiXv9tqnDCY5WLVmtweNsQDB0YSJIwYj+5aoAX6vUFGmYktHsc1dwvd4rj/npVgtqLBJ6N/Jh5EUwhMSf9TEZiFxdnnExRQIbRPGMGEtilMG7AgMBAAEwDQYJKoZIhvcNAQELBQADggEBAK3kQ1VkQrzvSWvmXmazmNoA1ZiPzRDs1XhGUWxgsxzgPylr3dGBuqQbKvgnLUBQLSqlJHpI4fZflHswu1qrvVZYtekPcGef4WhcKAu2i1RwxrKa6RJQ1tRbrLuVYCzPv5p/DWgltWVn88aoLnqQn0SK/0PB/o4a4Cm7Kq2ZzCr1dACBr06LvOHsc7249OySmbG4HH+pLK6jVURhZ9VaObqAHe2FJBVVoIzURbdiRRURqumrIvbnpeaU1aFyg6ED5wTnXvmMPmVPt9F79mcB33bASO5wyu00X8t1hyN2Show2l2vxLACGUzVkTQt15s7uDLKE7qLmKSR3EuSGXWv3wA=" ],
+ "priority" : [ "100" ],
+ "algorithm" : [ "RSA-OAEP" ]
+ }
+ }, {
+ "id" : "28ca0b6d-b2e2-4785-b04b-2391e6344e30",
+ "name" : "aes-generated",
+ "providerId" : "aes-generated",
+ "subComponents" : { },
+ "config" : {
+ "kid" : [ "6dc4834f-a1de-4cfe-a29d-e84ac8e9b1a8" ],
+ "secret" : [ "HpuzG_jWYKwypLeoPEMC4A" ],
+ "priority" : [ "100" ]
+ }
+ }, {
+ "id" : "bd7945cf-6d35-4e03-9c3a-197f2dc76973",
+ "name" : "hmac-generated",
+ "providerId" : "hmac-generated",
+ "subComponents" : { },
+ "config" : {
+ "kid" : [ "7f9f9054-5697-4f60-bdc8-67e3bd0f4db6" ],
+ "secret" : [ "1SCIY20z3AbAHCL28LuJfBU-7zfsZv5dacgliUeGdRW_WK3vH9fJUpPu1f7iDrdlhF7YQmHxLXsWjxhQId4ShI7QBdgKCArHWqi0GeH37oNXfZFg_uv-K_3JSfxfGBRu5jpRQhhSBxESZWsFVkskhxWUvNe6b5l9dFbMIif72rI" ],
+ "priority" : [ "100" ],
+ "algorithm" : [ "HS256" ]
+ }
+ }, {
+ "id" : "2293ff99-3c6d-46d1-8635-5e679d5b134a",
+ "name" : "rsa-generated",
+ "providerId" : "rsa-generated",
+ "subComponents" : { },
+ "config" : {
+ "privateKey" : [ "MIIEpAIBAAKCAQEAqqnHQ2BWWW9vDNLRCcxD++xZg/16oqMo/c1l+lcFEjjAIJjJp/HqrPYU/U9GvquGE6PbVFtTzW1KcKawOW+FJNOA3CGo8Q1TFEfz43B8rZpKsFbJKvQGVv1Z4HaKPvLUm7iMm8Hv91cLduuoWx6Q3DPe2vg13GKKEZe7UFghF+0T9u8EKzA/XqQ0OiICmsmYPbwvf9N3bCKsB/Y10EYmZRb8IhCoV9mmO5TxgWgiuNeCTtNCv2ePYqL/U0WvyGFW0reasIK8eg3KrAUj8DpyOgPOVBn3lBGf+3KFSYi+0bwZbJZWqbC/Xlk20Go1YfeJPRIt7ImxD27R/lNjgDO/MwIDAQABAoIBADNcMt6hAHub4JTAYS6Mra0EPRBO2XhWmACBrv3+8ETClXd5475KPLDewgRVtlmtbwU8G8awUXESQgPS9lfiqvQhPreA3cHlm6oP2WMKOEtakr2s8I+frsTBLCo0Ini9RaSzjoVVgS0zofyhASKi+T970MafSj5P3XNb8YBFdXgoYDiA7FXLH6a/+m7LScL+wGcFMAAeYESxZbMQLfH3v8L+4EcTraiwjLG17ZdlF3dpybMyUSse6ZQ/PdlyvBuzzLXhN6Ce2gd9ATfS+YWTzo7Yf+GU+ex5bIpVOfHqtuM/hyq7YGKENClsXwNZIAoFnvGCbvECAfgyapVrD30IfykCgYEA0rgsSZ82pxT40NxwgBD1g9lbNVBKXphRB/3S078qusUzJjT7AldEj4imGPhAbI7bI8gAeWJsp1XJWkjM8ktaVrh+NQl7p8e9OPh0pQF/5Bdg8ajbjXESpjnaU66pVYRQy/d+jNli/YRAHX5RUfsBl+6W4+WSVMGmKBiqJsur+ecCgYEAz1YVXClcmUnyZem5B+2E9noIzjF6ROE+jIb6rawM85P3Xd0lXtECQavtxw+Qk7I32qOwrxl1UpK2foVel3pazi+4OpMfmqtYGenRP1Zk1cZwrDo0cIemTDGjj3kJ8tYn12CGolFQpJZgK6OHzvG0tOxI5VZgjIViWNPe1PGWXtUCgYEAxXGNDe8BZs1f11S2lUlOw5yGug3hoYFXbAWJ5p7Ziuf8ZXB/QlJDC7se54a11wKEk6Jzz0lKRgE8CjzszJuOqnN0zn10QGIIC7nCklo1W6QMUmPGVWH994N976tZP6gbjQL6sT+AYcvpx7j0ubxYYeRNvnz+ACzzY964kGGHY0ECgYEAumlwPPNnMN7+VEjGNm2D7UMdJZ3wi3tkjF5ThdA5uMohTsAk+FG80KSu3RmOaGyEsUwY7+VYyYvlDm4E9PZqLBVVczyR3rMNPAcwPd0EPfvzk7WlLkOX7ct3fehaXH3VRlyfz9KCSeh1wOZ/lT1VtpD2nVOC7PSDzs92+kfXZZ0CgYAnrD1y4skgXkdwolZ3unn3EFyGm2d+X5aMTHwQPdWxqoNIAl/9wdghlzihwnPhhsxq1WzlxuC3V2IMrNPtRx70Mi+FbSmR5m4Xx5RptgMtMlwno+L40PzNJgMjHGjt0wcx3Vel8wuohDtnqMyS7P5nG1/TQx0Cyzwn7QOXlNpgbQ==" ],
+ "keyUse" : [ "SIG" ],
+ "certificate" : [ "MIICmzCCAYMCBgGG3GWyBTANBgkqhkiG9w0BAQsFADARMQ8wDQYDVQQDDAZkYnJlcG8wHhcNMjMwMzEzMTkxMzE3WhcNMzMwMzEzMTkxNDU3WjARMQ8wDQYDVQQDDAZkYnJlcG8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqqcdDYFZZb28M0tEJzEP77FmD/Xqioyj9zWX6VwUSOMAgmMmn8eqs9hT9T0a+q4YTo9tUW1PNbUpwprA5b4Uk04DcIajxDVMUR/PjcHytmkqwVskq9AZW/Vngdoo+8tSbuIybwe/3Vwt266hbHpDcM97a+DXcYooRl7tQWCEX7RP27wQrMD9epDQ6IgKayZg9vC9/03dsIqwH9jXQRiZlFvwiEKhX2aY7lPGBaCK414JO00K/Z49iov9TRa/IYVbSt5qwgrx6DcqsBSPwOnI6A85UGfeUEZ/7coVJiL7RvBlsllapsL9eWTbQajVh94k9Ei3sibEPbtH+U2OAM78zAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAASnN1Cuif1sdfEK2kWAURSXGJCohCROLWdKFjaeHPRaEfpbFJsgxW0Yj3nwX5O3bUlOWoTyENwnXSsXMQsqnNi+At32CKaKO8+AkhAbgQL9F0B+KeJwmYv3cUj5N/LYkJjBvZBzUZ4Ugu5dcxH0k7AktLAIwimkyEnxTNolOA3UyrGGpREr8MCKWVr10RFuOpF/0CsJNNwbHXzalO9D756EUcRWZ9VSg6QVNso0YYRKTnILWDn9hcTRnqGy3SHo3anFTqQZ+BB57YbgFWy6udC0LYRB3zdp6zNti87eu/VEymiDY/mmo1AB8Tm0b6vxFz4AKcL3ax5qS6YnZ9efSzk=" ],
+ "priority" : [ "100" ]
+ }
+ }, {
+ "id" : "addbae10-c6ae-4735-851f-7a5ea035ce25",
+ "name" : "hmac-generated-hs512",
+ "providerId" : "hmac-generated",
+ "subComponents" : { },
+ "config" : {
+ "kid" : [ "352d0ea1-8218-42b5-ab78-e2ca56cf6a95" ],
+ "secret" : [ "_kr6EZOZ8IKqPWgJltHAAsQ34wCIGPs8oOQLYWwJrSIH7Qie3CEVKZnICyBP1goR-QgUtg25tR8Qu5MkvYkb8assJ8Iok5x_8iYCR4Txkf_mS-emrlAtQajlIjmOfNBtx704dTnZlP9rWzqpW6mrpeiOaiCw1K0XCpY5C_ZjXKw" ],
+ "priority" : [ "100" ],
+ "algorithm" : [ "HS512" ]
+ }
+ } ]
+ },
+ "internationalizationEnabled" : false,
+ "supportedLocales" : [ ],
+ "authenticationFlows" : [ {
+ "id" : "259dd7b6-01b7-433a-bda4-028857151ecd",
+ "alias" : "Account verification options",
+ "description" : "Method with which to verity the existing account",
+ "providerId" : "basic-flow",
+ "topLevel" : false,
+ "builtIn" : true,
+ "authenticationExecutions" : [ {
+ "authenticator" : "idp-email-verification",
+ "authenticatorFlow" : false,
+ "requirement" : "ALTERNATIVE",
+ "priority" : 10,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticatorFlow" : true,
+ "requirement" : "ALTERNATIVE",
+ "priority" : 20,
+ "autheticatorFlow" : true,
+ "flowAlias" : "Verify Existing Account by Re-authentication",
+ "userSetupAllowed" : false
+ } ]
+ }, {
+ "id" : "542ca1d7-9627-4102-b843-98837ce433fb",
+ "alias" : "Browser - Conditional OTP",
+ "description" : "Flow to determine if the OTP is required for the authentication",
+ "providerId" : "basic-flow",
+ "topLevel" : false,
+ "builtIn" : true,
+ "authenticationExecutions" : [ {
+ "authenticator" : "conditional-user-configured",
+ "authenticatorFlow" : false,
+ "requirement" : "REQUIRED",
+ "priority" : 10,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticator" : "auth-otp-form",
+ "authenticatorFlow" : false,
+ "requirement" : "REQUIRED",
+ "priority" : 20,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ } ]
+ }, {
+ "id" : "4f153b98-6851-440b-a022-0a14e67a9b2f",
+ "alias" : "Direct Grant - Conditional OTP",
+ "description" : "Flow to determine if the OTP is required for the authentication",
+ "providerId" : "basic-flow",
+ "topLevel" : false,
+ "builtIn" : true,
+ "authenticationExecutions" : [ {
+ "authenticator" : "conditional-user-configured",
+ "authenticatorFlow" : false,
+ "requirement" : "REQUIRED",
+ "priority" : 10,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticator" : "direct-grant-validate-otp",
+ "authenticatorFlow" : false,
+ "requirement" : "REQUIRED",
+ "priority" : 20,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ } ]
+ }, {
+ "id" : "3d791b35-d35c-40b2-bb3e-e806d72b27ee",
+ "alias" : "First broker login - Conditional OTP",
+ "description" : "Flow to determine if the OTP is required for the authentication",
+ "providerId" : "basic-flow",
+ "topLevel" : false,
+ "builtIn" : true,
+ "authenticationExecutions" : [ {
+ "authenticator" : "conditional-user-configured",
+ "authenticatorFlow" : false,
+ "requirement" : "REQUIRED",
+ "priority" : 10,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticator" : "auth-otp-form",
+ "authenticatorFlow" : false,
+ "requirement" : "REQUIRED",
+ "priority" : 20,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ } ]
+ }, {
+ "id" : "9b746104-9371-4c3f-b69f-9322cead1b08",
+ "alias" : "Handle Existing Account",
+ "description" : "Handle what to do if there is existing account with same email/username like authenticated identity provider",
+ "providerId" : "basic-flow",
+ "topLevel" : false,
+ "builtIn" : true,
+ "authenticationExecutions" : [ {
+ "authenticator" : "idp-confirm-link",
+ "authenticatorFlow" : false,
+ "requirement" : "REQUIRED",
+ "priority" : 10,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticatorFlow" : true,
+ "requirement" : "REQUIRED",
+ "priority" : 20,
+ "autheticatorFlow" : true,
+ "flowAlias" : "Account verification options",
+ "userSetupAllowed" : false
+ } ]
+ }, {
+ "id" : "7a164efe-c97b-4fbb-950d-7745359ba9a4",
+ "alias" : "Reset - Conditional OTP",
+ "description" : "Flow to determine if the OTP should be reset or not. Set to REQUIRED to force.",
+ "providerId" : "basic-flow",
+ "topLevel" : false,
+ "builtIn" : true,
+ "authenticationExecutions" : [ {
+ "authenticator" : "conditional-user-configured",
+ "authenticatorFlow" : false,
+ "requirement" : "REQUIRED",
+ "priority" : 10,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticator" : "reset-otp",
+ "authenticatorFlow" : false,
+ "requirement" : "REQUIRED",
+ "priority" : 20,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ } ]
+ }, {
+ "id" : "4fdc5e1b-1b55-4662-8360-67d75fa22677",
+ "alias" : "User creation or linking",
+ "description" : "Flow for the existing/non-existing user alternatives",
+ "providerId" : "basic-flow",
+ "topLevel" : false,
+ "builtIn" : true,
+ "authenticationExecutions" : [ {
+ "authenticatorConfig" : "create unique user config",
+ "authenticator" : "idp-create-user-if-unique",
+ "authenticatorFlow" : false,
+ "requirement" : "ALTERNATIVE",
+ "priority" : 10,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticatorFlow" : true,
+ "requirement" : "ALTERNATIVE",
+ "priority" : 20,
+ "autheticatorFlow" : true,
+ "flowAlias" : "Handle Existing Account",
+ "userSetupAllowed" : false
+ } ]
+ }, {
+ "id" : "75893341-c338-44d8-ae27-a3fc7bfe8f2d",
+ "alias" : "Verify Existing Account by Re-authentication",
+ "description" : "Reauthentication of existing account",
+ "providerId" : "basic-flow",
+ "topLevel" : false,
+ "builtIn" : true,
+ "authenticationExecutions" : [ {
+ "authenticator" : "idp-username-password-form",
+ "authenticatorFlow" : false,
+ "requirement" : "REQUIRED",
+ "priority" : 10,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticatorFlow" : true,
+ "requirement" : "CONDITIONAL",
+ "priority" : 20,
+ "autheticatorFlow" : true,
+ "flowAlias" : "First broker login - Conditional OTP",
+ "userSetupAllowed" : false
+ } ]
+ }, {
+ "id" : "89626b76-f4cf-4c46-934c-4408c225a44b",
+ "alias" : "browser",
+ "description" : "browser based authentication",
+ "providerId" : "basic-flow",
+ "topLevel" : true,
+ "builtIn" : true,
+ "authenticationExecutions" : [ {
+ "authenticator" : "auth-cookie",
+ "authenticatorFlow" : false,
+ "requirement" : "ALTERNATIVE",
+ "priority" : 10,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticator" : "auth-spnego",
+ "authenticatorFlow" : false,
+ "requirement" : "DISABLED",
+ "priority" : 20,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticator" : "identity-provider-redirector",
+ "authenticatorFlow" : false,
+ "requirement" : "ALTERNATIVE",
+ "priority" : 25,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticatorFlow" : true,
+ "requirement" : "ALTERNATIVE",
+ "priority" : 30,
+ "autheticatorFlow" : true,
+ "flowAlias" : "forms",
+ "userSetupAllowed" : false
+ } ]
+ }, {
+ "id" : "4112115a-e7a7-44c2-9af5-65d538e4ba0d",
+ "alias" : "clients",
+ "description" : "Base authentication for clients",
+ "providerId" : "client-flow",
+ "topLevel" : true,
+ "builtIn" : true,
+ "authenticationExecutions" : [ {
+ "authenticator" : "client-secret",
+ "authenticatorFlow" : false,
+ "requirement" : "ALTERNATIVE",
+ "priority" : 10,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticator" : "client-jwt",
+ "authenticatorFlow" : false,
+ "requirement" : "ALTERNATIVE",
+ "priority" : 20,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticator" : "client-secret-jwt",
+ "authenticatorFlow" : false,
+ "requirement" : "ALTERNATIVE",
+ "priority" : 30,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticator" : "client-x509",
+ "authenticatorFlow" : false,
+ "requirement" : "ALTERNATIVE",
+ "priority" : 40,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ } ]
+ }, {
+ "id" : "f82a9b0a-2c0a-4cb1-96b2-6c78b0b1f14f",
+ "alias" : "direct grant",
+ "description" : "OpenID Connect Resource Owner Grant",
+ "providerId" : "basic-flow",
+ "topLevel" : true,
+ "builtIn" : true,
+ "authenticationExecutions" : [ {
+ "authenticator" : "direct-grant-validate-username",
+ "authenticatorFlow" : false,
+ "requirement" : "REQUIRED",
+ "priority" : 10,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticator" : "direct-grant-validate-password",
+ "authenticatorFlow" : false,
+ "requirement" : "REQUIRED",
+ "priority" : 20,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticatorFlow" : true,
+ "requirement" : "CONDITIONAL",
+ "priority" : 30,
+ "autheticatorFlow" : true,
+ "flowAlias" : "Direct Grant - Conditional OTP",
+ "userSetupAllowed" : false
+ } ]
+ }, {
+ "id" : "3614e155-e8ce-4958-98fb-a27e4706cc70",
+ "alias" : "docker auth",
+ "description" : "Used by Docker clients to authenticate against the IDP",
+ "providerId" : "basic-flow",
+ "topLevel" : true,
+ "builtIn" : true,
+ "authenticationExecutions" : [ {
+ "authenticator" : "docker-http-basic-authenticator",
+ "authenticatorFlow" : false,
+ "requirement" : "REQUIRED",
+ "priority" : 10,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ } ]
+ }, {
+ "id" : "506f9b96-5002-47c0-96e3-3830a0fcfa26",
+ "alias" : "first broker login",
+ "description" : "Actions taken after first broker login with identity provider account, which is not yet linked to any Keycloak account",
+ "providerId" : "basic-flow",
+ "topLevel" : true,
+ "builtIn" : true,
+ "authenticationExecutions" : [ {
+ "authenticatorConfig" : "review profile config",
+ "authenticator" : "idp-review-profile",
+ "authenticatorFlow" : false,
+ "requirement" : "REQUIRED",
+ "priority" : 10,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticatorFlow" : true,
+ "requirement" : "REQUIRED",
+ "priority" : 20,
+ "autheticatorFlow" : true,
+ "flowAlias" : "User creation or linking",
+ "userSetupAllowed" : false
+ } ]
+ }, {
+ "id" : "4b7a7e91-36db-4b27-8e2d-01a04a822980",
+ "alias" : "forms",
+ "description" : "Username, password, otp and other auth forms.",
+ "providerId" : "basic-flow",
+ "topLevel" : false,
+ "builtIn" : true,
+ "authenticationExecutions" : [ {
+ "authenticator" : "auth-username-password-form",
+ "authenticatorFlow" : false,
+ "requirement" : "REQUIRED",
+ "priority" : 10,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticatorFlow" : true,
+ "requirement" : "CONDITIONAL",
+ "priority" : 20,
+ "autheticatorFlow" : true,
+ "flowAlias" : "Browser - Conditional OTP",
+ "userSetupAllowed" : false
+ } ]
+ }, {
+ "id" : "04c2fe01-5076-4aa4-9596-4efb4004195f",
+ "alias" : "registration",
+ "description" : "registration flow",
+ "providerId" : "basic-flow",
+ "topLevel" : true,
+ "builtIn" : true,
+ "authenticationExecutions" : [ {
+ "authenticator" : "registration-page-form",
+ "authenticatorFlow" : true,
+ "requirement" : "REQUIRED",
+ "priority" : 10,
+ "autheticatorFlow" : true,
+ "flowAlias" : "registration form",
+ "userSetupAllowed" : false
+ } ]
+ }, {
+ "id" : "d12f77e1-7733-44a2-98ff-fd75c784d721",
+ "alias" : "registration form",
+ "description" : "registration form",
+ "providerId" : "form-flow",
+ "topLevel" : false,
+ "builtIn" : true,
+ "authenticationExecutions" : [ {
+ "authenticator" : "registration-user-creation",
+ "authenticatorFlow" : false,
+ "requirement" : "REQUIRED",
+ "priority" : 20,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticator" : "registration-password-action",
+ "authenticatorFlow" : false,
+ "requirement" : "REQUIRED",
+ "priority" : 50,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticator" : "registration-recaptcha-action",
+ "authenticatorFlow" : false,
+ "requirement" : "DISABLED",
+ "priority" : 60,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ } ]
+ }, {
+ "id" : "91f6048c-a376-4809-8f37-c8d7a517830c",
+ "alias" : "reset credentials",
+ "description" : "Reset credentials for a user if they forgot their password or something",
+ "providerId" : "basic-flow",
+ "topLevel" : true,
+ "builtIn" : true,
+ "authenticationExecutions" : [ {
+ "authenticator" : "reset-credentials-choose-user",
+ "authenticatorFlow" : false,
+ "requirement" : "REQUIRED",
+ "priority" : 10,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticator" : "reset-credential-email",
+ "authenticatorFlow" : false,
+ "requirement" : "REQUIRED",
+ "priority" : 20,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticator" : "reset-password",
+ "authenticatorFlow" : false,
+ "requirement" : "REQUIRED",
+ "priority" : 30,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticatorFlow" : true,
+ "requirement" : "CONDITIONAL",
+ "priority" : 40,
+ "autheticatorFlow" : true,
+ "flowAlias" : "Reset - Conditional OTP",
+ "userSetupAllowed" : false
+ } ]
+ }, {
+ "id" : "7b8fb487-53b8-4533-a696-76bc05256cb1",
+ "alias" : "saml ecp",
+ "description" : "SAML ECP Profile Authentication Flow",
+ "providerId" : "basic-flow",
+ "topLevel" : true,
+ "builtIn" : true,
+ "authenticationExecutions" : [ {
+ "authenticator" : "http-basic-authenticator",
+ "authenticatorFlow" : false,
+ "requirement" : "REQUIRED",
+ "priority" : 10,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ } ]
+ } ],
+ "authenticatorConfig" : [ {
+ "id" : "48372696-0579-45e5-b074-5e8dbdbbe7d6",
+ "alias" : "create unique user config",
+ "config" : {
+ "require.password.update.after.registration" : "false"
+ }
+ }, {
+ "id" : "08df3b83-e522-42a7-9e24-9028b960bf39",
+ "alias" : "review profile config",
+ "config" : {
+ "update.profile.on.first.login" : "missing"
+ }
+ } ],
+ "requiredActions" : [ {
+ "alias" : "CONFIGURE_TOTP",
+ "name" : "Configure OTP",
+ "providerId" : "CONFIGURE_TOTP",
+ "enabled" : true,
+ "defaultAction" : false,
+ "priority" : 10,
+ "config" : { }
+ }, {
+ "alias" : "TERMS_AND_CONDITIONS",
+ "name" : "Terms and Conditions",
+ "providerId" : "TERMS_AND_CONDITIONS",
+ "enabled" : false,
+ "defaultAction" : false,
+ "priority" : 20,
+ "config" : { }
+ }, {
+ "alias" : "UPDATE_PASSWORD",
+ "name" : "Update Password",
+ "providerId" : "UPDATE_PASSWORD",
+ "enabled" : false,
+ "defaultAction" : false,
+ "priority" : 30,
+ "config" : { }
+ }, {
+ "alias" : "UPDATE_PROFILE",
+ "name" : "Update Profile",
+ "providerId" : "UPDATE_PROFILE",
+ "enabled" : true,
+ "defaultAction" : false,
+ "priority" : 40,
+ "config" : { }
+ }, {
+ "alias" : "VERIFY_EMAIL",
+ "name" : "Verify Email",
+ "providerId" : "VERIFY_EMAIL",
+ "enabled" : false,
+ "defaultAction" : false,
+ "priority" : 50,
+ "config" : { }
+ }, {
+ "alias" : "delete_account",
+ "name" : "Delete Account",
+ "providerId" : "delete_account",
+ "enabled" : false,
+ "defaultAction" : false,
+ "priority" : 60,
+ "config" : { }
+ }, {
+ "alias" : "webauthn-register",
+ "name" : "Webauthn Register",
+ "providerId" : "webauthn-register",
+ "enabled" : true,
+ "defaultAction" : false,
+ "priority" : 70,
+ "config" : { }
+ }, {
+ "alias" : "webauthn-register-passwordless",
+ "name" : "Webauthn Register Passwordless",
+ "providerId" : "webauthn-register-passwordless",
+ "enabled" : true,
+ "defaultAction" : false,
+ "priority" : 80,
+ "config" : { }
+ }, {
+ "alias" : "delete_credential",
+ "name" : "Delete Credential",
+ "providerId" : "delete_credential",
+ "enabled" : true,
+ "defaultAction" : false,
+ "priority" : 100,
+ "config" : { }
+ }, {
+ "alias" : "update_user_locale",
+ "name" : "Update User Locale",
+ "providerId" : "update_user_locale",
+ "enabled" : true,
+ "defaultAction" : false,
+ "priority" : 1000,
+ "config" : { }
+ } ],
+ "browserFlow" : "browser",
+ "registrationFlow" : "registration",
+ "directGrantFlow" : "direct grant",
+ "resetCredentialsFlow" : "reset credentials",
+ "clientAuthenticationFlow" : "clients",
+ "dockerAuthenticationFlow" : "docker auth",
+ "firstBrokerLoginFlow" : "first broker login",
+ "attributes" : {
+ "cibaBackchannelTokenDeliveryMode" : "poll",
+ "cibaAuthRequestedUserHint" : "login_hint",
+ "clientOfflineSessionMaxLifespan" : "0",
+ "oauth2DevicePollingInterval" : "5",
+ "clientSessionIdleTimeout" : "0",
+ "actionTokenGeneratedByUserLifespan-execute-actions" : "",
+ "actionTokenGeneratedByUserLifespan-verify-email" : "",
+ "clientOfflineSessionIdleTimeout" : "0",
+ "actionTokenGeneratedByUserLifespan-reset-credentials" : "",
+ "cibaInterval" : "5",
+ "realmReusableOtpCode" : "false",
+ "cibaExpiresIn" : "120",
+ "oauth2DeviceCodeLifespan" : "600",
+ "actionTokenGeneratedByUserLifespan-idp-verify-account-via-email" : "",
+ "parRequestUriLifespan" : "60",
+ "clientSessionMaxLifespan" : "0",
+ "organizationsEnabled" : "false",
+ "shortVerificationUri" : ""
+ },
+ "keycloakVersion" : "26.0.4",
+ "userManagedAccessAllowed" : false,
+ "organizationsEnabled" : false,
+ "clientProfiles" : {
+ "profiles" : [ ]
+ },
+ "clientPolicies" : {
+ "policies" : [ ]
+ }
+}
\ No newline at end of file
diff --git a/helm/dbrepo/files/master-realm.json b/helm/dbrepo/files/master-realm.json
new file mode 100644
index 0000000000000000000000000000000000000000..3fd8c910b3c1c5b0021cb110c8ad9f07386315d4
--- /dev/null
+++ b/helm/dbrepo/files/master-realm.json
@@ -0,0 +1,2290 @@
+{
+ "id" : "afe47bd0-61f8-40c3-95cb-04930407ebdd",
+ "realm" : "master",
+ "displayName" : "Keycloak",
+ "displayNameHtml" : "",
+ "notBefore" : 0,
+ "defaultSignatureAlgorithm" : "RS256",
+ "revokeRefreshToken" : false,
+ "refreshTokenMaxReuse" : 0,
+ "accessTokenLifespan" : 60,
+ "accessTokenLifespanForImplicitFlow" : 900,
+ "ssoSessionIdleTimeout" : 1800,
+ "ssoSessionMaxLifespan" : 36000,
+ "ssoSessionIdleTimeoutRememberMe" : 0,
+ "ssoSessionMaxLifespanRememberMe" : 0,
+ "offlineSessionIdleTimeout" : 2592000,
+ "offlineSessionMaxLifespanEnabled" : false,
+ "offlineSessionMaxLifespan" : 5184000,
+ "clientSessionIdleTimeout" : 0,
+ "clientSessionMaxLifespan" : 0,
+ "clientOfflineSessionIdleTimeout" : 0,
+ "clientOfflineSessionMaxLifespan" : 0,
+ "accessCodeLifespan" : 60,
+ "accessCodeLifespanUserAction" : 300,
+ "accessCodeLifespanLogin" : 1800,
+ "actionTokenGeneratedByAdminLifespan" : 43200,
+ "actionTokenGeneratedByUserLifespan" : 300,
+ "oauth2DeviceCodeLifespan" : 600,
+ "oauth2DevicePollingInterval" : 5,
+ "enabled" : true,
+ "sslRequired" : "external",
+ "registrationAllowed" : false,
+ "registrationEmailAsUsername" : false,
+ "rememberMe" : false,
+ "verifyEmail" : false,
+ "loginWithEmailAllowed" : true,
+ "duplicateEmailsAllowed" : false,
+ "resetPasswordAllowed" : false,
+ "editUsernameAllowed" : false,
+ "bruteForceProtected" : false,
+ "permanentLockout" : false,
+ "maxTemporaryLockouts" : 0,
+ "bruteForceStrategy" : "MULTIPLE",
+ "maxFailureWaitSeconds" : 900,
+ "minimumQuickLoginWaitSeconds" : 60,
+ "waitIncrementSeconds" : 60,
+ "quickLoginCheckMilliSeconds" : 1000,
+ "maxDeltaTimeSeconds" : 43200,
+ "failureFactor" : 30,
+ "roles" : {
+ "realm" : [ {
+ "id" : "01178d3c-65eb-406b-87a1-e7144f488028",
+ "name" : "default-roles-master",
+ "description" : "${role_default-roles}",
+ "composite" : true,
+ "composites" : {
+ "realm" : [ "offline_access", "uma_authorization" ],
+ "client" : {
+ "account" : [ "view-profile", "manage-account" ]
+ }
+ },
+ "clientRole" : false,
+ "containerId" : "afe47bd0-61f8-40c3-95cb-04930407ebdd",
+ "attributes" : { }
+ }, {
+ "id" : "646cda2d-911d-459e-8522-b28ba3126341",
+ "name" : "uma_authorization",
+ "description" : "${role_uma_authorization}",
+ "composite" : false,
+ "clientRole" : false,
+ "containerId" : "afe47bd0-61f8-40c3-95cb-04930407ebdd",
+ "attributes" : { }
+ }, {
+ "id" : "344b3b83-99f7-43f7-8533-76f64195eab6",
+ "name" : "offline_access",
+ "description" : "${role_offline-access}",
+ "composite" : false,
+ "clientRole" : false,
+ "containerId" : "afe47bd0-61f8-40c3-95cb-04930407ebdd",
+ "attributes" : { }
+ }, {
+ "id" : "9ca176f3-c0c8-4ba1-8364-c38f3ce4f88b",
+ "name" : "admin",
+ "description" : "${role_admin}",
+ "composite" : true,
+ "composites" : {
+ "realm" : [ "create-realm" ],
+ "client" : {
+ "master-realm" : [ "manage-realm", "view-events", "view-authorization", "manage-authorization", "query-realms", "query-clients", "manage-clients", "view-clients", "create-client", "impersonation", "query-users", "view-identity-providers", "manage-users", "manage-events", "view-realm", "query-groups", "manage-identity-providers", "view-users" ],
+ "dbrepo-realm" : [ "manage-users", "query-realms", "query-groups", "manage-identity-providers", "manage-events", "manage-authorization", "query-users", "manage-clients", "view-users", "view-events", "view-authorization", "query-clients", "view-identity-providers", "view-realm", "view-clients", "create-client", "manage-realm", "impersonation" ]
+ }
+ },
+ "clientRole" : false,
+ "containerId" : "afe47bd0-61f8-40c3-95cb-04930407ebdd",
+ "attributes" : { }
+ }, {
+ "id" : "6e765f03-5dee-4061-b027-c3ec41114329",
+ "name" : "default-system-roles",
+ "description" : "${default-system-roles}",
+ "composite" : true,
+ "composites" : {
+ "realm" : [ "create-realm", "default-roles-master", "default-system-roles", "offline_access", "admin", "uma_authorization" ]
+ },
+ "clientRole" : false,
+ "containerId" : "afe47bd0-61f8-40c3-95cb-04930407ebdd",
+ "attributes" : { }
+ }, {
+ "id" : "3da4e842-c3cc-4bcd-a2f0-dec1ec36f3c5",
+ "name" : "create-realm",
+ "description" : "${role_create-realm}",
+ "composite" : false,
+ "clientRole" : false,
+ "containerId" : "afe47bd0-61f8-40c3-95cb-04930407ebdd",
+ "attributes" : { }
+ } ],
+ "client" : {
+ "security-admin-console" : [ ],
+ "admin-cli" : [ ],
+ "account-console" : [ ],
+ "broker" : [ {
+ "id" : "07de46e9-cc5c-4b50-8904-14443ed4d1f1",
+ "name" : "read-token",
+ "description" : "${role_read-token}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "217563ea-11c7-4c96-969b-af076d740f7c",
+ "attributes" : { }
+ } ],
+ "master-realm" : [ {
+ "id" : "5c8f38f8-0a16-4f92-8fa2-81a6301f6215",
+ "name" : "create-client",
+ "description" : "${role_create-client}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "9a451e5c-a55a-4872-bee1-58af763101a1",
+ "attributes" : { }
+ }, {
+ "id" : "d0ab2e61-c7e4-49f3-9af2-965f20ec725a",
+ "name" : "manage-realm",
+ "description" : "${role_manage-realm}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "9a451e5c-a55a-4872-bee1-58af763101a1",
+ "attributes" : { }
+ }, {
+ "id" : "89d438ee-957d-435c-b201-5be06aee01fd",
+ "name" : "view-events",
+ "description" : "${role_view-events}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "9a451e5c-a55a-4872-bee1-58af763101a1",
+ "attributes" : { }
+ }, {
+ "id" : "664a9190-f73f-4f83-83bc-a2185cea334c",
+ "name" : "view-authorization",
+ "description" : "${role_view-authorization}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "9a451e5c-a55a-4872-bee1-58af763101a1",
+ "attributes" : { }
+ }, {
+ "id" : "b3c0e4db-5a09-4d1e-9ced-96a34efb6398",
+ "name" : "manage-authorization",
+ "description" : "${role_manage-authorization}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "9a451e5c-a55a-4872-bee1-58af763101a1",
+ "attributes" : { }
+ }, {
+ "id" : "5cd61b20-da2b-4fed-b0c3-2fb5819ab06b",
+ "name" : "query-realms",
+ "description" : "${role_query-realms}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "9a451e5c-a55a-4872-bee1-58af763101a1",
+ "attributes" : { }
+ }, {
+ "id" : "94ceae4b-2cb8-4d10-bf11-8ce5c1ec9c55",
+ "name" : "impersonation",
+ "description" : "${role_impersonation}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "9a451e5c-a55a-4872-bee1-58af763101a1",
+ "attributes" : { }
+ }, {
+ "id" : "77072e30-3941-4b32-a8c8-76993fc507bb",
+ "name" : "query-users",
+ "description" : "${role_query-users}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "9a451e5c-a55a-4872-bee1-58af763101a1",
+ "attributes" : { }
+ }, {
+ "id" : "ea00baa8-f64d-409d-936d-ecf0adec5a57",
+ "name" : "view-identity-providers",
+ "description" : "${role_view-identity-providers}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "9a451e5c-a55a-4872-bee1-58af763101a1",
+ "attributes" : { }
+ }, {
+ "id" : "fb2c167e-fb6b-4db5-b0bf-d2c8454ceee5",
+ "name" : "manage-users",
+ "description" : "${role_manage-users}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "9a451e5c-a55a-4872-bee1-58af763101a1",
+ "attributes" : { }
+ }, {
+ "id" : "f0370bc0-15d6-43f1-82bc-7d31f37b19e4",
+ "name" : "manage-events",
+ "description" : "${role_manage-events}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "9a451e5c-a55a-4872-bee1-58af763101a1",
+ "attributes" : { }
+ }, {
+ "id" : "f0448680-b803-471e-8d0a-ec3e34a24228",
+ "name" : "view-realm",
+ "description" : "${role_view-realm}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "9a451e5c-a55a-4872-bee1-58af763101a1",
+ "attributes" : { }
+ }, {
+ "id" : "dfdf768b-ac34-4491-b5d2-0938242e7e48",
+ "name" : "query-groups",
+ "description" : "${role_query-groups}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "9a451e5c-a55a-4872-bee1-58af763101a1",
+ "attributes" : { }
+ }, {
+ "id" : "d5ff044b-c4e0-4197-8f51-833e8a956396",
+ "name" : "query-clients",
+ "description" : "${role_query-clients}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "9a451e5c-a55a-4872-bee1-58af763101a1",
+ "attributes" : { }
+ }, {
+ "id" : "aaf73aa0-52a3-4833-8521-1eb1312b9f33",
+ "name" : "manage-identity-providers",
+ "description" : "${role_manage-identity-providers}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "9a451e5c-a55a-4872-bee1-58af763101a1",
+ "attributes" : { }
+ }, {
+ "id" : "fa08c54a-1f0c-4392-bf6a-a698bf3d164b",
+ "name" : "view-users",
+ "description" : "${role_view-users}",
+ "composite" : true,
+ "composites" : {
+ "client" : {
+ "master-realm" : [ "query-groups", "query-users" ]
+ }
+ },
+ "clientRole" : true,
+ "containerId" : "9a451e5c-a55a-4872-bee1-58af763101a1",
+ "attributes" : { }
+ }, {
+ "id" : "fd317e90-0b34-4263-8906-caa9d6000b28",
+ "name" : "manage-clients",
+ "description" : "${role_manage-clients}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "9a451e5c-a55a-4872-bee1-58af763101a1",
+ "attributes" : { }
+ }, {
+ "id" : "162f12db-6d7f-4c53-905c-3f4bbd80fd58",
+ "name" : "view-clients",
+ "description" : "${role_view-clients}",
+ "composite" : true,
+ "composites" : {
+ "client" : {
+ "master-realm" : [ "query-clients" ]
+ }
+ },
+ "clientRole" : true,
+ "containerId" : "9a451e5c-a55a-4872-bee1-58af763101a1",
+ "attributes" : { }
+ } ],
+ "account" : [ {
+ "id" : "50c2778e-15fa-4c14-9414-5937649eb89f",
+ "name" : "delete-account",
+ "description" : "${role_delete-account}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "b63c04db-23a8-432b-a6a7-1a4c9a5d1cad",
+ "attributes" : { }
+ }, {
+ "id" : "083c3506-866a-4b85-ae57-bab1c29ac33e",
+ "name" : "view-groups",
+ "description" : "${role_view-groups}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "b63c04db-23a8-432b-a6a7-1a4c9a5d1cad",
+ "attributes" : { }
+ }, {
+ "id" : "a1942880-1a32-402c-b9bb-e8f5edf2ba1a",
+ "name" : "view-profile",
+ "description" : "${role_view-profile}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "b63c04db-23a8-432b-a6a7-1a4c9a5d1cad",
+ "attributes" : { }
+ }, {
+ "id" : "a69f73d6-ce42-41e6-b341-30a2d99caba8",
+ "name" : "manage-account-links",
+ "description" : "${role_manage-account-links}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "b63c04db-23a8-432b-a6a7-1a4c9a5d1cad",
+ "attributes" : { }
+ }, {
+ "id" : "ac22aeec-062a-4fc0-ac79-aa849ee55d84",
+ "name" : "manage-consent",
+ "description" : "${role_manage-consent}",
+ "composite" : true,
+ "composites" : {
+ "client" : {
+ "account" : [ "view-consent" ]
+ }
+ },
+ "clientRole" : true,
+ "containerId" : "b63c04db-23a8-432b-a6a7-1a4c9a5d1cad",
+ "attributes" : { }
+ }, {
+ "id" : "ad45329d-0efa-4505-906a-5a69b6c8414a",
+ "name" : "view-applications",
+ "description" : "${role_view-applications}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "b63c04db-23a8-432b-a6a7-1a4c9a5d1cad",
+ "attributes" : { }
+ }, {
+ "id" : "8c0bfbdf-1914-4522-9024-ef0e6e91be9d",
+ "name" : "view-consent",
+ "description" : "${role_view-consent}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "b63c04db-23a8-432b-a6a7-1a4c9a5d1cad",
+ "attributes" : { }
+ }, {
+ "id" : "f34de6ff-a5aa-41a7-a8d2-87bdfa850c50",
+ "name" : "manage-account",
+ "description" : "${role_manage-account}",
+ "composite" : true,
+ "composites" : {
+ "client" : {
+ "account" : [ "manage-account-links" ]
+ }
+ },
+ "clientRole" : true,
+ "containerId" : "b63c04db-23a8-432b-a6a7-1a4c9a5d1cad",
+ "attributes" : { }
+ } ],
+ "dbrepo-realm" : [ {
+ "id" : "89292ccf-3b12-4c8b-a615-966ddcf14556",
+ "name" : "manage-users",
+ "description" : "${role_manage-users}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "c10597a2-3888-43c4-9d60-1a90a6a4d490",
+ "attributes" : { }
+ }, {
+ "id" : "784f2fdf-a090-4452-8a02-d9cc8227df8f",
+ "name" : "view-authorization",
+ "description" : "${role_view-authorization}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "c10597a2-3888-43c4-9d60-1a90a6a4d490",
+ "attributes" : { }
+ }, {
+ "id" : "57a70a96-bc56-4629-8d2b-86c68ac1c6f6",
+ "name" : "query-realms",
+ "description" : "${role_query-realms}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "c10597a2-3888-43c4-9d60-1a90a6a4d490",
+ "attributes" : { }
+ }, {
+ "id" : "60349d70-ba29-426d-9c05-df0b11e1a73b",
+ "name" : "query-clients",
+ "description" : "${role_query-clients}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "c10597a2-3888-43c4-9d60-1a90a6a4d490",
+ "attributes" : { }
+ }, {
+ "id" : "c07819ae-8951-4dc4-af4d-bca93c60eb5a",
+ "name" : "view-identity-providers",
+ "description" : "${role_view-identity-providers}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "c10597a2-3888-43c4-9d60-1a90a6a4d490",
+ "attributes" : { }
+ }, {
+ "id" : "86842bf0-7f63-4053-8389-2ec5401cb2a9",
+ "name" : "query-groups",
+ "description" : "${role_query-groups}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "c10597a2-3888-43c4-9d60-1a90a6a4d490",
+ "attributes" : { }
+ }, {
+ "id" : "0a1579a0-76c5-4ee3-90cc-c924827b7492",
+ "name" : "view-realm",
+ "description" : "${role_view-realm}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "c10597a2-3888-43c4-9d60-1a90a6a4d490",
+ "attributes" : { }
+ }, {
+ "id" : "4eb0d05c-38c7-4d45-b858-ad7011df0ac0",
+ "name" : "manage-identity-providers",
+ "description" : "${role_manage-identity-providers}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "c10597a2-3888-43c4-9d60-1a90a6a4d490",
+ "attributes" : { }
+ }, {
+ "id" : "d4ff5a03-21e8-440c-9ccb-690ecbb89684",
+ "name" : "manage-events",
+ "description" : "${role_manage-events}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "c10597a2-3888-43c4-9d60-1a90a6a4d490",
+ "attributes" : { }
+ }, {
+ "id" : "00d523c3-e9c7-45c3-8221-0b6d6c82cd5d",
+ "name" : "manage-authorization",
+ "description" : "${role_manage-authorization}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "c10597a2-3888-43c4-9d60-1a90a6a4d490",
+ "attributes" : { }
+ }, {
+ "id" : "c441f018-7113-4fcb-8208-10ab4bd4bb27",
+ "name" : "view-clients",
+ "description" : "${role_view-clients}",
+ "composite" : true,
+ "composites" : {
+ "client" : {
+ "dbrepo-realm" : [ "query-clients" ]
+ }
+ },
+ "clientRole" : true,
+ "containerId" : "c10597a2-3888-43c4-9d60-1a90a6a4d490",
+ "attributes" : { }
+ }, {
+ "id" : "a146533f-fbf3-4513-8505-cf44473f5459",
+ "name" : "create-client",
+ "description" : "${role_create-client}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "c10597a2-3888-43c4-9d60-1a90a6a4d490",
+ "attributes" : { }
+ }, {
+ "id" : "d3d0ed01-05a5-4812-8fa7-9231f71e61fa",
+ "name" : "query-users",
+ "description" : "${role_query-users}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "c10597a2-3888-43c4-9d60-1a90a6a4d490",
+ "attributes" : { }
+ }, {
+ "id" : "fcaed53d-022a-416d-b207-a6ae694a9384",
+ "name" : "manage-clients",
+ "description" : "${role_manage-clients}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "c10597a2-3888-43c4-9d60-1a90a6a4d490",
+ "attributes" : { }
+ }, {
+ "id" : "cefdb023-0eec-4c05-93d7-8b557bb28a81",
+ "name" : "view-users",
+ "description" : "${role_view-users}",
+ "composite" : true,
+ "composites" : {
+ "client" : {
+ "dbrepo-realm" : [ "query-users", "query-groups" ]
+ }
+ },
+ "clientRole" : true,
+ "containerId" : "c10597a2-3888-43c4-9d60-1a90a6a4d490",
+ "attributes" : { }
+ }, {
+ "id" : "44d13b2a-a2b5-4f3b-bea1-4ab550205e12",
+ "name" : "manage-realm",
+ "description" : "${role_manage-realm}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "c10597a2-3888-43c4-9d60-1a90a6a4d490",
+ "attributes" : { }
+ }, {
+ "id" : "17378e7a-9a78-4e92-ae0b-6bdfadede2d5",
+ "name" : "impersonation",
+ "description" : "${role_impersonation}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "c10597a2-3888-43c4-9d60-1a90a6a4d490",
+ "attributes" : { }
+ }, {
+ "id" : "7810ab39-c546-456c-81eb-7ee09492da92",
+ "name" : "view-events",
+ "description" : "${role_view-events}",
+ "composite" : false,
+ "clientRole" : true,
+ "containerId" : "c10597a2-3888-43c4-9d60-1a90a6a4d490",
+ "attributes" : { }
+ } ]
+ }
+ },
+ "groups" : [ {
+ "id" : "1fcdbec1-9c86-4a14-a859-425b43cf73cb",
+ "name" : "system",
+ "path" : "/system",
+ "subGroups" : [ ],
+ "attributes" : { },
+ "realmRoles" : [ "default-roles-master", "default-system-roles", "admin", "create-realm" ],
+ "clientRoles" : { }
+ } ],
+ "defaultRole" : {
+ "id" : "01178d3c-65eb-406b-87a1-e7144f488028",
+ "name" : "default-roles-master",
+ "description" : "${role_default-roles}",
+ "composite" : true,
+ "clientRole" : false,
+ "containerId" : "afe47bd0-61f8-40c3-95cb-04930407ebdd"
+ },
+ "requiredCredentials" : [ "password" ],
+ "otpPolicyType" : "totp",
+ "otpPolicyAlgorithm" : "HmacSHA1",
+ "otpPolicyInitialCounter" : 0,
+ "otpPolicyDigits" : 6,
+ "otpPolicyLookAheadWindow" : 1,
+ "otpPolicyPeriod" : 30,
+ "otpPolicyCodeReusable" : false,
+ "otpSupportedApplications" : [ "totpAppFreeOTPName", "totpAppGoogleName", "totpAppMicrosoftAuthenticatorName" ],
+ "localizationTexts" : { },
+ "webAuthnPolicyRpEntityName" : "keycloak",
+ "webAuthnPolicySignatureAlgorithms" : [ "ES256", "RS256" ],
+ "webAuthnPolicyRpId" : "",
+ "webAuthnPolicyAttestationConveyancePreference" : "not specified",
+ "webAuthnPolicyAuthenticatorAttachment" : "not specified",
+ "webAuthnPolicyRequireResidentKey" : "not specified",
+ "webAuthnPolicyUserVerificationRequirement" : "not specified",
+ "webAuthnPolicyCreateTimeout" : 0,
+ "webAuthnPolicyAvoidSameAuthenticatorRegister" : false,
+ "webAuthnPolicyAcceptableAaguids" : [ ],
+ "webAuthnPolicyExtraOrigins" : [ ],
+ "webAuthnPolicyPasswordlessRpEntityName" : "keycloak",
+ "webAuthnPolicyPasswordlessSignatureAlgorithms" : [ "ES256", "RS256" ],
+ "webAuthnPolicyPasswordlessRpId" : "",
+ "webAuthnPolicyPasswordlessAttestationConveyancePreference" : "not specified",
+ "webAuthnPolicyPasswordlessAuthenticatorAttachment" : "not specified",
+ "webAuthnPolicyPasswordlessRequireResidentKey" : "not specified",
+ "webAuthnPolicyPasswordlessUserVerificationRequirement" : "not specified",
+ "webAuthnPolicyPasswordlessCreateTimeout" : 0,
+ "webAuthnPolicyPasswordlessAvoidSameAuthenticatorRegister" : false,
+ "webAuthnPolicyPasswordlessAcceptableAaguids" : [ ],
+ "webAuthnPolicyPasswordlessExtraOrigins" : [ ],
+ "scopeMappings" : [ {
+ "clientScope" : "offline_access",
+ "roles" : [ "offline_access" ]
+ } ],
+ "clientScopeMappings" : {
+ "account" : [ {
+ "client" : "account-console",
+ "roles" : [ "manage-account", "view-groups" ]
+ } ]
+ },
+ "clients" : [ {
+ "id" : "b63c04db-23a8-432b-a6a7-1a4c9a5d1cad",
+ "clientId" : "account",
+ "name" : "${client_account}",
+ "rootUrl" : "${authBaseUrl}",
+ "baseUrl" : "/realms/master/account/",
+ "surrogateAuthRequired" : false,
+ "enabled" : true,
+ "alwaysDisplayInConsole" : false,
+ "clientAuthenticatorType" : "client-secret",
+ "redirectUris" : [ "/realms/master/account/*" ],
+ "webOrigins" : [ ],
+ "notBefore" : 0,
+ "bearerOnly" : false,
+ "consentRequired" : false,
+ "standardFlowEnabled" : true,
+ "implicitFlowEnabled" : false,
+ "directAccessGrantsEnabled" : false,
+ "serviceAccountsEnabled" : false,
+ "publicClient" : true,
+ "frontchannelLogout" : false,
+ "protocol" : "openid-connect",
+ "attributes" : {
+ "realm_client" : "false",
+ "post.logout.redirect.uris" : "+"
+ },
+ "authenticationFlowBindingOverrides" : { },
+ "fullScopeAllowed" : false,
+ "nodeReRegistrationTimeout" : 0,
+ "defaultClientScopes" : [ "web-origins", "acr", "roles", "profile", "basic", "email" ],
+ "optionalClientScopes" : [ "address", "phone", "organization", "offline_access", "microprofile-jwt" ]
+ }, {
+ "id" : "1af255f9-7eee-415c-9096-3a717d2c5150",
+ "clientId" : "account-console",
+ "name" : "${client_account-console}",
+ "rootUrl" : "${authBaseUrl}",
+ "baseUrl" : "/realms/master/account/",
+ "surrogateAuthRequired" : false,
+ "enabled" : true,
+ "alwaysDisplayInConsole" : false,
+ "clientAuthenticatorType" : "client-secret",
+ "redirectUris" : [ "/realms/master/account/*" ],
+ "webOrigins" : [ ],
+ "notBefore" : 0,
+ "bearerOnly" : false,
+ "consentRequired" : false,
+ "standardFlowEnabled" : true,
+ "implicitFlowEnabled" : false,
+ "directAccessGrantsEnabled" : false,
+ "serviceAccountsEnabled" : false,
+ "publicClient" : true,
+ "frontchannelLogout" : false,
+ "protocol" : "openid-connect",
+ "attributes" : {
+ "realm_client" : "false",
+ "post.logout.redirect.uris" : "+",
+ "pkce.code.challenge.method" : "S256"
+ },
+ "authenticationFlowBindingOverrides" : { },
+ "fullScopeAllowed" : false,
+ "nodeReRegistrationTimeout" : 0,
+ "protocolMappers" : [ {
+ "id" : "63d1e47d-6e61-4f36-8a5b-98384a782d60",
+ "name" : "audience resolve",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-audience-resolve-mapper",
+ "consentRequired" : false,
+ "config" : { }
+ } ],
+ "defaultClientScopes" : [ "web-origins", "acr", "roles", "profile", "basic", "email" ],
+ "optionalClientScopes" : [ "address", "phone", "organization", "offline_access", "microprofile-jwt" ]
+ }, {
+ "id" : "65ce3e14-5e30-424a-a6bd-0b194da203ef",
+ "clientId" : "admin-cli",
+ "name" : "${client_admin-cli}",
+ "surrogateAuthRequired" : false,
+ "enabled" : true,
+ "alwaysDisplayInConsole" : false,
+ "clientAuthenticatorType" : "client-secret",
+ "redirectUris" : [ ],
+ "webOrigins" : [ ],
+ "notBefore" : 0,
+ "bearerOnly" : false,
+ "consentRequired" : false,
+ "standardFlowEnabled" : false,
+ "implicitFlowEnabled" : false,
+ "directAccessGrantsEnabled" : true,
+ "serviceAccountsEnabled" : false,
+ "publicClient" : true,
+ "frontchannelLogout" : false,
+ "protocol" : "openid-connect",
+ "attributes" : {
+ "realm_client" : "false",
+ "client.use.lightweight.access.token.enabled" : "true",
+ "post.logout.redirect.uris" : "+"
+ },
+ "authenticationFlowBindingOverrides" : { },
+ "fullScopeAllowed" : true,
+ "nodeReRegistrationTimeout" : 0,
+ "defaultClientScopes" : [ "web-origins", "acr", "roles", "profile", "basic", "email" ],
+ "optionalClientScopes" : [ "address", "phone", "organization", "offline_access", "microprofile-jwt" ]
+ }, {
+ "id" : "217563ea-11c7-4c96-969b-af076d740f7c",
+ "clientId" : "broker",
+ "name" : "${client_broker}",
+ "surrogateAuthRequired" : false,
+ "enabled" : true,
+ "alwaysDisplayInConsole" : false,
+ "clientAuthenticatorType" : "client-secret",
+ "redirectUris" : [ ],
+ "webOrigins" : [ ],
+ "notBefore" : 0,
+ "bearerOnly" : true,
+ "consentRequired" : false,
+ "standardFlowEnabled" : true,
+ "implicitFlowEnabled" : false,
+ "directAccessGrantsEnabled" : false,
+ "serviceAccountsEnabled" : false,
+ "publicClient" : false,
+ "frontchannelLogout" : false,
+ "protocol" : "openid-connect",
+ "attributes" : {
+ "realm_client" : "true",
+ "post.logout.redirect.uris" : "+"
+ },
+ "authenticationFlowBindingOverrides" : { },
+ "fullScopeAllowed" : false,
+ "nodeReRegistrationTimeout" : 0,
+ "defaultClientScopes" : [ "web-origins", "acr", "roles", "profile", "basic", "email" ],
+ "optionalClientScopes" : [ "address", "phone", "organization", "offline_access", "microprofile-jwt" ]
+ }, {
+ "id" : "c10597a2-3888-43c4-9d60-1a90a6a4d490",
+ "clientId" : "dbrepo-realm",
+ "name" : "dbrepo Realm",
+ "surrogateAuthRequired" : false,
+ "enabled" : true,
+ "alwaysDisplayInConsole" : false,
+ "clientAuthenticatorType" : "client-secret",
+ "redirectUris" : [ ],
+ "webOrigins" : [ ],
+ "notBefore" : 0,
+ "bearerOnly" : true,
+ "consentRequired" : false,
+ "standardFlowEnabled" : true,
+ "implicitFlowEnabled" : false,
+ "directAccessGrantsEnabled" : false,
+ "serviceAccountsEnabled" : false,
+ "publicClient" : false,
+ "frontchannelLogout" : false,
+ "protocol" : "openid-connect",
+ "attributes" : {
+ "realm_client" : "true",
+ "post.logout.redirect.uris" : "+"
+ },
+ "authenticationFlowBindingOverrides" : { },
+ "fullScopeAllowed" : false,
+ "nodeReRegistrationTimeout" : 0,
+ "defaultClientScopes" : [ ],
+ "optionalClientScopes" : [ ]
+ }, {
+ "id" : "9a451e5c-a55a-4872-bee1-58af763101a1",
+ "clientId" : "master-realm",
+ "name" : "master Realm",
+ "surrogateAuthRequired" : false,
+ "enabled" : true,
+ "alwaysDisplayInConsole" : false,
+ "clientAuthenticatorType" : "client-secret",
+ "redirectUris" : [ ],
+ "webOrigins" : [ ],
+ "notBefore" : 0,
+ "bearerOnly" : true,
+ "consentRequired" : false,
+ "standardFlowEnabled" : true,
+ "implicitFlowEnabled" : false,
+ "directAccessGrantsEnabled" : false,
+ "serviceAccountsEnabled" : false,
+ "publicClient" : false,
+ "frontchannelLogout" : false,
+ "protocol" : "openid-connect",
+ "attributes" : {
+ "realm_client" : "true",
+ "post.logout.redirect.uris" : "+"
+ },
+ "authenticationFlowBindingOverrides" : { },
+ "fullScopeAllowed" : false,
+ "nodeReRegistrationTimeout" : 0,
+ "defaultClientScopes" : [ "web-origins", "acr", "roles", "profile", "basic", "email" ],
+ "optionalClientScopes" : [ "address", "phone", "organization", "offline_access", "microprofile-jwt" ]
+ }, {
+ "id" : "b2a24dc7-01d2-4a5a-8385-8b06d2b8a3fb",
+ "clientId" : "security-admin-console",
+ "name" : "${client_security-admin-console}",
+ "rootUrl" : "${authAdminUrl}",
+ "baseUrl" : "/admin/master/console/",
+ "surrogateAuthRequired" : false,
+ "enabled" : true,
+ "alwaysDisplayInConsole" : false,
+ "clientAuthenticatorType" : "client-secret",
+ "redirectUris" : [ "/admin/master/console/*" ],
+ "webOrigins" : [ "+" ],
+ "notBefore" : 0,
+ "bearerOnly" : false,
+ "consentRequired" : false,
+ "standardFlowEnabled" : true,
+ "implicitFlowEnabled" : false,
+ "directAccessGrantsEnabled" : false,
+ "serviceAccountsEnabled" : false,
+ "publicClient" : true,
+ "frontchannelLogout" : false,
+ "protocol" : "openid-connect",
+ "attributes" : {
+ "realm_client" : "false",
+ "client.use.lightweight.access.token.enabled" : "true",
+ "post.logout.redirect.uris" : "+",
+ "pkce.code.challenge.method" : "S256"
+ },
+ "authenticationFlowBindingOverrides" : { },
+ "fullScopeAllowed" : true,
+ "nodeReRegistrationTimeout" : 0,
+ "protocolMappers" : [ {
+ "id" : "54d1c74b-4eb6-483b-88b5-261964dd182a",
+ "name" : "locale",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usermodel-attribute-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "introspection.token.claim" : "true",
+ "userinfo.token.claim" : "true",
+ "user.attribute" : "locale",
+ "id.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "locale",
+ "jsonType.label" : "String"
+ }
+ } ],
+ "defaultClientScopes" : [ "web-origins", "acr", "roles", "profile", "basic", "email" ],
+ "optionalClientScopes" : [ "address", "phone", "organization", "offline_access", "microprofile-jwt" ]
+ } ],
+ "clientScopes" : [ {
+ "id" : "12ce4fa5-b53e-47dc-b70f-caf2110e31cd",
+ "name" : "address",
+ "description" : "OpenID Connect built-in scope: address",
+ "protocol" : "openid-connect",
+ "attributes" : {
+ "include.in.token.scope" : "true",
+ "consent.screen.text" : "${addressScopeConsentText}",
+ "display.on.consent.screen" : "true"
+ },
+ "protocolMappers" : [ {
+ "id" : "4aed5e41-0d8d-4c24-80a0-cd9822072756",
+ "name" : "address",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-address-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "user.attribute.formatted" : "formatted",
+ "user.attribute.country" : "country",
+ "introspection.token.claim" : "true",
+ "user.attribute.postal_code" : "postal_code",
+ "userinfo.token.claim" : "true",
+ "user.attribute.street" : "street",
+ "id.token.claim" : "true",
+ "user.attribute.region" : "region",
+ "access.token.claim" : "true",
+ "user.attribute.locality" : "locality"
+ }
+ } ]
+ }, {
+ "id" : "a7683fe7-1c8b-44f8-9be7-a28acdffa61e",
+ "name" : "organization",
+ "description" : "Additional claims about the organization a subject belongs to",
+ "protocol" : "openid-connect",
+ "attributes" : {
+ "include.in.token.scope" : "true",
+ "consent.screen.text" : "${organizationScopeConsentText}",
+ "display.on.consent.screen" : "true"
+ },
+ "protocolMappers" : [ {
+ "id" : "5e80a7d2-c9d0-48e1-aadc-d8848ff90f92",
+ "name" : "organization",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-organization-membership-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "introspection.token.claim" : "true",
+ "multivalued" : "true",
+ "userinfo.token.claim" : "true",
+ "id.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "organization",
+ "jsonType.label" : "String"
+ }
+ } ]
+ }, {
+ "id" : "1be1e284-2749-4bbb-890a-2d519cc1531c",
+ "name" : "service_account",
+ "description" : "Specific scope for a client enabled for service accounts",
+ "protocol" : "openid-connect",
+ "attributes" : {
+ "include.in.token.scope" : "false",
+ "display.on.consent.screen" : "false"
+ },
+ "protocolMappers" : [ {
+ "id" : "c913a673-cf66-4493-a2ed-14556c07617c",
+ "name" : "Client ID",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usersessionmodel-note-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "user.session.note" : "client_id",
+ "introspection.token.claim" : "true",
+ "userinfo.token.claim" : "true",
+ "id.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "client_id",
+ "jsonType.label" : "String"
+ }
+ }, {
+ "id" : "5c244d68-5c63-4356-ac71-5a586f40c77e",
+ "name" : "Client IP Address",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usersessionmodel-note-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "user.session.note" : "clientAddress",
+ "introspection.token.claim" : "true",
+ "userinfo.token.claim" : "true",
+ "id.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "clientAddress",
+ "jsonType.label" : "String"
+ }
+ }, {
+ "id" : "600285d4-ae51-4b39-a7be-bb83cf5870db",
+ "name" : "Client Host",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usersessionmodel-note-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "user.session.note" : "clientHost",
+ "introspection.token.claim" : "true",
+ "userinfo.token.claim" : "true",
+ "id.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "clientHost",
+ "jsonType.label" : "String"
+ }
+ } ]
+ }, {
+ "id" : "0411ea86-a074-4781-850d-ea3ca94590a2",
+ "name" : "offline_access",
+ "description" : "OpenID Connect built-in scope: offline_access",
+ "protocol" : "openid-connect",
+ "attributes" : {
+ "consent.screen.text" : "${offlineAccessScopeConsentText}",
+ "display.on.consent.screen" : "true"
+ }
+ }, {
+ "id" : "4363ea0f-c7e9-43f3-8611-146514c37b47",
+ "name" : "basic",
+ "description" : "OpenID Connect scope for add all basic claims to the token",
+ "protocol" : "openid-connect",
+ "attributes" : {
+ "include.in.token.scope" : "false",
+ "display.on.consent.screen" : "false"
+ },
+ "protocolMappers" : [ {
+ "id" : "0b691845-92b7-47b8-82d3-6fea760d885a",
+ "name" : "sub",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-sub-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "introspection.token.claim" : "true",
+ "access.token.claim" : "true"
+ }
+ }, {
+ "id" : "15db8f91-12c9-444c-8661-5a795856e884",
+ "name" : "auth_time",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usersessionmodel-note-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "user.session.note" : "AUTH_TIME",
+ "introspection.token.claim" : "true",
+ "userinfo.token.claim" : "true",
+ "id.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "auth_time",
+ "jsonType.label" : "long"
+ }
+ } ]
+ }, {
+ "id" : "5f9da2a4-b8d2-48cd-9343-5c8ff42ef637",
+ "name" : "profile",
+ "description" : "OpenID Connect built-in scope: profile",
+ "protocol" : "openid-connect",
+ "attributes" : {
+ "include.in.token.scope" : "true",
+ "consent.screen.text" : "${profileScopeConsentText}",
+ "display.on.consent.screen" : "true"
+ },
+ "protocolMappers" : [ {
+ "id" : "2d1400be-4053-4393-ba87-91b64f699054",
+ "name" : "full name",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-full-name-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "id.token.claim" : "true",
+ "introspection.token.claim" : "true",
+ "access.token.claim" : "true",
+ "userinfo.token.claim" : "true"
+ }
+ }, {
+ "id" : "6b12336d-589e-4023-9c51-1da3a4114a62",
+ "name" : "website",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usermodel-attribute-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "introspection.token.claim" : "true",
+ "userinfo.token.claim" : "true",
+ "user.attribute" : "website",
+ "id.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "website",
+ "jsonType.label" : "String"
+ }
+ }, {
+ "id" : "13a7a453-3862-40b4-8a81-550172a06dc0",
+ "name" : "zoneinfo",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usermodel-attribute-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "introspection.token.claim" : "true",
+ "userinfo.token.claim" : "true",
+ "user.attribute" : "zoneinfo",
+ "id.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "zoneinfo",
+ "jsonType.label" : "String"
+ }
+ }, {
+ "id" : "43c149fc-aaf4-486a-a279-df624d2eb47e",
+ "name" : "given name",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usermodel-attribute-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "introspection.token.claim" : "true",
+ "userinfo.token.claim" : "true",
+ "user.attribute" : "firstName",
+ "id.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "given_name",
+ "jsonType.label" : "String"
+ }
+ }, {
+ "id" : "8bba390c-543b-4fe3-98db-e020184e5014",
+ "name" : "birthdate",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usermodel-attribute-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "introspection.token.claim" : "true",
+ "userinfo.token.claim" : "true",
+ "user.attribute" : "birthdate",
+ "id.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "birthdate",
+ "jsonType.label" : "String"
+ }
+ }, {
+ "id" : "dc5a7474-c62a-42d6-ba98-f2b2a7a7328c",
+ "name" : "nickname",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usermodel-attribute-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "introspection.token.claim" : "true",
+ "userinfo.token.claim" : "true",
+ "user.attribute" : "nickname",
+ "id.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "nickname",
+ "jsonType.label" : "String"
+ }
+ }, {
+ "id" : "9e02395e-5c37-46fb-8d30-0ebe6da3b7f0",
+ "name" : "gender",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usermodel-attribute-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "introspection.token.claim" : "true",
+ "userinfo.token.claim" : "true",
+ "user.attribute" : "gender",
+ "id.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "gender",
+ "jsonType.label" : "String"
+ }
+ }, {
+ "id" : "d2f3d16d-21a8-4128-b60b-55e55046fa29",
+ "name" : "profile",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usermodel-attribute-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "introspection.token.claim" : "true",
+ "userinfo.token.claim" : "true",
+ "user.attribute" : "profile",
+ "id.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "profile",
+ "jsonType.label" : "String"
+ }
+ }, {
+ "id" : "825cafb6-3392-491a-bb34-e607330f5170",
+ "name" : "family name",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usermodel-attribute-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "introspection.token.claim" : "true",
+ "userinfo.token.claim" : "true",
+ "user.attribute" : "lastName",
+ "id.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "family_name",
+ "jsonType.label" : "String"
+ }
+ }, {
+ "id" : "c44ac799-cac2-4200-b71b-badab4b48d92",
+ "name" : "updated at",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usermodel-attribute-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "introspection.token.claim" : "true",
+ "userinfo.token.claim" : "true",
+ "user.attribute" : "updatedAt",
+ "id.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "updated_at",
+ "jsonType.label" : "long"
+ }
+ }, {
+ "id" : "402b2c5f-0a7b-4520-9015-03fa9a1e2e4a",
+ "name" : "picture",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usermodel-attribute-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "introspection.token.claim" : "true",
+ "userinfo.token.claim" : "true",
+ "user.attribute" : "picture",
+ "id.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "picture",
+ "jsonType.label" : "String"
+ }
+ }, {
+ "id" : "f34812b0-28b3-486c-8911-9394890be4f6",
+ "name" : "locale",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usermodel-attribute-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "introspection.token.claim" : "true",
+ "userinfo.token.claim" : "true",
+ "user.attribute" : "locale",
+ "id.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "locale",
+ "jsonType.label" : "String"
+ }
+ }, {
+ "id" : "3fe6f4f2-c881-4b84-87db-8e9b9243a7f0",
+ "name" : "middle name",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usermodel-attribute-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "introspection.token.claim" : "true",
+ "userinfo.token.claim" : "true",
+ "user.attribute" : "middleName",
+ "id.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "middle_name",
+ "jsonType.label" : "String"
+ }
+ }, {
+ "id" : "4d1465b2-c408-4a62-9821-afce35a55f12",
+ "name" : "username",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usermodel-attribute-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "introspection.token.claim" : "true",
+ "userinfo.token.claim" : "true",
+ "user.attribute" : "username",
+ "id.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "preferred_username",
+ "jsonType.label" : "String"
+ }
+ } ]
+ }, {
+ "id" : "9b03908f-dac3-4bbd-8e93-ef29e64a59ad",
+ "name" : "role_list",
+ "description" : "SAML role list",
+ "protocol" : "saml",
+ "attributes" : {
+ "consent.screen.text" : "${samlRoleListScopeConsentText}",
+ "display.on.consent.screen" : "true"
+ },
+ "protocolMappers" : [ {
+ "id" : "d6678801-a0f1-4385-ae11-5dee90a9e3b4",
+ "name" : "role list",
+ "protocol" : "saml",
+ "protocolMapper" : "saml-role-list-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "single" : "false",
+ "attribute.nameformat" : "Basic",
+ "attribute.name" : "Role"
+ }
+ } ]
+ }, {
+ "id" : "fa13fc44-16f6-4f82-965d-b86dfad2a984",
+ "name" : "microprofile-jwt",
+ "description" : "Microprofile - JWT built-in scope",
+ "protocol" : "openid-connect",
+ "attributes" : {
+ "include.in.token.scope" : "true",
+ "display.on.consent.screen" : "false"
+ },
+ "protocolMappers" : [ {
+ "id" : "f70938d7-e91f-4c45-bfed-3b974d0e4697",
+ "name" : "groups",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usermodel-realm-role-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "introspection.token.claim" : "true",
+ "multivalued" : "true",
+ "userinfo.token.claim" : "true",
+ "user.attribute" : "foo",
+ "id.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "groups",
+ "jsonType.label" : "String"
+ }
+ }, {
+ "id" : "1636d5e3-2af1-4d54-a60f-9db1f562b009",
+ "name" : "upn",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usermodel-attribute-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "introspection.token.claim" : "true",
+ "userinfo.token.claim" : "true",
+ "user.attribute" : "username",
+ "id.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "upn",
+ "jsonType.label" : "String"
+ }
+ } ]
+ }, {
+ "id" : "1124b695-1319-45aa-bc1b-ec0b2cf99b9e",
+ "name" : "acr",
+ "description" : "OpenID Connect scope for add acr (authentication context class reference) to the token",
+ "protocol" : "openid-connect",
+ "attributes" : {
+ "include.in.token.scope" : "false",
+ "display.on.consent.screen" : "false"
+ },
+ "protocolMappers" : [ {
+ "id" : "0e17d8d7-fb11-4b31-8023-d29611f7d492",
+ "name" : "acr loa level",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-acr-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "id.token.claim" : "true",
+ "introspection.token.claim" : "true",
+ "access.token.claim" : "true",
+ "userinfo.token.claim" : "true"
+ }
+ } ]
+ }, {
+ "id" : "cc53d998-1eac-4574-9bec-58110d92d282",
+ "name" : "web-origins",
+ "description" : "OpenID Connect scope for add allowed web origins to the access token",
+ "protocol" : "openid-connect",
+ "attributes" : {
+ "include.in.token.scope" : "false",
+ "consent.screen.text" : "",
+ "display.on.consent.screen" : "false"
+ },
+ "protocolMappers" : [ {
+ "id" : "635cbac1-7cab-43bd-99fc-f7084aca2fa2",
+ "name" : "allowed web origins",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-allowed-origins-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "introspection.token.claim" : "true",
+ "access.token.claim" : "true"
+ }
+ } ]
+ }, {
+ "id" : "2c901d49-bb6d-44a7-8835-1229b655ccfa",
+ "name" : "saml_organization",
+ "description" : "Organization Membership",
+ "protocol" : "saml",
+ "attributes" : {
+ "display.on.consent.screen" : "false"
+ },
+ "protocolMappers" : [ {
+ "id" : "60ad6a87-646d-4c9e-932e-34ab1ac51fcb",
+ "name" : "organization",
+ "protocol" : "saml",
+ "protocolMapper" : "saml-organization-membership-mapper",
+ "consentRequired" : false,
+ "config" : { }
+ } ]
+ }, {
+ "id" : "943d1441-ee61-4ab5-b5bd-de3c5f8ff25f",
+ "name" : "roles",
+ "description" : "OpenID Connect scope for add user roles to the access token",
+ "protocol" : "openid-connect",
+ "attributes" : {
+ "include.in.token.scope" : "false",
+ "consent.screen.text" : "${rolesScopeConsentText}",
+ "display.on.consent.screen" : "true"
+ },
+ "protocolMappers" : [ {
+ "id" : "2b5a3df4-1adb-402d-bc28-2bd43224e682",
+ "name" : "realm roles",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usermodel-realm-role-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "user.attribute" : "foo",
+ "introspection.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "realm_access.roles",
+ "jsonType.label" : "String",
+ "multivalued" : "true"
+ }
+ }, {
+ "id" : "f3b60071-ef26-48a7-9554-67f62f84d543",
+ "name" : "client roles",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usermodel-client-role-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "user.attribute" : "foo",
+ "introspection.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "resource_access.${client_id}.roles",
+ "jsonType.label" : "String",
+ "multivalued" : "true"
+ }
+ }, {
+ "id" : "b757200e-494a-4585-857e-e4c18aef7a0c",
+ "name" : "audience resolve",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-audience-resolve-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "introspection.token.claim" : "true",
+ "access.token.claim" : "true"
+ }
+ } ]
+ }, {
+ "id" : "4509fb3c-a899-49ad-b690-b031f9568888",
+ "name" : "email",
+ "description" : "OpenID Connect built-in scope: email",
+ "protocol" : "openid-connect",
+ "attributes" : {
+ "include.in.token.scope" : "true",
+ "consent.screen.text" : "${emailScopeConsentText}",
+ "display.on.consent.screen" : "true"
+ },
+ "protocolMappers" : [ {
+ "id" : "e18769b3-778b-47d8-be52-dd2769deebd1",
+ "name" : "email",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usermodel-attribute-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "introspection.token.claim" : "true",
+ "userinfo.token.claim" : "true",
+ "user.attribute" : "email",
+ "id.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "email",
+ "jsonType.label" : "String"
+ }
+ }, {
+ "id" : "d98c5037-5178-4cc5-8e22-ca6cf0cb169e",
+ "name" : "email verified",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usermodel-property-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "introspection.token.claim" : "true",
+ "userinfo.token.claim" : "true",
+ "user.attribute" : "emailVerified",
+ "id.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "email_verified",
+ "jsonType.label" : "boolean"
+ }
+ } ]
+ }, {
+ "id" : "6e14db34-285a-47ae-8b43-b3dcf10ae7f8",
+ "name" : "phone",
+ "description" : "OpenID Connect built-in scope: phone",
+ "protocol" : "openid-connect",
+ "attributes" : {
+ "include.in.token.scope" : "true",
+ "consent.screen.text" : "${phoneScopeConsentText}",
+ "display.on.consent.screen" : "true"
+ },
+ "protocolMappers" : [ {
+ "id" : "98cc724c-3f53-47f7-bf9f-baf2f7e08026",
+ "name" : "phone number verified",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usermodel-attribute-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "introspection.token.claim" : "true",
+ "userinfo.token.claim" : "true",
+ "user.attribute" : "phoneNumberVerified",
+ "id.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "phone_number_verified",
+ "jsonType.label" : "boolean"
+ }
+ }, {
+ "id" : "716a7b58-dcf4-4557-9f84-d21ca19630fb",
+ "name" : "phone number",
+ "protocol" : "openid-connect",
+ "protocolMapper" : "oidc-usermodel-attribute-mapper",
+ "consentRequired" : false,
+ "config" : {
+ "introspection.token.claim" : "true",
+ "userinfo.token.claim" : "true",
+ "user.attribute" : "phoneNumber",
+ "id.token.claim" : "true",
+ "access.token.claim" : "true",
+ "claim.name" : "phone_number",
+ "jsonType.label" : "String"
+ }
+ } ]
+ } ],
+ "defaultDefaultClientScopes" : [ "role_list", "saml_organization", "profile", "email", "roles", "web-origins", "acr", "basic" ],
+ "defaultOptionalClientScopes" : [ "offline_access", "address", "phone", "microprofile-jwt", "organization" ],
+ "browserSecurityHeaders" : {
+ "contentSecurityPolicyReportOnly" : "",
+ "xContentTypeOptions" : "nosniff",
+ "referrerPolicy" : "no-referrer",
+ "xRobotsTag" : "none",
+ "xFrameOptions" : "SAMEORIGIN",
+ "contentSecurityPolicy" : "frame-src 'self'; frame-ancestors 'self'; object-src 'none';",
+ "xXSSProtection" : "1; mode=block",
+ "strictTransportSecurity" : "max-age=31536000; includeSubDomains"
+ },
+ "smtpServer" : { },
+ "eventsEnabled" : false,
+ "eventsListeners" : [ "jboss-logging" ],
+ "enabledEventTypes" : [ ],
+ "adminEventsEnabled" : false,
+ "adminEventsDetailsEnabled" : false,
+ "identityProviders" : [ ],
+ "identityProviderMappers" : [ ],
+ "components" : {
+ "org.keycloak.services.clientregistration.policy.ClientRegistrationPolicy" : [ {
+ "id" : "f2a52e27-5582-4ca4-b20c-1864b8339b16",
+ "name" : "Trusted Hosts",
+ "providerId" : "trusted-hosts",
+ "subType" : "anonymous",
+ "subComponents" : { },
+ "config" : {
+ "host-sending-registration-request-must-match" : [ "true" ],
+ "client-uris-must-match" : [ "true" ]
+ }
+ }, {
+ "id" : "95b33704-ec30-4988-b018-f73d8bcf71b5",
+ "name" : "Full Scope Disabled",
+ "providerId" : "scope",
+ "subType" : "anonymous",
+ "subComponents" : { },
+ "config" : { }
+ }, {
+ "id" : "d1114c75-d0b0-4584-a89f-a4e70eab2cd7",
+ "name" : "Consent Required",
+ "providerId" : "consent-required",
+ "subType" : "anonymous",
+ "subComponents" : { },
+ "config" : { }
+ }, {
+ "id" : "6b0202cc-e70e-46da-869b-36ad59907239",
+ "name" : "Allowed Protocol Mapper Types",
+ "providerId" : "allowed-protocol-mappers",
+ "subType" : "anonymous",
+ "subComponents" : { },
+ "config" : {
+ "allowed-protocol-mapper-types" : [ "oidc-usermodel-property-mapper", "saml-role-list-mapper", "oidc-sha256-pairwise-sub-mapper", "oidc-full-name-mapper", "oidc-usermodel-attribute-mapper", "saml-user-attribute-mapper", "oidc-address-mapper", "saml-user-property-mapper" ]
+ }
+ }, {
+ "id" : "4b976576-c880-48a0-9b4d-2956cfd19b4a",
+ "name" : "Allowed Protocol Mapper Types",
+ "providerId" : "allowed-protocol-mappers",
+ "subType" : "authenticated",
+ "subComponents" : { },
+ "config" : {
+ "allowed-protocol-mapper-types" : [ "oidc-sha256-pairwise-sub-mapper", "saml-user-property-mapper", "oidc-address-mapper", "oidc-full-name-mapper", "saml-role-list-mapper", "oidc-usermodel-attribute-mapper", "oidc-usermodel-property-mapper", "saml-user-attribute-mapper" ]
+ }
+ }, {
+ "id" : "e1861ec9-2761-46fb-8048-149492269ff0",
+ "name" : "Allowed Client Scopes",
+ "providerId" : "allowed-client-templates",
+ "subType" : "anonymous",
+ "subComponents" : { },
+ "config" : {
+ "allow-default-scopes" : [ "true" ]
+ }
+ }, {
+ "id" : "51b3aa61-e453-4e0b-bfe1-aefd8353ea06",
+ "name" : "Max Clients Limit",
+ "providerId" : "max-clients",
+ "subType" : "anonymous",
+ "subComponents" : { },
+ "config" : {
+ "max-clients" : [ "200" ]
+ }
+ }, {
+ "id" : "851cf8c2-ffe8-4a37-8a12-df04f724c90b",
+ "name" : "Allowed Client Scopes",
+ "providerId" : "allowed-client-templates",
+ "subType" : "authenticated",
+ "subComponents" : { },
+ "config" : {
+ "allow-default-scopes" : [ "true" ]
+ }
+ } ],
+ "org.keycloak.userprofile.UserProfileProvider" : [ {
+ "id" : "34049725-5a66-456c-b895-87ca7c11bb6b",
+ "providerId" : "declarative-user-profile",
+ "subComponents" : { },
+ "config" : {
+ "kc.user.profile.config" : [ "{\"attributes\":[{\"name\":\"username\",\"displayName\":\"${username}\",\"validations\":{\"length\":{\"min\":3,\"max\":255},\"username-prohibited-characters\":{},\"up-username-not-idn-homograph\":{}},\"permissions\":{\"view\":[\"admin\",\"user\"],\"edit\":[\"admin\",\"user\"]},\"multivalued\":false},{\"name\":\"email\",\"displayName\":\"${email}\",\"validations\":{\"email\":{},\"length\":{\"max\":255}},\"permissions\":{\"view\":[\"admin\",\"user\"],\"edit\":[\"admin\",\"user\"]},\"multivalued\":false},{\"name\":\"firstName\",\"displayName\":\"${firstName}\",\"validations\":{\"length\":{\"max\":255},\"person-name-prohibited-characters\":{}},\"permissions\":{\"view\":[\"admin\",\"user\"],\"edit\":[\"admin\",\"user\"]},\"multivalued\":false},{\"name\":\"lastName\",\"displayName\":\"${lastName}\",\"validations\":{\"length\":{\"max\":255},\"person-name-prohibited-characters\":{}},\"permissions\":{\"view\":[\"admin\",\"user\"],\"edit\":[\"admin\",\"user\"]},\"multivalued\":false}],\"groups\":[{\"name\":\"user-metadata\",\"displayHeader\":\"User metadata\",\"displayDescription\":\"Attributes, which refer to user metadata\"}]}" ]
+ }
+ } ],
+ "org.keycloak.storage.UserStorageProvider" : [ {
+ "id" : "3a6f24e8-128b-4ac1-b3ab-694836db82fd",
+ "name" : "Identity Service",
+ "providerId" : "ldap",
+ "subComponents" : {
+ "org.keycloak.storage.ldap.mappers.LDAPStorageMapper" : [ {
+ "id" : "bf97cfab-4d53-4994-b3a8-0c771a70467b",
+ "name" : "email",
+ "providerId" : "user-attribute-ldap-mapper",
+ "subComponents" : { },
+ "config" : {
+ "ldap.attribute" : [ "mail" ],
+ "is.mandatory.in.ldap" : [ "false" ],
+ "always.read.value.from.ldap" : [ "false" ],
+ "read.only" : [ "false" ],
+ "user.model.attribute" : [ "email" ]
+ }
+ }, {
+ "id" : "cddffa16-0aff-4e0c-99a2-021f0495de03",
+ "name" : "last name",
+ "providerId" : "user-attribute-ldap-mapper",
+ "subComponents" : { },
+ "config" : {
+ "ldap.attribute" : [ "sn" ],
+ "is.mandatory.in.ldap" : [ "true" ],
+ "always.read.value.from.ldap" : [ "true" ],
+ "read.only" : [ "false" ],
+ "user.model.attribute" : [ "lastName" ]
+ }
+ }, {
+ "id" : "4eaae3fa-d280-4605-b09d-1caeb881322c",
+ "name" : "modify date",
+ "providerId" : "user-attribute-ldap-mapper",
+ "subComponents" : { },
+ "config" : {
+ "ldap.attribute" : [ "modifyTimestamp" ],
+ "is.mandatory.in.ldap" : [ "false" ],
+ "read.only" : [ "true" ],
+ "always.read.value.from.ldap" : [ "true" ],
+ "user.model.attribute" : [ "modifyTimestamp" ]
+ }
+ }, {
+ "id" : "98c4a2c1-d509-443b-8475-fc971c193324",
+ "name" : "first name",
+ "providerId" : "user-attribute-ldap-mapper",
+ "subComponents" : { },
+ "config" : {
+ "ldap.attribute" : [ "cn" ],
+ "is.mandatory.in.ldap" : [ "true" ],
+ "always.read.value.from.ldap" : [ "true" ],
+ "read.only" : [ "false" ],
+ "user.model.attribute" : [ "firstName" ]
+ }
+ }, {
+ "id" : "74dbebb4-9881-4be1-8b30-6b0f2a718c86",
+ "name" : "username",
+ "providerId" : "user-attribute-ldap-mapper",
+ "subComponents" : { },
+ "config" : {
+ "ldap.attribute" : [ "uid" ],
+ "is.mandatory.in.ldap" : [ "true" ],
+ "always.read.value.from.ldap" : [ "false" ],
+ "read.only" : [ "false" ],
+ "user.model.attribute" : [ "username" ]
+ }
+ }, {
+ "id" : "5692d060-55b8-4cb1-b68f-0ae123cd9d03",
+ "name" : "system",
+ "providerId" : "group-ldap-mapper",
+ "subComponents" : { },
+ "config" : {
+ "mode" : [ "LDAP_ONLY" ],
+ "membership.attribute.type" : [ "DN" ],
+ "user.roles.retrieve.strategy" : [ "LOAD_GROUPS_BY_MEMBER_ATTRIBUTE" ],
+ "group.name.ldap.attribute" : [ "cn" ],
+ "ignore.missing.groups" : [ "false" ],
+ "membership.user.ldap.attribute" : [ "uid" ],
+ "preserve.group.inheritance" : [ "false" ],
+ "membership.ldap.attribute" : [ "member" ],
+ "groups.dn" : [ "ou=users,${LDAP_ROOT}" ],
+ "memberof.ldap.attribute" : [ "memberOf" ],
+ "group.object.classes" : [ "groupOfNames" ],
+ "drop.non.existing.groups.during.sync" : [ "false" ],
+ "groups.path" : [ "/" ]
+ }
+ }, {
+ "id" : "0453ae29-3cdc-4e09-800e-0117e7a2fb68",
+ "name" : "creation date",
+ "providerId" : "user-attribute-ldap-mapper",
+ "subComponents" : { },
+ "config" : {
+ "ldap.attribute" : [ "createTimestamp" ],
+ "is.mandatory.in.ldap" : [ "false" ],
+ "read.only" : [ "true" ],
+ "always.read.value.from.ldap" : [ "true" ],
+ "user.model.attribute" : [ "createTimestamp" ]
+ }
+ } ]
+ },
+ "config" : {
+ "pagination" : [ "false" ],
+ "fullSyncPeriod" : [ "-1" ],
+ "startTls" : [ "false" ],
+ "connectionPooling" : [ "false" ],
+ "usersDn" : [ "ou=users,${LDAP_ROOT}" ],
+ "cachePolicy" : [ "DEFAULT" ],
+ "useKerberosForPasswordAuthentication" : [ "false" ],
+ "importEnabled" : [ "true" ],
+ "enabled" : [ "true" ],
+ "changedSyncPeriod" : [ "-1" ],
+ "usernameLDAPAttribute" : [ "uid" ],
+ "bindCredential" : [ "${LDAP_ADMIN_PASSWORD}" ],
+ "bindDn" : [ "${LDAP_ADMIN_DN}" ],
+ "vendor" : [ "other" ],
+ "uuidLDAPAttribute" : [ "entryUUID" ],
+ "allowKerberosAuthentication" : [ "false" ],
+ "connectionUrl" : [ "ldap://identity-service:1389" ],
+ "syncRegistrations" : [ "true" ],
+ "authType" : [ "simple" ],
+ "krbPrincipalAttribute" : [ "krb5PrincipalName" ],
+ "searchScope" : [ "1" ],
+ "useTruststoreSpi" : [ "always" ],
+ "usePasswordModifyExtendedOp" : [ "false" ],
+ "trustEmail" : [ "false" ],
+ "userObjectClasses" : [ "inetOrgPerson, organizationalPerson, person" ],
+ "rdnLDAPAttribute" : [ "uid" ],
+ "editMode" : [ "READ_ONLY" ],
+ "validatePasswordPolicy" : [ "false" ]
+ }
+ } ],
+ "org.keycloak.keys.KeyProvider" : [ {
+ "id" : "5b1052d2-fb71-47d2-86f9-908c869c8d1b",
+ "name" : "hmac-generated-hs512",
+ "providerId" : "hmac-generated",
+ "subComponents" : { },
+ "config" : {
+ "kid" : [ "dff6ccc5-bd9b-467c-8e93-0fe51d353eaf" ],
+ "secret" : [ "Q8srw06SZoVO9ZJtKsfKPZyg8O7w01pLMv-CVMbxhBNXJ2lldqKmDgYxHBWnyeIYjXsp2M_Q-SQh1MZc7THyJJpFpRvqN8q9ZgUyWv3GZ-TH7Cez7aeg-WEQrWywBTFfacu_VjmDxucinZoJTWLaH9NNdCcZSMeuBHyM1V__BeE" ],
+ "priority" : [ "100" ],
+ "algorithm" : [ "HS512" ]
+ }
+ }, {
+ "id" : "fd48cdb1-8be8-4ac9-9347-dc3e91db95d7",
+ "name" : "rsa-enc-generated",
+ "providerId" : "rsa-enc-generated",
+ "subComponents" : { },
+ "config" : {
+ "privateKey" : [ "MIIEpAIBAAKCAQEA3ZslFoBBYiRi9ZF9uMllfkL6ZDheVTSDTPgQar/ueThttbnovNEJ5W2xIJrSPJkN5yuq55zycwr8IzMjBPt9DLbKxqHmaUm2YkO3MMPdQGLoI8j8no6IB74qKBxpyUoEDXmmUaE02u+QkuBohhBuBSyvzktWzv25giXVxzwFqzmRx6aJXvZSKuE6fBqbIA+hxit6Wm35OkLNl6UKDDI1WmhAuaNwV/UUsJvOWW2QFAosLCr7bevrIX+mHWUimiTcBQC/hW6K391dA0LczHHGJ//74r/OeXvF4ODBdFSl1NuamgRGZnRD7pjTtp57mutwWm+bSWo2/DrCFQfjfVKhkQIDAQABAoIBAA+zk+ult7w/7sEOh3Vl06qgDUS3l7t6xojYFLWzlq6BGIjlPL/QId7fKEsynQ3NHGaSOgBCJw2OrDHESElslj4l33U2eHBiWClbOeobHpyWxXLvpTKIz8uYpj0EUlyAQYxA389t2CRhEAHQI6fIFzuHoIdB4Es3QAMgMib1MkOg5VGsuV1LE8HcK44uFBOWXeQmEuasMQqmvAwj9M2yS6xjsxq0nS381PY1JYR7suhmOyvyZas/YvmltOVvQczwzW/MfMGga14YoJyAAz/7VZXCgVTs1ffHg9ET6s1PkNwVNTDAGriMG7GtN40UFEukS5cb2SRIJdg89DnHxHoNQ3cCgYEA+QIaUDuzgN+0D1ydYnCbTDwolHtBce7EUkOpaJRXyfwsrf/m8/bx302JSQLXs9zd9B3VwHWQIDQElAKcE/nbqUJPZLvjAWuSU/viLljGab5++mLKQ537UEV74msFj5rxwulzvQQ0owPsf/gHgTQ27ds/fWufywWpSCr/0+aE+NsCgYEA49QShQ1LakkAtckJYJ5W5TycDHMj1WV5GHUy9SX6fDNK9HpL1RQv5RY2yNa5nlpy5Izv5LzQb+6vAGZcfdd3WXv934k5qwAh+prmorWS2gXEbQJAan1BsApjFgtbJqyxLjhHywlG3W9Eh+HImlLTUKnx/3tr3Yn4vP7YAA1ZVQMCgYB+uZQ8qvWCq9aOTtsGAzr1xFP+pO+8lQAywZ6Qy5YWBJGUh/y4wj98HpC0qI6wScJnf1uOVAZibTa7QMy/2dPxwv52zKwNx/ozZahJYAKyRDGJKge3+8mvo30V0NOGrxtEz9yIIIDNSaztv4PKPJGL4Z3hLYmoIBxzzvZdmB6qKwKBgQDKqOYEduwD0oaQLhFqYc8YQU7qgC168LXEfNRkX3EutA3T5Um5dCialqULCH67Dugux/PJO/AJ8X64U1WpF1ZyQip1gsLKiuau3sWULQJBcGnnMd6NG3ioGMVFYbqmb214mNW8FTd1WDnUyZJBPLX+hf3fbjFoMwgRTnxjp3w0cwKBgQDxnYNXZqVPJsDDqW23+uj66b0n1oamhe/hl6zm2uhhq5hXXIRbRPqCWznZvm6eD/kcvknrNYopsb90RkJYjl9povaIFrSWH28QEaTHIzJmW0tKOxL0bQo05AmRXLnW2vlBafno6ZQGFAotnIIJLwzU9Tu2PwRQ83ypP1mvWowXzA==" ],
+ "certificate" : [ "MIICmzCCAYMCBgGUfz5NvjANBgkqhkiG9w0BAQsFADARMQ8wDQYDVQQDDAZtYXN0ZXIwHhcNMjUwMTE5MTU0NDM3WhcNMzUwMTE5MTU0NjE3WjARMQ8wDQYDVQQDDAZtYXN0ZXIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDdmyUWgEFiJGL1kX24yWV+QvpkOF5VNINM+BBqv+55OG21uei80QnlbbEgmtI8mQ3nK6rnnPJzCvwjMyME+30MtsrGoeZpSbZiQ7cww91AYugjyPyejogHviooHGnJSgQNeaZRoTTa75CS4GiGEG4FLK/OS1bO/bmCJdXHPAWrOZHHpole9lIq4Tp8GpsgD6HGK3pabfk6Qs2XpQoMMjVaaEC5o3BX9RSwm85ZbZAUCiwsKvtt6+shf6YdZSKaJNwFAL+Fborf3V0DQtzMccYn//viv855e8Xg4MF0VKXU25qaBEZmdEPumNO2nnua63Bab5tJajb8OsIVB+N9UqGRAgMBAAEwDQYJKoZIhvcNAQELBQADggEBALGWVRlB9zbRWtv9fgxyWEzPqcZeyILAp0//bC4Y+EEe1fS5EfgP/J5U7j0DNt2Sc87uVkGCOGjTx7du6a/9uPA4ULMLUQO0Xusz41YrntjLWdWveLDmcqEYfF52qJQRhX7iYGGGG1Iq6Ju/1dfiX3nBD/RnVVHHf5s8QY0v0V/AnfWVaj3eFA8tybx1VsD7A8Whm7jgcQTOqu2L5F4gw4BwDDkCIYhkJcfPu1pvM+R3eDmXN8rTEVnNcCtvLFtTlBcmHhYnCYJaNHiSquKs5wDuDE6crBPgWfzzk2XHKLpmamdFyjzL8WFUmhnypQfwBNjnsgAl2U059bQz1fyBIlM=" ],
+ "priority" : [ "100" ],
+ "algorithm" : [ "RSA-OAEP" ]
+ }
+ }, {
+ "id" : "0ff03eb6-b43b-4065-b583-9e310f53a573",
+ "name" : "rsa-generated",
+ "providerId" : "rsa-generated",
+ "subComponents" : { },
+ "config" : {
+ "privateKey" : [ "MIIEogIBAAKCAQEAsetSXQJDd0r9Cv6hB/QyQ7DlVXAQeRuwasOTF5Eoez0mTuW1DGraTIttZwPOYMxvDOs4c9/+0QA9DNUtc4PHGXPB0WxuKDSikkVlPtyqOnrcaSYYArhHkYU727M+8r+vIhtToYB/g88mlMH4JfL0tUJQGlnOrDxUUP7RiWAbzQ33JDAAyV6HUOm1SgNH61V6z8a06m9NL//trN2PeILqNt/DT7iwTd+bmNQZzw+wSVTGR4K3O5sjWjRHvihAxvOCKvyzpYnbQ5AM/GpXOmahpuOQ45LebSYHlU7YSUVXH8Q2yLefjRCZ0H0mkRDx+yBr/vkKhF5vqv+lH3qKA6H6jQIDAQABAoIBAFdLSWb/BFEUhuENG79GTh8uPOdVi4+QSVeoy5PFkeIdl50gUVtdVew2gKAJmwmdZGMnSdR4s5KiFlIkih9iKZ7QT+lL1SR+5sDzsYBNTmxQ+bHRkfhLqDm68CqUYK9D407Nr5PO80GdsqVMIk+kS/JfLeQv6hpRo2D2FaLcd+d8Pzp72qgCcRTLGKzjPEv+ffA9eL6smP+E3/m54YS7e3jwMyVdl4IXAKBjPMkdtKMWnuGxHnPrZ71A1LJjL4un4N8HjIMGDCyFFkCvPE7FhzpdN249VF29QTfU+QHjiKC0O6nej/A+4kIbWjDF+YmmSEJRSKfk7SVuzs4XnBfsz7UCgYEA6zW+Sud2qos5/DQUUWTleKfqhaEzVvy2pWMXUqaHzvPu7NsaLl+DbEIRvoxJzqdWfwwnWIrD6kGU8GVa1I8RLKK3JS681R6Pw/Ih5JKw9n5lkD+gIpE5ryENQ5jGdwFRUTpJxKY2aPUve7PsyM5flau2d3eo/4SXIRy1pCMcAgMCgYEAwaU44XDH54rLVFuSpg6ck7uSxb15987AECW1z6n/oIAw0reVvCvp8tInk6owKRqvxVCM3W/B0UQONGDmcCcK1GoaO+hJZV/t+c9NAHrna2t10+bHRHwYLG9FUu/hWKtLsxqathsEXdS02m6y6jX3UWuR6Qwz2XYH7PWS3/EHNC8CgYA//qxapuVTe3P4WZcZmjERBea6GuTkCvgKwY4r76FNvnLIQMi7y0Lvpn47cOH39vGCuaTO41pwlw1V5s2yvYY3tcHMvQ2lkp4c+vkbvomlVzh86cLBBPBD5OM9/AgrgtFEH27IsUxmfCdCKe8Hp5a8Gy8XDBiQBNw1pyEImoDZTwKBgCU+nwMVSw2or1TpS/puYwUzFZa8y8Gy3VP9vMtVOhpnrXxJ3R3VIGkYrI4FNMAjJt1/kahhf1i9izHd1VSK3dVfFu6gzcUWv1HF4lyORwZtI7t+7qKob4nUWPQLuT7xq1ymaE1QQvW9HI/KrNTJTmk1lFnLhAl2Xy3fScGSvTz3AoGABYA6e1Ksiex2Iv37f16l6lo6hfbUKIoAooyrTKjwqpWGaFtDBQxTNaOR93APjg1rX+wtcwMpl1ABpsf2a1DoRJBItH1oE7q6ZDJ/qz2BnJkH8TvDy89Cbe/8R2vwQIsE7rDzW3Ivfx2KN//iKHAA6BEqf3m2p4u2Dqient5XC9M=" ],
+ "certificate" : [ "MIICmzCCAYMCBgGUfz5OEDANBgkqhkiG9w0BAQsFADARMQ8wDQYDVQQDDAZtYXN0ZXIwHhcNMjUwMTE5MTU0NDM3WhcNMzUwMTE5MTU0NjE3WjARMQ8wDQYDVQQDDAZtYXN0ZXIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCx61JdAkN3Sv0K/qEH9DJDsOVVcBB5G7Bqw5MXkSh7PSZO5bUMatpMi21nA85gzG8M6zhz3/7RAD0M1S1zg8cZc8HRbG4oNKKSRWU+3Ko6etxpJhgCuEeRhTvbsz7yv68iG1OhgH+DzyaUwfgl8vS1QlAaWc6sPFRQ/tGJYBvNDfckMADJXodQ6bVKA0frVXrPxrTqb00v/+2s3Y94guo238NPuLBN35uY1BnPD7BJVMZHgrc7myNaNEe+KEDG84Iq/LOlidtDkAz8alc6ZqGm45Djkt5tJgeVTthJRVcfxDbIt5+NEJnQfSaREPH7IGv++QqEXm+q/6UfeooDofqNAgMBAAEwDQYJKoZIhvcNAQELBQADggEBADmCns7tVOSdgo8sdJ/pviO1wjbmsNdg8vwn2uTsPesYLTya9iaIXVfjvhM2jOqoglIGp2/udjphOJvJapmpPmr7v6jPSrzW6phW4NP75scWR61gr9a+HKGA2imA/UwRPbb4gV3sIkIZtzlAiBJ7mItQ3C4gg3UpzwFkCxeUVPira0zq87T0p3c8b2QaUdsqhnpHUlB1KeSKstGgrUShZbOh0/Qzu+Fkw+CPsbshlRpCzpL5gwz8YolLeAl9E+qXH2fbugc+gvJyxciN6bn5tMa8QwV833jYSUdt3f+P+BwVCWG1XbkbzLTxd3JWB5JNXtEzXpylnRgtTydLDTZyC3c=" ],
+ "priority" : [ "100" ]
+ }
+ }, {
+ "id" : "df28b561-7463-4927-974d-615618056b41",
+ "name" : "aes-generated",
+ "providerId" : "aes-generated",
+ "subComponents" : { },
+ "config" : {
+ "kid" : [ "04a0e3ff-030f-4d22-a125-449f1541b83c" ],
+ "secret" : [ "uhC2E9sCbuigVhRLbnCmCQ" ],
+ "priority" : [ "100" ]
+ }
+ } ]
+ },
+ "internationalizationEnabled" : false,
+ "supportedLocales" : [ ],
+ "authenticationFlows" : [ {
+ "id" : "2e13d5a8-b0fb-475b-8991-66d1cc8e99f1",
+ "alias" : "Account verification options",
+ "description" : "Method with which to verity the existing account",
+ "providerId" : "basic-flow",
+ "topLevel" : false,
+ "builtIn" : true,
+ "authenticationExecutions" : [ {
+ "authenticator" : "idp-email-verification",
+ "authenticatorFlow" : false,
+ "requirement" : "ALTERNATIVE",
+ "priority" : 10,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticatorFlow" : true,
+ "requirement" : "ALTERNATIVE",
+ "priority" : 20,
+ "autheticatorFlow" : true,
+ "flowAlias" : "Verify Existing Account by Re-authentication",
+ "userSetupAllowed" : false
+ } ]
+ }, {
+ "id" : "0bf3a099-5ef5-4ea9-b325-5bc9699180a6",
+ "alias" : "Browser - Conditional OTP",
+ "description" : "Flow to determine if the OTP is required for the authentication",
+ "providerId" : "basic-flow",
+ "topLevel" : false,
+ "builtIn" : true,
+ "authenticationExecutions" : [ {
+ "authenticator" : "conditional-user-configured",
+ "authenticatorFlow" : false,
+ "requirement" : "REQUIRED",
+ "priority" : 10,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticator" : "auth-otp-form",
+ "authenticatorFlow" : false,
+ "requirement" : "REQUIRED",
+ "priority" : 20,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ } ]
+ }, {
+ "id" : "88ca29ab-cbe0-4e3f-938a-e6c5327748ab",
+ "alias" : "Direct Grant - Conditional OTP",
+ "description" : "Flow to determine if the OTP is required for the authentication",
+ "providerId" : "basic-flow",
+ "topLevel" : false,
+ "builtIn" : true,
+ "authenticationExecutions" : [ {
+ "authenticator" : "conditional-user-configured",
+ "authenticatorFlow" : false,
+ "requirement" : "REQUIRED",
+ "priority" : 10,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticator" : "direct-grant-validate-otp",
+ "authenticatorFlow" : false,
+ "requirement" : "REQUIRED",
+ "priority" : 20,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ } ]
+ }, {
+ "id" : "789e7d43-bc05-44d2-8c09-de7fee9d56de",
+ "alias" : "First broker login - Conditional OTP",
+ "description" : "Flow to determine if the OTP is required for the authentication",
+ "providerId" : "basic-flow",
+ "topLevel" : false,
+ "builtIn" : true,
+ "authenticationExecutions" : [ {
+ "authenticator" : "conditional-user-configured",
+ "authenticatorFlow" : false,
+ "requirement" : "REQUIRED",
+ "priority" : 10,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticator" : "auth-otp-form",
+ "authenticatorFlow" : false,
+ "requirement" : "REQUIRED",
+ "priority" : 20,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ } ]
+ }, {
+ "id" : "ee145b84-2b30-438e-9cee-6fe90909af1a",
+ "alias" : "Handle Existing Account",
+ "description" : "Handle what to do if there is existing account with same email/username like authenticated identity provider",
+ "providerId" : "basic-flow",
+ "topLevel" : false,
+ "builtIn" : true,
+ "authenticationExecutions" : [ {
+ "authenticator" : "idp-confirm-link",
+ "authenticatorFlow" : false,
+ "requirement" : "REQUIRED",
+ "priority" : 10,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticatorFlow" : true,
+ "requirement" : "REQUIRED",
+ "priority" : 20,
+ "autheticatorFlow" : true,
+ "flowAlias" : "Account verification options",
+ "userSetupAllowed" : false
+ } ]
+ }, {
+ "id" : "853d891a-0009-443c-91c3-a7f1ad1dd0dc",
+ "alias" : "Reset - Conditional OTP",
+ "description" : "Flow to determine if the OTP should be reset or not. Set to REQUIRED to force.",
+ "providerId" : "basic-flow",
+ "topLevel" : false,
+ "builtIn" : true,
+ "authenticationExecutions" : [ {
+ "authenticator" : "conditional-user-configured",
+ "authenticatorFlow" : false,
+ "requirement" : "REQUIRED",
+ "priority" : 10,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticator" : "reset-otp",
+ "authenticatorFlow" : false,
+ "requirement" : "REQUIRED",
+ "priority" : 20,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ } ]
+ }, {
+ "id" : "d7f13a9b-a13c-4236-ae41-df8da7e5fa8d",
+ "alias" : "User creation or linking",
+ "description" : "Flow for the existing/non-existing user alternatives",
+ "providerId" : "basic-flow",
+ "topLevel" : false,
+ "builtIn" : true,
+ "authenticationExecutions" : [ {
+ "authenticatorConfig" : "create unique user config",
+ "authenticator" : "idp-create-user-if-unique",
+ "authenticatorFlow" : false,
+ "requirement" : "ALTERNATIVE",
+ "priority" : 10,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticatorFlow" : true,
+ "requirement" : "ALTERNATIVE",
+ "priority" : 20,
+ "autheticatorFlow" : true,
+ "flowAlias" : "Handle Existing Account",
+ "userSetupAllowed" : false
+ } ]
+ }, {
+ "id" : "3cb699ee-11d4-44be-878b-a183b9e96b59",
+ "alias" : "Verify Existing Account by Re-authentication",
+ "description" : "Reauthentication of existing account",
+ "providerId" : "basic-flow",
+ "topLevel" : false,
+ "builtIn" : true,
+ "authenticationExecutions" : [ {
+ "authenticator" : "idp-username-password-form",
+ "authenticatorFlow" : false,
+ "requirement" : "REQUIRED",
+ "priority" : 10,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticatorFlow" : true,
+ "requirement" : "CONDITIONAL",
+ "priority" : 20,
+ "autheticatorFlow" : true,
+ "flowAlias" : "First broker login - Conditional OTP",
+ "userSetupAllowed" : false
+ } ]
+ }, {
+ "id" : "61d5a1e2-7074-41ad-97bf-e5c41c70989e",
+ "alias" : "browser",
+ "description" : "Browser based authentication",
+ "providerId" : "basic-flow",
+ "topLevel" : true,
+ "builtIn" : true,
+ "authenticationExecutions" : [ {
+ "authenticator" : "auth-cookie",
+ "authenticatorFlow" : false,
+ "requirement" : "ALTERNATIVE",
+ "priority" : 10,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticator" : "auth-spnego",
+ "authenticatorFlow" : false,
+ "requirement" : "DISABLED",
+ "priority" : 20,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticator" : "identity-provider-redirector",
+ "authenticatorFlow" : false,
+ "requirement" : "ALTERNATIVE",
+ "priority" : 25,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticatorFlow" : true,
+ "requirement" : "ALTERNATIVE",
+ "priority" : 30,
+ "autheticatorFlow" : true,
+ "flowAlias" : "forms",
+ "userSetupAllowed" : false
+ } ]
+ }, {
+ "id" : "21dabcf1-8817-4f2d-981a-13239e160b56",
+ "alias" : "clients",
+ "description" : "Base authentication for clients",
+ "providerId" : "client-flow",
+ "topLevel" : true,
+ "builtIn" : true,
+ "authenticationExecutions" : [ {
+ "authenticator" : "client-secret",
+ "authenticatorFlow" : false,
+ "requirement" : "ALTERNATIVE",
+ "priority" : 10,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticator" : "client-jwt",
+ "authenticatorFlow" : false,
+ "requirement" : "ALTERNATIVE",
+ "priority" : 20,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticator" : "client-secret-jwt",
+ "authenticatorFlow" : false,
+ "requirement" : "ALTERNATIVE",
+ "priority" : 30,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticator" : "client-x509",
+ "authenticatorFlow" : false,
+ "requirement" : "ALTERNATIVE",
+ "priority" : 40,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ } ]
+ }, {
+ "id" : "a349aeb2-9373-47ec-9381-0c379df56c71",
+ "alias" : "direct grant",
+ "description" : "OpenID Connect Resource Owner Grant",
+ "providerId" : "basic-flow",
+ "topLevel" : true,
+ "builtIn" : true,
+ "authenticationExecutions" : [ {
+ "authenticator" : "direct-grant-validate-username",
+ "authenticatorFlow" : false,
+ "requirement" : "REQUIRED",
+ "priority" : 10,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticator" : "direct-grant-validate-password",
+ "authenticatorFlow" : false,
+ "requirement" : "REQUIRED",
+ "priority" : 20,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticatorFlow" : true,
+ "requirement" : "CONDITIONAL",
+ "priority" : 30,
+ "autheticatorFlow" : true,
+ "flowAlias" : "Direct Grant - Conditional OTP",
+ "userSetupAllowed" : false
+ } ]
+ }, {
+ "id" : "39b3aa37-4ece-4e31-acbc-79889994713e",
+ "alias" : "docker auth",
+ "description" : "Used by Docker clients to authenticate against the IDP",
+ "providerId" : "basic-flow",
+ "topLevel" : true,
+ "builtIn" : true,
+ "authenticationExecutions" : [ {
+ "authenticator" : "docker-http-basic-authenticator",
+ "authenticatorFlow" : false,
+ "requirement" : "REQUIRED",
+ "priority" : 10,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ } ]
+ }, {
+ "id" : "18561349-cc5e-4e5b-bcb2-979645118f96",
+ "alias" : "first broker login",
+ "description" : "Actions taken after first broker login with identity provider account, which is not yet linked to any Keycloak account",
+ "providerId" : "basic-flow",
+ "topLevel" : true,
+ "builtIn" : true,
+ "authenticationExecutions" : [ {
+ "authenticatorConfig" : "review profile config",
+ "authenticator" : "idp-review-profile",
+ "authenticatorFlow" : false,
+ "requirement" : "REQUIRED",
+ "priority" : 10,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticatorFlow" : true,
+ "requirement" : "REQUIRED",
+ "priority" : 20,
+ "autheticatorFlow" : true,
+ "flowAlias" : "User creation or linking",
+ "userSetupAllowed" : false
+ } ]
+ }, {
+ "id" : "9933f082-3d53-4575-b011-90e6933fb2a1",
+ "alias" : "forms",
+ "description" : "Username, password, otp and other auth forms.",
+ "providerId" : "basic-flow",
+ "topLevel" : false,
+ "builtIn" : true,
+ "authenticationExecutions" : [ {
+ "authenticator" : "auth-username-password-form",
+ "authenticatorFlow" : false,
+ "requirement" : "REQUIRED",
+ "priority" : 10,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticatorFlow" : true,
+ "requirement" : "CONDITIONAL",
+ "priority" : 20,
+ "autheticatorFlow" : true,
+ "flowAlias" : "Browser - Conditional OTP",
+ "userSetupAllowed" : false
+ } ]
+ }, {
+ "id" : "00285357-456a-4fd4-b449-ed25253e6364",
+ "alias" : "registration",
+ "description" : "Registration flow",
+ "providerId" : "basic-flow",
+ "topLevel" : true,
+ "builtIn" : true,
+ "authenticationExecutions" : [ {
+ "authenticator" : "registration-page-form",
+ "authenticatorFlow" : true,
+ "requirement" : "REQUIRED",
+ "priority" : 10,
+ "autheticatorFlow" : true,
+ "flowAlias" : "registration form",
+ "userSetupAllowed" : false
+ } ]
+ }, {
+ "id" : "b9131fa9-5614-42b4-8353-c6c15e66c2ce",
+ "alias" : "registration form",
+ "description" : "Registration form",
+ "providerId" : "form-flow",
+ "topLevel" : false,
+ "builtIn" : true,
+ "authenticationExecutions" : [ {
+ "authenticator" : "registration-user-creation",
+ "authenticatorFlow" : false,
+ "requirement" : "REQUIRED",
+ "priority" : 20,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticator" : "registration-password-action",
+ "authenticatorFlow" : false,
+ "requirement" : "REQUIRED",
+ "priority" : 50,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticator" : "registration-recaptcha-action",
+ "authenticatorFlow" : false,
+ "requirement" : "DISABLED",
+ "priority" : 60,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticator" : "registration-terms-and-conditions",
+ "authenticatorFlow" : false,
+ "requirement" : "DISABLED",
+ "priority" : 70,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ } ]
+ }, {
+ "id" : "424642cc-3a71-4732-ba38-b737179ce37f",
+ "alias" : "reset credentials",
+ "description" : "Reset credentials for a user if they forgot their password or something",
+ "providerId" : "basic-flow",
+ "topLevel" : true,
+ "builtIn" : true,
+ "authenticationExecutions" : [ {
+ "authenticator" : "reset-credentials-choose-user",
+ "authenticatorFlow" : false,
+ "requirement" : "REQUIRED",
+ "priority" : 10,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticator" : "reset-credential-email",
+ "authenticatorFlow" : false,
+ "requirement" : "REQUIRED",
+ "priority" : 20,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticator" : "reset-password",
+ "authenticatorFlow" : false,
+ "requirement" : "REQUIRED",
+ "priority" : 30,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ }, {
+ "authenticatorFlow" : true,
+ "requirement" : "CONDITIONAL",
+ "priority" : 40,
+ "autheticatorFlow" : true,
+ "flowAlias" : "Reset - Conditional OTP",
+ "userSetupAllowed" : false
+ } ]
+ }, {
+ "id" : "c8c9c4dc-a39d-4ba6-ad4b-9447a8125349",
+ "alias" : "saml ecp",
+ "description" : "SAML ECP Profile Authentication Flow",
+ "providerId" : "basic-flow",
+ "topLevel" : true,
+ "builtIn" : true,
+ "authenticationExecutions" : [ {
+ "authenticator" : "http-basic-authenticator",
+ "authenticatorFlow" : false,
+ "requirement" : "REQUIRED",
+ "priority" : 10,
+ "autheticatorFlow" : false,
+ "userSetupAllowed" : false
+ } ]
+ } ],
+ "authenticatorConfig" : [ {
+ "id" : "49d63952-ca6e-450c-a65f-70388169cb90",
+ "alias" : "create unique user config",
+ "config" : {
+ "require.password.update.after.registration" : "false"
+ }
+ }, {
+ "id" : "5b4f58fc-aff7-4e12-8c48-40aeb3db1432",
+ "alias" : "review profile config",
+ "config" : {
+ "update.profile.on.first.login" : "missing"
+ }
+ } ],
+ "requiredActions" : [ {
+ "alias" : "CONFIGURE_TOTP",
+ "name" : "Configure OTP",
+ "providerId" : "CONFIGURE_TOTP",
+ "enabled" : true,
+ "defaultAction" : false,
+ "priority" : 10,
+ "config" : { }
+ }, {
+ "alias" : "TERMS_AND_CONDITIONS",
+ "name" : "Terms and Conditions",
+ "providerId" : "TERMS_AND_CONDITIONS",
+ "enabled" : false,
+ "defaultAction" : false,
+ "priority" : 20,
+ "config" : { }
+ }, {
+ "alias" : "UPDATE_PASSWORD",
+ "name" : "Update Password",
+ "providerId" : "UPDATE_PASSWORD",
+ "enabled" : true,
+ "defaultAction" : false,
+ "priority" : 30,
+ "config" : { }
+ }, {
+ "alias" : "UPDATE_PROFILE",
+ "name" : "Update Profile",
+ "providerId" : "UPDATE_PROFILE",
+ "enabled" : true,
+ "defaultAction" : false,
+ "priority" : 40,
+ "config" : { }
+ }, {
+ "alias" : "VERIFY_EMAIL",
+ "name" : "Verify Email",
+ "providerId" : "VERIFY_EMAIL",
+ "enabled" : true,
+ "defaultAction" : false,
+ "priority" : 50,
+ "config" : { }
+ }, {
+ "alias" : "delete_account",
+ "name" : "Delete Account",
+ "providerId" : "delete_account",
+ "enabled" : false,
+ "defaultAction" : false,
+ "priority" : 60,
+ "config" : { }
+ }, {
+ "alias" : "webauthn-register",
+ "name" : "Webauthn Register",
+ "providerId" : "webauthn-register",
+ "enabled" : true,
+ "defaultAction" : false,
+ "priority" : 70,
+ "config" : { }
+ }, {
+ "alias" : "webauthn-register-passwordless",
+ "name" : "Webauthn Register Passwordless",
+ "providerId" : "webauthn-register-passwordless",
+ "enabled" : true,
+ "defaultAction" : false,
+ "priority" : 80,
+ "config" : { }
+ }, {
+ "alias" : "VERIFY_PROFILE",
+ "name" : "Verify Profile",
+ "providerId" : "VERIFY_PROFILE",
+ "enabled" : true,
+ "defaultAction" : false,
+ "priority" : 90,
+ "config" : { }
+ }, {
+ "alias" : "delete_credential",
+ "name" : "Delete Credential",
+ "providerId" : "delete_credential",
+ "enabled" : true,
+ "defaultAction" : false,
+ "priority" : 100,
+ "config" : { }
+ }, {
+ "alias" : "update_user_locale",
+ "name" : "Update User Locale",
+ "providerId" : "update_user_locale",
+ "enabled" : true,
+ "defaultAction" : false,
+ "priority" : 1000,
+ "config" : { }
+ } ],
+ "browserFlow" : "browser",
+ "registrationFlow" : "registration",
+ "directGrantFlow" : "direct grant",
+ "resetCredentialsFlow" : "reset credentials",
+ "clientAuthenticationFlow" : "clients",
+ "dockerAuthenticationFlow" : "docker auth",
+ "firstBrokerLoginFlow" : "first broker login",
+ "attributes" : {
+ "cibaBackchannelTokenDeliveryMode" : "poll",
+ "cibaAuthRequestedUserHint" : "login_hint",
+ "clientOfflineSessionMaxLifespan" : "0",
+ "oauth2DevicePollingInterval" : "5",
+ "clientSessionIdleTimeout" : "0",
+ "clientOfflineSessionIdleTimeout" : "0",
+ "cibaInterval" : "5",
+ "realmReusableOtpCode" : "false",
+ "cibaExpiresIn" : "120",
+ "oauth2DeviceCodeLifespan" : "600",
+ "parRequestUriLifespan" : "60",
+ "clientSessionMaxLifespan" : "0",
+ "frontendUrl" : "",
+ "organizationsEnabled" : "false",
+ "acr.loa.map" : "{}"
+ },
+ "keycloakVersion" : "26.0.4",
+ "userManagedAccessAllowed" : false,
+ "organizationsEnabled" : false,
+ "clientProfiles" : {
+ "profiles" : [ ]
+ },
+ "clientPolicies" : {
+ "policies" : [ ]
+ }
+}
\ No newline at end of file
diff --git a/helm/dbrepo/templates/auth-configmap.yaml b/helm/dbrepo/templates/auth-configmap.yaml
index 01f83a092cb7c326d4719135ef0c34db80556216..4e95365743d17062227c2095d745e92b8a04207f 100644
--- a/helm/dbrepo/templates/auth-configmap.yaml
+++ b/helm/dbrepo/templates/auth-configmap.yaml
@@ -8,5468 +8,6 @@ binaryData:
create-event-listener.jar: |-
{{ .Files.Get "files/create-event-listener.jar" | b64enc }}
data:
- dbrepo-realm.json: |-
- {
- "id" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
- "realm" : "dbrepo",
- "notBefore" : 0,
- "defaultSignatureAlgorithm" : "RS256",
- "revokeRefreshToken" : false,
- "refreshTokenMaxReuse" : 1,
- "accessTokenLifespan" : 900,
- "accessTokenLifespanForImplicitFlow" : 900,
- "ssoSessionIdleTimeout" : 864000,
- "ssoSessionMaxLifespan" : 2592000,
- "ssoSessionIdleTimeoutRememberMe" : 0,
- "ssoSessionMaxLifespanRememberMe" : 0,
- "offlineSessionIdleTimeout" : 2592000,
- "offlineSessionMaxLifespanEnabled" : false,
- "offlineSessionMaxLifespan" : 5184000,
- "clientSessionIdleTimeout" : 0,
- "clientSessionMaxLifespan" : 0,
- "clientOfflineSessionIdleTimeout" : 0,
- "clientOfflineSessionMaxLifespan" : 0,
- "accessCodeLifespan" : 60,
- "accessCodeLifespanUserAction" : 300,
- "accessCodeLifespanLogin" : 1800,
- "actionTokenGeneratedByAdminLifespan" : 43200,
- "actionTokenGeneratedByUserLifespan" : 1800,
- "oauth2DeviceCodeLifespan" : 600,
- "oauth2DevicePollingInterval" : 5,
- "enabled" : true,
- "sslRequired" : "none",
- "registrationAllowed" : true,
- "registrationEmailAsUsername" : false,
- "rememberMe" : false,
- "verifyEmail" : true,
- "loginWithEmailAllowed" : false,
- "duplicateEmailsAllowed" : false,
- "resetPasswordAllowed" : false,
- "editUsernameAllowed" : false,
- "bruteForceProtected" : true,
- "permanentLockout" : false,
- "maxTemporaryLockouts" : 0,
- "bruteForceStrategy" : "MULTIPLE",
- "maxFailureWaitSeconds" : 900,
- "minimumQuickLoginWaitSeconds" : 60,
- "waitIncrementSeconds" : 60,
- "quickLoginCheckMilliSeconds" : 1000,
- "maxDeltaTimeSeconds" : 1036800,
- "failureFactor" : 10,
- "roles" : {
- "realm" : [ {
- "id" : "48f38342-1e3f-427a-995d-c436eaee65cb",
- "name" : "default-user-handling",
- "description" : "${default-user-handling}",
- "composite" : true,
- "composites" : {
- "realm" : [ "modify-user-theme", "modify-user-information" ]
- },
- "clientRole" : false,
- "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
- "attributes" : { }
- }, {
- "id" : "9bb4a8dc-28e0-4645-b62f-cc94425f0cb0",
- "name" : "default-maintenance-handling",
- "description" : "${default-maintenance-handling}",
- "composite" : true,
- "composites" : {
- "realm" : [ "create-maintenance-message", "find-maintenance-message", "update-maintenance-message", "delete-maintenance-message", "list-maintenance-messages" ]
- },
- "clientRole" : false,
- "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
- "attributes" : { }
- }, {
- "id" : "7ee1c424-11b0-46a9-b0ed-725e9b7fc40c",
- "name" : "default-system-roles",
- "description" : "${default-system-roles}",
- "composite" : true,
- "composites" : {
- "realm" : [ "delete-database-view", "update-semantic-unit", "export-query-data", "check-foreign-database-access", "default-data-steward-roles", "execute-query", "default-user-handling", "delete-table-data", "find-query", "list-database-views", "persist-query", "update-search-index", "delete-database-access", "view-table-history", "create-ontology", "update-ontology", "modify-user-theme", "default-system-roles", "create-semantic-concept", "default-container-handling", "create-container", "create-table", "default-broker-handling", "default-maintenance-handling", "execute-semantic-query", "uma_authorization", "table-semantic-analyse", "list-containers", "check-database-access", "escalated-query-handling", "delete-identifier", "modify-database-owner", "list-tables", "export-table-data", "create-database-access", "delete-container", "re-execute-query", "create-semantic-unit", "escalated-identifier-handling", "system", "update-table-statistic", "escalated-semantics-handling", "default-database-handling", "delete-ontology", "find-database", "find-database-view", "update-semantic-concept", "find-user", "import-database-data", "publish-identifier", "default-roles-dbrepo", "find-foreign-user", "create-database", "create-maintenance-message", "find-maintenance-message", "escalated-container-handling", "default-researcher-roles", "default-identifier-handling", "escalated-user-handling", "modify-user-information", "create-database-view", "update-maintenance-message", "delete-foreign-table", "offline_access", "modify-foreign-table-column-semantics", "delete-maintenance-message", "find-container", "insert-table-data", "modify-identifier-metadata", "modify-database-image", "escalated-broker-handling", "modify-table-column-semantics", "escalated-database-handling", "default-semantics-handling", "update-database-access", "default-query-handling", "find-table", "list-queries", "default-developer-roles", "create-identifier", "escalated-table-handling", "find-identifier", "view-table-data", "list-licenses", "default-table-handling", "list-identifiers", "create-foreign-identifier", "list-databases", "list-ontologies", "modify-database-visibility", "list-maintenance-messages", "delete-table" ]
- },
- "clientRole" : false,
- "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
- "attributes" : { }
- }, {
- "id" : "143ba359-5fa2-451e-8296-43ecf20bb251",
- "name" : "update-semantic-concept",
- "description" : "${update-semantic-concept}",
- "composite" : false,
- "clientRole" : false,
- "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
- "attributes" : { }
- }, {
- "id" : "5136d7a3-e3f0-4585-bacd-15cb8a56095c",
- "name" : "escalated-container-handling",
- "description" : "${escalated-container-handling}",
- "composite" : true,
- "composites" : {
- "realm" : [ "create-container", "delete-container" ]
- },
- "clientRole" : false,
- "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
- "attributes" : { }
- }, {
- "id" : "b0bc8649-7d84-4dd3-84f0-7f174425babe",
- "name" : "list-tables",
- "description" : "${list-tables}",
- "composite" : false,
- "clientRole" : false,
- "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
- "attributes" : { }
- }, {
- "id" : "bfd85d9c-2772-4660-a8f0-cdc0cd8252b3",
- "name" : "default-database-handling",
- "description" : "${default-database-handling}",
- "composite" : true,
- "composites" : {
- "realm" : [ "modify-database-image", "modify-database-owner", "update-database-access", "create-database", "list-databases", "create-database-access", "find-database", "modify-database-visibility", "import-database-data", "delete-database-access", "check-database-access" ]
- },
- "clientRole" : false,
- "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
- "attributes" : { }
- }, {
- "id" : "74648f9a-777e-4ef9-b97b-4c5d749d862f",
- "name" : "update-search-index",
- "description" : "${update-search-index}",
- "composite" : false,
- "clientRole" : false,
- "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
- "attributes" : { }
- }, {
- "id" : "22492b64-c633-48a0-9678-b28669f2885b",
- "name" : "execute-semantic-query",
- "description" : "${execute-semantic-query}",
- "composite" : false,
- "clientRole" : false,
- "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
- "attributes" : { }
- }, {
- "id" : "4ed919fa-edc5-44e5-9411-607786e4a86d",
- "name" : "view-table-history",
- "description" : "${view-table-history}",
- "composite" : false,
- "clientRole" : false,
- "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
- "attributes" : { }
- }, {
- "id" : "d89a2881-b642-4abb-b990-196e71372f6b",
- "name" : "default-table-handling",
- "description" : "${default-table-handling}",
- "composite" : true,
- "composites" : {
- "realm" : [ "modify-table-column-semantics", "list-tables", "update-table-statistic", "find-table", "create-table", "delete-table", "update-table" ]
- },
- "clientRole" : false,
- "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
- "attributes" : { }
- }, {
- "id" : "f5ea431a-9b2c-4195-bcb4-9511f38e4b44",
- "name" : "create-database-view",
- "description" : "${create-database-view}",
- "composite" : false,
- "clientRole" : false,
- "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
- "attributes" : { }
- }, {
- "id" : "a5ffc20e-8b11-498c-9f3b-b5740aec24c7",
- "name" : "default-semantics-handling",
- "description" : "${default-semantics-handling}",
- "composite" : true,
- "composites" : {
- "realm" : [ "create-semantic-unit", "create-semantic-concept", "execute-semantic-query", "table-semantic-analyse" ]
- },
- "clientRole" : false,
- "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
- "attributes" : { }
- }, {
- "id" : "fe4a01f3-6590-4df6-9ade-5a9c1fae4736",
- "name" : "create-semantic-unit",
- "description" : "${create-semantic-unit}",
- "composite" : false,
- "clientRole" : false,
- "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
- "attributes" : { }
- }, {
- "id" : "0e12eedf-545d-4d32-ac4d-2821dcb118b8",
- "name" : "update-table-statistic",
- "description" : "${update-table-statistic}",
- "composite" : false,
- "clientRole" : false,
- "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
- "attributes" : { }
- }, {
- "id" : "e63e61a2-d852-4ad3-bfb5-92d9ceafef6a",
- "name" : "escalated-user-handling",
- "description" : "${escalated-user-handling}",
- "composite" : true,
- "composites" : {
- "realm" : [ "find-user" ]
- },
- "clientRole" : false,
- "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
- "attributes" : { }
- }, {
- "id" : "be4e1aba-e276-4241-b6ea-01dce6c52f8b",
- "name" : "find-container",
- "description" : "${find-container}",
- "composite" : false,
- "clientRole" : false,
- "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
- "attributes" : { }
- }, {
- "id" : "3a801b48-f3c2-4bc6-aa25-c7a91d5b32a7",
- "name" : "default-researcher-roles",
- "description" : "${default-researcher-roles}",
- "composite" : true,
- "composites" : {
- "realm" : [ "default-table-handling", "default-semantics-handling", "default-container-handling", "default-query-handling", "default-user-handling", "default-database-handling", "default-broker-handling", "default-identifier-handling", "default-view-handling" ]
- },
- "clientRole" : false,
- "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
- "attributes" : { }
- }, {
- "id" : "3d8104fb-8307-40f0-b4b2-c3e518957110",
- "name" : "view-table-data",
- "description" : "${view-table-data}",
- "composite" : false,
- "clientRole" : false,
- "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
- "attributes" : { }
- }, {
- "id" : "fe71b907-7020-44ab-9964-da2b87264582",
- "name" : "create-database",
- "description" : "${create-database}",
- "composite" : false,
- "clientRole" : false,
- "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
- "attributes" : { }
- }, {
- "id" : "e51b63c2-48dd-4bd6-95fb-d257d21b26ba",
- "name" : "import-database-data",
- "description" : "${import-database-data}",
- "composite" : false,
- "clientRole" : false,
- "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
- "attributes" : { }
- }, {
- "id" : "1f0a9b13-c2b8-474c-bc08-59dbd71835a6",
- "name" : "modify-database-image",
- "description" : "${modify-database-image}",
- "composite" : false,
- "clientRole" : false,
- "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
- "attributes" : { }
- }, {
- "id" : "a7ad038c-5c06-42fc-951c-15ac09d4df66",
- "name" : "modify-database-owner",
- "description" : "${modify-database-owner}",
- "composite" : false,
- "clientRole" : false,
- "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
- "attributes" : { }
- }, {
- "id" : "22449528-00c9-4e86-9400-4b8ae6fd8f4d",
- "name" : "modify-view-visibility",
- "description" : "${modify-view-visibility}",
- "composite" : false,
- "clientRole" : false,
- "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
- "attributes" : { }
- }, {
- "id" : "c12c1f4e-186f-4153-a795-26e79fb623d6",
- "name" : "create-ontology",
- "description" : "${create-ontology}",
- "composite" : false,
- "clientRole" : false,
- "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
- "attributes" : { }
- }, {
- "id" : "b60a5694-4099-4f7d-a7e9-4c433e0eb9c9",
- "name" : "update-semantic-unit",
- "description" : "${update-semantic-unit}",
- "composite" : false,
- "clientRole" : false,
- "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
- "attributes" : { }
- }, {
- "id" : "e9854bbb-4580-4757-b1ae-305934173249",
- "name" : "create-database-access",
- "description" : "${create-database-access}",
- "composite" : false,
- "clientRole" : false,
- "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
- "attributes" : { }
- }, {
- "id" : "50c604c1-7c6e-43f3-9c43-2398f5eff66e",
- "name" : "list-databases",
- "description" : "${list-databases}",
- "composite" : false,
- "clientRole" : false,
- "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
- "attributes" : { }
- }, {
- "id" : "d75e7938-9d5e-4cb3-8c57-18a446867d3a",
- "name" : "default-view-handling",
- "description" : "${default-view-handling}",
- "composite" : true,
- "composites" : {
- "realm" : [ "delete-database-view", "update-database-view", "create-database-view", "modify-view-visibility", "find-database-view", "list-database-views" ]
- },
- "clientRole" : false,
- "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
- "attributes" : { }
- }, {
- "id" : "535f1484-4514-4d24-8d97-e3f6c11a426b",
- "name" : "create-container",
- "description" : "${create-container}",
- "composite" : false,
- "clientRole" : false,
- "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
- "attributes" : { }
- }, {
- "id" : "f4116230-8642-4bb7-bbc8-db9c5c07b558",
- "name" : "create-maintenance-message",
- "description" : "${create-maintenance-message}",
- "composite" : false,
- "clientRole" : false,
- "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
- "attributes" : { }
- }, {
- "id" : "973f0999-cc70-4b28-9f43-979c470bea8e",
- "name" : "default-data-steward-roles",
- "description" : "${default-data-steward-roles}",
- "composite" : true,
- "composites" : {
- "realm" : [ "escalated-identifier-handling", "default-semantics-handling", "escalated-semantics-handling", "default-user-handling" ]
- },
- "clientRole" : false,
- "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
- "attributes" : { }
- }, {
- "id" : "e1383fb7-d54c-4732-9146-93030eb2ca50",
- "name" : "escalated-query-handling",
- "description" : "${escalated-query-handling}",
- "composite" : false,
- "clientRole" : false,
- "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
- "attributes" : { }
- }, {
- "id" : "993b5c69-9eb2-42af-ac28-b4a46c6b61f2",
- "name" : "find-user",
- "description" : "${find-user}",
- "composite" : false,
- "clientRole" : false,
- "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
- "attributes" : { }
- }, {
- "id" : "e4cfdc4d-2373-477b-a8df-161db99aba00",
- "name" : "create-foreign-identifier",
- "description" : "${create-foreign-identifier}",
- "composite" : false,
- "clientRole" : false,
- "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
- "attributes" : { }
- }, {
- "id" : "6a5872a5-2b51-415d-ae2d-25a6db4a35df",
- "name" : "escalated-semantics-handling",
- "description" : "${escalated-semantics-handling}",
- "composite" : true,
- "composites" : {
- "realm" : [ "update-semantic-unit", "create-ontology", "update-ontology", "list-ontologies", "delete-ontology", "modify-foreign-table-column-semantics", "update-semantic-concept" ]
- },
- "clientRole" : false,
- "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
- "attributes" : { }
- }, {
- "id" : "09147c48-273b-450b-8b11-7ef9b9245244",
- "name" : "export-table-data",
- "description" : "${export-table-data}",
- "composite" : false,
- "clientRole" : false,
- "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
- "attributes" : { }
- }, {
- "id" : "d14af590-60a8-4d75-b864-40ee0165bd7f",
- "name" : "delete-database-access",
- "description" : "${delete-database-access}",
- "composite" : false,
- "clientRole" : false,
- "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
- "attributes" : { }
- }, {
- "id" : "be051d45-cd74-4b13-8a45-f2d3351bd995",
- "name" : "table-semantic-analyse",
- "description" : "${table-semantic-analyse}",
- "composite" : false,
- "clientRole" : false,
- "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
- "attributes" : { }
- }, {
- "id" : "272a79a7-e282-4261-8f7d-5d5d1364243a",
- "name" : "update-maintenance-message",
- "description" : "${update-maintenance-message}",
- "composite" : false,
- "clientRole" : false,
- "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
- "attributes" : { }
- }, {
- "id" : "6ae766b0-b8b4-4067-a95d-c8576bc4ac77",
- "name" : "update-table",
- "description" : "${update-table}",
- "composite" : false,
- "clientRole" : false,
- "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
- "attributes" : { }
- }, {
- "id" : "64c16bfb-2015-48ad-a23f-637ff24419cb",
- "name" : "default-query-handling",
- "description" : "${default-query-handling}",
- "composite" : true,
- "composites" : {
- "realm" : [ "delete-database-view", "export-query-data", "execute-query", "delete-table-data", "export-table-data", "list-queries", "find-query", "list-database-views", "persist-query", "view-table-data", "re-execute-query", "view-table-history", "create-database-view", "find-database-view", "insert-table-data" ]
- },
- "clientRole" : false,
- "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
- "attributes" : { }
- }, {
- "id" : "b05e9b2b-748d-490b-949b-e78655bf7805",
- "name" : "check-foreign-database-access",
- "description" : "${check-foreign-database-access}",
- "composite" : false,
- "clientRole" : false,
- "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
- "attributes" : { }
- }, {
- "id" : "c047d521-cec3-4444-86c4-aef098489b7b",
- "name" : "delete-maintenance-message",
- "description" : "${delete-maintenance-message}",
- "composite" : false,
- "clientRole" : false,
- "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
- "attributes" : { }
- }, {
- "id" : "df20b7d1-8d30-4a99-80eb-e8195fab0e76",
- "name" : "update-database-view",
- "description" : "${update-database-view}",
- "composite" : false,
- "clientRole" : false,
- "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
- "attributes" : { }
- }, {
- "id" : "88f82262-be80-4d18-9fb4-5529da031f33",
- "name" : "system",
- "description" : "${system}",
- "composite" : false,
- "clientRole" : false,
- "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
- "attributes" : { }
- }, {
- "id" : "e14ab76b-1c24-484d-ae2d-478b8457edea",
- "name" : "list-licenses",
- "description" : "${list-licenses}",
- "composite" : false,
- "clientRole" : false,
- "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
- "attributes" : { }
- }, {
- "id" : "d4f29937-3ca0-41e9-9786-2b7b921b6cdd",
- "name" : "modify-foreign-table-column-semantics",
- "description" : "${modify-foreign-table-column-semantics}",
- "composite" : false,
- "clientRole" : false,
- "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
- "attributes" : { }
- }, {
- "id" : "8eda9f5c-938c-4915-bed5-6a81a1de15a8",
- "name" : "list-database-views",
- "description" : "${list-database-views}",
- "composite" : false,
- "clientRole" : false,
- "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
- "attributes" : { }
- }, {
- "id" : "b372f8f7-d203-4293-b991-ad93fb505917",
- "name" : "escalated-database-handling",
- "description" : "${escalated-database-handling}",
- "composite" : false,
- "clientRole" : false,
- "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
- "attributes" : { }
- }, {
- "id" : "abd2d9ee-ebc4-4d0a-839e-6b588a6d442a",
- "name" : "default-roles-dbrepo",
- "description" : "${role_default-roles}",
- "composite" : false,
- "clientRole" : false,
- "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
- "attributes" : { }
- }, {
- "id" : "3293799a-82b9-4f47-8f25-1aad2e0222fd",
- "name" : "find-identifier",
- "description" : "${find-identifier}",
- "composite" : false,
- "clientRole" : false,
- "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
- "attributes" : { }
- }, {
- "id" : "aaa3f804-38a0-4474-b8e9-f1020c4b3f62",
- "name" : "list-queries",
- "description" : "${list-queries}",
- "composite" : false,
- "clientRole" : false,
- "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
- "attributes" : { }
- }, {
- "id" : "76e38f7b-99bf-4d12-8d74-1c7d8812f443",
- "name" : "update-ontology",
- "description" : "${update-ontology}",
- "composite" : false,
- "clientRole" : false,
- "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
- "attributes" : { }
- }, {
- "id" : "11f7973e-d1eb-42cb-a35d-c59dfc122775",
- "name" : "modify-user-theme",
- "description" : "${modify-user-theme}",
- "composite" : false,
- "clientRole" : false,
- "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
- "attributes" : { }
- }, {
- "id" : "f392bfcb-0be5-4fad-9ce4-8ac6396f176d",
- "name" : "export-query-data",
- "description" : "${export-query-data}",
- "composite" : false,
- "clientRole" : false,
- "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
- "attributes" : { }
- }, {
- "id" : "da493b7e-fb9b-43ca-82a5-e274ad2e6b39",
- "name" : "find-query",
- "description" : "${find-query}",
- "composite" : false,
- "clientRole" : false,
- "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
- "attributes" : { }
- }, {
- "id" : "a4d4a788-ebcf-4d32-baed-4a85616ca037",
- "name" : "escalated-identifier-handling",
- "description" : "${escalated-identifier-handling}",
- "composite" : true,
- "composites" : {
- "realm" : [ "create-foreign-identifier", "modify-identifier-metadata" ]
- },
- "clientRole" : false,
- "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
- "attributes" : { }
- }, {
- "id" : "ea38d69d-17b8-4c65-95e8-1c3501b83618",
- "name" : "default-container-handling",
- "description" : "${default-container-handling}",
- "composite" : true,
- "composites" : {
- "realm" : [ "find-container" ]
- },
- "clientRole" : false,
- "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
- "attributes" : { }
- }, {
- "id" : "8b8813e0-af07-4d04-a8c1-e3f37192bace",
- "name" : "publish-identifier",
- "description" : "${publish-identifier}",
- "composite" : false,
- "clientRole" : false,
- "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
- "attributes" : { }
- }, {
- "id" : "47f5eee7-9821-4bf8-b434-0da1f81c3e5a",
- "name" : "default-broker-handling",
- "description" : "${default-broker-handling}",
- "composite" : false,
- "clientRole" : false,
- "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
- "attributes" : { }
- }, {
- "id" : "71874bde-64a5-4a69-8685-d8998303a80c",
- "name" : "delete-table-data",
- "description" : "${delete-table-data}",
- "composite" : false,
- "clientRole" : false,
- "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
- "attributes" : { }
- }, {
- "id" : "7c0306fc-3b03-4c64-87d1-9a34f2073977",
- "name" : "modify-table-column-semantics",
- "description" : "${modify-table-column-semantics}",
- "composite" : false,
- "clientRole" : false,
- "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
- "attributes" : { }
- }, {
- "id" : "cd0ee04c-4a5e-4035-a11b-f6a1165f7829",
- "name" : "delete-container",
- "description" : "${delete-container}",
- "composite" : false,
- "clientRole" : false,
- "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
- "attributes" : { }
- }, {
- "id" : "67ee39c0-d601-4a67-a0fe-c4f0021d557e",
- "name" : "list-containers",
- "description" : "${list-containers}",
- "composite" : false,
- "clientRole" : false,
- "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
- "attributes" : { }
- }, {
- "id" : "795c7bb8-3502-414a-a97b-2ba1cfd6a79c",
- "name" : "persist-query",
- "description" : "${persist-query}",
- "composite" : false,
- "clientRole" : false,
- "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
- "attributes" : { }
- }, {
- "id" : "d05e7698-ddf5-4f20-9027-771afb2cc3c7",
- "name" : "list-identifiers",
- "description" : "${list-identifiers}",
- "composite" : false,
- "clientRole" : false,
- "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
- "attributes" : { }
- }, {
- "id" : "e4bfaf36-9a5d-43e0-9fa3-0f4ea7bad8d0",
- "name" : "default-developer-roles",
- "description" : "${default-developer-roles}",
- "composite" : true,
- "composites" : {
- "realm" : [ "escalated-query-handling", "escalated-broker-handling", "default-table-handling", "escalated-database-handling", "default-container-handling", "default-query-handling", "default-user-handling", "default-database-handling", "default-maintenance-handling", "escalated-container-handling", "escalated-table-handling", "default-identifier-handling" ]
- },
- "clientRole" : false,
- "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
- "attributes" : { }
- }, {
- "id" : "e2cb054e-ea41-4ab0-881b-e6f576f7424e",
- "name" : "create-semantic-concept",
- "description" : "${create-semantic-concept}",
- "composite" : false,
- "clientRole" : false,
- "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
- "attributes" : { }
- }, {
- "id" : "feb612cc-96a6-4ed2-aaa5-01f39b25beb5",
- "name" : "insert-table-data",
- "description" : "${insert-table-data}",
- "composite" : false,
- "clientRole" : false,
- "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
- "attributes" : { }
- }, {
- "id" : "a0942e33-441b-4343-9f02-4353d03f7bbb",
- "name" : "find-database",
- "description" : "${find-database}",
- "composite" : false,
- "clientRole" : false,
- "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
- "attributes" : { }
- }, {
- "id" : "6a0bb740-4448-49be-aee8-6dd183325be5",
- "name" : "delete-foreign-table",
- "description" : "${delete-foreign-table}",
- "composite" : false,
- "clientRole" : false,
- "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
- "attributes" : { }
- }, {
- "id" : "7f3652c7-3073-4566-ab63-25385495ebc3",
- "name" : "modify-database-visibility",
- "description" : "${modify-database-visibility}",
- "composite" : false,
- "clientRole" : false,
- "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
- "attributes" : { }
- }, {
- "id" : "4a5df51d-f14d-41a2-ad70-6521df5a5b4f",
- "name" : "offline_access",
- "description" : "${role_offline-access}",
- "composite" : false,
- "clientRole" : false,
- "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
- "attributes" : { }
- }, {
- "id" : "fd41c4c3-d2f8-4f49-84c7-dba84e9a5575",
- "name" : "execute-query",
- "description" : "${execute-query}",
- "composite" : false,
- "clientRole" : false,
- "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
- "attributes" : { }
- }, {
- "id" : "2963c2bb-b129-4224-b98f-c8eeab8e72d1",
- "name" : "create-table",
- "description" : "${create-table}",
- "composite" : false,
- "clientRole" : false,
- "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
- "attributes" : { }
- }, {
- "id" : "0c487c93-448f-4a82-8b9f-ebd8a0904bf8",
- "name" : "find-foreign-user",
- "description" : "${find-foreign-user}",
- "composite" : false,
- "clientRole" : false,
- "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
- "attributes" : { }
- }, {
- "id" : "cf9735a9-fb70-4cc5-b5f4-75afc4e5654b",
- "name" : "modify-identifier-metadata",
- "description" : "${modify-identifier-metadata}",
- "composite" : false,
- "clientRole" : false,
- "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
- "attributes" : { }
- }, {
- "id" : "64c2b8f2-1527-4928-81ea-b2651512d028",
- "name" : "delete-ontology",
- "description" : "${delete-ontology}",
- "composite" : false,
- "clientRole" : false,
- "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
- "attributes" : { }
- }, {
- "id" : "d6e38368-b40f-423b-82e4-e8aa595237c9",
- "name" : "find-maintenance-message",
- "description" : "${find-maintenance-message}",
- "composite" : false,
- "clientRole" : false,
- "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
- "attributes" : { }
- }, {
- "id" : "fd1cc463-3e67-49d9-81b8-2cd90c1daa9c",
- "name" : "check-database-access",
- "description" : "${check-database-access}",
- "composite" : false,
- "clientRole" : false,
- "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
- "attributes" : { }
- }, {
- "id" : "74013867-e426-46cc-ab98-2f4a9225ad1e",
- "name" : "find-table",
- "description" : "${find-table}",
- "composite" : false,
- "clientRole" : false,
- "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
- "attributes" : { }
- }, {
- "id" : "a2cc60df-d280-46c5-a539-92e2aa249b4a",
- "name" : "modify-user-information",
- "description" : "${modify-user-information}",
- "composite" : false,
- "clientRole" : false,
- "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
- "attributes" : { }
- }, {
- "id" : "c367241f-b5b5-491f-84d5-07fe1bef3877",
- "name" : "default-identifier-handling",
- "description" : "${default-identifier-handling}",
- "composite" : true,
- "composites" : {
- "realm" : [ "delete-identifier", "list-identifiers", "create-identifier", "find-identifier", "publish-identifier" ]
- },
- "clientRole" : false,
- "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
- "attributes" : { }
- }, {
- "id" : "ba1ad8f2-39aa-487d-987f-645e8a459559",
- "name" : "delete-table",
- "description" : "${delete-table}",
- "composite" : false,
- "clientRole" : false,
- "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
- "attributes" : { }
- }, {
- "id" : "09f7bdb0-296f-46c8-a3a3-8f9254fb17e4",
- "name" : "list-maintenance-messages",
- "description" : "${list-maintenance-messages}",
- "composite" : false,
- "clientRole" : false,
- "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
- "attributes" : { }
- }, {
- "id" : "fe3bc45c-61c2-4ece-bcaf-d410dc7de501",
- "name" : "update-database-access",
- "description" : "${update-database-access}",
- "composite" : false,
- "clientRole" : false,
- "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
- "attributes" : { }
- }, {
- "id" : "f43e86ed-76de-4ca8-9b5e-c292c9359bfe",
- "name" : "escalated-broker-handling",
- "description" : "${escalated-broker-handling}",
- "composite" : false,
- "clientRole" : false,
- "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
- "attributes" : { }
- }, {
- "id" : "916b1e65-f60c-42cd-96e4-5c98ffc1ba3c",
- "name" : "uma_authorization",
- "description" : "${role_uma_authorization}",
- "composite" : false,
- "clientRole" : false,
- "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
- "attributes" : { }
- }, {
- "id" : "d1afa3ed-bf4f-469a-a061-ad7325fb8d9e",
- "name" : "delete-database-view",
- "description" : "${delete-database-view}",
- "composite" : false,
- "clientRole" : false,
- "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
- "attributes" : { }
- }, {
- "id" : "6f044bad-6651-4408-bffa-20c2d8f92eee",
- "name" : "create-identifier",
- "description" : "${create-identifier}",
- "composite" : false,
- "clientRole" : false,
- "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
- "attributes" : { }
- }, {
- "id" : "be91195a-e30a-4d15-a8da-0aca0a68782f",
- "name" : "escalated-table-handling",
- "description" : "${escalated-table-handling}",
- "composite" : true,
- "composites" : {
- "realm" : [ "delete-foreign-table" ]
- },
- "clientRole" : false,
- "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
- "attributes" : { }
- }, {
- "id" : "98bee7d6-d78c-4e7f-b6a3-3705968b248c",
- "name" : "list-ontologies",
- "description" : "${list-ontologies}",
- "composite" : false,
- "clientRole" : false,
- "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
- "attributes" : { }
- }, {
- "id" : "15720c6b-027d-4d53-a0ff-0124bfab7c4c",
- "name" : "re-execute-query",
- "description" : "${re-execute-query}",
- "composite" : false,
- "clientRole" : false,
- "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
- "attributes" : { }
- }, {
- "id" : "a9b5181a-8135-41d3-9862-ef80af42211d",
- "name" : "delete-identifier",
- "description" : "${delete-identifier}",
- "composite" : false,
- "clientRole" : false,
- "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
- "attributes" : { }
- }, {
- "id" : "469c2e63-cda6-48d4-ab8f-eb59a2c69798",
- "name" : "find-database-view",
- "description" : "${find-database-view}",
- "composite" : false,
- "clientRole" : false,
- "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
- "attributes" : { }
- } ],
- "client" : {
- "realm-management" : [ {
- "id" : "4628f654-f8f3-483b-8f92-2a7fc5930b14",
- "name" : "query-realms",
- "description" : "${role_query-realms}",
- "composite" : false,
- "clientRole" : true,
- "containerId" : "cfffd5d0-aa19-4057-8ca0-f2c51ca0e930",
- "attributes" : { }
- }, {
- "id" : "95c2cc47-12f5-4d73-8b74-67e270c45ade",
- "name" : "manage-authorization",
- "description" : "${role_manage-authorization}",
- "composite" : false,
- "clientRole" : true,
- "containerId" : "cfffd5d0-aa19-4057-8ca0-f2c51ca0e930",
- "attributes" : { }
- }, {
- "id" : "824791f3-c345-42f8-b103-b7e6d7e40114",
- "name" : "manage-identity-providers",
- "description" : "${role_manage-identity-providers}",
- "composite" : false,
- "clientRole" : true,
- "containerId" : "cfffd5d0-aa19-4057-8ca0-f2c51ca0e930",
- "attributes" : { }
- }, {
- "id" : "1f840202-b7e2-4195-bac9-64e64dad2037",
- "name" : "view-identity-providers",
- "description" : "${role_view-identity-providers}",
- "composite" : false,
- "clientRole" : true,
- "containerId" : "cfffd5d0-aa19-4057-8ca0-f2c51ca0e930",
- "attributes" : { }
- }, {
- "id" : "3c32c096-bb13-44c9-a080-d756a48a9ea3",
- "name" : "query-clients",
- "description" : "${role_query-clients}",
- "composite" : false,
- "clientRole" : true,
- "containerId" : "cfffd5d0-aa19-4057-8ca0-f2c51ca0e930",
- "attributes" : { }
- }, {
- "id" : "e4b85a68-7f31-4fcf-89a2-f10d7df358e9",
- "name" : "view-authorization",
- "description" : "${role_view-authorization}",
- "composite" : false,
- "clientRole" : true,
- "containerId" : "cfffd5d0-aa19-4057-8ca0-f2c51ca0e930",
- "attributes" : { }
- }, {
- "id" : "7d317752-ae56-46f2-a2ce-67c64d1b35f6",
- "name" : "view-users",
- "description" : "${role_view-users}",
- "composite" : true,
- "composites" : {
- "client" : {
- "realm-management" : [ "query-users", "query-groups" ]
- }
- },
- "clientRole" : true,
- "containerId" : "cfffd5d0-aa19-4057-8ca0-f2c51ca0e930",
- "attributes" : { }
- }, {
- "id" : "28824208-976e-4622-b4d7-3d18efbb46fa",
- "name" : "realm-admin",
- "description" : "${role_realm-admin}",
- "composite" : true,
- "composites" : {
- "client" : {
- "realm-management" : [ "query-realms", "manage-authorization", "manage-identity-providers", "view-identity-providers", "query-clients", "view-authorization", "view-users", "manage-users", "view-realm", "query-users", "view-clients", "create-client", "query-groups", "impersonation", "manage-clients", "manage-events", "view-events", "manage-realm" ]
- }
- },
- "clientRole" : true,
- "containerId" : "cfffd5d0-aa19-4057-8ca0-f2c51ca0e930",
- "attributes" : { }
- }, {
- "id" : "57e846a2-930d-4621-819d-c35086507146",
- "name" : "manage-users",
- "description" : "${role_manage-users}",
- "composite" : false,
- "clientRole" : true,
- "containerId" : "cfffd5d0-aa19-4057-8ca0-f2c51ca0e930",
- "attributes" : { }
- }, {
- "id" : "7fad9cde-bf96-475a-9174-14a87da51f95",
- "name" : "view-realm",
- "description" : "${role_view-realm}",
- "composite" : false,
- "clientRole" : true,
- "containerId" : "cfffd5d0-aa19-4057-8ca0-f2c51ca0e930",
- "attributes" : { }
- }, {
- "id" : "bbcac294-d78a-4ea1-a4bf-0384266d2fe1",
- "name" : "query-users",
- "description" : "${role_query-users}",
- "composite" : false,
- "clientRole" : true,
- "containerId" : "cfffd5d0-aa19-4057-8ca0-f2c51ca0e930",
- "attributes" : { }
- }, {
- "id" : "480e1437-ab9e-47de-b47a-edc6b6e285de",
- "name" : "view-clients",
- "description" : "${role_view-clients}",
- "composite" : true,
- "composites" : {
- "client" : {
- "realm-management" : [ "query-clients" ]
- }
- },
- "clientRole" : true,
- "containerId" : "cfffd5d0-aa19-4057-8ca0-f2c51ca0e930",
- "attributes" : { }
- }, {
- "id" : "b9a9a8f5-f91e-4e73-9e88-1cdf42bd49f9",
- "name" : "create-client",
- "description" : "${role_create-client}",
- "composite" : false,
- "clientRole" : true,
- "containerId" : "cfffd5d0-aa19-4057-8ca0-f2c51ca0e930",
- "attributes" : { }
- }, {
- "id" : "4d1397fb-247c-436f-b26f-124cd89afb08",
- "name" : "query-groups",
- "description" : "${role_query-groups}",
- "composite" : false,
- "clientRole" : true,
- "containerId" : "cfffd5d0-aa19-4057-8ca0-f2c51ca0e930",
- "attributes" : { }
- }, {
- "id" : "e31f522b-b283-4ae1-b875-52afcd98b1d2",
- "name" : "impersonation",
- "description" : "${role_impersonation}",
- "composite" : false,
- "clientRole" : true,
- "containerId" : "cfffd5d0-aa19-4057-8ca0-f2c51ca0e930",
- "attributes" : { }
- }, {
- "id" : "51822d02-fa28-4a49-89da-bc534719d8a8",
- "name" : "manage-clients",
- "description" : "${role_manage-clients}",
- "composite" : false,
- "clientRole" : true,
- "containerId" : "cfffd5d0-aa19-4057-8ca0-f2c51ca0e930",
- "attributes" : { }
- }, {
- "id" : "b2743ce5-0ce8-4157-ae00-f693560f0b39",
- "name" : "manage-events",
- "description" : "${role_manage-events}",
- "composite" : false,
- "clientRole" : true,
- "containerId" : "cfffd5d0-aa19-4057-8ca0-f2c51ca0e930",
- "attributes" : { }
- }, {
- "id" : "7ea3d7e0-9bf4-438a-b773-243daf622aaa",
- "name" : "view-events",
- "description" : "${role_view-events}",
- "composite" : false,
- "clientRole" : true,
- "containerId" : "cfffd5d0-aa19-4057-8ca0-f2c51ca0e930",
- "attributes" : { }
- }, {
- "id" : "fb73f6f5-0ed5-41d0-852c-0eb3b195b15a",
- "name" : "manage-realm",
- "description" : "${role_manage-realm}",
- "composite" : false,
- "clientRole" : true,
- "containerId" : "cfffd5d0-aa19-4057-8ca0-f2c51ca0e930",
- "attributes" : { }
- } ],
- "security-admin-console" : [ ],
- "dbrepo-client" : [ ],
- "admin-cli" : [ ],
- "rabbitmq-client" : [ ],
- "account-console" : [ ],
- "broker" : [ {
- "id" : "de0cfd5e-c2fe-4082-ac39-e3b092139a0f",
- "name" : "read-token",
- "description" : "${role_read-token}",
- "composite" : false,
- "clientRole" : true,
- "containerId" : "88694c91-753d-4c44-9740-ec9ac06bba45",
- "attributes" : { }
- } ],
- "account" : [ {
- "id" : "acd78c04-eefc-4344-a5b4-3fc83d848936",
- "name" : "delete-account",
- "description" : "${role_delete-account}",
- "composite" : false,
- "clientRole" : true,
- "containerId" : "e767a4a6-79e9-4e08-82b7-1076e1a09142",
- "attributes" : { }
- }, {
- "id" : "939be844-8c49-45b3-9ca1-4b10a454b346",
- "name" : "view-profile",
- "description" : "${role_view-profile}",
- "composite" : false,
- "clientRole" : true,
- "containerId" : "e767a4a6-79e9-4e08-82b7-1076e1a09142",
- "attributes" : { }
- }, {
- "id" : "e52fdf00-3e73-4c17-bc1c-643493710a6b",
- "name" : "view-applications",
- "description" : "${role_view-applications}",
- "composite" : false,
- "clientRole" : true,
- "containerId" : "e767a4a6-79e9-4e08-82b7-1076e1a09142",
- "attributes" : { }
- }, {
- "id" : "b02a822e-a708-420a-bddc-1a315033fd7c",
- "name" : "view-consent",
- "description" : "${role_view-consent}",
- "composite" : false,
- "clientRole" : true,
- "containerId" : "e767a4a6-79e9-4e08-82b7-1076e1a09142",
- "attributes" : { }
- }, {
- "id" : "c590e5f5-2cbf-4151-b1dc-96c454f1f654",
- "name" : "view-groups",
- "description" : "${role_view-groups}",
- "composite" : false,
- "clientRole" : true,
- "containerId" : "e767a4a6-79e9-4e08-82b7-1076e1a09142",
- "attributes" : { }
- }, {
- "id" : "15974151-6c13-426b-8cc3-7683dd1311e1",
- "name" : "manage-account-links",
- "description" : "${role_manage-account-links}",
- "composite" : false,
- "clientRole" : true,
- "containerId" : "e767a4a6-79e9-4e08-82b7-1076e1a09142",
- "attributes" : { }
- }, {
- "id" : "c12d8d94-c2df-498e-bbe4-2f934a83ae92",
- "name" : "manage-consent",
- "description" : "${role_manage-consent}",
- "composite" : true,
- "composites" : {
- "client" : {
- "account" : [ "view-consent" ]
- }
- },
- "clientRole" : true,
- "containerId" : "e767a4a6-79e9-4e08-82b7-1076e1a09142",
- "attributes" : { }
- }, {
- "id" : "55f85811-bded-4d6b-8f7b-45844b963875",
- "name" : "manage-account",
- "description" : "${role_manage-account}",
- "composite" : true,
- "composites" : {
- "client" : {
- "account" : [ "manage-account-links" ]
- }
- },
- "clientRole" : true,
- "containerId" : "e767a4a6-79e9-4e08-82b7-1076e1a09142",
- "attributes" : { }
- } ]
- }
- },
- "groups" : [ {
- "id" : "f2ce17fe-7b15-47a4-bbf8-86f415298fa9",
- "name" : "data-stewards",
- "path" : "/data-stewards",
- "subGroups" : [ ],
- "attributes" : { },
- "realmRoles" : [ "default-data-steward-roles" ],
- "clientRoles" : { }
- }, {
- "id" : "124d9888-0b6e-46aa-8225-077dcedaf16e",
- "name" : "developers",
- "path" : "/developers",
- "subGroups" : [ ],
- "attributes" : { },
- "realmRoles" : [ "default-developer-roles" ],
- "clientRoles" : { }
- }, {
- "id" : "f467c38e-9041-4faa-ae0b-39cec65ff4db",
- "name" : "researchers",
- "path" : "/researchers",
- "subGroups" : [ ],
- "attributes" : { },
- "realmRoles" : [ "default-researcher-roles" ],
- "clientRoles" : { }
- }, {
- "id" : "2b9f94b4-d434-4a98-8eab-25678cfee983",
- "name" : "system",
- "path" : "/system",
- "subGroups" : [ ],
- "attributes" : { },
- "realmRoles" : [ "default-system-roles" ],
- "clientRoles" : { }
- } ],
- "defaultRole" : {
- "id" : "abd2d9ee-ebc4-4d0a-839e-6b588a6d442a",
- "name" : "default-roles-dbrepo",
- "description" : "${role_default-roles}",
- "composite" : false,
- "clientRole" : false,
- "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0"
- },
- "defaultGroups" : [ "/researchers" ],
- "requiredCredentials" : [ "password" ],
- "otpPolicyType" : "totp",
- "otpPolicyAlgorithm" : "HmacSHA1",
- "otpPolicyInitialCounter" : 0,
- "otpPolicyDigits" : 6,
- "otpPolicyLookAheadWindow" : 1,
- "otpPolicyPeriod" : 30,
- "otpPolicyCodeReusable" : false,
- "otpSupportedApplications" : [ "totpAppFreeOTPName", "totpAppGoogleName", "totpAppMicrosoftAuthenticatorName" ],
- "localizationTexts" : { },
- "webAuthnPolicyRpEntityName" : "keycloak",
- "webAuthnPolicySignatureAlgorithms" : [ "ES256" ],
- "webAuthnPolicyRpId" : "",
- "webAuthnPolicyAttestationConveyancePreference" : "not specified",
- "webAuthnPolicyAuthenticatorAttachment" : "not specified",
- "webAuthnPolicyRequireResidentKey" : "not specified",
- "webAuthnPolicyUserVerificationRequirement" : "not specified",
- "webAuthnPolicyCreateTimeout" : 0,
- "webAuthnPolicyAvoidSameAuthenticatorRegister" : false,
- "webAuthnPolicyAcceptableAaguids" : [ ],
- "webAuthnPolicyExtraOrigins" : [ ],
- "webAuthnPolicyPasswordlessRpEntityName" : "keycloak",
- "webAuthnPolicyPasswordlessSignatureAlgorithms" : [ "ES256" ],
- "webAuthnPolicyPasswordlessRpId" : "",
- "webAuthnPolicyPasswordlessAttestationConveyancePreference" : "not specified",
- "webAuthnPolicyPasswordlessAuthenticatorAttachment" : "not specified",
- "webAuthnPolicyPasswordlessRequireResidentKey" : "not specified",
- "webAuthnPolicyPasswordlessUserVerificationRequirement" : "not specified",
- "webAuthnPolicyPasswordlessCreateTimeout" : 0,
- "webAuthnPolicyPasswordlessAvoidSameAuthenticatorRegister" : false,
- "webAuthnPolicyPasswordlessAcceptableAaguids" : [ ],
- "webAuthnPolicyPasswordlessExtraOrigins" : [ ],
- "scopeMappings" : [ {
- "clientScope" : "rabbitmq.tag:administrator",
- "roles" : [ "escalated-broker-handling" ]
- }, {
- "clientScope" : "rabbitmq.tag:management",
- "roles" : [ "default-broker-handling" ]
- } ],
- "clientScopeMappings" : {
- "account" : [ {
- "client" : "account-console",
- "roles" : [ "manage-account", "view-groups" ]
- } ]
- },
- "clients" : [ {
- "id" : "e767a4a6-79e9-4e08-82b7-1076e1a09142",
- "clientId" : "account",
- "name" : "${client_account}",
- "rootUrl" : "${authBaseUrl}",
- "baseUrl" : "/realms/dbrepo/account/",
- "surrogateAuthRequired" : false,
- "enabled" : true,
- "alwaysDisplayInConsole" : false,
- "clientAuthenticatorType" : "client-secret",
- "redirectUris" : [ "/realms/dbrepo/account/*" ],
- "webOrigins" : [ ],
- "notBefore" : 0,
- "bearerOnly" : false,
- "consentRequired" : false,
- "standardFlowEnabled" : true,
- "implicitFlowEnabled" : false,
- "directAccessGrantsEnabled" : false,
- "serviceAccountsEnabled" : false,
- "publicClient" : true,
- "frontchannelLogout" : false,
- "protocol" : "openid-connect",
- "attributes" : {
- "realm_client" : "false",
- "post.logout.redirect.uris" : "+"
- },
- "authenticationFlowBindingOverrides" : { },
- "fullScopeAllowed" : false,
- "nodeReRegistrationTimeout" : 0,
- "defaultClientScopes" : [ "web-origins", "acr", "profile", "roles", "basic", "email" ],
- "optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ]
- }, {
- "id" : "d3c4a04e-39ce-4549-a34a-11e25774cd96",
- "clientId" : "account-console",
- "name" : "${client_account-console}",
- "rootUrl" : "${authBaseUrl}",
- "baseUrl" : "/realms/dbrepo/account/",
- "surrogateAuthRequired" : false,
- "enabled" : true,
- "alwaysDisplayInConsole" : false,
- "clientAuthenticatorType" : "client-secret",
- "redirectUris" : [ "/realms/dbrepo/account/*" ],
- "webOrigins" : [ ],
- "notBefore" : 0,
- "bearerOnly" : false,
- "consentRequired" : false,
- "standardFlowEnabled" : true,
- "implicitFlowEnabled" : false,
- "directAccessGrantsEnabled" : false,
- "serviceAccountsEnabled" : false,
- "publicClient" : true,
- "frontchannelLogout" : false,
- "protocol" : "openid-connect",
- "attributes" : {
- "realm_client" : "false",
- "post.logout.redirect.uris" : "+",
- "pkce.code.challenge.method" : "S256"
- },
- "authenticationFlowBindingOverrides" : { },
- "fullScopeAllowed" : false,
- "nodeReRegistrationTimeout" : 0,
- "protocolMappers" : [ {
- "id" : "22d90d9c-9881-474c-8dfd-a62c808a9f1c",
- "name" : "audience resolve",
- "protocol" : "openid-connect",
- "protocolMapper" : "oidc-audience-resolve-mapper",
- "consentRequired" : false,
- "config" : { }
- } ],
- "defaultClientScopes" : [ "web-origins", "acr", "profile", "roles", "basic", "email" ],
- "optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ]
- }, {
- "id" : "81ef0f59-a5ca-4be4-a1d1-0c32edf1cfd6",
- "clientId" : "admin-cli",
- "name" : "${client_admin-cli}",
- "surrogateAuthRequired" : false,
- "enabled" : true,
- "alwaysDisplayInConsole" : false,
- "clientAuthenticatorType" : "client-secret",
- "redirectUris" : [ ],
- "webOrigins" : [ ],
- "notBefore" : 0,
- "bearerOnly" : false,
- "consentRequired" : false,
- "standardFlowEnabled" : false,
- "implicitFlowEnabled" : false,
- "directAccessGrantsEnabled" : true,
- "serviceAccountsEnabled" : false,
- "publicClient" : true,
- "frontchannelLogout" : false,
- "protocol" : "openid-connect",
- "attributes" : {
- "realm_client" : "false",
- "client.use.lightweight.access.token.enabled" : "true",
- "post.logout.redirect.uris" : "+"
- },
- "authenticationFlowBindingOverrides" : { },
- "fullScopeAllowed" : true,
- "nodeReRegistrationTimeout" : 0,
- "defaultClientScopes" : [ "web-origins", "acr", "profile", "roles", "basic", "email" ],
- "optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ]
- }, {
- "id" : "88694c91-753d-4c44-9740-ec9ac06bba45",
- "clientId" : "broker",
- "name" : "${client_broker}",
- "surrogateAuthRequired" : false,
- "enabled" : true,
- "alwaysDisplayInConsole" : false,
- "clientAuthenticatorType" : "client-secret",
- "redirectUris" : [ ],
- "webOrigins" : [ ],
- "notBefore" : 0,
- "bearerOnly" : true,
- "consentRequired" : false,
- "standardFlowEnabled" : true,
- "implicitFlowEnabled" : false,
- "directAccessGrantsEnabled" : false,
- "serviceAccountsEnabled" : false,
- "publicClient" : false,
- "frontchannelLogout" : false,
- "protocol" : "openid-connect",
- "attributes" : {
- "realm_client" : "true",
- "post.logout.redirect.uris" : "+"
- },
- "authenticationFlowBindingOverrides" : { },
- "fullScopeAllowed" : false,
- "nodeReRegistrationTimeout" : 0,
- "defaultClientScopes" : [ "web-origins", "acr", "profile", "roles", "email" ],
- "optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ]
- }, {
- "id" : "6b7ef364-4132-4831-b4e2-b6e9e9dc63ee",
- "clientId" : "dbrepo-client",
- "name" : "${dbrepo-client}",
- "description" : "",
- "rootUrl" : "",
- "adminUrl" : "",
- "baseUrl" : "",
- "surrogateAuthRequired" : false,
- "enabled" : true,
- "alwaysDisplayInConsole" : true,
- "clientAuthenticatorType" : "client-secret",
- "secret" : "MUwRc7yfXSJwX8AdRMWaQC3Nep1VjwgG",
- "redirectUris" : [ "*" ],
- "webOrigins" : [ "*" ],
- "notBefore" : 0,
- "bearerOnly" : false,
- "consentRequired" : false,
- "standardFlowEnabled" : true,
- "implicitFlowEnabled" : false,
- "directAccessGrantsEnabled" : true,
- "serviceAccountsEnabled" : false,
- "publicClient" : false,
- "frontchannelLogout" : true,
- "protocol" : "openid-connect",
- "attributes" : {
- "realm_client" : "false",
- "oidc.ciba.grant.enabled" : "false",
- "client.secret.creation.time" : "1680085365",
- "backchannel.logout.session.required" : "true",
- "post.logout.redirect.uris" : "*",
- "oauth2.device.authorization.grant.enabled" : "false",
- "backchannel.logout.revoke.offline.tokens" : "false"
- },
- "authenticationFlowBindingOverrides" : { },
- "fullScopeAllowed" : true,
- "nodeReRegistrationTimeout" : -1,
- "protocolMappers" : [ {
- "id" : "266edf62-a19a-483b-b594-81428e4af792",
- "name" : "orcid",
- "protocol" : "openid-connect",
- "protocolMapper" : "oidc-usermodel-attribute-mapper",
- "consentRequired" : false,
- "config" : {
- "introspection.token.claim" : "true",
- "userinfo.token.claim" : "true",
- "user.attribute" : "ORCID",
- "id.token.claim" : "true",
- "lightweight.claim" : "false",
- "access.token.claim" : "true",
- "claim.name" : "orcid",
- "jsonType.label" : "String"
- }
- }, {
- "id" : "1a21798a-38b6-4df5-89f0-86942415246f",
- "name" : "theme",
- "protocol" : "openid-connect",
- "protocolMapper" : "oidc-usermodel-attribute-mapper",
- "consentRequired" : false,
- "config" : {
- "introspection.token.claim" : "true",
- "userinfo.token.claim" : "true",
- "user.attribute" : "THEME",
- "id.token.claim" : "true",
- "lightweight.claim" : "false",
- "access.token.claim" : "true",
- "claim.name" : "theme",
- "jsonType.label" : "String"
- }
- }, {
- "id" : "da0b27c1-ae2e-4baa-bf78-db233e15c78d",
- "name" : "preferred_username",
- "protocol" : "openid-connect",
- "protocolMapper" : "oidc-usermodel-property-mapper",
- "consentRequired" : false,
- "config" : {
- "user.attribute" : "username",
- "id.token.claim" : "true",
- "access.token.claim" : "true",
- "claim.name" : "preferred_username",
- "userinfo.token.claim" : "true"
- }
- }, {
- "id" : "1bc6a1f4-4be2-439c-8c7f-b3fb0bb9956a",
- "name" : "affiliation",
- "protocol" : "openid-connect",
- "protocolMapper" : "oidc-usermodel-attribute-mapper",
- "consentRequired" : false,
- "config" : {
- "introspection.token.claim" : "true",
- "userinfo.token.claim" : "true",
- "user.attribute" : "AFFILIATION",
- "id.token.claim" : "true",
- "lightweight.claim" : "false",
- "access.token.claim" : "true",
- "claim.name" : "affiliation",
- "jsonType.label" : "String"
- }
- }, {
- "id" : "7cbf6dc6-653e-40a9-9974-0e5bf7a363c3",
- "name" : "given name",
- "protocol" : "openid-connect",
- "protocolMapper" : "oidc-usermodel-attribute-mapper",
- "consentRequired" : false,
- "config" : {
- "introspection.token.claim" : "true",
- "userinfo.token.claim" : "true",
- "user.attribute" : "firstName",
- "id.token.claim" : "true",
- "access.token.claim" : "true",
- "claim.name" : "given_name",
- "jsonType.label" : "String"
- }
- }, {
- "id" : "70bbd779-d085-4204-ac4b-3a40abab9d88",
- "name" : "language",
- "protocol" : "openid-connect",
- "protocolMapper" : "oidc-usermodel-attribute-mapper",
- "consentRequired" : false,
- "config" : {
- "introspection.token.claim" : "true",
- "userinfo.token.claim" : "true",
- "user.attribute" : "LANGUAGE",
- "id.token.claim" : "true",
- "lightweight.claim" : "false",
- "access.token.claim" : "true",
- "claim.name" : "language",
- "jsonType.label" : "String"
- }
- }, {
- "id" : "b817424d-7f91-43d8-b7d0-6a32582377fb",
- "name" : "family name",
- "protocol" : "openid-connect",
- "protocolMapper" : "oidc-usermodel-attribute-mapper",
- "consentRequired" : false,
- "config" : {
- "introspection.token.claim" : "true",
- "userinfo.token.claim" : "true",
- "user.attribute" : "lastName",
- "id.token.claim" : "true",
- "access.token.claim" : "true",
- "claim.name" : "family_name",
- "jsonType.label" : "String"
- }
- }, {
- "id" : "030a1cd9-53d1-4a62-a375-94d50a2dc6fc",
- "name" : "uid",
- "protocol" : "openid-connect",
- "protocolMapper" : "oidc-usermodel-attribute-mapper",
- "consentRequired" : false,
- "config" : {
- "aggregate.attrs" : "false",
- "multivalued" : "false",
- "userinfo.token.claim" : "true",
- "user.attribute" : "LDAP_ID",
- "id.token.claim" : "true",
- "access.token.claim" : "true",
- "claim.name" : "uid"
- }
- }, {
- "id" : "c304ed2f-5952-4772-838d-91998a45f154",
- "name" : "aud",
- "protocol" : "openid-connect",
- "protocolMapper" : "oidc-hardcoded-claim-mapper",
- "consentRequired" : false,
- "config" : {
- "introspection.token.claim" : "true",
- "claim.value" : "account",
- "userinfo.token.claim" : "true",
- "id.token.claim" : "true",
- "lightweight.claim" : "false",
- "access.token.claim" : "true",
- "claim.name" : "aud",
- "jsonType.label" : "String",
- "access.tokenResponse.claim" : "false"
- }
- } ],
- "defaultClientScopes" : [ "roles", "basic" ],
- "optionalClientScopes" : [ "rabbitmq.read:*/*", "web-origins", "acr", "rabbitmq.write:*/*", "address", "phone", "offline_access", "profile", "attributes", "microprofile-jwt", "email", "rabbitmq.configure:*/*" ]
- }, {
- "id" : "25741f6b-4867-4138-8238-6345c6ba8702",
- "clientId" : "rabbitmq-client",
- "name" : "${rabbitmq-client}",
- "description" : "",
- "rootUrl" : "",
- "adminUrl" : "",
- "baseUrl" : "",
- "surrogateAuthRequired" : false,
- "enabled" : true,
- "alwaysDisplayInConsole" : false,
- "clientAuthenticatorType" : "client-secret",
- "secret" : "JEC2FexxrX4N65fLeDGukAl6R3Lc9y0u",
- "redirectUris" : [ "*" ],
- "webOrigins" : [ ],
- "notBefore" : 0,
- "bearerOnly" : false,
- "consentRequired" : false,
- "standardFlowEnabled" : true,
- "implicitFlowEnabled" : false,
- "directAccessGrantsEnabled" : true,
- "serviceAccountsEnabled" : false,
- "publicClient" : false,
- "frontchannelLogout" : true,
- "protocol" : "openid-connect",
- "attributes" : {
- "realm_client" : "false",
- "oidc.ciba.grant.enabled" : "false",
- "client.secret.creation.time" : "1680000860",
- "backchannel.logout.session.required" : "true",
- "post.logout.redirect.uris" : "*",
- "oauth2.device.authorization.grant.enabled" : "false",
- "backchannel.logout.revoke.offline.tokens" : "false"
- },
- "authenticationFlowBindingOverrides" : { },
- "fullScopeAllowed" : false,
- "nodeReRegistrationTimeout" : -1,
- "protocolMappers" : [ {
- "id" : "01a937ed-f0e8-4137-80f3-3be3c447f7fb",
- "name" : "username",
- "protocol" : "openid-connect",
- "protocolMapper" : "oidc-usermodel-property-mapper",
- "consentRequired" : false,
- "config" : {
- "user.attribute" : "username",
- "id.token.claim" : "false",
- "access.token.claim" : "true",
- "claim.name" : "client_id",
- "jsonType.label" : "String",
- "userinfo.token.claim" : "false"
- }
- }, {
- "id" : "f1afc22d-f595-403b-ba2e-6ab19d98205e",
- "name" : "Audience",
- "protocol" : "openid-connect",
- "protocolMapper" : "oidc-hardcoded-claim-mapper",
- "consentRequired" : false,
- "config" : {
- "id.token.claim" : "false",
- "access.token.claim" : "true",
- "claim.name" : "aud",
- "claim.value" : "rabbitmq",
- "userinfo.token.claim" : "false",
- "access.tokenResponse.claim" : "false"
- }
- } ],
- "defaultClientScopes" : [ "web-origins", "acr", "rabbitmq.tag:management", "basic" ],
- "optionalClientScopes" : [ "rabbitmq.read:*/*", "rabbitmq.write:*/*", "address", "phone", "offline_access", "profile", "roles", "microprofile-jwt", "email", "rabbitmq.configure:*/*" ]
- }, {
- "id" : "cfffd5d0-aa19-4057-8ca0-f2c51ca0e930",
- "clientId" : "realm-management",
- "name" : "${client_realm-management}",
- "surrogateAuthRequired" : false,
- "enabled" : true,
- "alwaysDisplayInConsole" : false,
- "clientAuthenticatorType" : "client-secret",
- "redirectUris" : [ ],
- "webOrigins" : [ ],
- "notBefore" : 0,
- "bearerOnly" : true,
- "consentRequired" : false,
- "standardFlowEnabled" : true,
- "implicitFlowEnabled" : false,
- "directAccessGrantsEnabled" : false,
- "serviceAccountsEnabled" : false,
- "publicClient" : false,
- "frontchannelLogout" : false,
- "protocol" : "openid-connect",
- "attributes" : {
- "realm_client" : "true",
- "post.logout.redirect.uris" : "+"
- },
- "authenticationFlowBindingOverrides" : { },
- "fullScopeAllowed" : false,
- "nodeReRegistrationTimeout" : 0,
- "defaultClientScopes" : [ "web-origins", "acr", "profile", "roles", "email" ],
- "optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ]
- }, {
- "id" : "f205c451-9524-4380-acc3-947f7ecb6b7c",
- "clientId" : "security-admin-console",
- "name" : "${client_security-admin-console}",
- "rootUrl" : "${authAdminUrl}",
- "baseUrl" : "/admin/dbrepo/console/",
- "surrogateAuthRequired" : false,
- "enabled" : true,
- "alwaysDisplayInConsole" : false,
- "clientAuthenticatorType" : "client-secret",
- "redirectUris" : [ "/admin/dbrepo/console/*" ],
- "webOrigins" : [ "+" ],
- "notBefore" : 0,
- "bearerOnly" : false,
- "consentRequired" : false,
- "standardFlowEnabled" : true,
- "implicitFlowEnabled" : false,
- "directAccessGrantsEnabled" : false,
- "serviceAccountsEnabled" : false,
- "publicClient" : true,
- "frontchannelLogout" : false,
- "protocol" : "openid-connect",
- "attributes" : {
- "realm_client" : "false",
- "client.use.lightweight.access.token.enabled" : "true",
- "post.logout.redirect.uris" : "+",
- "pkce.code.challenge.method" : "S256"
- },
- "authenticationFlowBindingOverrides" : { },
- "fullScopeAllowed" : true,
- "nodeReRegistrationTimeout" : 0,
- "protocolMappers" : [ {
- "id" : "c4d54410-3f22-4259-9571-94da2c43b752",
- "name" : "locale",
- "protocol" : "openid-connect",
- "protocolMapper" : "oidc-usermodel-attribute-mapper",
- "consentRequired" : false,
- "config" : {
- "user.attribute" : "locale",
- "id.token.claim" : "true",
- "access.token.claim" : "true",
- "claim.name" : "locale",
- "jsonType.label" : "String",
- "userinfo.token.claim" : "true"
- }
- } ],
- "defaultClientScopes" : [ "web-origins", "acr", "profile", "roles", "basic", "email" ],
- "optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ]
- } ],
- "clientScopes" : [ {
- "id" : "69f4ecf0-4165-49ab-bf0d-38409b15b706",
- "name" : "rabbitmq.tag:administrator",
- "description" : "administrator",
- "protocol" : "openid-connect",
- "attributes" : {
- "include.in.token.scope" : "true",
- "display.on.consent.screen" : "true",
- "gui.order" : "",
- "consent.screen.text" : ""
- }
- }, {
- "id" : "7f6e9b44-e2eb-417d-b0fe-db820c9a6564",
- "name" : "email",
- "description" : "OpenID Connect built-in scope: email",
- "protocol" : "openid-connect",
- "attributes" : {
- "include.in.token.scope" : "true",
- "consent.screen.text" : "${emailScopeConsentText}",
- "display.on.consent.screen" : "true"
- },
- "protocolMappers" : [ {
- "id" : "782819fe-ba5d-4ddb-9f95-cabb69d79c8d",
- "name" : "email verified",
- "protocol" : "openid-connect",
- "protocolMapper" : "oidc-usermodel-property-mapper",
- "consentRequired" : false,
- "config" : {
- "user.attribute" : "emailVerified",
- "id.token.claim" : "true",
- "access.token.claim" : "true",
- "claim.name" : "email_verified",
- "jsonType.label" : "boolean",
- "userinfo.token.claim" : "true"
- }
- }, {
- "id" : "ca613fc8-bbf2-4240-8b33-a1874f1559f3",
- "name" : "email",
- "protocol" : "openid-connect",
- "protocolMapper" : "oidc-usermodel-property-mapper",
- "consentRequired" : false,
- "config" : {
- "user.attribute" : "email",
- "id.token.claim" : "true",
- "access.token.claim" : "true",
- "claim.name" : "email",
- "jsonType.label" : "String",
- "userinfo.token.claim" : "true"
- }
- } ]
- }, {
- "id" : "b9da268f-6745-49dc-a764-3c54e385accc",
- "name" : "profile",
- "description" : "OpenID Connect built-in scope: profile",
- "protocol" : "openid-connect",
- "attributes" : {
- "include.in.token.scope" : "true",
- "consent.screen.text" : "${profileScopeConsentText}",
- "display.on.consent.screen" : "true"
- },
- "protocolMappers" : [ {
- "id" : "84f0487a-1d7d-470c-9b8e-5835294ae235",
- "name" : "username",
- "protocol" : "openid-connect",
- "protocolMapper" : "oidc-usermodel-property-mapper",
- "consentRequired" : false,
- "config" : {
- "user.attribute" : "username",
- "id.token.claim" : "true",
- "access.token.claim" : "true",
- "claim.name" : "preferred_username",
- "jsonType.label" : "String",
- "userinfo.token.claim" : "true"
- }
- }, {
- "id" : "bbdcdb36-3ec0-443d-b1af-9993d40f0567",
- "name" : "gender",
- "protocol" : "openid-connect",
- "protocolMapper" : "oidc-usermodel-attribute-mapper",
- "consentRequired" : false,
- "config" : {
- "user.attribute" : "gender",
- "id.token.claim" : "true",
- "access.token.claim" : "true",
- "claim.name" : "gender",
- "jsonType.label" : "String",
- "userinfo.token.claim" : "true"
- }
- }, {
- "id" : "9faa870b-5491-4ce9-b27d-c9ce07d6a95e",
- "name" : "birthdate",
- "protocol" : "openid-connect",
- "protocolMapper" : "oidc-usermodel-attribute-mapper",
- "consentRequired" : false,
- "config" : {
- "user.attribute" : "birthdate",
- "id.token.claim" : "true",
- "access.token.claim" : "true",
- "claim.name" : "birthdate",
- "jsonType.label" : "String",
- "userinfo.token.claim" : "true"
- }
- }, {
- "id" : "f0e3c012-9523-4076-83ae-e466e2d08220",
- "name" : "full name",
- "protocol" : "openid-connect",
- "protocolMapper" : "oidc-full-name-mapper",
- "consentRequired" : false,
- "config" : {
- "id.token.claim" : "true",
- "access.token.claim" : "true",
- "userinfo.token.claim" : "true"
- }
- }, {
- "id" : "f757d8ec-e181-429c-9287-9ad0600b061f",
- "name" : "profile",
- "protocol" : "openid-connect",
- "protocolMapper" : "oidc-usermodel-attribute-mapper",
- "consentRequired" : false,
- "config" : {
- "user.attribute" : "profile",
- "id.token.claim" : "true",
- "access.token.claim" : "true",
- "claim.name" : "profile",
- "jsonType.label" : "String",
- "userinfo.token.claim" : "true"
- }
- }, {
- "id" : "18cfbf4b-0a8e-45c7-a832-c0f72c92f3f3",
- "name" : "updated at",
- "protocol" : "openid-connect",
- "protocolMapper" : "oidc-usermodel-attribute-mapper",
- "consentRequired" : false,
- "config" : {
- "user.attribute" : "updatedAt",
- "id.token.claim" : "true",
- "access.token.claim" : "true",
- "claim.name" : "updated_at",
- "jsonType.label" : "long",
- "userinfo.token.claim" : "true"
- }
- }, {
- "id" : "841ea785-26ab-429a-a420-09ce3948924d",
- "name" : "family name",
- "protocol" : "openid-connect",
- "protocolMapper" : "oidc-usermodel-property-mapper",
- "consentRequired" : false,
- "config" : {
- "user.attribute" : "lastName",
- "id.token.claim" : "true",
- "access.token.claim" : "true",
- "claim.name" : "family_name",
- "jsonType.label" : "String",
- "userinfo.token.claim" : "true"
- }
- }, {
- "id" : "bfba13ff-f952-4e89-bbb1-a693fdebfae8",
- "name" : "website",
- "protocol" : "openid-connect",
- "protocolMapper" : "oidc-usermodel-attribute-mapper",
- "consentRequired" : false,
- "config" : {
- "user.attribute" : "website",
- "id.token.claim" : "true",
- "access.token.claim" : "true",
- "claim.name" : "website",
- "jsonType.label" : "String",
- "userinfo.token.claim" : "true"
- }
- }, {
- "id" : "475f071d-5149-4379-b928-76482f5f519c",
- "name" : "zoneinfo",
- "protocol" : "openid-connect",
- "protocolMapper" : "oidc-usermodel-attribute-mapper",
- "consentRequired" : false,
- "config" : {
- "user.attribute" : "zoneinfo",
- "id.token.claim" : "true",
- "access.token.claim" : "true",
- "claim.name" : "zoneinfo",
- "jsonType.label" : "String",
- "userinfo.token.claim" : "true"
- }
- }, {
- "id" : "b8bebfed-b5e9-4604-a0ee-9817f7d439ac",
- "name" : "middle name",
- "protocol" : "openid-connect",
- "protocolMapper" : "oidc-usermodel-attribute-mapper",
- "consentRequired" : false,
- "config" : {
- "user.attribute" : "middleName",
- "id.token.claim" : "true",
- "access.token.claim" : "true",
- "claim.name" : "middle_name",
- "jsonType.label" : "String",
- "userinfo.token.claim" : "true"
- }
- }, {
- "id" : "445232c8-6830-476c-a6f1-8bbef167595a",
- "name" : "picture",
- "protocol" : "openid-connect",
- "protocolMapper" : "oidc-usermodel-attribute-mapper",
- "consentRequired" : false,
- "config" : {
- "user.attribute" : "picture",
- "id.token.claim" : "true",
- "access.token.claim" : "true",
- "claim.name" : "picture",
- "jsonType.label" : "String",
- "userinfo.token.claim" : "true"
- }
- }, {
- "id" : "65f2e474-6ede-4872-86e4-e49504dd0f2a",
- "name" : "locale",
- "protocol" : "openid-connect",
- "protocolMapper" : "oidc-usermodel-attribute-mapper",
- "consentRequired" : false,
- "config" : {
- "user.attribute" : "locale",
- "id.token.claim" : "true",
- "access.token.claim" : "true",
- "claim.name" : "locale",
- "jsonType.label" : "String",
- "userinfo.token.claim" : "true"
- }
- }, {
- "id" : "16cd5a27-ccf3-453c-ae1e-8621813ab73c",
- "name" : "given name",
- "protocol" : "openid-connect",
- "protocolMapper" : "oidc-usermodel-property-mapper",
- "consentRequired" : false,
- "config" : {
- "user.attribute" : "firstName",
- "id.token.claim" : "true",
- "access.token.claim" : "true",
- "claim.name" : "given_name",
- "jsonType.label" : "String",
- "userinfo.token.claim" : "true"
- }
- }, {
- "id" : "f9efedfc-3388-457c-b10a-1dff4525ff9b",
- "name" : "nickname",
- "protocol" : "openid-connect",
- "protocolMapper" : "oidc-usermodel-attribute-mapper",
- "consentRequired" : false,
- "config" : {
- "user.attribute" : "nickname",
- "id.token.claim" : "true",
- "access.token.claim" : "true",
- "claim.name" : "nickname",
- "jsonType.label" : "String",
- "userinfo.token.claim" : "true"
- }
- } ]
- }, {
- "id" : "627fa054-08eb-4206-af71-9e838e984b8b",
- "name" : "microprofile-jwt",
- "description" : "Microprofile - JWT built-in scope",
- "protocol" : "openid-connect",
- "attributes" : {
- "include.in.token.scope" : "true",
- "display.on.consent.screen" : "false"
- },
- "protocolMappers" : [ {
- "id" : "e6cc53e5-5d7e-468e-88c8-0737dd3dc759",
- "name" : "groups",
- "protocol" : "openid-connect",
- "protocolMapper" : "oidc-usermodel-realm-role-mapper",
- "consentRequired" : false,
- "config" : {
- "multivalued" : "true",
- "userinfo.token.claim" : "true",
- "user.attribute" : "foo",
- "id.token.claim" : "true",
- "access.token.claim" : "true",
- "claim.name" : "groups",
- "jsonType.label" : "String"
- }
- }, {
- "id" : "83b4444c-10fc-44e8-a0c0-0c1da1f9bba3",
- "name" : "upn",
- "protocol" : "openid-connect",
- "protocolMapper" : "oidc-usermodel-property-mapper",
- "consentRequired" : false,
- "config" : {
- "user.attribute" : "username",
- "id.token.claim" : "true",
- "access.token.claim" : "true",
- "claim.name" : "upn",
- "jsonType.label" : "String",
- "userinfo.token.claim" : "true"
- }
- } ]
- }, {
- "id" : "4122ff9e-ad3c-4142-afc6-9aefdecfc86d",
- "name" : "role_list",
- "description" : "SAML role list",
- "protocol" : "saml",
- "attributes" : {
- "consent.screen.text" : "${samlRoleListScopeConsentText}",
- "display.on.consent.screen" : "true"
- },
- "protocolMappers" : [ {
- "id" : "bb0747fa-c008-4af3-93be-e7739650ebd5",
- "name" : "role list",
- "protocol" : "saml",
- "protocolMapper" : "saml-role-list-mapper",
- "consentRequired" : false,
- "config" : {
- "single" : "false",
- "attribute.nameformat" : "Basic",
- "attribute.name" : "Role"
- }
- } ]
- }, {
- "id" : "2e76447d-fbe7-4fa7-a16c-54a381b960ae",
- "name" : "rabbitmq.configure:*/*",
- "description" : "",
- "protocol" : "openid-connect",
- "attributes" : {
- "include.in.token.scope" : "true",
- "display.on.consent.screen" : "false",
- "gui.order" : "",
- "consent.screen.text" : ""
- }
- }, {
- "id" : "52aad832-c6c4-49df-8a04-6ad4a406fdfa",
- "name" : "phone",
- "description" : "OpenID Connect built-in scope: phone",
- "protocol" : "openid-connect",
- "attributes" : {
- "include.in.token.scope" : "true",
- "consent.screen.text" : "${phoneScopeConsentText}",
- "display.on.consent.screen" : "true"
- },
- "protocolMappers" : [ {
- "id" : "dae802fb-9138-408a-b80e-a40eb0f56814",
- "name" : "phone number",
- "protocol" : "openid-connect",
- "protocolMapper" : "oidc-usermodel-attribute-mapper",
- "consentRequired" : false,
- "config" : {
- "user.attribute" : "phoneNumber",
- "id.token.claim" : "true",
- "access.token.claim" : "true",
- "claim.name" : "phone_number",
- "jsonType.label" : "String",
- "userinfo.token.claim" : "true"
- }
- }, {
- "id" : "feb06a8d-b0eb-4911-8464-368d93f566fa",
- "name" : "phone number verified",
- "protocol" : "openid-connect",
- "protocolMapper" : "oidc-usermodel-attribute-mapper",
- "consentRequired" : false,
- "config" : {
- "user.attribute" : "phoneNumberVerified",
- "id.token.claim" : "true",
- "access.token.claim" : "true",
- "claim.name" : "phone_number_verified",
- "jsonType.label" : "boolean",
- "userinfo.token.claim" : "true"
- }
- } ]
- }, {
- "id" : "f64d64e8-57ce-4eb2-b99e-9f02fdbd99f9",
- "name" : "web-origins",
- "description" : "OpenID Connect scope for add allowed web origins to the access token",
- "protocol" : "openid-connect",
- "attributes" : {
- "include.in.token.scope" : "false",
- "consent.screen.text" : "",
- "display.on.consent.screen" : "false"
- },
- "protocolMappers" : [ {
- "id" : "c6411e3b-6478-453d-b530-5fe175a4d786",
- "name" : "allowed web origins",
- "protocol" : "openid-connect",
- "protocolMapper" : "oidc-allowed-origins-mapper",
- "consentRequired" : false,
- "config" : { }
- } ]
- }, {
- "id" : "55341d34-0086-4173-ae61-d9b175b179d8",
- "name" : "acr",
- "description" : "OpenID Connect scope for add acr (authentication context class reference) to the token",
- "protocol" : "openid-connect",
- "attributes" : {
- "include.in.token.scope" : "false",
- "display.on.consent.screen" : "false"
- },
- "protocolMappers" : [ {
- "id" : "58ea3217-0fff-4207-9d08-919f5493b629",
- "name" : "acr loa level",
- "protocol" : "openid-connect",
- "protocolMapper" : "oidc-acr-mapper",
- "consentRequired" : false,
- "config" : {
- "id.token.claim" : "true",
- "access.token.claim" : "true",
- "userinfo.token.claim" : "true"
- }
- } ]
- }, {
- "id" : "a02c2c38-923c-46ec-9899-321412b388e5",
- "name" : "attributes",
- "description" : "User Attributes",
- "protocol" : "openid-connect",
- "attributes" : {
- "include.in.token.scope" : "false",
- "display.on.consent.screen" : "false",
- "gui.order" : "",
- "consent.screen.text" : ""
- },
- "protocolMappers" : [ {
- "id" : "78c461c1-f3f9-4d10-8835-097f13bdcd60",
- "name" : "Theme",
- "protocol" : "openid-connect",
- "protocolMapper" : "oidc-usermodel-attribute-mapper",
- "consentRequired" : false,
- "config" : {
- "aggregate.attrs" : "false",
- "multivalued" : "false",
- "userinfo.token.claim" : "true",
- "user.attribute" : "theme_dark",
- "id.token.claim" : "true",
- "access.token.claim" : "true",
- "claim.name" : "attributes.theme_dark"
- }
- } ]
- }, {
- "id" : "06062e22-89c0-4e1d-a25b-2483903b02d5",
- "name" : "rabbitmq.write:*/*",
- "description" : "",
- "protocol" : "openid-connect",
- "attributes" : {
- "include.in.token.scope" : "true",
- "display.on.consent.screen" : "false",
- "gui.order" : "",
- "consent.screen.text" : ""
- }
- }, {
- "id" : "db63e03b-7918-492f-997b-f2dda98f3b39",
- "name" : "rabbitmq.tag:management",
- "description" : "management",
- "protocol" : "openid-connect",
- "attributes" : {
- "include.in.token.scope" : "true",
- "display.on.consent.screen" : "true",
- "gui.order" : "",
- "consent.screen.text" : ""
- }
- }, {
- "id" : "aa5c6ca7-812d-4fff-80b9-f5095ca82ce6",
- "name" : "service_account",
- "description" : "Specific scope for a client enabled for service accounts",
- "protocol" : "openid-connect",
- "attributes" : {
- "include.in.token.scope" : "false",
- "display.on.consent.screen" : "false"
- },
- "protocolMappers" : [ {
- "id" : "bb359b0f-97dc-4d6a-9a2f-89458b53c512",
- "name" : "Client IP Address",
- "protocol" : "openid-connect",
- "protocolMapper" : "oidc-usersessionmodel-note-mapper",
- "consentRequired" : false,
- "config" : {
- "user.session.note" : "clientAddress",
- "introspection.token.claim" : "true",
- "userinfo.token.claim" : "true",
- "id.token.claim" : "true",
- "access.token.claim" : "true",
- "claim.name" : "clientAddress",
- "jsonType.label" : "String"
- }
- }, {
- "id" : "7aa3a4d2-3dd1-48dd-8886-562906eadb2a",
- "name" : "Client Host",
- "protocol" : "openid-connect",
- "protocolMapper" : "oidc-usersessionmodel-note-mapper",
- "consentRequired" : false,
- "config" : {
- "user.session.note" : "clientHost",
- "introspection.token.claim" : "true",
- "userinfo.token.claim" : "true",
- "id.token.claim" : "true",
- "access.token.claim" : "true",
- "claim.name" : "clientHost",
- "jsonType.label" : "String"
- }
- }, {
- "id" : "c4882d39-e815-49f5-8a73-eb8b83572eae",
- "name" : "Client ID",
- "protocol" : "openid-connect",
- "protocolMapper" : "oidc-usersessionmodel-note-mapper",
- "consentRequired" : false,
- "config" : {
- "user.session.note" : "client_id",
- "introspection.token.claim" : "true",
- "userinfo.token.claim" : "true",
- "id.token.claim" : "true",
- "access.token.claim" : "true",
- "claim.name" : "client_id",
- "jsonType.label" : "String"
- }
- } ]
- }, {
- "id" : "210cc792-6c07-45a6-a77e-827cdf3b41ba",
- "name" : "offline_access",
- "description" : "OpenID Connect built-in scope: offline_access",
- "protocol" : "openid-connect",
- "attributes" : {
- "consent.screen.text" : "${offlineAccessScopeConsentText}",
- "display.on.consent.screen" : "true"
- }
- }, {
- "id" : "425abf4a-2ee2-431d-aa92-e373a36fe556",
- "name" : "address",
- "description" : "OpenID Connect built-in scope: address",
- "protocol" : "openid-connect",
- "attributes" : {
- "include.in.token.scope" : "true",
- "consent.screen.text" : "${addressScopeConsentText}",
- "display.on.consent.screen" : "true"
- },
- "protocolMappers" : [ {
- "id" : "8d4ffe4d-1d01-4ca1-8ff4-44eacca61b30",
- "name" : "address",
- "protocol" : "openid-connect",
- "protocolMapper" : "oidc-address-mapper",
- "consentRequired" : false,
- "config" : {
- "user.attribute.formatted" : "formatted",
- "user.attribute.country" : "country",
- "user.attribute.postal_code" : "postal_code",
- "userinfo.token.claim" : "true",
- "user.attribute.street" : "street",
- "id.token.claim" : "true",
- "user.attribute.region" : "region",
- "access.token.claim" : "true",
- "user.attribute.locality" : "locality"
- }
- } ]
- }, {
- "id" : "c96f0b73-ea79-4b46-93ef-d1092297f855",
- "name" : "rabbitmq.read:*/*",
- "description" : "",
- "protocol" : "openid-connect",
- "attributes" : {
- "include.in.token.scope" : "true",
- "display.on.consent.screen" : "false",
- "gui.order" : "",
- "consent.screen.text" : ""
- }
- }, {
- "id" : "ba11267a-478b-4b32-872f-4eb2d125d116",
- "name" : "basic",
- "description" : "OpenID Connect scope for add all basic claims to the token",
- "protocol" : "openid-connect",
- "attributes" : {
- "include.in.token.scope" : "false",
- "display.on.consent.screen" : "false"
- },
- "protocolMappers" : [ {
- "id" : "1445e14f-49b0-4666-8ddc-691493c24ad9",
- "name" : "sub",
- "protocol" : "openid-connect",
- "protocolMapper" : "oidc-sub-mapper",
- "consentRequired" : false,
- "config" : {
- "introspection.token.claim" : "true",
- "access.token.claim" : "true"
- }
- }, {
- "id" : "846f1ef0-2b86-4e07-9d25-691d25af5fce",
- "name" : "auth_time",
- "protocol" : "openid-connect",
- "protocolMapper" : "oidc-usersessionmodel-note-mapper",
- "consentRequired" : false,
- "config" : {
- "user.session.note" : "AUTH_TIME",
- "introspection.token.claim" : "true",
- "userinfo.token.claim" : "true",
- "id.token.claim" : "true",
- "access.token.claim" : "true",
- "claim.name" : "auth_time",
- "jsonType.label" : "long"
- }
- } ]
- }, {
- "id" : "37f61543-dad7-4a82-8e10-77acdd1eefdc",
- "name" : "roles",
- "description" : "OpenID Connect scope for add user roles to the access token",
- "protocol" : "openid-connect",
- "attributes" : {
- "include.in.token.scope" : "false",
- "consent.screen.text" : "${rolesScopeConsentText}",
- "display.on.consent.screen" : "true"
- },
- "protocolMappers" : [ {
- "id" : "3b6b6914-8ad1-4a71-88ec-444f754aaacb",
- "name" : "audience resolve",
- "protocol" : "openid-connect",
- "protocolMapper" : "oidc-audience-resolve-mapper",
- "consentRequired" : false,
- "config" : { }
- }, {
- "id" : "2defedf5-9af3-4531-822c-a879dedcd29d",
- "name" : "realm roles",
- "protocol" : "openid-connect",
- "protocolMapper" : "oidc-usermodel-realm-role-mapper",
- "consentRequired" : false,
- "config" : {
- "introspection.token.claim" : "true",
- "userinfo.token.claim" : "false",
- "multivalued" : "true",
- "user.attribute" : "foo",
- "id.token.claim" : "true",
- "lightweight.claim" : "false",
- "access.token.claim" : "true",
- "claim.name" : "realm_access.roles",
- "jsonType.label" : "String"
- }
- }, {
- "id" : "a7bd6723-e58e-47f7-95c0-2925ce99283d",
- "name" : "client roles",
- "protocol" : "openid-connect",
- "protocolMapper" : "oidc-usermodel-client-role-mapper",
- "consentRequired" : false,
- "config" : {
- "user.attribute" : "foo",
- "access.token.claim" : "true",
- "claim.name" : "resource_access.${client_id}.roles",
- "jsonType.label" : "String",
- "multivalued" : "true"
- }
- } ]
- } ],
- "defaultDefaultClientScopes" : [ "rabbitmq.tag:administrator", "rabbitmq.tag:management", "basic" ],
- "defaultOptionalClientScopes" : [ "rabbitmq.write:*/*", "offline_access", "rabbitmq.configure:*/*", "roles", "role_list", "address", "phone", "acr", "microprofile-jwt", "email", "attributes", "profile", "rabbitmq.read:*/*", "web-origins" ],
- "browserSecurityHeaders" : {
- "contentSecurityPolicyReportOnly" : "",
- "xContentTypeOptions" : "nosniff",
- "referrerPolicy" : "no-referrer",
- "xRobotsTag" : "none",
- "xFrameOptions" : "SAMEORIGIN",
- "contentSecurityPolicy" : "frame-src 'self'; frame-ancestors 'self'; object-src 'none';",
- "xXSSProtection" : "1; mode=block",
- "strictTransportSecurity" : "max-age=31536000; includeSubDomains"
- },
- "smtpServer" : { },
- "loginTheme" : "keycloak.v2",
- "accountTheme" : "",
- "adminTheme" : "",
- "emailTheme" : "",
- "eventsEnabled" : false,
- "eventsListeners" : [ "create-event-listener", "jboss-logging" ],
- "enabledEventTypes" : [ "SEND_RESET_PASSWORD", "UPDATE_CONSENT_ERROR", "GRANT_CONSENT", "VERIFY_PROFILE_ERROR", "REMOVE_TOTP", "REVOKE_GRANT", "UPDATE_TOTP", "LOGIN_ERROR", "CLIENT_LOGIN", "RESET_PASSWORD_ERROR", "IMPERSONATE_ERROR", "CODE_TO_TOKEN_ERROR", "CUSTOM_REQUIRED_ACTION", "OAUTH2_DEVICE_CODE_TO_TOKEN_ERROR", "RESTART_AUTHENTICATION", "IMPERSONATE", "UPDATE_PROFILE_ERROR", "LOGIN", "OAUTH2_DEVICE_VERIFY_USER_CODE", "UPDATE_PASSWORD_ERROR", "CLIENT_INITIATED_ACCOUNT_LINKING", "TOKEN_EXCHANGE", "AUTHREQID_TO_TOKEN", "LOGOUT", "REGISTER", "DELETE_ACCOUNT_ERROR", "CLIENT_REGISTER", "IDENTITY_PROVIDER_LINK_ACCOUNT", "DELETE_ACCOUNT", "UPDATE_PASSWORD", "CLIENT_DELETE", "FEDERATED_IDENTITY_LINK_ERROR", "IDENTITY_PROVIDER_FIRST_LOGIN", "CLIENT_DELETE_ERROR", "VERIFY_EMAIL", "CLIENT_LOGIN_ERROR", "RESTART_AUTHENTICATION_ERROR", "EXECUTE_ACTIONS", "REMOVE_FEDERATED_IDENTITY_ERROR", "TOKEN_EXCHANGE_ERROR", "PERMISSION_TOKEN", "SEND_IDENTITY_PROVIDER_LINK_ERROR", "EXECUTE_ACTION_TOKEN_ERROR", "SEND_VERIFY_EMAIL", "OAUTH2_DEVICE_AUTH", "EXECUTE_ACTIONS_ERROR", "REMOVE_FEDERATED_IDENTITY", "OAUTH2_DEVICE_CODE_TO_TOKEN", "IDENTITY_PROVIDER_POST_LOGIN", "IDENTITY_PROVIDER_LINK_ACCOUNT_ERROR", "OAUTH2_DEVICE_VERIFY_USER_CODE_ERROR", "UPDATE_EMAIL", "REGISTER_ERROR", "REVOKE_GRANT_ERROR", "EXECUTE_ACTION_TOKEN", "LOGOUT_ERROR", "UPDATE_EMAIL_ERROR", "CLIENT_UPDATE_ERROR", "AUTHREQID_TO_TOKEN_ERROR", "UPDATE_PROFILE", "CLIENT_REGISTER_ERROR", "FEDERATED_IDENTITY_LINK", "SEND_IDENTITY_PROVIDER_LINK", "SEND_VERIFY_EMAIL_ERROR", "RESET_PASSWORD", "CLIENT_INITIATED_ACCOUNT_LINKING_ERROR", "OAUTH2_DEVICE_AUTH_ERROR", "UPDATE_CONSENT", "REMOVE_TOTP_ERROR", "VERIFY_EMAIL_ERROR", "SEND_RESET_PASSWORD_ERROR", "CLIENT_UPDATE", "CUSTOM_REQUIRED_ACTION_ERROR", "IDENTITY_PROVIDER_POST_LOGIN_ERROR", "UPDATE_TOTP_ERROR", "CODE_TO_TOKEN", "VERIFY_PROFILE", "GRANT_CONSENT_ERROR", "IDENTITY_PROVIDER_FIRST_LOGIN_ERROR" ],
- "adminEventsEnabled" : false,
- "adminEventsDetailsEnabled" : false,
- "identityProviders" : [ ],
- "identityProviderMappers" : [ ],
- "components" : {
- "org.keycloak.services.clientregistration.policy.ClientRegistrationPolicy" : [ {
- "id" : "4d3f9f14-f5d2-4b0c-8ea7-e6d078aa2191",
- "name" : "Max Clients Limit",
- "providerId" : "max-clients",
- "subType" : "anonymous",
- "subComponents" : { },
- "config" : {
- "max-clients" : [ "200" ]
- }
- }, {
- "id" : "f35bce67-1e75-408b-b065-52183368d4fd",
- "name" : "Allowed Client Scopes",
- "providerId" : "allowed-client-templates",
- "subType" : "anonymous",
- "subComponents" : { },
- "config" : {
- "allow-default-scopes" : [ "true" ]
- }
- }, {
- "id" : "0efa669d-1017-4b4a-82e1-c2eaf72de2c9",
- "name" : "Allowed Client Scopes",
- "providerId" : "allowed-client-templates",
- "subType" : "authenticated",
- "subComponents" : { },
- "config" : {
- "allow-default-scopes" : [ "true" ]
- }
- }, {
- "id" : "528fb423-d66e-472e-9120-1f03ba9e0f18",
- "name" : "Consent Required",
- "providerId" : "consent-required",
- "subType" : "anonymous",
- "subComponents" : { },
- "config" : { }
- }, {
- "id" : "3ab11d74-5e76-408a-b85a-26bf8950f979",
- "name" : "Allowed Protocol Mapper Types",
- "providerId" : "allowed-protocol-mappers",
- "subType" : "anonymous",
- "subComponents" : { },
- "config" : {
- "allowed-protocol-mapper-types" : [ "oidc-usermodel-property-mapper", "saml-user-property-mapper", "saml-user-attribute-mapper", "saml-role-list-mapper", "oidc-full-name-mapper", "oidc-usermodel-attribute-mapper", "oidc-address-mapper", "oidc-sha256-pairwise-sub-mapper" ]
- }
- }, {
- "id" : "1849e52a-b8c9-44a8-af3d-ee19376a1ed1",
- "name" : "Trusted Hosts",
- "providerId" : "trusted-hosts",
- "subType" : "anonymous",
- "subComponents" : { },
- "config" : {
- "host-sending-registration-request-must-match" : [ "true" ],
- "client-uris-must-match" : [ "true" ]
- }
- }, {
- "id" : "f565cb47-3bcf-4078-8f94-eb4179c375b8",
- "name" : "Full Scope Disabled",
- "providerId" : "scope",
- "subType" : "anonymous",
- "subComponents" : { },
- "config" : { }
- }, {
- "id" : "104ec5a9-025b-4c44-8ac0-82d22887ca3e",
- "name" : "Allowed Protocol Mapper Types",
- "providerId" : "allowed-protocol-mappers",
- "subType" : "authenticated",
- "subComponents" : { },
- "config" : {
- "allowed-protocol-mapper-types" : [ "oidc-usermodel-property-mapper", "oidc-usermodel-attribute-mapper", "oidc-full-name-mapper", "saml-role-list-mapper", "oidc-address-mapper", "saml-user-property-mapper", "saml-user-attribute-mapper", "oidc-sha256-pairwise-sub-mapper" ]
- }
- } ],
- "org.keycloak.userprofile.UserProfileProvider" : [ {
- "id" : "a407a1d6-a7f6-4a72-ba3a-149de03d5a43",
- "providerId" : "declarative-user-profile",
- "subComponents" : { },
- "config" : {
- "kc.user.profile.config" : [ "{\"attributes\":[{\"name\":\"username\",\"displayName\":\"${username}\",\"validations\":{\"length\":{\"min\":3,\"max\":255},\"username-prohibited-characters\":{},\"up-username-not-idn-homograph\":{}},\"permissions\":{\"view\":[\"admin\",\"user\"],\"edit\":[\"admin\",\"user\"]},\"multivalued\":false},{\"name\":\"email\",\"displayName\":\"${email}\",\"validations\":{\"email\":{},\"length\":{\"max\":255}},\"required\":{\"roles\":[\"user\"]},\"permissions\":{\"view\":[\"admin\",\"user\"],\"edit\":[\"admin\",\"user\"]},\"multivalued\":false},{\"name\":\"firstName\",\"displayName\":\"${firstName}\",\"validations\":{\"length\":{\"max\":255},\"person-name-prohibited-characters\":{}},\"required\":{\"roles\":[\"user\"]},\"permissions\":{\"view\":[\"admin\",\"user\"],\"edit\":[\"admin\",\"user\"]},\"multivalued\":false},{\"name\":\"lastName\",\"displayName\":\"${lastName}\",\"validations\":{\"length\":{\"max\":255},\"person-name-prohibited-characters\":{}},\"required\":{\"roles\":[\"user\"]},\"permissions\":{\"view\":[\"admin\",\"user\"],\"edit\":[\"admin\",\"user\"]},\"multivalued\":false}],\"groups\":[{\"name\":\"user-metadata\",\"displayHeader\":\"User metadata\",\"displayDescription\":\"Attributes, which refer to user metadata\"}],\"unmanagedAttributePolicy\":\"ENABLED\"}" ]
- }
- } ],
- "org.keycloak.storage.UserStorageProvider" : [ {
- "id" : "c109d473-5ce1-4032-af7b-02e5442f5c07",
- "name" : "Identity Service",
- "providerId" : "ldap",
- "subComponents" : {
- "org.keycloak.storage.ldap.mappers.LDAPStorageMapper" : [ {
- "id" : "db9963a3-03d1-468e-998c-9f3338fdb493",
- "name" : "creation date",
- "providerId" : "user-attribute-ldap-mapper",
- "subComponents" : { },
- "config" : {
- "ldap.attribute" : [ "createTimestamp" ],
- "is.mandatory.in.ldap" : [ "false" ],
- "always.read.value.from.ldap" : [ "true" ],
- "read.only" : [ "true" ],
- "user.model.attribute" : [ "createTimestamp" ]
- }
- }, {
- "id" : "9d7b9abc-321e-4674-ba36-b104b9990641",
- "name" : "last name",
- "providerId" : "user-attribute-ldap-mapper",
- "subComponents" : { },
- "config" : {
- "ldap.attribute" : [ "sn" ],
- "is.mandatory.in.ldap" : [ "true" ],
- "read.only" : [ "false" ],
- "always.read.value.from.ldap" : [ "true" ],
- "user.model.attribute" : [ "lastName" ]
- }
- }, {
- "id" : "b5b7253b-984e-4aa3-b862-20dbe06e4cf9",
- "name" : "first name",
- "providerId" : "user-attribute-ldap-mapper",
- "subComponents" : { },
- "config" : {
- "ldap.attribute" : [ "cn" ],
- "is.mandatory.in.ldap" : [ "true" ],
- "always.read.value.from.ldap" : [ "true" ],
- "read.only" : [ "false" ],
- "user.model.attribute" : [ "firstName" ]
- }
- }, {
- "id" : "ea383c2f-3bfe-4117-a8fd-f012d6ebbf9e",
- "name" : "email",
- "providerId" : "user-attribute-ldap-mapper",
- "subComponents" : { },
- "config" : {
- "ldap.attribute" : [ "mail" ],
- "is.mandatory.in.ldap" : [ "false" ],
- "always.read.value.from.ldap" : [ "false" ],
- "read.only" : [ "false" ],
- "user.model.attribute" : [ "email" ]
- }
- }, {
- "id" : "5692d060-55b8-4cb1-b68f-0ae123cd9d02",
- "name" : "system",
- "providerId" : "group-ldap-mapper",
- "subComponents" : { },
- "config" : {
- "mode" : [ "LDAP_ONLY" ],
- "membership.attribute.type" : [ "DN" ],
- "user.roles.retrieve.strategy" : [ "LOAD_GROUPS_BY_MEMBER_ATTRIBUTE" ],
- "group.name.ldap.attribute" : [ "cn" ],
- "membership.user.ldap.attribute" : [ "uid" ],
- "ignore.missing.groups" : [ "false" ],
- "preserve.group.inheritance" : [ "false" ],
- "membership.ldap.attribute" : [ "member" ],
- "memberof.ldap.attribute" : [ "memberOf" ],
- "group.object.classes" : [ "groupOfNames" ],
- "groups.dn" : [ "ou=users,dc=dbrepo,dc=at" ],
- "groups.path" : [ "/" ],
- "drop.non.existing.groups.during.sync" : [ "false" ]
- }
- }, {
- "id" : "b6ff3285-35af-4e86-8bb4-d94b8e0d70bb",
- "name" : "modify date",
- "providerId" : "user-attribute-ldap-mapper",
- "subComponents" : { },
- "config" : {
- "ldap.attribute" : [ "modifyTimestamp" ],
- "is.mandatory.in.ldap" : [ "false" ],
- "read.only" : [ "true" ],
- "always.read.value.from.ldap" : [ "true" ],
- "user.model.attribute" : [ "modifyTimestamp" ]
- }
- }, {
- "id" : "b5d08699-ba3a-4ffd-bf2e-36d1bcac48d9",
- "name" : "username",
- "providerId" : "user-attribute-ldap-mapper",
- "subComponents" : { },
- "config" : {
- "ldap.attribute" : [ "uid" ],
- "is.mandatory.in.ldap" : [ "true" ],
- "attribute.force.default" : [ "false" ],
- "is.binary.attribute" : [ "false" ],
- "always.read.value.from.ldap" : [ "false" ],
- "read.only" : [ "false" ],
- "user.model.attribute" : [ "username" ]
- }
- } ]
- },
- "config" : {
- "fullSyncPeriod" : [ "-1" ],
- "pagination" : [ "false" ],
- "startTls" : [ "false" ],
- "connectionPooling" : [ "true" ],
- "usersDn" : [ "ou=users,{{ .Values.identityservice.global.ldapDomain }}" ],
- "cachePolicy" : [ "DEFAULT" ],
- "useKerberosForPasswordAuthentication" : [ "false" ],
- "importEnabled" : [ "true" ],
- "enabled" : [ "true" ],
- "bindCredential" : [ "{{ .Values.identityservice.global.adminPassword }}" ],
- "changedSyncPeriod" : [ "-1" ],
- "usernameLDAPAttribute" : [ "uid" ],
- "bindDn" : [ "cn={{ .Values.identityservice.global.adminUser }},{{ .Values.identityservice.global.ldapDomain }}" ],
- "lastSync" : [ "1719252666" ],
- "vendor" : [ "other" ],
- "uuidLDAPAttribute" : [ "entryUUID" ],
- "allowKerberosAuthentication" : [ "false" ],
- "connectionUrl" : [ "ldap://identity-service:389" ],
- "syncRegistrations" : [ "true" ],
- "authType" : [ "simple" ],
- "useTruststoreSpi" : [ "always" ],
- "usePasswordModifyExtendedOp" : [ "false" ],
- "trustEmail" : [ "false" ],
- "userObjectClasses" : [ "inetOrgPerson, organizationalPerson, person" ],
- "rdnLDAPAttribute" : [ "uid" ],
- "editMode" : [ "WRITABLE" ],
- "validatePasswordPolicy" : [ "false" ]
- }
- } ],
- "org.keycloak.keys.KeyProvider" : [ {
- "id" : "2f53ccf3-37b0-4d34-83e7-ed497499ee51",
- "name" : "rsa-enc-generated",
- "providerId" : "rsa-enc-generated",
- "subComponents" : { },
- "config" : {
- "privateKey" : [ "MIIEowIBAAKCAQEA3b1tNLfcjFLUw9UShVDNf+ZD8sQqb4YBaIXcSJTX/zDQUPiCp176BBGI3s4VplDArnOW+LumozmKogeoHEnGEIDW8ovgK5uMU9tSA2p0qqGBUMOdR8YATTIfCJe7qGiiuGa3WZy3sQLM70SuRzx02YU8gvUcvl2Js4KyqAziOUX/w3Wa59H9jjGNUXYyqaPWJp73eHzbVYWySzyLG22mVlcUtBx5siL5T2/Xu0p9z4l7/bapwwmOVi1ZrcHjbEAwdGEiSMGI/uWqAF+r1BRpmJLR7HNXcL3eK4/56VYLaiwSejfyYeRFMITEn/UxGYhcXZ5xMUUCG0TxjBhLYpTBuwIDAQABAoIBAA4dwebcxkrH99Poa8+WkiE7JgaS9sahx9OBI2xwJANoIU2TpzGuNLQZ76uLgB+rPWZTD9Xm5a1iJjwOyQ9/937TzPCk91D0tpgcusRikb8jx/6TGB9acL4kBjYUVCCHr3BA2G75MKKGtJ2OMvAbCQSosZj+r2VDwYFEPUkV2jheE5JHSBkwyIRrus3JCwu8gu5fyCg9z8ljcxJxI5HIsi4v8Z21aCw/cLj7h5cMt44wCjQz4rOfYNBEFeHDtlfR1QtWKgjm4ZHHJbKrzf9b2kQXclziceEbSM0tYbROEXKi+s0Zc+z3HEG89vv0vfN400clmzzIAijKY6gg3pPRWdECgYEA+lnWYbSlXDMNYx6RBXm1RnlMUYIm4oy4/9ljgnoGJ6WCn3SjFkgaDtiKfGIG1BSB85r04pAPANgcWHf5tWDnq0ARvBVG0BX2bKd++7B3D4d3CRYKCwm88SslJXv9dfHVhq4+zViFPiUWwT20A72jCuUCvL88y5fh/YBecfdh+jECgYEA4r5RD0NB9dMaeg5/jk/GEHIo4Z9KLc6FrSoOFo2xFkPOy1sgDpDOiNtypuWvniO7k7Ose3DS3hlfTMsKzIW/CgQJ20+Y4cvBWDaOsRxfjj7w3d+jH5OSJdKKSzTrgLKc9ZhlRzVXy0J0hipIA6HG5kdVdLXmh85ITmf1CbJhE6sCgYBjPVeBNbXTHZ2x6/z62aslO5IoQVqetb/kE82hfDOSZcao5Ph9Lam+ttH2ynkAevykj4mBgi+gWwqpey2uW7KaLPSaxShj9kDQA3mP1fzsV/u0y1rB02Nlin/YIxVvOqU1FT9p8SwoXVVu1sHUNck62VtDbN9xqUx5S/ikXrclEQKBgQCoTssOwEcK+Vty9KYcdfy4onTUHZBLdjxl8Iyqkxy7QTQUYRznkvesQPDXEDGO+kk3dyx2KKZt9Hl4IFNww2quPZcvcuMx4DQxjbXXpA8OIIxcta95NepLJwA+mRai3nKCH1A2TlNP7pFeMa5o+8IPly3Ix2lKr4Wepa4PN5i1pwKBgCZ1QP6XAOERl9NznNmU0rXVcvYNP4PIIfQWfvGsldZ4QKkmjjAGiS0/oYqdWs+UDRZyCRChaVjDXO9fk0PEG5OGKAj9nyiYCT/M8xtJ3UeP5ffZZvJ/vnye3QdDIo1e38ZzsWwJHmLYw7fRqY9W5Vxo0Vsy22U3CJY70KTxVdTy" ],
- "keyUse" : [ "ENC" ],
- "certificate" : [ "MIICmzCCAYMCBgGG3GWycDANBgkqhkiG9w0BAQsFADARMQ8wDQYDVQQDDAZkYnJlcG8wHhcNMjMwMzEzMTkxMzE3WhcNMzMwMzEzMTkxNDU3WjARMQ8wDQYDVQQDDAZkYnJlcG8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDdvW00t9yMUtTD1RKFUM1/5kPyxCpvhgFohdxIlNf/MNBQ+IKnXvoEEYjezhWmUMCuc5b4u6ajOYqiB6gcScYQgNbyi+Arm4xT21IDanSqoYFQw51HxgBNMh8Il7uoaKK4ZrdZnLexAszvRK5HPHTZhTyC9Ry+XYmzgrKoDOI5Rf/DdZrn0f2OMY1RdjKpo9Ymnvd4fNtVhbJLPIsbbaZWVxS0HHmyIvlPb9e7Sn3PiXv9tqnDCY5WLVmtweNsQDB0YSJIwYj+5aoAX6vUFGmYktHsc1dwvd4rj/npVgtqLBJ6N/Jh5EUwhMSf9TEZiFxdnnExRQIbRPGMGEtilMG7AgMBAAEwDQYJKoZIhvcNAQELBQADggEBAK3kQ1VkQrzvSWvmXmazmNoA1ZiPzRDs1XhGUWxgsxzgPylr3dGBuqQbKvgnLUBQLSqlJHpI4fZflHswu1qrvVZYtekPcGef4WhcKAu2i1RwxrKa6RJQ1tRbrLuVYCzPv5p/DWgltWVn88aoLnqQn0SK/0PB/o4a4Cm7Kq2ZzCr1dACBr06LvOHsc7249OySmbG4HH+pLK6jVURhZ9VaObqAHe2FJBVVoIzURbdiRRURqumrIvbnpeaU1aFyg6ED5wTnXvmMPmVPt9F79mcB33bASO5wyu00X8t1hyN2Show2l2vxLACGUzVkTQt15s7uDLKE7qLmKSR3EuSGXWv3wA=" ],
- "priority" : [ "100" ],
- "algorithm" : [ "RSA-OAEP" ]
- }
- }, {
- "id" : "28ca0b6d-b2e2-4785-b04b-2391e6344e30",
- "name" : "aes-generated",
- "providerId" : "aes-generated",
- "subComponents" : { },
- "config" : {
- "kid" : [ "6dc4834f-a1de-4cfe-a29d-e84ac8e9b1a8" ],
- "secret" : [ "HpuzG_jWYKwypLeoPEMC4A" ],
- "priority" : [ "100" ]
- }
- }, {
- "id" : "bd7945cf-6d35-4e03-9c3a-197f2dc76973",
- "name" : "hmac-generated",
- "providerId" : "hmac-generated",
- "subComponents" : { },
- "config" : {
- "kid" : [ "7f9f9054-5697-4f60-bdc8-67e3bd0f4db6" ],
- "secret" : [ "1SCIY20z3AbAHCL28LuJfBU-7zfsZv5dacgliUeGdRW_WK3vH9fJUpPu1f7iDrdlhF7YQmHxLXsWjxhQId4ShI7QBdgKCArHWqi0GeH37oNXfZFg_uv-K_3JSfxfGBRu5jpRQhhSBxESZWsFVkskhxWUvNe6b5l9dFbMIif72rI" ],
- "priority" : [ "100" ],
- "algorithm" : [ "HS256" ]
- }
- }, {
- "id" : "2293ff99-3c6d-46d1-8635-5e679d5b134a",
- "name" : "rsa-generated",
- "providerId" : "rsa-generated",
- "subComponents" : { },
- "config" : {
- "privateKey" : [ "MIIEpAIBAAKCAQEAqqnHQ2BWWW9vDNLRCcxD++xZg/16oqMo/c1l+lcFEjjAIJjJp/HqrPYU/U9GvquGE6PbVFtTzW1KcKawOW+FJNOA3CGo8Q1TFEfz43B8rZpKsFbJKvQGVv1Z4HaKPvLUm7iMm8Hv91cLduuoWx6Q3DPe2vg13GKKEZe7UFghF+0T9u8EKzA/XqQ0OiICmsmYPbwvf9N3bCKsB/Y10EYmZRb8IhCoV9mmO5TxgWgiuNeCTtNCv2ePYqL/U0WvyGFW0reasIK8eg3KrAUj8DpyOgPOVBn3lBGf+3KFSYi+0bwZbJZWqbC/Xlk20Go1YfeJPRIt7ImxD27R/lNjgDO/MwIDAQABAoIBADNcMt6hAHub4JTAYS6Mra0EPRBO2XhWmACBrv3+8ETClXd5475KPLDewgRVtlmtbwU8G8awUXESQgPS9lfiqvQhPreA3cHlm6oP2WMKOEtakr2s8I+frsTBLCo0Ini9RaSzjoVVgS0zofyhASKi+T970MafSj5P3XNb8YBFdXgoYDiA7FXLH6a/+m7LScL+wGcFMAAeYESxZbMQLfH3v8L+4EcTraiwjLG17ZdlF3dpybMyUSse6ZQ/PdlyvBuzzLXhN6Ce2gd9ATfS+YWTzo7Yf+GU+ex5bIpVOfHqtuM/hyq7YGKENClsXwNZIAoFnvGCbvECAfgyapVrD30IfykCgYEA0rgsSZ82pxT40NxwgBD1g9lbNVBKXphRB/3S078qusUzJjT7AldEj4imGPhAbI7bI8gAeWJsp1XJWkjM8ktaVrh+NQl7p8e9OPh0pQF/5Bdg8ajbjXESpjnaU66pVYRQy/d+jNli/YRAHX5RUfsBl+6W4+WSVMGmKBiqJsur+ecCgYEAz1YVXClcmUnyZem5B+2E9noIzjF6ROE+jIb6rawM85P3Xd0lXtECQavtxw+Qk7I32qOwrxl1UpK2foVel3pazi+4OpMfmqtYGenRP1Zk1cZwrDo0cIemTDGjj3kJ8tYn12CGolFQpJZgK6OHzvG0tOxI5VZgjIViWNPe1PGWXtUCgYEAxXGNDe8BZs1f11S2lUlOw5yGug3hoYFXbAWJ5p7Ziuf8ZXB/QlJDC7se54a11wKEk6Jzz0lKRgE8CjzszJuOqnN0zn10QGIIC7nCklo1W6QMUmPGVWH994N976tZP6gbjQL6sT+AYcvpx7j0ubxYYeRNvnz+ACzzY964kGGHY0ECgYEAumlwPPNnMN7+VEjGNm2D7UMdJZ3wi3tkjF5ThdA5uMohTsAk+FG80KSu3RmOaGyEsUwY7+VYyYvlDm4E9PZqLBVVczyR3rMNPAcwPd0EPfvzk7WlLkOX7ct3fehaXH3VRlyfz9KCSeh1wOZ/lT1VtpD2nVOC7PSDzs92+kfXZZ0CgYAnrD1y4skgXkdwolZ3unn3EFyGm2d+X5aMTHwQPdWxqoNIAl/9wdghlzihwnPhhsxq1WzlxuC3V2IMrNPtRx70Mi+FbSmR5m4Xx5RptgMtMlwno+L40PzNJgMjHGjt0wcx3Vel8wuohDtnqMyS7P5nG1/TQx0Cyzwn7QOXlNpgbQ==" ],
- "keyUse" : [ "SIG" ],
- "certificate" : [ "MIICmzCCAYMCBgGG3GWyBTANBgkqhkiG9w0BAQsFADARMQ8wDQYDVQQDDAZkYnJlcG8wHhcNMjMwMzEzMTkxMzE3WhcNMzMwMzEzMTkxNDU3WjARMQ8wDQYDVQQDDAZkYnJlcG8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqqcdDYFZZb28M0tEJzEP77FmD/Xqioyj9zWX6VwUSOMAgmMmn8eqs9hT9T0a+q4YTo9tUW1PNbUpwprA5b4Uk04DcIajxDVMUR/PjcHytmkqwVskq9AZW/Vngdoo+8tSbuIybwe/3Vwt266hbHpDcM97a+DXcYooRl7tQWCEX7RP27wQrMD9epDQ6IgKayZg9vC9/03dsIqwH9jXQRiZlFvwiEKhX2aY7lPGBaCK414JO00K/Z49iov9TRa/IYVbSt5qwgrx6DcqsBSPwOnI6A85UGfeUEZ/7coVJiL7RvBlsllapsL9eWTbQajVh94k9Ei3sibEPbtH+U2OAM78zAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAASnN1Cuif1sdfEK2kWAURSXGJCohCROLWdKFjaeHPRaEfpbFJsgxW0Yj3nwX5O3bUlOWoTyENwnXSsXMQsqnNi+At32CKaKO8+AkhAbgQL9F0B+KeJwmYv3cUj5N/LYkJjBvZBzUZ4Ugu5dcxH0k7AktLAIwimkyEnxTNolOA3UyrGGpREr8MCKWVr10RFuOpF/0CsJNNwbHXzalO9D756EUcRWZ9VSg6QVNso0YYRKTnILWDn9hcTRnqGy3SHo3anFTqQZ+BB57YbgFWy6udC0LYRB3zdp6zNti87eu/VEymiDY/mmo1AB8Tm0b6vxFz4AKcL3ax5qS6YnZ9efSzk=" ],
- "priority" : [ "100" ]
- }
- }, {
- "id" : "addbae10-c6ae-4735-851f-7a5ea035ce25",
- "name" : "hmac-generated-hs512",
- "providerId" : "hmac-generated",
- "subComponents" : { },
- "config" : {
- "kid" : [ "352d0ea1-8218-42b5-ab78-e2ca56cf6a95" ],
- "secret" : [ "_kr6EZOZ8IKqPWgJltHAAsQ34wCIGPs8oOQLYWwJrSIH7Qie3CEVKZnICyBP1goR-QgUtg25tR8Qu5MkvYkb8assJ8Iok5x_8iYCR4Txkf_mS-emrlAtQajlIjmOfNBtx704dTnZlP9rWzqpW6mrpeiOaiCw1K0XCpY5C_ZjXKw" ],
- "priority" : [ "100" ],
- "algorithm" : [ "HS512" ]
- }
- } ]
- },
- "internationalizationEnabled" : false,
- "supportedLocales" : [ ],
- "authenticationFlows" : [ {
- "id" : "259dd7b6-01b7-433a-bda4-028857151ecd",
- "alias" : "Account verification options",
- "description" : "Method with which to verity the existing account",
- "providerId" : "basic-flow",
- "topLevel" : false,
- "builtIn" : true,
- "authenticationExecutions" : [ {
- "authenticator" : "idp-email-verification",
- "authenticatorFlow" : false,
- "requirement" : "ALTERNATIVE",
- "priority" : 10,
- "autheticatorFlow" : false,
- "userSetupAllowed" : false
- }, {
- "authenticatorFlow" : true,
- "requirement" : "ALTERNATIVE",
- "priority" : 20,
- "autheticatorFlow" : true,
- "flowAlias" : "Verify Existing Account by Re-authentication",
- "userSetupAllowed" : false
- } ]
- }, {
- "id" : "542ca1d7-9627-4102-b843-98837ce433fb",
- "alias" : "Browser - Conditional OTP",
- "description" : "Flow to determine if the OTP is required for the authentication",
- "providerId" : "basic-flow",
- "topLevel" : false,
- "builtIn" : true,
- "authenticationExecutions" : [ {
- "authenticator" : "conditional-user-configured",
- "authenticatorFlow" : false,
- "requirement" : "REQUIRED",
- "priority" : 10,
- "autheticatorFlow" : false,
- "userSetupAllowed" : false
- }, {
- "authenticator" : "auth-otp-form",
- "authenticatorFlow" : false,
- "requirement" : "REQUIRED",
- "priority" : 20,
- "autheticatorFlow" : false,
- "userSetupAllowed" : false
- } ]
- }, {
- "id" : "4f153b98-6851-440b-a022-0a14e67a9b2f",
- "alias" : "Direct Grant - Conditional OTP",
- "description" : "Flow to determine if the OTP is required for the authentication",
- "providerId" : "basic-flow",
- "topLevel" : false,
- "builtIn" : true,
- "authenticationExecutions" : [ {
- "authenticator" : "conditional-user-configured",
- "authenticatorFlow" : false,
- "requirement" : "REQUIRED",
- "priority" : 10,
- "autheticatorFlow" : false,
- "userSetupAllowed" : false
- }, {
- "authenticator" : "direct-grant-validate-otp",
- "authenticatorFlow" : false,
- "requirement" : "REQUIRED",
- "priority" : 20,
- "autheticatorFlow" : false,
- "userSetupAllowed" : false
- } ]
- }, {
- "id" : "3d791b35-d35c-40b2-bb3e-e806d72b27ee",
- "alias" : "First broker login - Conditional OTP",
- "description" : "Flow to determine if the OTP is required for the authentication",
- "providerId" : "basic-flow",
- "topLevel" : false,
- "builtIn" : true,
- "authenticationExecutions" : [ {
- "authenticator" : "conditional-user-configured",
- "authenticatorFlow" : false,
- "requirement" : "REQUIRED",
- "priority" : 10,
- "autheticatorFlow" : false,
- "userSetupAllowed" : false
- }, {
- "authenticator" : "auth-otp-form",
- "authenticatorFlow" : false,
- "requirement" : "REQUIRED",
- "priority" : 20,
- "autheticatorFlow" : false,
- "userSetupAllowed" : false
- } ]
- }, {
- "id" : "9b746104-9371-4c3f-b69f-9322cead1b08",
- "alias" : "Handle Existing Account",
- "description" : "Handle what to do if there is existing account with same email/username like authenticated identity provider",
- "providerId" : "basic-flow",
- "topLevel" : false,
- "builtIn" : true,
- "authenticationExecutions" : [ {
- "authenticator" : "idp-confirm-link",
- "authenticatorFlow" : false,
- "requirement" : "REQUIRED",
- "priority" : 10,
- "autheticatorFlow" : false,
- "userSetupAllowed" : false
- }, {
- "authenticatorFlow" : true,
- "requirement" : "REQUIRED",
- "priority" : 20,
- "autheticatorFlow" : true,
- "flowAlias" : "Account verification options",
- "userSetupAllowed" : false
- } ]
- }, {
- "id" : "7a164efe-c97b-4fbb-950d-7745359ba9a4",
- "alias" : "Reset - Conditional OTP",
- "description" : "Flow to determine if the OTP should be reset or not. Set to REQUIRED to force.",
- "providerId" : "basic-flow",
- "topLevel" : false,
- "builtIn" : true,
- "authenticationExecutions" : [ {
- "authenticator" : "conditional-user-configured",
- "authenticatorFlow" : false,
- "requirement" : "REQUIRED",
- "priority" : 10,
- "autheticatorFlow" : false,
- "userSetupAllowed" : false
- }, {
- "authenticator" : "reset-otp",
- "authenticatorFlow" : false,
- "requirement" : "REQUIRED",
- "priority" : 20,
- "autheticatorFlow" : false,
- "userSetupAllowed" : false
- } ]
- }, {
- "id" : "4fdc5e1b-1b55-4662-8360-67d75fa22677",
- "alias" : "User creation or linking",
- "description" : "Flow for the existing/non-existing user alternatives",
- "providerId" : "basic-flow",
- "topLevel" : false,
- "builtIn" : true,
- "authenticationExecutions" : [ {
- "authenticatorConfig" : "create unique user config",
- "authenticator" : "idp-create-user-if-unique",
- "authenticatorFlow" : false,
- "requirement" : "ALTERNATIVE",
- "priority" : 10,
- "autheticatorFlow" : false,
- "userSetupAllowed" : false
- }, {
- "authenticatorFlow" : true,
- "requirement" : "ALTERNATIVE",
- "priority" : 20,
- "autheticatorFlow" : true,
- "flowAlias" : "Handle Existing Account",
- "userSetupAllowed" : false
- } ]
- }, {
- "id" : "75893341-c338-44d8-ae27-a3fc7bfe8f2d",
- "alias" : "Verify Existing Account by Re-authentication",
- "description" : "Reauthentication of existing account",
- "providerId" : "basic-flow",
- "topLevel" : false,
- "builtIn" : true,
- "authenticationExecutions" : [ {
- "authenticator" : "idp-username-password-form",
- "authenticatorFlow" : false,
- "requirement" : "REQUIRED",
- "priority" : 10,
- "autheticatorFlow" : false,
- "userSetupAllowed" : false
- }, {
- "authenticatorFlow" : true,
- "requirement" : "CONDITIONAL",
- "priority" : 20,
- "autheticatorFlow" : true,
- "flowAlias" : "First broker login - Conditional OTP",
- "userSetupAllowed" : false
- } ]
- }, {
- "id" : "89626b76-f4cf-4c46-934c-4408c225a44b",
- "alias" : "browser",
- "description" : "browser based authentication",
- "providerId" : "basic-flow",
- "topLevel" : true,
- "builtIn" : true,
- "authenticationExecutions" : [ {
- "authenticator" : "auth-cookie",
- "authenticatorFlow" : false,
- "requirement" : "ALTERNATIVE",
- "priority" : 10,
- "autheticatorFlow" : false,
- "userSetupAllowed" : false
- }, {
- "authenticator" : "auth-spnego",
- "authenticatorFlow" : false,
- "requirement" : "DISABLED",
- "priority" : 20,
- "autheticatorFlow" : false,
- "userSetupAllowed" : false
- }, {
- "authenticator" : "identity-provider-redirector",
- "authenticatorFlow" : false,
- "requirement" : "ALTERNATIVE",
- "priority" : 25,
- "autheticatorFlow" : false,
- "userSetupAllowed" : false
- }, {
- "authenticatorFlow" : true,
- "requirement" : "ALTERNATIVE",
- "priority" : 30,
- "autheticatorFlow" : true,
- "flowAlias" : "forms",
- "userSetupAllowed" : false
- } ]
- }, {
- "id" : "4112115a-e7a7-44c2-9af5-65d538e4ba0d",
- "alias" : "clients",
- "description" : "Base authentication for clients",
- "providerId" : "client-flow",
- "topLevel" : true,
- "builtIn" : true,
- "authenticationExecutions" : [ {
- "authenticator" : "client-secret",
- "authenticatorFlow" : false,
- "requirement" : "ALTERNATIVE",
- "priority" : 10,
- "autheticatorFlow" : false,
- "userSetupAllowed" : false
- }, {
- "authenticator" : "client-jwt",
- "authenticatorFlow" : false,
- "requirement" : "ALTERNATIVE",
- "priority" : 20,
- "autheticatorFlow" : false,
- "userSetupAllowed" : false
- }, {
- "authenticator" : "client-secret-jwt",
- "authenticatorFlow" : false,
- "requirement" : "ALTERNATIVE",
- "priority" : 30,
- "autheticatorFlow" : false,
- "userSetupAllowed" : false
- }, {
- "authenticator" : "client-x509",
- "authenticatorFlow" : false,
- "requirement" : "ALTERNATIVE",
- "priority" : 40,
- "autheticatorFlow" : false,
- "userSetupAllowed" : false
- } ]
- }, {
- "id" : "f82a9b0a-2c0a-4cb1-96b2-6c78b0b1f14f",
- "alias" : "direct grant",
- "description" : "OpenID Connect Resource Owner Grant",
- "providerId" : "basic-flow",
- "topLevel" : true,
- "builtIn" : true,
- "authenticationExecutions" : [ {
- "authenticator" : "direct-grant-validate-username",
- "authenticatorFlow" : false,
- "requirement" : "REQUIRED",
- "priority" : 10,
- "autheticatorFlow" : false,
- "userSetupAllowed" : false
- }, {
- "authenticator" : "direct-grant-validate-password",
- "authenticatorFlow" : false,
- "requirement" : "REQUIRED",
- "priority" : 20,
- "autheticatorFlow" : false,
- "userSetupAllowed" : false
- }, {
- "authenticatorFlow" : true,
- "requirement" : "CONDITIONAL",
- "priority" : 30,
- "autheticatorFlow" : true,
- "flowAlias" : "Direct Grant - Conditional OTP",
- "userSetupAllowed" : false
- } ]
- }, {
- "id" : "3614e155-e8ce-4958-98fb-a27e4706cc70",
- "alias" : "docker auth",
- "description" : "Used by Docker clients to authenticate against the IDP",
- "providerId" : "basic-flow",
- "topLevel" : true,
- "builtIn" : true,
- "authenticationExecutions" : [ {
- "authenticator" : "docker-http-basic-authenticator",
- "authenticatorFlow" : false,
- "requirement" : "REQUIRED",
- "priority" : 10,
- "autheticatorFlow" : false,
- "userSetupAllowed" : false
- } ]
- }, {
- "id" : "506f9b96-5002-47c0-96e3-3830a0fcfa26",
- "alias" : "first broker login",
- "description" : "Actions taken after first broker login with identity provider account, which is not yet linked to any Keycloak account",
- "providerId" : "basic-flow",
- "topLevel" : true,
- "builtIn" : true,
- "authenticationExecutions" : [ {
- "authenticatorConfig" : "review profile config",
- "authenticator" : "idp-review-profile",
- "authenticatorFlow" : false,
- "requirement" : "REQUIRED",
- "priority" : 10,
- "autheticatorFlow" : false,
- "userSetupAllowed" : false
- }, {
- "authenticatorFlow" : true,
- "requirement" : "REQUIRED",
- "priority" : 20,
- "autheticatorFlow" : true,
- "flowAlias" : "User creation or linking",
- "userSetupAllowed" : false
- } ]
- }, {
- "id" : "4b7a7e91-36db-4b27-8e2d-01a04a822980",
- "alias" : "forms",
- "description" : "Username, password, otp and other auth forms.",
- "providerId" : "basic-flow",
- "topLevel" : false,
- "builtIn" : true,
- "authenticationExecutions" : [ {
- "authenticator" : "auth-username-password-form",
- "authenticatorFlow" : false,
- "requirement" : "REQUIRED",
- "priority" : 10,
- "autheticatorFlow" : false,
- "userSetupAllowed" : false
- }, {
- "authenticatorFlow" : true,
- "requirement" : "CONDITIONAL",
- "priority" : 20,
- "autheticatorFlow" : true,
- "flowAlias" : "Browser - Conditional OTP",
- "userSetupAllowed" : false
- } ]
- }, {
- "id" : "04c2fe01-5076-4aa4-9596-4efb4004195f",
- "alias" : "registration",
- "description" : "registration flow",
- "providerId" : "basic-flow",
- "topLevel" : true,
- "builtIn" : true,
- "authenticationExecutions" : [ {
- "authenticator" : "registration-page-form",
- "authenticatorFlow" : true,
- "requirement" : "REQUIRED",
- "priority" : 10,
- "autheticatorFlow" : true,
- "flowAlias" : "registration form",
- "userSetupAllowed" : false
- } ]
- }, {
- "id" : "d12f77e1-7733-44a2-98ff-fd75c784d721",
- "alias" : "registration form",
- "description" : "registration form",
- "providerId" : "form-flow",
- "topLevel" : false,
- "builtIn" : true,
- "authenticationExecutions" : [ {
- "authenticator" : "registration-user-creation",
- "authenticatorFlow" : false,
- "requirement" : "REQUIRED",
- "priority" : 20,
- "autheticatorFlow" : false,
- "userSetupAllowed" : false
- }, {
- "authenticator" : "registration-password-action",
- "authenticatorFlow" : false,
- "requirement" : "REQUIRED",
- "priority" : 50,
- "autheticatorFlow" : false,
- "userSetupAllowed" : false
- }, {
- "authenticator" : "registration-recaptcha-action",
- "authenticatorFlow" : false,
- "requirement" : "DISABLED",
- "priority" : 60,
- "autheticatorFlow" : false,
- "userSetupAllowed" : false
- } ]
- }, {
- "id" : "91f6048c-a376-4809-8f37-c8d7a517830c",
- "alias" : "reset credentials",
- "description" : "Reset credentials for a user if they forgot their password or something",
- "providerId" : "basic-flow",
- "topLevel" : true,
- "builtIn" : true,
- "authenticationExecutions" : [ {
- "authenticator" : "reset-credentials-choose-user",
- "authenticatorFlow" : false,
- "requirement" : "REQUIRED",
- "priority" : 10,
- "autheticatorFlow" : false,
- "userSetupAllowed" : false
- }, {
- "authenticator" : "reset-credential-email",
- "authenticatorFlow" : false,
- "requirement" : "REQUIRED",
- "priority" : 20,
- "autheticatorFlow" : false,
- "userSetupAllowed" : false
- }, {
- "authenticator" : "reset-password",
- "authenticatorFlow" : false,
- "requirement" : "REQUIRED",
- "priority" : 30,
- "autheticatorFlow" : false,
- "userSetupAllowed" : false
- }, {
- "authenticatorFlow" : true,
- "requirement" : "CONDITIONAL",
- "priority" : 40,
- "autheticatorFlow" : true,
- "flowAlias" : "Reset - Conditional OTP",
- "userSetupAllowed" : false
- } ]
- }, {
- "id" : "7b8fb487-53b8-4533-a696-76bc05256cb1",
- "alias" : "saml ecp",
- "description" : "SAML ECP Profile Authentication Flow",
- "providerId" : "basic-flow",
- "topLevel" : true,
- "builtIn" : true,
- "authenticationExecutions" : [ {
- "authenticator" : "http-basic-authenticator",
- "authenticatorFlow" : false,
- "requirement" : "REQUIRED",
- "priority" : 10,
- "autheticatorFlow" : false,
- "userSetupAllowed" : false
- } ]
- } ],
- "authenticatorConfig" : [ {
- "id" : "48372696-0579-45e5-b074-5e8dbdbbe7d6",
- "alias" : "create unique user config",
- "config" : {
- "require.password.update.after.registration" : "false"
- }
- }, {
- "id" : "08df3b83-e522-42a7-9e24-9028b960bf39",
- "alias" : "review profile config",
- "config" : {
- "update.profile.on.first.login" : "missing"
- }
- } ],
- "requiredActions" : [ {
- "alias" : "CONFIGURE_TOTP",
- "name" : "Configure OTP",
- "providerId" : "CONFIGURE_TOTP",
- "enabled" : true,
- "defaultAction" : false,
- "priority" : 10,
- "config" : { }
- }, {
- "alias" : "TERMS_AND_CONDITIONS",
- "name" : "Terms and Conditions",
- "providerId" : "TERMS_AND_CONDITIONS",
- "enabled" : false,
- "defaultAction" : false,
- "priority" : 20,
- "config" : { }
- }, {
- "alias" : "UPDATE_PASSWORD",
- "name" : "Update Password",
- "providerId" : "UPDATE_PASSWORD",
- "enabled" : false,
- "defaultAction" : false,
- "priority" : 30,
- "config" : { }
- }, {
- "alias" : "UPDATE_PROFILE",
- "name" : "Update Profile",
- "providerId" : "UPDATE_PROFILE",
- "enabled" : true,
- "defaultAction" : false,
- "priority" : 40,
- "config" : { }
- }, {
- "alias" : "VERIFY_EMAIL",
- "name" : "Verify Email",
- "providerId" : "VERIFY_EMAIL",
- "enabled" : false,
- "defaultAction" : false,
- "priority" : 50,
- "config" : { }
- }, {
- "alias" : "delete_account",
- "name" : "Delete Account",
- "providerId" : "delete_account",
- "enabled" : false,
- "defaultAction" : false,
- "priority" : 60,
- "config" : { }
- }, {
- "alias" : "webauthn-register",
- "name" : "Webauthn Register",
- "providerId" : "webauthn-register",
- "enabled" : true,
- "defaultAction" : false,
- "priority" : 70,
- "config" : { }
- }, {
- "alias" : "webauthn-register-passwordless",
- "name" : "Webauthn Register Passwordless",
- "providerId" : "webauthn-register-passwordless",
- "enabled" : true,
- "defaultAction" : false,
- "priority" : 80,
- "config" : { }
- }, {
- "alias" : "delete_credential",
- "name" : "Delete Credential",
- "providerId" : "delete_credential",
- "enabled" : true,
- "defaultAction" : false,
- "priority" : 100,
- "config" : { }
- }, {
- "alias" : "update_user_locale",
- "name" : "Update User Locale",
- "providerId" : "update_user_locale",
- "enabled" : true,
- "defaultAction" : false,
- "priority" : 1000,
- "config" : { }
- } ],
- "browserFlow" : "browser",
- "registrationFlow" : "registration",
- "directGrantFlow" : "direct grant",
- "resetCredentialsFlow" : "reset credentials",
- "clientAuthenticationFlow" : "clients",
- "dockerAuthenticationFlow" : "docker auth",
- "firstBrokerLoginFlow" : "first broker login",
- "attributes" : {
- "cibaBackchannelTokenDeliveryMode" : "poll",
- "cibaAuthRequestedUserHint" : "login_hint",
- "clientOfflineSessionMaxLifespan" : "0",
- "oauth2DevicePollingInterval" : "5",
- "clientSessionIdleTimeout" : "0",
- "actionTokenGeneratedByUserLifespan-execute-actions" : "",
- "actionTokenGeneratedByUserLifespan-verify-email" : "",
- "clientOfflineSessionIdleTimeout" : "0",
- "actionTokenGeneratedByUserLifespan-reset-credentials" : "",
- "cibaInterval" : "5",
- "realmReusableOtpCode" : "false",
- "cibaExpiresIn" : "120",
- "oauth2DeviceCodeLifespan" : "600",
- "actionTokenGeneratedByUserLifespan-idp-verify-account-via-email" : "",
- "parRequestUriLifespan" : "60",
- "clientSessionMaxLifespan" : "0",
- "organizationsEnabled" : "false",
- "shortVerificationUri" : ""
- },
- "keycloakVersion" : "26.0.4",
- "userManagedAccessAllowed" : false,
- "organizationsEnabled" : false,
- "clientProfiles" : {
- "profiles" : [ ]
- },
- "clientPolicies" : {
- "policies" : [ ]
- }
- }
- master-realm.json: |-
- {
- "id" : "afe47bd0-61f8-40c3-95cb-04930407ebdd",
- "realm" : "master",
- "displayName" : "Keycloak",
- "displayNameHtml" : "",
- "notBefore" : 0,
- "defaultSignatureAlgorithm" : "RS256",
- "revokeRefreshToken" : false,
- "refreshTokenMaxReuse" : 0,
- "accessTokenLifespan" : 60,
- "accessTokenLifespanForImplicitFlow" : 900,
- "ssoSessionIdleTimeout" : 1800,
- "ssoSessionMaxLifespan" : 36000,
- "ssoSessionIdleTimeoutRememberMe" : 0,
- "ssoSessionMaxLifespanRememberMe" : 0,
- "offlineSessionIdleTimeout" : 2592000,
- "offlineSessionMaxLifespanEnabled" : false,
- "offlineSessionMaxLifespan" : 5184000,
- "clientSessionIdleTimeout" : 0,
- "clientSessionMaxLifespan" : 0,
- "clientOfflineSessionIdleTimeout" : 0,
- "clientOfflineSessionMaxLifespan" : 0,
- "accessCodeLifespan" : 60,
- "accessCodeLifespanUserAction" : 300,
- "accessCodeLifespanLogin" : 1800,
- "actionTokenGeneratedByAdminLifespan" : 43200,
- "actionTokenGeneratedByUserLifespan" : 300,
- "oauth2DeviceCodeLifespan" : 600,
- "oauth2DevicePollingInterval" : 5,
- "enabled" : true,
- "sslRequired" : "external",
- "registrationAllowed" : false,
- "registrationEmailAsUsername" : false,
- "rememberMe" : false,
- "verifyEmail" : false,
- "loginWithEmailAllowed" : true,
- "duplicateEmailsAllowed" : false,
- "resetPasswordAllowed" : false,
- "editUsernameAllowed" : false,
- "bruteForceProtected" : false,
- "permanentLockout" : false,
- "maxTemporaryLockouts" : 0,
- "bruteForceStrategy" : "MULTIPLE",
- "maxFailureWaitSeconds" : 900,
- "minimumQuickLoginWaitSeconds" : 60,
- "waitIncrementSeconds" : 60,
- "quickLoginCheckMilliSeconds" : 1000,
- "maxDeltaTimeSeconds" : 43200,
- "failureFactor" : 30,
- "roles" : {
- "realm" : [ {
- "id" : "01178d3c-65eb-406b-87a1-e7144f488028",
- "name" : "default-roles-master",
- "description" : "${role_default-roles}",
- "composite" : true,
- "composites" : {
- "realm" : [ "offline_access", "uma_authorization" ],
- "client" : {
- "account" : [ "view-profile", "manage-account" ]
- }
- },
- "clientRole" : false,
- "containerId" : "afe47bd0-61f8-40c3-95cb-04930407ebdd",
- "attributes" : { }
- }, {
- "id" : "646cda2d-911d-459e-8522-b28ba3126341",
- "name" : "uma_authorization",
- "description" : "${role_uma_authorization}",
- "composite" : false,
- "clientRole" : false,
- "containerId" : "afe47bd0-61f8-40c3-95cb-04930407ebdd",
- "attributes" : { }
- }, {
- "id" : "344b3b83-99f7-43f7-8533-76f64195eab6",
- "name" : "offline_access",
- "description" : "${role_offline-access}",
- "composite" : false,
- "clientRole" : false,
- "containerId" : "afe47bd0-61f8-40c3-95cb-04930407ebdd",
- "attributes" : { }
- }, {
- "id" : "9ca176f3-c0c8-4ba1-8364-c38f3ce4f88b",
- "name" : "admin",
- "description" : "${role_admin}",
- "composite" : true,
- "composites" : {
- "realm" : [ "create-realm" ],
- "client" : {
- "master-realm" : [ "manage-realm", "view-events", "view-authorization", "manage-authorization", "query-realms", "query-clients", "manage-clients", "view-clients", "create-client", "impersonation", "query-users", "view-identity-providers", "manage-users", "manage-events", "view-realm", "query-groups", "manage-identity-providers", "view-users" ],
- "dbrepo-realm" : [ "manage-users", "query-realms", "query-groups", "manage-identity-providers", "manage-events", "manage-authorization", "query-users", "manage-clients", "view-users", "view-events", "view-authorization", "query-clients", "view-identity-providers", "view-realm", "view-clients", "create-client", "manage-realm", "impersonation" ]
- }
- },
- "clientRole" : false,
- "containerId" : "afe47bd0-61f8-40c3-95cb-04930407ebdd",
- "attributes" : { }
- }, {
- "id" : "6e765f03-5dee-4061-b027-c3ec41114329",
- "name" : "default-system-roles",
- "description" : "${default-system-roles}",
- "composite" : true,
- "composites" : {
- "realm" : [ "create-realm", "default-roles-master", "default-system-roles", "offline_access", "admin", "uma_authorization" ]
- },
- "clientRole" : false,
- "containerId" : "afe47bd0-61f8-40c3-95cb-04930407ebdd",
- "attributes" : { }
- }, {
- "id" : "3da4e842-c3cc-4bcd-a2f0-dec1ec36f3c5",
- "name" : "create-realm",
- "description" : "${role_create-realm}",
- "composite" : false,
- "clientRole" : false,
- "containerId" : "afe47bd0-61f8-40c3-95cb-04930407ebdd",
- "attributes" : { }
- } ],
- "client" : {
- "security-admin-console" : [ ],
- "admin-cli" : [ ],
- "account-console" : [ ],
- "broker" : [ {
- "id" : "07de46e9-cc5c-4b50-8904-14443ed4d1f1",
- "name" : "read-token",
- "description" : "${role_read-token}",
- "composite" : false,
- "clientRole" : true,
- "containerId" : "217563ea-11c7-4c96-969b-af076d740f7c",
- "attributes" : { }
- } ],
- "master-realm" : [ {
- "id" : "5c8f38f8-0a16-4f92-8fa2-81a6301f6215",
- "name" : "create-client",
- "description" : "${role_create-client}",
- "composite" : false,
- "clientRole" : true,
- "containerId" : "9a451e5c-a55a-4872-bee1-58af763101a1",
- "attributes" : { }
- }, {
- "id" : "d0ab2e61-c7e4-49f3-9af2-965f20ec725a",
- "name" : "manage-realm",
- "description" : "${role_manage-realm}",
- "composite" : false,
- "clientRole" : true,
- "containerId" : "9a451e5c-a55a-4872-bee1-58af763101a1",
- "attributes" : { }
- }, {
- "id" : "89d438ee-957d-435c-b201-5be06aee01fd",
- "name" : "view-events",
- "description" : "${role_view-events}",
- "composite" : false,
- "clientRole" : true,
- "containerId" : "9a451e5c-a55a-4872-bee1-58af763101a1",
- "attributes" : { }
- }, {
- "id" : "664a9190-f73f-4f83-83bc-a2185cea334c",
- "name" : "view-authorization",
- "description" : "${role_view-authorization}",
- "composite" : false,
- "clientRole" : true,
- "containerId" : "9a451e5c-a55a-4872-bee1-58af763101a1",
- "attributes" : { }
- }, {
- "id" : "b3c0e4db-5a09-4d1e-9ced-96a34efb6398",
- "name" : "manage-authorization",
- "description" : "${role_manage-authorization}",
- "composite" : false,
- "clientRole" : true,
- "containerId" : "9a451e5c-a55a-4872-bee1-58af763101a1",
- "attributes" : { }
- }, {
- "id" : "5cd61b20-da2b-4fed-b0c3-2fb5819ab06b",
- "name" : "query-realms",
- "description" : "${role_query-realms}",
- "composite" : false,
- "clientRole" : true,
- "containerId" : "9a451e5c-a55a-4872-bee1-58af763101a1",
- "attributes" : { }
- }, {
- "id" : "94ceae4b-2cb8-4d10-bf11-8ce5c1ec9c55",
- "name" : "impersonation",
- "description" : "${role_impersonation}",
- "composite" : false,
- "clientRole" : true,
- "containerId" : "9a451e5c-a55a-4872-bee1-58af763101a1",
- "attributes" : { }
- }, {
- "id" : "77072e30-3941-4b32-a8c8-76993fc507bb",
- "name" : "query-users",
- "description" : "${role_query-users}",
- "composite" : false,
- "clientRole" : true,
- "containerId" : "9a451e5c-a55a-4872-bee1-58af763101a1",
- "attributes" : { }
- }, {
- "id" : "ea00baa8-f64d-409d-936d-ecf0adec5a57",
- "name" : "view-identity-providers",
- "description" : "${role_view-identity-providers}",
- "composite" : false,
- "clientRole" : true,
- "containerId" : "9a451e5c-a55a-4872-bee1-58af763101a1",
- "attributes" : { }
- }, {
- "id" : "fb2c167e-fb6b-4db5-b0bf-d2c8454ceee5",
- "name" : "manage-users",
- "description" : "${role_manage-users}",
- "composite" : false,
- "clientRole" : true,
- "containerId" : "9a451e5c-a55a-4872-bee1-58af763101a1",
- "attributes" : { }
- }, {
- "id" : "f0370bc0-15d6-43f1-82bc-7d31f37b19e4",
- "name" : "manage-events",
- "description" : "${role_manage-events}",
- "composite" : false,
- "clientRole" : true,
- "containerId" : "9a451e5c-a55a-4872-bee1-58af763101a1",
- "attributes" : { }
- }, {
- "id" : "f0448680-b803-471e-8d0a-ec3e34a24228",
- "name" : "view-realm",
- "description" : "${role_view-realm}",
- "composite" : false,
- "clientRole" : true,
- "containerId" : "9a451e5c-a55a-4872-bee1-58af763101a1",
- "attributes" : { }
- }, {
- "id" : "dfdf768b-ac34-4491-b5d2-0938242e7e48",
- "name" : "query-groups",
- "description" : "${role_query-groups}",
- "composite" : false,
- "clientRole" : true,
- "containerId" : "9a451e5c-a55a-4872-bee1-58af763101a1",
- "attributes" : { }
- }, {
- "id" : "d5ff044b-c4e0-4197-8f51-833e8a956396",
- "name" : "query-clients",
- "description" : "${role_query-clients}",
- "composite" : false,
- "clientRole" : true,
- "containerId" : "9a451e5c-a55a-4872-bee1-58af763101a1",
- "attributes" : { }
- }, {
- "id" : "aaf73aa0-52a3-4833-8521-1eb1312b9f33",
- "name" : "manage-identity-providers",
- "description" : "${role_manage-identity-providers}",
- "composite" : false,
- "clientRole" : true,
- "containerId" : "9a451e5c-a55a-4872-bee1-58af763101a1",
- "attributes" : { }
- }, {
- "id" : "fa08c54a-1f0c-4392-bf6a-a698bf3d164b",
- "name" : "view-users",
- "description" : "${role_view-users}",
- "composite" : true,
- "composites" : {
- "client" : {
- "master-realm" : [ "query-groups", "query-users" ]
- }
- },
- "clientRole" : true,
- "containerId" : "9a451e5c-a55a-4872-bee1-58af763101a1",
- "attributes" : { }
- }, {
- "id" : "fd317e90-0b34-4263-8906-caa9d6000b28",
- "name" : "manage-clients",
- "description" : "${role_manage-clients}",
- "composite" : false,
- "clientRole" : true,
- "containerId" : "9a451e5c-a55a-4872-bee1-58af763101a1",
- "attributes" : { }
- }, {
- "id" : "162f12db-6d7f-4c53-905c-3f4bbd80fd58",
- "name" : "view-clients",
- "description" : "${role_view-clients}",
- "composite" : true,
- "composites" : {
- "client" : {
- "master-realm" : [ "query-clients" ]
- }
- },
- "clientRole" : true,
- "containerId" : "9a451e5c-a55a-4872-bee1-58af763101a1",
- "attributes" : { }
- } ],
- "account" : [ {
- "id" : "50c2778e-15fa-4c14-9414-5937649eb89f",
- "name" : "delete-account",
- "description" : "${role_delete-account}",
- "composite" : false,
- "clientRole" : true,
- "containerId" : "b63c04db-23a8-432b-a6a7-1a4c9a5d1cad",
- "attributes" : { }
- }, {
- "id" : "083c3506-866a-4b85-ae57-bab1c29ac33e",
- "name" : "view-groups",
- "description" : "${role_view-groups}",
- "composite" : false,
- "clientRole" : true,
- "containerId" : "b63c04db-23a8-432b-a6a7-1a4c9a5d1cad",
- "attributes" : { }
- }, {
- "id" : "a1942880-1a32-402c-b9bb-e8f5edf2ba1a",
- "name" : "view-profile",
- "description" : "${role_view-profile}",
- "composite" : false,
- "clientRole" : true,
- "containerId" : "b63c04db-23a8-432b-a6a7-1a4c9a5d1cad",
- "attributes" : { }
- }, {
- "id" : "a69f73d6-ce42-41e6-b341-30a2d99caba8",
- "name" : "manage-account-links",
- "description" : "${role_manage-account-links}",
- "composite" : false,
- "clientRole" : true,
- "containerId" : "b63c04db-23a8-432b-a6a7-1a4c9a5d1cad",
- "attributes" : { }
- }, {
- "id" : "ac22aeec-062a-4fc0-ac79-aa849ee55d84",
- "name" : "manage-consent",
- "description" : "${role_manage-consent}",
- "composite" : true,
- "composites" : {
- "client" : {
- "account" : [ "view-consent" ]
- }
- },
- "clientRole" : true,
- "containerId" : "b63c04db-23a8-432b-a6a7-1a4c9a5d1cad",
- "attributes" : { }
- }, {
- "id" : "ad45329d-0efa-4505-906a-5a69b6c8414a",
- "name" : "view-applications",
- "description" : "${role_view-applications}",
- "composite" : false,
- "clientRole" : true,
- "containerId" : "b63c04db-23a8-432b-a6a7-1a4c9a5d1cad",
- "attributes" : { }
- }, {
- "id" : "8c0bfbdf-1914-4522-9024-ef0e6e91be9d",
- "name" : "view-consent",
- "description" : "${role_view-consent}",
- "composite" : false,
- "clientRole" : true,
- "containerId" : "b63c04db-23a8-432b-a6a7-1a4c9a5d1cad",
- "attributes" : { }
- }, {
- "id" : "f34de6ff-a5aa-41a7-a8d2-87bdfa850c50",
- "name" : "manage-account",
- "description" : "${role_manage-account}",
- "composite" : true,
- "composites" : {
- "client" : {
- "account" : [ "manage-account-links" ]
- }
- },
- "clientRole" : true,
- "containerId" : "b63c04db-23a8-432b-a6a7-1a4c9a5d1cad",
- "attributes" : { }
- } ],
- "dbrepo-realm" : [ {
- "id" : "89292ccf-3b12-4c8b-a615-966ddcf14556",
- "name" : "manage-users",
- "description" : "${role_manage-users}",
- "composite" : false,
- "clientRole" : true,
- "containerId" : "c10597a2-3888-43c4-9d60-1a90a6a4d490",
- "attributes" : { }
- }, {
- "id" : "784f2fdf-a090-4452-8a02-d9cc8227df8f",
- "name" : "view-authorization",
- "description" : "${role_view-authorization}",
- "composite" : false,
- "clientRole" : true,
- "containerId" : "c10597a2-3888-43c4-9d60-1a90a6a4d490",
- "attributes" : { }
- }, {
- "id" : "57a70a96-bc56-4629-8d2b-86c68ac1c6f6",
- "name" : "query-realms",
- "description" : "${role_query-realms}",
- "composite" : false,
- "clientRole" : true,
- "containerId" : "c10597a2-3888-43c4-9d60-1a90a6a4d490",
- "attributes" : { }
- }, {
- "id" : "60349d70-ba29-426d-9c05-df0b11e1a73b",
- "name" : "query-clients",
- "description" : "${role_query-clients}",
- "composite" : false,
- "clientRole" : true,
- "containerId" : "c10597a2-3888-43c4-9d60-1a90a6a4d490",
- "attributes" : { }
- }, {
- "id" : "c07819ae-8951-4dc4-af4d-bca93c60eb5a",
- "name" : "view-identity-providers",
- "description" : "${role_view-identity-providers}",
- "composite" : false,
- "clientRole" : true,
- "containerId" : "c10597a2-3888-43c4-9d60-1a90a6a4d490",
- "attributes" : { }
- }, {
- "id" : "86842bf0-7f63-4053-8389-2ec5401cb2a9",
- "name" : "query-groups",
- "description" : "${role_query-groups}",
- "composite" : false,
- "clientRole" : true,
- "containerId" : "c10597a2-3888-43c4-9d60-1a90a6a4d490",
- "attributes" : { }
- }, {
- "id" : "0a1579a0-76c5-4ee3-90cc-c924827b7492",
- "name" : "view-realm",
- "description" : "${role_view-realm}",
- "composite" : false,
- "clientRole" : true,
- "containerId" : "c10597a2-3888-43c4-9d60-1a90a6a4d490",
- "attributes" : { }
- }, {
- "id" : "4eb0d05c-38c7-4d45-b858-ad7011df0ac0",
- "name" : "manage-identity-providers",
- "description" : "${role_manage-identity-providers}",
- "composite" : false,
- "clientRole" : true,
- "containerId" : "c10597a2-3888-43c4-9d60-1a90a6a4d490",
- "attributes" : { }
- }, {
- "id" : "d4ff5a03-21e8-440c-9ccb-690ecbb89684",
- "name" : "manage-events",
- "description" : "${role_manage-events}",
- "composite" : false,
- "clientRole" : true,
- "containerId" : "c10597a2-3888-43c4-9d60-1a90a6a4d490",
- "attributes" : { }
- }, {
- "id" : "00d523c3-e9c7-45c3-8221-0b6d6c82cd5d",
- "name" : "manage-authorization",
- "description" : "${role_manage-authorization}",
- "composite" : false,
- "clientRole" : true,
- "containerId" : "c10597a2-3888-43c4-9d60-1a90a6a4d490",
- "attributes" : { }
- }, {
- "id" : "c441f018-7113-4fcb-8208-10ab4bd4bb27",
- "name" : "view-clients",
- "description" : "${role_view-clients}",
- "composite" : true,
- "composites" : {
- "client" : {
- "dbrepo-realm" : [ "query-clients" ]
- }
- },
- "clientRole" : true,
- "containerId" : "c10597a2-3888-43c4-9d60-1a90a6a4d490",
- "attributes" : { }
- }, {
- "id" : "a146533f-fbf3-4513-8505-cf44473f5459",
- "name" : "create-client",
- "description" : "${role_create-client}",
- "composite" : false,
- "clientRole" : true,
- "containerId" : "c10597a2-3888-43c4-9d60-1a90a6a4d490",
- "attributes" : { }
- }, {
- "id" : "d3d0ed01-05a5-4812-8fa7-9231f71e61fa",
- "name" : "query-users",
- "description" : "${role_query-users}",
- "composite" : false,
- "clientRole" : true,
- "containerId" : "c10597a2-3888-43c4-9d60-1a90a6a4d490",
- "attributes" : { }
- }, {
- "id" : "fcaed53d-022a-416d-b207-a6ae694a9384",
- "name" : "manage-clients",
- "description" : "${role_manage-clients}",
- "composite" : false,
- "clientRole" : true,
- "containerId" : "c10597a2-3888-43c4-9d60-1a90a6a4d490",
- "attributes" : { }
- }, {
- "id" : "cefdb023-0eec-4c05-93d7-8b557bb28a81",
- "name" : "view-users",
- "description" : "${role_view-users}",
- "composite" : true,
- "composites" : {
- "client" : {
- "dbrepo-realm" : [ "query-users", "query-groups" ]
- }
- },
- "clientRole" : true,
- "containerId" : "c10597a2-3888-43c4-9d60-1a90a6a4d490",
- "attributes" : { }
- }, {
- "id" : "44d13b2a-a2b5-4f3b-bea1-4ab550205e12",
- "name" : "manage-realm",
- "description" : "${role_manage-realm}",
- "composite" : false,
- "clientRole" : true,
- "containerId" : "c10597a2-3888-43c4-9d60-1a90a6a4d490",
- "attributes" : { }
- }, {
- "id" : "17378e7a-9a78-4e92-ae0b-6bdfadede2d5",
- "name" : "impersonation",
- "description" : "${role_impersonation}",
- "composite" : false,
- "clientRole" : true,
- "containerId" : "c10597a2-3888-43c4-9d60-1a90a6a4d490",
- "attributes" : { }
- }, {
- "id" : "7810ab39-c546-456c-81eb-7ee09492da92",
- "name" : "view-events",
- "description" : "${role_view-events}",
- "composite" : false,
- "clientRole" : true,
- "containerId" : "c10597a2-3888-43c4-9d60-1a90a6a4d490",
- "attributes" : { }
- } ]
- }
- },
- "groups" : [ {
- "id" : "1fcdbec1-9c86-4a14-a859-425b43cf73cb",
- "name" : "system",
- "path" : "/system",
- "subGroups" : [ ],
- "attributes" : { },
- "realmRoles" : [ "default-roles-master", "default-system-roles", "admin", "create-realm" ],
- "clientRoles" : { }
- } ],
- "defaultRole" : {
- "id" : "01178d3c-65eb-406b-87a1-e7144f488028",
- "name" : "default-roles-master",
- "description" : "${role_default-roles}",
- "composite" : true,
- "clientRole" : false,
- "containerId" : "afe47bd0-61f8-40c3-95cb-04930407ebdd"
- },
- "requiredCredentials" : [ "password" ],
- "passwordPolicy" : "length(8) and maxLength(64) and specialChars(1) and lowerCase(1) and upperCase(1) and digits(1)",
- "otpPolicyType" : "totp",
- "otpPolicyAlgorithm" : "HmacSHA1",
- "otpPolicyInitialCounter" : 0,
- "otpPolicyDigits" : 6,
- "otpPolicyLookAheadWindow" : 1,
- "otpPolicyPeriod" : 30,
- "otpPolicyCodeReusable" : false,
- "otpSupportedApplications" : [ "totpAppFreeOTPName", "totpAppGoogleName", "totpAppMicrosoftAuthenticatorName" ],
- "localizationTexts" : { },
- "webAuthnPolicyRpEntityName" : "keycloak",
- "webAuthnPolicySignatureAlgorithms" : [ "ES256", "RS256" ],
- "webAuthnPolicyRpId" : "",
- "webAuthnPolicyAttestationConveyancePreference" : "not specified",
- "webAuthnPolicyAuthenticatorAttachment" : "not specified",
- "webAuthnPolicyRequireResidentKey" : "not specified",
- "webAuthnPolicyUserVerificationRequirement" : "not specified",
- "webAuthnPolicyCreateTimeout" : 0,
- "webAuthnPolicyAvoidSameAuthenticatorRegister" : false,
- "webAuthnPolicyAcceptableAaguids" : [ ],
- "webAuthnPolicyExtraOrigins" : [ ],
- "webAuthnPolicyPasswordlessRpEntityName" : "keycloak",
- "webAuthnPolicyPasswordlessSignatureAlgorithms" : [ "ES256", "RS256" ],
- "webAuthnPolicyPasswordlessRpId" : "",
- "webAuthnPolicyPasswordlessAttestationConveyancePreference" : "not specified",
- "webAuthnPolicyPasswordlessAuthenticatorAttachment" : "not specified",
- "webAuthnPolicyPasswordlessRequireResidentKey" : "not specified",
- "webAuthnPolicyPasswordlessUserVerificationRequirement" : "not specified",
- "webAuthnPolicyPasswordlessCreateTimeout" : 0,
- "webAuthnPolicyPasswordlessAvoidSameAuthenticatorRegister" : false,
- "webAuthnPolicyPasswordlessAcceptableAaguids" : [ ],
- "webAuthnPolicyPasswordlessExtraOrigins" : [ ],
- "scopeMappings" : [ {
- "clientScope" : "offline_access",
- "roles" : [ "offline_access" ]
- } ],
- "clientScopeMappings" : {
- "account" : [ {
- "client" : "account-console",
- "roles" : [ "manage-account", "view-groups" ]
- } ]
- },
- "clients" : [ {
- "id" : "b63c04db-23a8-432b-a6a7-1a4c9a5d1cad",
- "clientId" : "account",
- "name" : "${client_account}",
- "rootUrl" : "${authBaseUrl}",
- "baseUrl" : "/realms/master/account/",
- "surrogateAuthRequired" : false,
- "enabled" : true,
- "alwaysDisplayInConsole" : false,
- "clientAuthenticatorType" : "client-secret",
- "redirectUris" : [ "/realms/master/account/*" ],
- "webOrigins" : [ ],
- "notBefore" : 0,
- "bearerOnly" : false,
- "consentRequired" : false,
- "standardFlowEnabled" : true,
- "implicitFlowEnabled" : false,
- "directAccessGrantsEnabled" : false,
- "serviceAccountsEnabled" : false,
- "publicClient" : true,
- "frontchannelLogout" : false,
- "protocol" : "openid-connect",
- "attributes" : {
- "realm_client" : "false",
- "post.logout.redirect.uris" : "+"
- },
- "authenticationFlowBindingOverrides" : { },
- "fullScopeAllowed" : false,
- "nodeReRegistrationTimeout" : 0,
- "defaultClientScopes" : [ "web-origins", "acr", "roles", "profile", "basic", "email" ],
- "optionalClientScopes" : [ "address", "phone", "organization", "offline_access", "microprofile-jwt" ]
- }, {
- "id" : "1af255f9-7eee-415c-9096-3a717d2c5150",
- "clientId" : "account-console",
- "name" : "${client_account-console}",
- "rootUrl" : "${authBaseUrl}",
- "baseUrl" : "/realms/master/account/",
- "surrogateAuthRequired" : false,
- "enabled" : true,
- "alwaysDisplayInConsole" : false,
- "clientAuthenticatorType" : "client-secret",
- "redirectUris" : [ "/realms/master/account/*" ],
- "webOrigins" : [ ],
- "notBefore" : 0,
- "bearerOnly" : false,
- "consentRequired" : false,
- "standardFlowEnabled" : true,
- "implicitFlowEnabled" : false,
- "directAccessGrantsEnabled" : false,
- "serviceAccountsEnabled" : false,
- "publicClient" : true,
- "frontchannelLogout" : false,
- "protocol" : "openid-connect",
- "attributes" : {
- "realm_client" : "false",
- "post.logout.redirect.uris" : "+",
- "pkce.code.challenge.method" : "S256"
- },
- "authenticationFlowBindingOverrides" : { },
- "fullScopeAllowed" : false,
- "nodeReRegistrationTimeout" : 0,
- "protocolMappers" : [ {
- "id" : "63d1e47d-6e61-4f36-8a5b-98384a782d60",
- "name" : "audience resolve",
- "protocol" : "openid-connect",
- "protocolMapper" : "oidc-audience-resolve-mapper",
- "consentRequired" : false,
- "config" : { }
- } ],
- "defaultClientScopes" : [ "web-origins", "acr", "roles", "profile", "basic", "email" ],
- "optionalClientScopes" : [ "address", "phone", "organization", "offline_access", "microprofile-jwt" ]
- }, {
- "id" : "65ce3e14-5e30-424a-a6bd-0b194da203ef",
- "clientId" : "admin-cli",
- "name" : "${client_admin-cli}",
- "surrogateAuthRequired" : false,
- "enabled" : true,
- "alwaysDisplayInConsole" : false,
- "clientAuthenticatorType" : "client-secret",
- "redirectUris" : [ ],
- "webOrigins" : [ ],
- "notBefore" : 0,
- "bearerOnly" : false,
- "consentRequired" : false,
- "standardFlowEnabled" : false,
- "implicitFlowEnabled" : false,
- "directAccessGrantsEnabled" : true,
- "serviceAccountsEnabled" : false,
- "publicClient" : true,
- "frontchannelLogout" : false,
- "protocol" : "openid-connect",
- "attributes" : {
- "realm_client" : "false",
- "client.use.lightweight.access.token.enabled" : "true",
- "post.logout.redirect.uris" : "+"
- },
- "authenticationFlowBindingOverrides" : { },
- "fullScopeAllowed" : true,
- "nodeReRegistrationTimeout" : 0,
- "defaultClientScopes" : [ "web-origins", "acr", "roles", "profile", "basic", "email" ],
- "optionalClientScopes" : [ "address", "phone", "organization", "offline_access", "microprofile-jwt" ]
- }, {
- "id" : "217563ea-11c7-4c96-969b-af076d740f7c",
- "clientId" : "broker",
- "name" : "${client_broker}",
- "surrogateAuthRequired" : false,
- "enabled" : true,
- "alwaysDisplayInConsole" : false,
- "clientAuthenticatorType" : "client-secret",
- "redirectUris" : [ ],
- "webOrigins" : [ ],
- "notBefore" : 0,
- "bearerOnly" : true,
- "consentRequired" : false,
- "standardFlowEnabled" : true,
- "implicitFlowEnabled" : false,
- "directAccessGrantsEnabled" : false,
- "serviceAccountsEnabled" : false,
- "publicClient" : false,
- "frontchannelLogout" : false,
- "protocol" : "openid-connect",
- "attributes" : {
- "realm_client" : "true",
- "post.logout.redirect.uris" : "+"
- },
- "authenticationFlowBindingOverrides" : { },
- "fullScopeAllowed" : false,
- "nodeReRegistrationTimeout" : 0,
- "defaultClientScopes" : [ "web-origins", "acr", "roles", "profile", "basic", "email" ],
- "optionalClientScopes" : [ "address", "phone", "organization", "offline_access", "microprofile-jwt" ]
- }, {
- "id" : "c10597a2-3888-43c4-9d60-1a90a6a4d490",
- "clientId" : "dbrepo-realm",
- "name" : "dbrepo Realm",
- "surrogateAuthRequired" : false,
- "enabled" : true,
- "alwaysDisplayInConsole" : false,
- "clientAuthenticatorType" : "client-secret",
- "redirectUris" : [ ],
- "webOrigins" : [ ],
- "notBefore" : 0,
- "bearerOnly" : true,
- "consentRequired" : false,
- "standardFlowEnabled" : true,
- "implicitFlowEnabled" : false,
- "directAccessGrantsEnabled" : false,
- "serviceAccountsEnabled" : false,
- "publicClient" : false,
- "frontchannelLogout" : false,
- "protocol" : "openid-connect",
- "attributes" : {
- "realm_client" : "true",
- "post.logout.redirect.uris" : "+"
- },
- "authenticationFlowBindingOverrides" : { },
- "fullScopeAllowed" : false,
- "nodeReRegistrationTimeout" : 0,
- "defaultClientScopes" : [ ],
- "optionalClientScopes" : [ ]
- }, {
- "id" : "9a451e5c-a55a-4872-bee1-58af763101a1",
- "clientId" : "master-realm",
- "name" : "master Realm",
- "surrogateAuthRequired" : false,
- "enabled" : true,
- "alwaysDisplayInConsole" : false,
- "clientAuthenticatorType" : "client-secret",
- "redirectUris" : [ ],
- "webOrigins" : [ ],
- "notBefore" : 0,
- "bearerOnly" : true,
- "consentRequired" : false,
- "standardFlowEnabled" : true,
- "implicitFlowEnabled" : false,
- "directAccessGrantsEnabled" : false,
- "serviceAccountsEnabled" : false,
- "publicClient" : false,
- "frontchannelLogout" : false,
- "protocol" : "openid-connect",
- "attributes" : {
- "realm_client" : "true",
- "post.logout.redirect.uris" : "+"
- },
- "authenticationFlowBindingOverrides" : { },
- "fullScopeAllowed" : false,
- "nodeReRegistrationTimeout" : 0,
- "defaultClientScopes" : [ "web-origins", "acr", "roles", "profile", "basic", "email" ],
- "optionalClientScopes" : [ "address", "phone", "organization", "offline_access", "microprofile-jwt" ]
- }, {
- "id" : "b2a24dc7-01d2-4a5a-8385-8b06d2b8a3fb",
- "clientId" : "security-admin-console",
- "name" : "${client_security-admin-console}",
- "rootUrl" : "${authAdminUrl}",
- "baseUrl" : "/admin/master/console/",
- "surrogateAuthRequired" : false,
- "enabled" : true,
- "alwaysDisplayInConsole" : false,
- "clientAuthenticatorType" : "client-secret",
- "redirectUris" : [ "/admin/master/console/*" ],
- "webOrigins" : [ "+" ],
- "notBefore" : 0,
- "bearerOnly" : false,
- "consentRequired" : false,
- "standardFlowEnabled" : true,
- "implicitFlowEnabled" : false,
- "directAccessGrantsEnabled" : false,
- "serviceAccountsEnabled" : false,
- "publicClient" : true,
- "frontchannelLogout" : false,
- "protocol" : "openid-connect",
- "attributes" : {
- "realm_client" : "false",
- "client.use.lightweight.access.token.enabled" : "true",
- "post.logout.redirect.uris" : "+",
- "pkce.code.challenge.method" : "S256"
- },
- "authenticationFlowBindingOverrides" : { },
- "fullScopeAllowed" : true,
- "nodeReRegistrationTimeout" : 0,
- "protocolMappers" : [ {
- "id" : "54d1c74b-4eb6-483b-88b5-261964dd182a",
- "name" : "locale",
- "protocol" : "openid-connect",
- "protocolMapper" : "oidc-usermodel-attribute-mapper",
- "consentRequired" : false,
- "config" : {
- "introspection.token.claim" : "true",
- "userinfo.token.claim" : "true",
- "user.attribute" : "locale",
- "id.token.claim" : "true",
- "access.token.claim" : "true",
- "claim.name" : "locale",
- "jsonType.label" : "String"
- }
- } ],
- "defaultClientScopes" : [ "web-origins", "acr", "roles", "profile", "basic", "email" ],
- "optionalClientScopes" : [ "address", "phone", "organization", "offline_access", "microprofile-jwt" ]
- } ],
- "clientScopes" : [ {
- "id" : "12ce4fa5-b53e-47dc-b70f-caf2110e31cd",
- "name" : "address",
- "description" : "OpenID Connect built-in scope: address",
- "protocol" : "openid-connect",
- "attributes" : {
- "include.in.token.scope" : "true",
- "consent.screen.text" : "${addressScopeConsentText}",
- "display.on.consent.screen" : "true"
- },
- "protocolMappers" : [ {
- "id" : "4aed5e41-0d8d-4c24-80a0-cd9822072756",
- "name" : "address",
- "protocol" : "openid-connect",
- "protocolMapper" : "oidc-address-mapper",
- "consentRequired" : false,
- "config" : {
- "user.attribute.formatted" : "formatted",
- "user.attribute.country" : "country",
- "introspection.token.claim" : "true",
- "user.attribute.postal_code" : "postal_code",
- "userinfo.token.claim" : "true",
- "user.attribute.street" : "street",
- "id.token.claim" : "true",
- "user.attribute.region" : "region",
- "access.token.claim" : "true",
- "user.attribute.locality" : "locality"
- }
- } ]
- }, {
- "id" : "a7683fe7-1c8b-44f8-9be7-a28acdffa61e",
- "name" : "organization",
- "description" : "Additional claims about the organization a subject belongs to",
- "protocol" : "openid-connect",
- "attributes" : {
- "include.in.token.scope" : "true",
- "consent.screen.text" : "${organizationScopeConsentText}",
- "display.on.consent.screen" : "true"
- },
- "protocolMappers" : [ {
- "id" : "5e80a7d2-c9d0-48e1-aadc-d8848ff90f92",
- "name" : "organization",
- "protocol" : "openid-connect",
- "protocolMapper" : "oidc-organization-membership-mapper",
- "consentRequired" : false,
- "config" : {
- "introspection.token.claim" : "true",
- "multivalued" : "true",
- "userinfo.token.claim" : "true",
- "id.token.claim" : "true",
- "access.token.claim" : "true",
- "claim.name" : "organization",
- "jsonType.label" : "String"
- }
- } ]
- }, {
- "id" : "1be1e284-2749-4bbb-890a-2d519cc1531c",
- "name" : "service_account",
- "description" : "Specific scope for a client enabled for service accounts",
- "protocol" : "openid-connect",
- "attributes" : {
- "include.in.token.scope" : "false",
- "display.on.consent.screen" : "false"
- },
- "protocolMappers" : [ {
- "id" : "c913a673-cf66-4493-a2ed-14556c07617c",
- "name" : "Client ID",
- "protocol" : "openid-connect",
- "protocolMapper" : "oidc-usersessionmodel-note-mapper",
- "consentRequired" : false,
- "config" : {
- "user.session.note" : "client_id",
- "introspection.token.claim" : "true",
- "userinfo.token.claim" : "true",
- "id.token.claim" : "true",
- "access.token.claim" : "true",
- "claim.name" : "client_id",
- "jsonType.label" : "String"
- }
- }, {
- "id" : "5c244d68-5c63-4356-ac71-5a586f40c77e",
- "name" : "Client IP Address",
- "protocol" : "openid-connect",
- "protocolMapper" : "oidc-usersessionmodel-note-mapper",
- "consentRequired" : false,
- "config" : {
- "user.session.note" : "clientAddress",
- "introspection.token.claim" : "true",
- "userinfo.token.claim" : "true",
- "id.token.claim" : "true",
- "access.token.claim" : "true",
- "claim.name" : "clientAddress",
- "jsonType.label" : "String"
- }
- }, {
- "id" : "600285d4-ae51-4b39-a7be-bb83cf5870db",
- "name" : "Client Host",
- "protocol" : "openid-connect",
- "protocolMapper" : "oidc-usersessionmodel-note-mapper",
- "consentRequired" : false,
- "config" : {
- "user.session.note" : "clientHost",
- "introspection.token.claim" : "true",
- "userinfo.token.claim" : "true",
- "id.token.claim" : "true",
- "access.token.claim" : "true",
- "claim.name" : "clientHost",
- "jsonType.label" : "String"
- }
- } ]
- }, {
- "id" : "0411ea86-a074-4781-850d-ea3ca94590a2",
- "name" : "offline_access",
- "description" : "OpenID Connect built-in scope: offline_access",
- "protocol" : "openid-connect",
- "attributes" : {
- "consent.screen.text" : "${offlineAccessScopeConsentText}",
- "display.on.consent.screen" : "true"
- }
- }, {
- "id" : "4363ea0f-c7e9-43f3-8611-146514c37b47",
- "name" : "basic",
- "description" : "OpenID Connect scope for add all basic claims to the token",
- "protocol" : "openid-connect",
- "attributes" : {
- "include.in.token.scope" : "false",
- "display.on.consent.screen" : "false"
- },
- "protocolMappers" : [ {
- "id" : "0b691845-92b7-47b8-82d3-6fea760d885a",
- "name" : "sub",
- "protocol" : "openid-connect",
- "protocolMapper" : "oidc-sub-mapper",
- "consentRequired" : false,
- "config" : {
- "introspection.token.claim" : "true",
- "access.token.claim" : "true"
- }
- }, {
- "id" : "15db8f91-12c9-444c-8661-5a795856e884",
- "name" : "auth_time",
- "protocol" : "openid-connect",
- "protocolMapper" : "oidc-usersessionmodel-note-mapper",
- "consentRequired" : false,
- "config" : {
- "user.session.note" : "AUTH_TIME",
- "introspection.token.claim" : "true",
- "userinfo.token.claim" : "true",
- "id.token.claim" : "true",
- "access.token.claim" : "true",
- "claim.name" : "auth_time",
- "jsonType.label" : "long"
- }
- } ]
- }, {
- "id" : "5f9da2a4-b8d2-48cd-9343-5c8ff42ef637",
- "name" : "profile",
- "description" : "OpenID Connect built-in scope: profile",
- "protocol" : "openid-connect",
- "attributes" : {
- "include.in.token.scope" : "true",
- "consent.screen.text" : "${profileScopeConsentText}",
- "display.on.consent.screen" : "true"
- },
- "protocolMappers" : [ {
- "id" : "2d1400be-4053-4393-ba87-91b64f699054",
- "name" : "full name",
- "protocol" : "openid-connect",
- "protocolMapper" : "oidc-full-name-mapper",
- "consentRequired" : false,
- "config" : {
- "id.token.claim" : "true",
- "introspection.token.claim" : "true",
- "access.token.claim" : "true",
- "userinfo.token.claim" : "true"
- }
- }, {
- "id" : "6b12336d-589e-4023-9c51-1da3a4114a62",
- "name" : "website",
- "protocol" : "openid-connect",
- "protocolMapper" : "oidc-usermodel-attribute-mapper",
- "consentRequired" : false,
- "config" : {
- "introspection.token.claim" : "true",
- "userinfo.token.claim" : "true",
- "user.attribute" : "website",
- "id.token.claim" : "true",
- "access.token.claim" : "true",
- "claim.name" : "website",
- "jsonType.label" : "String"
- }
- }, {
- "id" : "13a7a453-3862-40b4-8a81-550172a06dc0",
- "name" : "zoneinfo",
- "protocol" : "openid-connect",
- "protocolMapper" : "oidc-usermodel-attribute-mapper",
- "consentRequired" : false,
- "config" : {
- "introspection.token.claim" : "true",
- "userinfo.token.claim" : "true",
- "user.attribute" : "zoneinfo",
- "id.token.claim" : "true",
- "access.token.claim" : "true",
- "claim.name" : "zoneinfo",
- "jsonType.label" : "String"
- }
- }, {
- "id" : "43c149fc-aaf4-486a-a279-df624d2eb47e",
- "name" : "given name",
- "protocol" : "openid-connect",
- "protocolMapper" : "oidc-usermodel-attribute-mapper",
- "consentRequired" : false,
- "config" : {
- "introspection.token.claim" : "true",
- "userinfo.token.claim" : "true",
- "user.attribute" : "firstName",
- "id.token.claim" : "true",
- "access.token.claim" : "true",
- "claim.name" : "given_name",
- "jsonType.label" : "String"
- }
- }, {
- "id" : "8bba390c-543b-4fe3-98db-e020184e5014",
- "name" : "birthdate",
- "protocol" : "openid-connect",
- "protocolMapper" : "oidc-usermodel-attribute-mapper",
- "consentRequired" : false,
- "config" : {
- "introspection.token.claim" : "true",
- "userinfo.token.claim" : "true",
- "user.attribute" : "birthdate",
- "id.token.claim" : "true",
- "access.token.claim" : "true",
- "claim.name" : "birthdate",
- "jsonType.label" : "String"
- }
- }, {
- "id" : "dc5a7474-c62a-42d6-ba98-f2b2a7a7328c",
- "name" : "nickname",
- "protocol" : "openid-connect",
- "protocolMapper" : "oidc-usermodel-attribute-mapper",
- "consentRequired" : false,
- "config" : {
- "introspection.token.claim" : "true",
- "userinfo.token.claim" : "true",
- "user.attribute" : "nickname",
- "id.token.claim" : "true",
- "access.token.claim" : "true",
- "claim.name" : "nickname",
- "jsonType.label" : "String"
- }
- }, {
- "id" : "9e02395e-5c37-46fb-8d30-0ebe6da3b7f0",
- "name" : "gender",
- "protocol" : "openid-connect",
- "protocolMapper" : "oidc-usermodel-attribute-mapper",
- "consentRequired" : false,
- "config" : {
- "introspection.token.claim" : "true",
- "userinfo.token.claim" : "true",
- "user.attribute" : "gender",
- "id.token.claim" : "true",
- "access.token.claim" : "true",
- "claim.name" : "gender",
- "jsonType.label" : "String"
- }
- }, {
- "id" : "d2f3d16d-21a8-4128-b60b-55e55046fa29",
- "name" : "profile",
- "protocol" : "openid-connect",
- "protocolMapper" : "oidc-usermodel-attribute-mapper",
- "consentRequired" : false,
- "config" : {
- "introspection.token.claim" : "true",
- "userinfo.token.claim" : "true",
- "user.attribute" : "profile",
- "id.token.claim" : "true",
- "access.token.claim" : "true",
- "claim.name" : "profile",
- "jsonType.label" : "String"
- }
- }, {
- "id" : "825cafb6-3392-491a-bb34-e607330f5170",
- "name" : "family name",
- "protocol" : "openid-connect",
- "protocolMapper" : "oidc-usermodel-attribute-mapper",
- "consentRequired" : false,
- "config" : {
- "introspection.token.claim" : "true",
- "userinfo.token.claim" : "true",
- "user.attribute" : "lastName",
- "id.token.claim" : "true",
- "access.token.claim" : "true",
- "claim.name" : "family_name",
- "jsonType.label" : "String"
- }
- }, {
- "id" : "c44ac799-cac2-4200-b71b-badab4b48d92",
- "name" : "updated at",
- "protocol" : "openid-connect",
- "protocolMapper" : "oidc-usermodel-attribute-mapper",
- "consentRequired" : false,
- "config" : {
- "introspection.token.claim" : "true",
- "userinfo.token.claim" : "true",
- "user.attribute" : "updatedAt",
- "id.token.claim" : "true",
- "access.token.claim" : "true",
- "claim.name" : "updated_at",
- "jsonType.label" : "long"
- }
- }, {
- "id" : "402b2c5f-0a7b-4520-9015-03fa9a1e2e4a",
- "name" : "picture",
- "protocol" : "openid-connect",
- "protocolMapper" : "oidc-usermodel-attribute-mapper",
- "consentRequired" : false,
- "config" : {
- "introspection.token.claim" : "true",
- "userinfo.token.claim" : "true",
- "user.attribute" : "picture",
- "id.token.claim" : "true",
- "access.token.claim" : "true",
- "claim.name" : "picture",
- "jsonType.label" : "String"
- }
- }, {
- "id" : "f34812b0-28b3-486c-8911-9394890be4f6",
- "name" : "locale",
- "protocol" : "openid-connect",
- "protocolMapper" : "oidc-usermodel-attribute-mapper",
- "consentRequired" : false,
- "config" : {
- "introspection.token.claim" : "true",
- "userinfo.token.claim" : "true",
- "user.attribute" : "locale",
- "id.token.claim" : "true",
- "access.token.claim" : "true",
- "claim.name" : "locale",
- "jsonType.label" : "String"
- }
- }, {
- "id" : "3fe6f4f2-c881-4b84-87db-8e9b9243a7f0",
- "name" : "middle name",
- "protocol" : "openid-connect",
- "protocolMapper" : "oidc-usermodel-attribute-mapper",
- "consentRequired" : false,
- "config" : {
- "introspection.token.claim" : "true",
- "userinfo.token.claim" : "true",
- "user.attribute" : "middleName",
- "id.token.claim" : "true",
- "access.token.claim" : "true",
- "claim.name" : "middle_name",
- "jsonType.label" : "String"
- }
- }, {
- "id" : "4d1465b2-c408-4a62-9821-afce35a55f12",
- "name" : "username",
- "protocol" : "openid-connect",
- "protocolMapper" : "oidc-usermodel-attribute-mapper",
- "consentRequired" : false,
- "config" : {
- "introspection.token.claim" : "true",
- "userinfo.token.claim" : "true",
- "user.attribute" : "username",
- "id.token.claim" : "true",
- "access.token.claim" : "true",
- "claim.name" : "preferred_username",
- "jsonType.label" : "String"
- }
- } ]
- }, {
- "id" : "9b03908f-dac3-4bbd-8e93-ef29e64a59ad",
- "name" : "role_list",
- "description" : "SAML role list",
- "protocol" : "saml",
- "attributes" : {
- "consent.screen.text" : "${samlRoleListScopeConsentText}",
- "display.on.consent.screen" : "true"
- },
- "protocolMappers" : [ {
- "id" : "d6678801-a0f1-4385-ae11-5dee90a9e3b4",
- "name" : "role list",
- "protocol" : "saml",
- "protocolMapper" : "saml-role-list-mapper",
- "consentRequired" : false,
- "config" : {
- "single" : "false",
- "attribute.nameformat" : "Basic",
- "attribute.name" : "Role"
- }
- } ]
- }, {
- "id" : "fa13fc44-16f6-4f82-965d-b86dfad2a984",
- "name" : "microprofile-jwt",
- "description" : "Microprofile - JWT built-in scope",
- "protocol" : "openid-connect",
- "attributes" : {
- "include.in.token.scope" : "true",
- "display.on.consent.screen" : "false"
- },
- "protocolMappers" : [ {
- "id" : "f70938d7-e91f-4c45-bfed-3b974d0e4697",
- "name" : "groups",
- "protocol" : "openid-connect",
- "protocolMapper" : "oidc-usermodel-realm-role-mapper",
- "consentRequired" : false,
- "config" : {
- "introspection.token.claim" : "true",
- "multivalued" : "true",
- "userinfo.token.claim" : "true",
- "user.attribute" : "foo",
- "id.token.claim" : "true",
- "access.token.claim" : "true",
- "claim.name" : "groups",
- "jsonType.label" : "String"
- }
- }, {
- "id" : "1636d5e3-2af1-4d54-a60f-9db1f562b009",
- "name" : "upn",
- "protocol" : "openid-connect",
- "protocolMapper" : "oidc-usermodel-attribute-mapper",
- "consentRequired" : false,
- "config" : {
- "introspection.token.claim" : "true",
- "userinfo.token.claim" : "true",
- "user.attribute" : "username",
- "id.token.claim" : "true",
- "access.token.claim" : "true",
- "claim.name" : "upn",
- "jsonType.label" : "String"
- }
- } ]
- }, {
- "id" : "1124b695-1319-45aa-bc1b-ec0b2cf99b9e",
- "name" : "acr",
- "description" : "OpenID Connect scope for add acr (authentication context class reference) to the token",
- "protocol" : "openid-connect",
- "attributes" : {
- "include.in.token.scope" : "false",
- "display.on.consent.screen" : "false"
- },
- "protocolMappers" : [ {
- "id" : "0e17d8d7-fb11-4b31-8023-d29611f7d492",
- "name" : "acr loa level",
- "protocol" : "openid-connect",
- "protocolMapper" : "oidc-acr-mapper",
- "consentRequired" : false,
- "config" : {
- "id.token.claim" : "true",
- "introspection.token.claim" : "true",
- "access.token.claim" : "true",
- "userinfo.token.claim" : "true"
- }
- } ]
- }, {
- "id" : "cc53d998-1eac-4574-9bec-58110d92d282",
- "name" : "web-origins",
- "description" : "OpenID Connect scope for add allowed web origins to the access token",
- "protocol" : "openid-connect",
- "attributes" : {
- "include.in.token.scope" : "false",
- "consent.screen.text" : "",
- "display.on.consent.screen" : "false"
- },
- "protocolMappers" : [ {
- "id" : "635cbac1-7cab-43bd-99fc-f7084aca2fa2",
- "name" : "allowed web origins",
- "protocol" : "openid-connect",
- "protocolMapper" : "oidc-allowed-origins-mapper",
- "consentRequired" : false,
- "config" : {
- "introspection.token.claim" : "true",
- "access.token.claim" : "true"
- }
- } ]
- }, {
- "id" : "2c901d49-bb6d-44a7-8835-1229b655ccfa",
- "name" : "saml_organization",
- "description" : "Organization Membership",
- "protocol" : "saml",
- "attributes" : {
- "display.on.consent.screen" : "false"
- },
- "protocolMappers" : [ {
- "id" : "60ad6a87-646d-4c9e-932e-34ab1ac51fcb",
- "name" : "organization",
- "protocol" : "saml",
- "protocolMapper" : "saml-organization-membership-mapper",
- "consentRequired" : false,
- "config" : { }
- } ]
- }, {
- "id" : "943d1441-ee61-4ab5-b5bd-de3c5f8ff25f",
- "name" : "roles",
- "description" : "OpenID Connect scope for add user roles to the access token",
- "protocol" : "openid-connect",
- "attributes" : {
- "include.in.token.scope" : "false",
- "consent.screen.text" : "${rolesScopeConsentText}",
- "display.on.consent.screen" : "true"
- },
- "protocolMappers" : [ {
- "id" : "2b5a3df4-1adb-402d-bc28-2bd43224e682",
- "name" : "realm roles",
- "protocol" : "openid-connect",
- "protocolMapper" : "oidc-usermodel-realm-role-mapper",
- "consentRequired" : false,
- "config" : {
- "user.attribute" : "foo",
- "introspection.token.claim" : "true",
- "access.token.claim" : "true",
- "claim.name" : "realm_access.roles",
- "jsonType.label" : "String",
- "multivalued" : "true"
- }
- }, {
- "id" : "f3b60071-ef26-48a7-9554-67f62f84d543",
- "name" : "client roles",
- "protocol" : "openid-connect",
- "protocolMapper" : "oidc-usermodel-client-role-mapper",
- "consentRequired" : false,
- "config" : {
- "user.attribute" : "foo",
- "introspection.token.claim" : "true",
- "access.token.claim" : "true",
- "claim.name" : "resource_access.${client_id}.roles",
- "jsonType.label" : "String",
- "multivalued" : "true"
- }
- }, {
- "id" : "b757200e-494a-4585-857e-e4c18aef7a0c",
- "name" : "audience resolve",
- "protocol" : "openid-connect",
- "protocolMapper" : "oidc-audience-resolve-mapper",
- "consentRequired" : false,
- "config" : {
- "introspection.token.claim" : "true",
- "access.token.claim" : "true"
- }
- } ]
- }, {
- "id" : "4509fb3c-a899-49ad-b690-b031f9568888",
- "name" : "email",
- "description" : "OpenID Connect built-in scope: email",
- "protocol" : "openid-connect",
- "attributes" : {
- "include.in.token.scope" : "true",
- "consent.screen.text" : "${emailScopeConsentText}",
- "display.on.consent.screen" : "true"
- },
- "protocolMappers" : [ {
- "id" : "e18769b3-778b-47d8-be52-dd2769deebd1",
- "name" : "email",
- "protocol" : "openid-connect",
- "protocolMapper" : "oidc-usermodel-attribute-mapper",
- "consentRequired" : false,
- "config" : {
- "introspection.token.claim" : "true",
- "userinfo.token.claim" : "true",
- "user.attribute" : "email",
- "id.token.claim" : "true",
- "access.token.claim" : "true",
- "claim.name" : "email",
- "jsonType.label" : "String"
- }
- }, {
- "id" : "d98c5037-5178-4cc5-8e22-ca6cf0cb169e",
- "name" : "email verified",
- "protocol" : "openid-connect",
- "protocolMapper" : "oidc-usermodel-property-mapper",
- "consentRequired" : false,
- "config" : {
- "introspection.token.claim" : "true",
- "userinfo.token.claim" : "true",
- "user.attribute" : "emailVerified",
- "id.token.claim" : "true",
- "access.token.claim" : "true",
- "claim.name" : "email_verified",
- "jsonType.label" : "boolean"
- }
- } ]
- }, {
- "id" : "6e14db34-285a-47ae-8b43-b3dcf10ae7f8",
- "name" : "phone",
- "description" : "OpenID Connect built-in scope: phone",
- "protocol" : "openid-connect",
- "attributes" : {
- "include.in.token.scope" : "true",
- "consent.screen.text" : "${phoneScopeConsentText}",
- "display.on.consent.screen" : "true"
- },
- "protocolMappers" : [ {
- "id" : "98cc724c-3f53-47f7-bf9f-baf2f7e08026",
- "name" : "phone number verified",
- "protocol" : "openid-connect",
- "protocolMapper" : "oidc-usermodel-attribute-mapper",
- "consentRequired" : false,
- "config" : {
- "introspection.token.claim" : "true",
- "userinfo.token.claim" : "true",
- "user.attribute" : "phoneNumberVerified",
- "id.token.claim" : "true",
- "access.token.claim" : "true",
- "claim.name" : "phone_number_verified",
- "jsonType.label" : "boolean"
- }
- }, {
- "id" : "716a7b58-dcf4-4557-9f84-d21ca19630fb",
- "name" : "phone number",
- "protocol" : "openid-connect",
- "protocolMapper" : "oidc-usermodel-attribute-mapper",
- "consentRequired" : false,
- "config" : {
- "introspection.token.claim" : "true",
- "userinfo.token.claim" : "true",
- "user.attribute" : "phoneNumber",
- "id.token.claim" : "true",
- "access.token.claim" : "true",
- "claim.name" : "phone_number",
- "jsonType.label" : "String"
- }
- } ]
- } ],
- "defaultDefaultClientScopes" : [ "role_list", "saml_organization", "profile", "email", "roles", "web-origins", "acr", "basic" ],
- "defaultOptionalClientScopes" : [ "offline_access", "address", "phone", "microprofile-jwt", "organization" ],
- "browserSecurityHeaders" : {
- "contentSecurityPolicyReportOnly" : "",
- "xContentTypeOptions" : "nosniff",
- "referrerPolicy" : "no-referrer",
- "xRobotsTag" : "none",
- "xFrameOptions" : "SAMEORIGIN",
- "contentSecurityPolicy" : "frame-src 'self'; frame-ancestors 'self'; object-src 'none';",
- "xXSSProtection" : "1; mode=block",
- "strictTransportSecurity" : "max-age=31536000; includeSubDomains"
- },
- "smtpServer" : { },
- "eventsEnabled" : false,
- "eventsListeners" : [ "jboss-logging" ],
- "enabledEventTypes" : [ ],
- "adminEventsEnabled" : false,
- "adminEventsDetailsEnabled" : false,
- "identityProviders" : [ ],
- "identityProviderMappers" : [ ],
- "components" : {
- "org.keycloak.services.clientregistration.policy.ClientRegistrationPolicy" : [ {
- "id" : "f2a52e27-5582-4ca4-b20c-1864b8339b16",
- "name" : "Trusted Hosts",
- "providerId" : "trusted-hosts",
- "subType" : "anonymous",
- "subComponents" : { },
- "config" : {
- "host-sending-registration-request-must-match" : [ "true" ],
- "client-uris-must-match" : [ "true" ]
- }
- }, {
- "id" : "95b33704-ec30-4988-b018-f73d8bcf71b5",
- "name" : "Full Scope Disabled",
- "providerId" : "scope",
- "subType" : "anonymous",
- "subComponents" : { },
- "config" : { }
- }, {
- "id" : "d1114c75-d0b0-4584-a89f-a4e70eab2cd7",
- "name" : "Consent Required",
- "providerId" : "consent-required",
- "subType" : "anonymous",
- "subComponents" : { },
- "config" : { }
- }, {
- "id" : "6b0202cc-e70e-46da-869b-36ad59907239",
- "name" : "Allowed Protocol Mapper Types",
- "providerId" : "allowed-protocol-mappers",
- "subType" : "anonymous",
- "subComponents" : { },
- "config" : {
- "allowed-protocol-mapper-types" : [ "oidc-usermodel-property-mapper", "saml-role-list-mapper", "oidc-sha256-pairwise-sub-mapper", "oidc-full-name-mapper", "oidc-usermodel-attribute-mapper", "saml-user-attribute-mapper", "oidc-address-mapper", "saml-user-property-mapper" ]
- }
- }, {
- "id" : "4b976576-c880-48a0-9b4d-2956cfd19b4a",
- "name" : "Allowed Protocol Mapper Types",
- "providerId" : "allowed-protocol-mappers",
- "subType" : "authenticated",
- "subComponents" : { },
- "config" : {
- "allowed-protocol-mapper-types" : [ "oidc-sha256-pairwise-sub-mapper", "saml-user-property-mapper", "oidc-address-mapper", "oidc-full-name-mapper", "saml-role-list-mapper", "oidc-usermodel-attribute-mapper", "oidc-usermodel-property-mapper", "saml-user-attribute-mapper" ]
- }
- }, {
- "id" : "e1861ec9-2761-46fb-8048-149492269ff0",
- "name" : "Allowed Client Scopes",
- "providerId" : "allowed-client-templates",
- "subType" : "anonymous",
- "subComponents" : { },
- "config" : {
- "allow-default-scopes" : [ "true" ]
- }
- }, {
- "id" : "51b3aa61-e453-4e0b-bfe1-aefd8353ea06",
- "name" : "Max Clients Limit",
- "providerId" : "max-clients",
- "subType" : "anonymous",
- "subComponents" : { },
- "config" : {
- "max-clients" : [ "200" ]
- }
- }, {
- "id" : "851cf8c2-ffe8-4a37-8a12-df04f724c90b",
- "name" : "Allowed Client Scopes",
- "providerId" : "allowed-client-templates",
- "subType" : "authenticated",
- "subComponents" : { },
- "config" : {
- "allow-default-scopes" : [ "true" ]
- }
- } ],
- "org.keycloak.userprofile.UserProfileProvider" : [ {
- "id" : "34049725-5a66-456c-b895-87ca7c11bb6b",
- "providerId" : "declarative-user-profile",
- "subComponents" : { },
- "config" : {
- "kc.user.profile.config" : [ "{\"attributes\":[{\"name\":\"username\",\"displayName\":\"${username}\",\"validations\":{\"length\":{\"min\":3,\"max\":255},\"username-prohibited-characters\":{},\"up-username-not-idn-homograph\":{}},\"permissions\":{\"view\":[\"admin\",\"user\"],\"edit\":[\"admin\",\"user\"]},\"multivalued\":false},{\"name\":\"email\",\"displayName\":\"${email}\",\"validations\":{\"email\":{},\"length\":{\"max\":255}},\"permissions\":{\"view\":[\"admin\",\"user\"],\"edit\":[\"admin\",\"user\"]},\"multivalued\":false},{\"name\":\"firstName\",\"displayName\":\"${firstName}\",\"validations\":{\"length\":{\"max\":255},\"person-name-prohibited-characters\":{}},\"permissions\":{\"view\":[\"admin\",\"user\"],\"edit\":[\"admin\",\"user\"]},\"multivalued\":false},{\"name\":\"lastName\",\"displayName\":\"${lastName}\",\"validations\":{\"length\":{\"max\":255},\"person-name-prohibited-characters\":{}},\"permissions\":{\"view\":[\"admin\",\"user\"],\"edit\":[\"admin\",\"user\"]},\"multivalued\":false}],\"groups\":[{\"name\":\"user-metadata\",\"displayHeader\":\"User metadata\",\"displayDescription\":\"Attributes, which refer to user metadata\"}]}" ]
- }
- } ],
- "org.keycloak.storage.UserStorageProvider" : [ {
- "id" : "3a6f24e8-128b-4ac1-b3ab-694836db82fd",
- "name" : "Identity Service",
- "providerId" : "ldap",
- "subComponents" : {
- "org.keycloak.storage.ldap.mappers.LDAPStorageMapper" : [ {
- "id" : "bf97cfab-4d53-4994-b3a8-0c771a70467b",
- "name" : "email",
- "providerId" : "user-attribute-ldap-mapper",
- "subComponents" : { },
- "config" : {
- "ldap.attribute" : [ "mail" ],
- "is.mandatory.in.ldap" : [ "false" ],
- "always.read.value.from.ldap" : [ "false" ],
- "read.only" : [ "false" ],
- "user.model.attribute" : [ "email" ]
- }
- }, {
- "id" : "cddffa16-0aff-4e0c-99a2-021f0495de03",
- "name" : "last name",
- "providerId" : "user-attribute-ldap-mapper",
- "subComponents" : { },
- "config" : {
- "ldap.attribute" : [ "sn" ],
- "is.mandatory.in.ldap" : [ "true" ],
- "always.read.value.from.ldap" : [ "true" ],
- "read.only" : [ "false" ],
- "user.model.attribute" : [ "lastName" ]
- }
- }, {
- "id" : "4eaae3fa-d280-4605-b09d-1caeb881322c",
- "name" : "modify date",
- "providerId" : "user-attribute-ldap-mapper",
- "subComponents" : { },
- "config" : {
- "ldap.attribute" : [ "modifyTimestamp" ],
- "is.mandatory.in.ldap" : [ "false" ],
- "read.only" : [ "true" ],
- "always.read.value.from.ldap" : [ "true" ],
- "user.model.attribute" : [ "modifyTimestamp" ]
- }
- }, {
- "id" : "98c4a2c1-d509-443b-8475-fc971c193324",
- "name" : "first name",
- "providerId" : "user-attribute-ldap-mapper",
- "subComponents" : { },
- "config" : {
- "ldap.attribute" : [ "cn" ],
- "is.mandatory.in.ldap" : [ "true" ],
- "always.read.value.from.ldap" : [ "true" ],
- "read.only" : [ "false" ],
- "user.model.attribute" : [ "firstName" ]
- }
- }, {
- "id" : "74dbebb4-9881-4be1-8b30-6b0f2a718c86",
- "name" : "username",
- "providerId" : "user-attribute-ldap-mapper",
- "subComponents" : { },
- "config" : {
- "ldap.attribute" : [ "uid" ],
- "is.mandatory.in.ldap" : [ "true" ],
- "always.read.value.from.ldap" : [ "false" ],
- "read.only" : [ "false" ],
- "user.model.attribute" : [ "username" ]
- }
- }, {
- "id" : "5692d060-55b8-4cb1-b68f-0ae123cd9d03",
- "name" : "system",
- "providerId" : "group-ldap-mapper",
- "subComponents" : { },
- "config" : {
- "mode" : [ "LDAP_ONLY" ],
- "membership.attribute.type" : [ "DN" ],
- "user.roles.retrieve.strategy" : [ "LOAD_GROUPS_BY_MEMBER_ATTRIBUTE" ],
- "group.name.ldap.attribute" : [ "cn" ],
- "ignore.missing.groups" : [ "false" ],
- "membership.user.ldap.attribute" : [ "uid" ],
- "preserve.group.inheritance" : [ "false" ],
- "membership.ldap.attribute" : [ "member" ],
- "groups.dn" : [ "ou=users,dc=dbrepo,dc=at" ],
- "memberof.ldap.attribute" : [ "memberOf" ],
- "group.object.classes" : [ "groupOfNames" ],
- "drop.non.existing.groups.during.sync" : [ "false" ],
- "groups.path" : [ "/" ]
- }
- }, {
- "id" : "0453ae29-3cdc-4e09-800e-0117e7a2fb68",
- "name" : "creation date",
- "providerId" : "user-attribute-ldap-mapper",
- "subComponents" : { },
- "config" : {
- "ldap.attribute" : [ "createTimestamp" ],
- "is.mandatory.in.ldap" : [ "false" ],
- "read.only" : [ "true" ],
- "always.read.value.from.ldap" : [ "true" ],
- "user.model.attribute" : [ "createTimestamp" ]
- }
- } ]
- },
- "config" : {
- "pagination" : [ "false" ],
- "fullSyncPeriod" : [ "-1" ],
- "startTls" : [ "false" ],
- "connectionPooling" : [ "false" ],
- "usersDn" : [ "ou=users,{{ .Values.identityservice.global.ldapDomain }}" ],
- "cachePolicy" : [ "DEFAULT" ],
- "useKerberosForPasswordAuthentication" : [ "false" ],
- "importEnabled" : [ "true" ],
- "enabled" : [ "true" ],
- "changedSyncPeriod" : [ "-1" ],
- "usernameLDAPAttribute" : [ "uid" ],
- "bindCredential" : [ "{{ .Values.identityservice.global.adminPassword }}" ],
- "bindDn" : [ "cn={{ .Values.identityservice.global.adminUser }},{{ .Values.identityservice.global.ldapDomain }}" ],
- "vendor" : [ "other" ],
- "uuidLDAPAttribute" : [ "entryUUID" ],
- "allowKerberosAuthentication" : [ "false" ],
- "connectionUrl" : [ "ldap://identity-service:389" ],
- "syncRegistrations" : [ "true" ],
- "authType" : [ "simple" ],
- "krbPrincipalAttribute" : [ "krb5PrincipalName" ],
- "searchScope" : [ "1" ],
- "useTruststoreSpi" : [ "always" ],
- "usePasswordModifyExtendedOp" : [ "false" ],
- "trustEmail" : [ "false" ],
- "userObjectClasses" : [ "inetOrgPerson, organizationalPerson, person" ],
- "rdnLDAPAttribute" : [ "uid" ],
- "editMode" : [ "READ_ONLY" ],
- "validatePasswordPolicy" : [ "false" ]
- }
- } ],
- "org.keycloak.keys.KeyProvider" : [ {
- "id" : "5b1052d2-fb71-47d2-86f9-908c869c8d1b",
- "name" : "hmac-generated-hs512",
- "providerId" : "hmac-generated",
- "subComponents" : { },
- "config" : {
- "kid" : [ "dff6ccc5-bd9b-467c-8e93-0fe51d353eaf" ],
- "secret" : [ "Q8srw06SZoVO9ZJtKsfKPZyg8O7w01pLMv-CVMbxhBNXJ2lldqKmDgYxHBWnyeIYjXsp2M_Q-SQh1MZc7THyJJpFpRvqN8q9ZgUyWv3GZ-TH7Cez7aeg-WEQrWywBTFfacu_VjmDxucinZoJTWLaH9NNdCcZSMeuBHyM1V__BeE" ],
- "priority" : [ "100" ],
- "algorithm" : [ "HS512" ]
- }
- }, {
- "id" : "fd48cdb1-8be8-4ac9-9347-dc3e91db95d7",
- "name" : "rsa-enc-generated",
- "providerId" : "rsa-enc-generated",
- "subComponents" : { },
- "config" : {
- "privateKey" : [ "MIIEpAIBAAKCAQEA3ZslFoBBYiRi9ZF9uMllfkL6ZDheVTSDTPgQar/ueThttbnovNEJ5W2xIJrSPJkN5yuq55zycwr8IzMjBPt9DLbKxqHmaUm2YkO3MMPdQGLoI8j8no6IB74qKBxpyUoEDXmmUaE02u+QkuBohhBuBSyvzktWzv25giXVxzwFqzmRx6aJXvZSKuE6fBqbIA+hxit6Wm35OkLNl6UKDDI1WmhAuaNwV/UUsJvOWW2QFAosLCr7bevrIX+mHWUimiTcBQC/hW6K391dA0LczHHGJ//74r/OeXvF4ODBdFSl1NuamgRGZnRD7pjTtp57mutwWm+bSWo2/DrCFQfjfVKhkQIDAQABAoIBAA+zk+ult7w/7sEOh3Vl06qgDUS3l7t6xojYFLWzlq6BGIjlPL/QId7fKEsynQ3NHGaSOgBCJw2OrDHESElslj4l33U2eHBiWClbOeobHpyWxXLvpTKIz8uYpj0EUlyAQYxA389t2CRhEAHQI6fIFzuHoIdB4Es3QAMgMib1MkOg5VGsuV1LE8HcK44uFBOWXeQmEuasMQqmvAwj9M2yS6xjsxq0nS381PY1JYR7suhmOyvyZas/YvmltOVvQczwzW/MfMGga14YoJyAAz/7VZXCgVTs1ffHg9ET6s1PkNwVNTDAGriMG7GtN40UFEukS5cb2SRIJdg89DnHxHoNQ3cCgYEA+QIaUDuzgN+0D1ydYnCbTDwolHtBce7EUkOpaJRXyfwsrf/m8/bx302JSQLXs9zd9B3VwHWQIDQElAKcE/nbqUJPZLvjAWuSU/viLljGab5++mLKQ537UEV74msFj5rxwulzvQQ0owPsf/gHgTQ27ds/fWufywWpSCr/0+aE+NsCgYEA49QShQ1LakkAtckJYJ5W5TycDHMj1WV5GHUy9SX6fDNK9HpL1RQv5RY2yNa5nlpy5Izv5LzQb+6vAGZcfdd3WXv934k5qwAh+prmorWS2gXEbQJAan1BsApjFgtbJqyxLjhHywlG3W9Eh+HImlLTUKnx/3tr3Yn4vP7YAA1ZVQMCgYB+uZQ8qvWCq9aOTtsGAzr1xFP+pO+8lQAywZ6Qy5YWBJGUh/y4wj98HpC0qI6wScJnf1uOVAZibTa7QMy/2dPxwv52zKwNx/ozZahJYAKyRDGJKge3+8mvo30V0NOGrxtEz9yIIIDNSaztv4PKPJGL4Z3hLYmoIBxzzvZdmB6qKwKBgQDKqOYEduwD0oaQLhFqYc8YQU7qgC168LXEfNRkX3EutA3T5Um5dCialqULCH67Dugux/PJO/AJ8X64U1WpF1ZyQip1gsLKiuau3sWULQJBcGnnMd6NG3ioGMVFYbqmb214mNW8FTd1WDnUyZJBPLX+hf3fbjFoMwgRTnxjp3w0cwKBgQDxnYNXZqVPJsDDqW23+uj66b0n1oamhe/hl6zm2uhhq5hXXIRbRPqCWznZvm6eD/kcvknrNYopsb90RkJYjl9povaIFrSWH28QEaTHIzJmW0tKOxL0bQo05AmRXLnW2vlBafno6ZQGFAotnIIJLwzU9Tu2PwRQ83ypP1mvWowXzA==" ],
- "certificate" : [ "MIICmzCCAYMCBgGUfz5NvjANBgkqhkiG9w0BAQsFADARMQ8wDQYDVQQDDAZtYXN0ZXIwHhcNMjUwMTE5MTU0NDM3WhcNMzUwMTE5MTU0NjE3WjARMQ8wDQYDVQQDDAZtYXN0ZXIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDdmyUWgEFiJGL1kX24yWV+QvpkOF5VNINM+BBqv+55OG21uei80QnlbbEgmtI8mQ3nK6rnnPJzCvwjMyME+30MtsrGoeZpSbZiQ7cww91AYugjyPyejogHviooHGnJSgQNeaZRoTTa75CS4GiGEG4FLK/OS1bO/bmCJdXHPAWrOZHHpole9lIq4Tp8GpsgD6HGK3pabfk6Qs2XpQoMMjVaaEC5o3BX9RSwm85ZbZAUCiwsKvtt6+shf6YdZSKaJNwFAL+Fborf3V0DQtzMccYn//viv855e8Xg4MF0VKXU25qaBEZmdEPumNO2nnua63Bab5tJajb8OsIVB+N9UqGRAgMBAAEwDQYJKoZIhvcNAQELBQADggEBALGWVRlB9zbRWtv9fgxyWEzPqcZeyILAp0//bC4Y+EEe1fS5EfgP/J5U7j0DNt2Sc87uVkGCOGjTx7du6a/9uPA4ULMLUQO0Xusz41YrntjLWdWveLDmcqEYfF52qJQRhX7iYGGGG1Iq6Ju/1dfiX3nBD/RnVVHHf5s8QY0v0V/AnfWVaj3eFA8tybx1VsD7A8Whm7jgcQTOqu2L5F4gw4BwDDkCIYhkJcfPu1pvM+R3eDmXN8rTEVnNcCtvLFtTlBcmHhYnCYJaNHiSquKs5wDuDE6crBPgWfzzk2XHKLpmamdFyjzL8WFUmhnypQfwBNjnsgAl2U059bQz1fyBIlM=" ],
- "priority" : [ "100" ],
- "algorithm" : [ "RSA-OAEP" ]
- }
- }, {
- "id" : "0ff03eb6-b43b-4065-b583-9e310f53a573",
- "name" : "rsa-generated",
- "providerId" : "rsa-generated",
- "subComponents" : { },
- "config" : {
- "privateKey" : [ "MIIEogIBAAKCAQEAsetSXQJDd0r9Cv6hB/QyQ7DlVXAQeRuwasOTF5Eoez0mTuW1DGraTIttZwPOYMxvDOs4c9/+0QA9DNUtc4PHGXPB0WxuKDSikkVlPtyqOnrcaSYYArhHkYU727M+8r+vIhtToYB/g88mlMH4JfL0tUJQGlnOrDxUUP7RiWAbzQ33JDAAyV6HUOm1SgNH61V6z8a06m9NL//trN2PeILqNt/DT7iwTd+bmNQZzw+wSVTGR4K3O5sjWjRHvihAxvOCKvyzpYnbQ5AM/GpXOmahpuOQ45LebSYHlU7YSUVXH8Q2yLefjRCZ0H0mkRDx+yBr/vkKhF5vqv+lH3qKA6H6jQIDAQABAoIBAFdLSWb/BFEUhuENG79GTh8uPOdVi4+QSVeoy5PFkeIdl50gUVtdVew2gKAJmwmdZGMnSdR4s5KiFlIkih9iKZ7QT+lL1SR+5sDzsYBNTmxQ+bHRkfhLqDm68CqUYK9D407Nr5PO80GdsqVMIk+kS/JfLeQv6hpRo2D2FaLcd+d8Pzp72qgCcRTLGKzjPEv+ffA9eL6smP+E3/m54YS7e3jwMyVdl4IXAKBjPMkdtKMWnuGxHnPrZ71A1LJjL4un4N8HjIMGDCyFFkCvPE7FhzpdN249VF29QTfU+QHjiKC0O6nej/A+4kIbWjDF+YmmSEJRSKfk7SVuzs4XnBfsz7UCgYEA6zW+Sud2qos5/DQUUWTleKfqhaEzVvy2pWMXUqaHzvPu7NsaLl+DbEIRvoxJzqdWfwwnWIrD6kGU8GVa1I8RLKK3JS681R6Pw/Ih5JKw9n5lkD+gIpE5ryENQ5jGdwFRUTpJxKY2aPUve7PsyM5flau2d3eo/4SXIRy1pCMcAgMCgYEAwaU44XDH54rLVFuSpg6ck7uSxb15987AECW1z6n/oIAw0reVvCvp8tInk6owKRqvxVCM3W/B0UQONGDmcCcK1GoaO+hJZV/t+c9NAHrna2t10+bHRHwYLG9FUu/hWKtLsxqathsEXdS02m6y6jX3UWuR6Qwz2XYH7PWS3/EHNC8CgYA//qxapuVTe3P4WZcZmjERBea6GuTkCvgKwY4r76FNvnLIQMi7y0Lvpn47cOH39vGCuaTO41pwlw1V5s2yvYY3tcHMvQ2lkp4c+vkbvomlVzh86cLBBPBD5OM9/AgrgtFEH27IsUxmfCdCKe8Hp5a8Gy8XDBiQBNw1pyEImoDZTwKBgCU+nwMVSw2or1TpS/puYwUzFZa8y8Gy3VP9vMtVOhpnrXxJ3R3VIGkYrI4FNMAjJt1/kahhf1i9izHd1VSK3dVfFu6gzcUWv1HF4lyORwZtI7t+7qKob4nUWPQLuT7xq1ymaE1QQvW9HI/KrNTJTmk1lFnLhAl2Xy3fScGSvTz3AoGABYA6e1Ksiex2Iv37f16l6lo6hfbUKIoAooyrTKjwqpWGaFtDBQxTNaOR93APjg1rX+wtcwMpl1ABpsf2a1DoRJBItH1oE7q6ZDJ/qz2BnJkH8TvDy89Cbe/8R2vwQIsE7rDzW3Ivfx2KN//iKHAA6BEqf3m2p4u2Dqient5XC9M=" ],
- "certificate" : [ "MIICmzCCAYMCBgGUfz5OEDANBgkqhkiG9w0BAQsFADARMQ8wDQYDVQQDDAZtYXN0ZXIwHhcNMjUwMTE5MTU0NDM3WhcNMzUwMTE5MTU0NjE3WjARMQ8wDQYDVQQDDAZtYXN0ZXIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCx61JdAkN3Sv0K/qEH9DJDsOVVcBB5G7Bqw5MXkSh7PSZO5bUMatpMi21nA85gzG8M6zhz3/7RAD0M1S1zg8cZc8HRbG4oNKKSRWU+3Ko6etxpJhgCuEeRhTvbsz7yv68iG1OhgH+DzyaUwfgl8vS1QlAaWc6sPFRQ/tGJYBvNDfckMADJXodQ6bVKA0frVXrPxrTqb00v/+2s3Y94guo238NPuLBN35uY1BnPD7BJVMZHgrc7myNaNEe+KEDG84Iq/LOlidtDkAz8alc6ZqGm45Djkt5tJgeVTthJRVcfxDbIt5+NEJnQfSaREPH7IGv++QqEXm+q/6UfeooDofqNAgMBAAEwDQYJKoZIhvcNAQELBQADggEBADmCns7tVOSdgo8sdJ/pviO1wjbmsNdg8vwn2uTsPesYLTya9iaIXVfjvhM2jOqoglIGp2/udjphOJvJapmpPmr7v6jPSrzW6phW4NP75scWR61gr9a+HKGA2imA/UwRPbb4gV3sIkIZtzlAiBJ7mItQ3C4gg3UpzwFkCxeUVPira0zq87T0p3c8b2QaUdsqhnpHUlB1KeSKstGgrUShZbOh0/Qzu+Fkw+CPsbshlRpCzpL5gwz8YolLeAl9E+qXH2fbugc+gvJyxciN6bn5tMa8QwV833jYSUdt3f+P+BwVCWG1XbkbzLTxd3JWB5JNXtEzXpylnRgtTydLDTZyC3c=" ],
- "priority" : [ "100" ]
- }
- }, {
- "id" : "df28b561-7463-4927-974d-615618056b41",
- "name" : "aes-generated",
- "providerId" : "aes-generated",
- "subComponents" : { },
- "config" : {
- "kid" : [ "04a0e3ff-030f-4d22-a125-449f1541b83c" ],
- "secret" : [ "uhC2E9sCbuigVhRLbnCmCQ" ],
- "priority" : [ "100" ]
- }
- } ]
- },
- "internationalizationEnabled" : false,
- "supportedLocales" : [ ],
- "authenticationFlows" : [ {
- "id" : "2e13d5a8-b0fb-475b-8991-66d1cc8e99f1",
- "alias" : "Account verification options",
- "description" : "Method with which to verity the existing account",
- "providerId" : "basic-flow",
- "topLevel" : false,
- "builtIn" : true,
- "authenticationExecutions" : [ {
- "authenticator" : "idp-email-verification",
- "authenticatorFlow" : false,
- "requirement" : "ALTERNATIVE",
- "priority" : 10,
- "autheticatorFlow" : false,
- "userSetupAllowed" : false
- }, {
- "authenticatorFlow" : true,
- "requirement" : "ALTERNATIVE",
- "priority" : 20,
- "autheticatorFlow" : true,
- "flowAlias" : "Verify Existing Account by Re-authentication",
- "userSetupAllowed" : false
- } ]
- }, {
- "id" : "0bf3a099-5ef5-4ea9-b325-5bc9699180a6",
- "alias" : "Browser - Conditional OTP",
- "description" : "Flow to determine if the OTP is required for the authentication",
- "providerId" : "basic-flow",
- "topLevel" : false,
- "builtIn" : true,
- "authenticationExecutions" : [ {
- "authenticator" : "conditional-user-configured",
- "authenticatorFlow" : false,
- "requirement" : "REQUIRED",
- "priority" : 10,
- "autheticatorFlow" : false,
- "userSetupAllowed" : false
- }, {
- "authenticator" : "auth-otp-form",
- "authenticatorFlow" : false,
- "requirement" : "REQUIRED",
- "priority" : 20,
- "autheticatorFlow" : false,
- "userSetupAllowed" : false
- } ]
- }, {
- "id" : "88ca29ab-cbe0-4e3f-938a-e6c5327748ab",
- "alias" : "Direct Grant - Conditional OTP",
- "description" : "Flow to determine if the OTP is required for the authentication",
- "providerId" : "basic-flow",
- "topLevel" : false,
- "builtIn" : true,
- "authenticationExecutions" : [ {
- "authenticator" : "conditional-user-configured",
- "authenticatorFlow" : false,
- "requirement" : "REQUIRED",
- "priority" : 10,
- "autheticatorFlow" : false,
- "userSetupAllowed" : false
- }, {
- "authenticator" : "direct-grant-validate-otp",
- "authenticatorFlow" : false,
- "requirement" : "REQUIRED",
- "priority" : 20,
- "autheticatorFlow" : false,
- "userSetupAllowed" : false
- } ]
- }, {
- "id" : "789e7d43-bc05-44d2-8c09-de7fee9d56de",
- "alias" : "First broker login - Conditional OTP",
- "description" : "Flow to determine if the OTP is required for the authentication",
- "providerId" : "basic-flow",
- "topLevel" : false,
- "builtIn" : true,
- "authenticationExecutions" : [ {
- "authenticator" : "conditional-user-configured",
- "authenticatorFlow" : false,
- "requirement" : "REQUIRED",
- "priority" : 10,
- "autheticatorFlow" : false,
- "userSetupAllowed" : false
- }, {
- "authenticator" : "auth-otp-form",
- "authenticatorFlow" : false,
- "requirement" : "REQUIRED",
- "priority" : 20,
- "autheticatorFlow" : false,
- "userSetupAllowed" : false
- } ]
- }, {
- "id" : "ee145b84-2b30-438e-9cee-6fe90909af1a",
- "alias" : "Handle Existing Account",
- "description" : "Handle what to do if there is existing account with same email/username like authenticated identity provider",
- "providerId" : "basic-flow",
- "topLevel" : false,
- "builtIn" : true,
- "authenticationExecutions" : [ {
- "authenticator" : "idp-confirm-link",
- "authenticatorFlow" : false,
- "requirement" : "REQUIRED",
- "priority" : 10,
- "autheticatorFlow" : false,
- "userSetupAllowed" : false
- }, {
- "authenticatorFlow" : true,
- "requirement" : "REQUIRED",
- "priority" : 20,
- "autheticatorFlow" : true,
- "flowAlias" : "Account verification options",
- "userSetupAllowed" : false
- } ]
- }, {
- "id" : "853d891a-0009-443c-91c3-a7f1ad1dd0dc",
- "alias" : "Reset - Conditional OTP",
- "description" : "Flow to determine if the OTP should be reset or not. Set to REQUIRED to force.",
- "providerId" : "basic-flow",
- "topLevel" : false,
- "builtIn" : true,
- "authenticationExecutions" : [ {
- "authenticator" : "conditional-user-configured",
- "authenticatorFlow" : false,
- "requirement" : "REQUIRED",
- "priority" : 10,
- "autheticatorFlow" : false,
- "userSetupAllowed" : false
- }, {
- "authenticator" : "reset-otp",
- "authenticatorFlow" : false,
- "requirement" : "REQUIRED",
- "priority" : 20,
- "autheticatorFlow" : false,
- "userSetupAllowed" : false
- } ]
- }, {
- "id" : "d7f13a9b-a13c-4236-ae41-df8da7e5fa8d",
- "alias" : "User creation or linking",
- "description" : "Flow for the existing/non-existing user alternatives",
- "providerId" : "basic-flow",
- "topLevel" : false,
- "builtIn" : true,
- "authenticationExecutions" : [ {
- "authenticatorConfig" : "create unique user config",
- "authenticator" : "idp-create-user-if-unique",
- "authenticatorFlow" : false,
- "requirement" : "ALTERNATIVE",
- "priority" : 10,
- "autheticatorFlow" : false,
- "userSetupAllowed" : false
- }, {
- "authenticatorFlow" : true,
- "requirement" : "ALTERNATIVE",
- "priority" : 20,
- "autheticatorFlow" : true,
- "flowAlias" : "Handle Existing Account",
- "userSetupAllowed" : false
- } ]
- }, {
- "id" : "3cb699ee-11d4-44be-878b-a183b9e96b59",
- "alias" : "Verify Existing Account by Re-authentication",
- "description" : "Reauthentication of existing account",
- "providerId" : "basic-flow",
- "topLevel" : false,
- "builtIn" : true,
- "authenticationExecutions" : [ {
- "authenticator" : "idp-username-password-form",
- "authenticatorFlow" : false,
- "requirement" : "REQUIRED",
- "priority" : 10,
- "autheticatorFlow" : false,
- "userSetupAllowed" : false
- }, {
- "authenticatorFlow" : true,
- "requirement" : "CONDITIONAL",
- "priority" : 20,
- "autheticatorFlow" : true,
- "flowAlias" : "First broker login - Conditional OTP",
- "userSetupAllowed" : false
- } ]
- }, {
- "id" : "61d5a1e2-7074-41ad-97bf-e5c41c70989e",
- "alias" : "browser",
- "description" : "Browser based authentication",
- "providerId" : "basic-flow",
- "topLevel" : true,
- "builtIn" : true,
- "authenticationExecutions" : [ {
- "authenticator" : "auth-cookie",
- "authenticatorFlow" : false,
- "requirement" : "ALTERNATIVE",
- "priority" : 10,
- "autheticatorFlow" : false,
- "userSetupAllowed" : false
- }, {
- "authenticator" : "auth-spnego",
- "authenticatorFlow" : false,
- "requirement" : "DISABLED",
- "priority" : 20,
- "autheticatorFlow" : false,
- "userSetupAllowed" : false
- }, {
- "authenticator" : "identity-provider-redirector",
- "authenticatorFlow" : false,
- "requirement" : "ALTERNATIVE",
- "priority" : 25,
- "autheticatorFlow" : false,
- "userSetupAllowed" : false
- }, {
- "authenticatorFlow" : true,
- "requirement" : "ALTERNATIVE",
- "priority" : 30,
- "autheticatorFlow" : true,
- "flowAlias" : "forms",
- "userSetupAllowed" : false
- } ]
- }, {
- "id" : "21dabcf1-8817-4f2d-981a-13239e160b56",
- "alias" : "clients",
- "description" : "Base authentication for clients",
- "providerId" : "client-flow",
- "topLevel" : true,
- "builtIn" : true,
- "authenticationExecutions" : [ {
- "authenticator" : "client-secret",
- "authenticatorFlow" : false,
- "requirement" : "ALTERNATIVE",
- "priority" : 10,
- "autheticatorFlow" : false,
- "userSetupAllowed" : false
- }, {
- "authenticator" : "client-jwt",
- "authenticatorFlow" : false,
- "requirement" : "ALTERNATIVE",
- "priority" : 20,
- "autheticatorFlow" : false,
- "userSetupAllowed" : false
- }, {
- "authenticator" : "client-secret-jwt",
- "authenticatorFlow" : false,
- "requirement" : "ALTERNATIVE",
- "priority" : 30,
- "autheticatorFlow" : false,
- "userSetupAllowed" : false
- }, {
- "authenticator" : "client-x509",
- "authenticatorFlow" : false,
- "requirement" : "ALTERNATIVE",
- "priority" : 40,
- "autheticatorFlow" : false,
- "userSetupAllowed" : false
- } ]
- }, {
- "id" : "a349aeb2-9373-47ec-9381-0c379df56c71",
- "alias" : "direct grant",
- "description" : "OpenID Connect Resource Owner Grant",
- "providerId" : "basic-flow",
- "topLevel" : true,
- "builtIn" : true,
- "authenticationExecutions" : [ {
- "authenticator" : "direct-grant-validate-username",
- "authenticatorFlow" : false,
- "requirement" : "REQUIRED",
- "priority" : 10,
- "autheticatorFlow" : false,
- "userSetupAllowed" : false
- }, {
- "authenticator" : "direct-grant-validate-password",
- "authenticatorFlow" : false,
- "requirement" : "REQUIRED",
- "priority" : 20,
- "autheticatorFlow" : false,
- "userSetupAllowed" : false
- }, {
- "authenticatorFlow" : true,
- "requirement" : "CONDITIONAL",
- "priority" : 30,
- "autheticatorFlow" : true,
- "flowAlias" : "Direct Grant - Conditional OTP",
- "userSetupAllowed" : false
- } ]
- }, {
- "id" : "39b3aa37-4ece-4e31-acbc-79889994713e",
- "alias" : "docker auth",
- "description" : "Used by Docker clients to authenticate against the IDP",
- "providerId" : "basic-flow",
- "topLevel" : true,
- "builtIn" : true,
- "authenticationExecutions" : [ {
- "authenticator" : "docker-http-basic-authenticator",
- "authenticatorFlow" : false,
- "requirement" : "REQUIRED",
- "priority" : 10,
- "autheticatorFlow" : false,
- "userSetupAllowed" : false
- } ]
- }, {
- "id" : "18561349-cc5e-4e5b-bcb2-979645118f96",
- "alias" : "first broker login",
- "description" : "Actions taken after first broker login with identity provider account, which is not yet linked to any Keycloak account",
- "providerId" : "basic-flow",
- "topLevel" : true,
- "builtIn" : true,
- "authenticationExecutions" : [ {
- "authenticatorConfig" : "review profile config",
- "authenticator" : "idp-review-profile",
- "authenticatorFlow" : false,
- "requirement" : "REQUIRED",
- "priority" : 10,
- "autheticatorFlow" : false,
- "userSetupAllowed" : false
- }, {
- "authenticatorFlow" : true,
- "requirement" : "REQUIRED",
- "priority" : 20,
- "autheticatorFlow" : true,
- "flowAlias" : "User creation or linking",
- "userSetupAllowed" : false
- } ]
- }, {
- "id" : "9933f082-3d53-4575-b011-90e6933fb2a1",
- "alias" : "forms",
- "description" : "Username, password, otp and other auth forms.",
- "providerId" : "basic-flow",
- "topLevel" : false,
- "builtIn" : true,
- "authenticationExecutions" : [ {
- "authenticator" : "auth-username-password-form",
- "authenticatorFlow" : false,
- "requirement" : "REQUIRED",
- "priority" : 10,
- "autheticatorFlow" : false,
- "userSetupAllowed" : false
- }, {
- "authenticatorFlow" : true,
- "requirement" : "CONDITIONAL",
- "priority" : 20,
- "autheticatorFlow" : true,
- "flowAlias" : "Browser - Conditional OTP",
- "userSetupAllowed" : false
- } ]
- }, {
- "id" : "00285357-456a-4fd4-b449-ed25253e6364",
- "alias" : "registration",
- "description" : "Registration flow",
- "providerId" : "basic-flow",
- "topLevel" : true,
- "builtIn" : true,
- "authenticationExecutions" : [ {
- "authenticator" : "registration-page-form",
- "authenticatorFlow" : true,
- "requirement" : "REQUIRED",
- "priority" : 10,
- "autheticatorFlow" : true,
- "flowAlias" : "registration form",
- "userSetupAllowed" : false
- } ]
- }, {
- "id" : "b9131fa9-5614-42b4-8353-c6c15e66c2ce",
- "alias" : "registration form",
- "description" : "Registration form",
- "providerId" : "form-flow",
- "topLevel" : false,
- "builtIn" : true,
- "authenticationExecutions" : [ {
- "authenticator" : "registration-user-creation",
- "authenticatorFlow" : false,
- "requirement" : "REQUIRED",
- "priority" : 20,
- "autheticatorFlow" : false,
- "userSetupAllowed" : false
- }, {
- "authenticator" : "registration-password-action",
- "authenticatorFlow" : false,
- "requirement" : "REQUIRED",
- "priority" : 50,
- "autheticatorFlow" : false,
- "userSetupAllowed" : false
- }, {
- "authenticator" : "registration-recaptcha-action",
- "authenticatorFlow" : false,
- "requirement" : "DISABLED",
- "priority" : 60,
- "autheticatorFlow" : false,
- "userSetupAllowed" : false
- }, {
- "authenticator" : "registration-terms-and-conditions",
- "authenticatorFlow" : false,
- "requirement" : "DISABLED",
- "priority" : 70,
- "autheticatorFlow" : false,
- "userSetupAllowed" : false
- } ]
- }, {
- "id" : "424642cc-3a71-4732-ba38-b737179ce37f",
- "alias" : "reset credentials",
- "description" : "Reset credentials for a user if they forgot their password or something",
- "providerId" : "basic-flow",
- "topLevel" : true,
- "builtIn" : true,
- "authenticationExecutions" : [ {
- "authenticator" : "reset-credentials-choose-user",
- "authenticatorFlow" : false,
- "requirement" : "REQUIRED",
- "priority" : 10,
- "autheticatorFlow" : false,
- "userSetupAllowed" : false
- }, {
- "authenticator" : "reset-credential-email",
- "authenticatorFlow" : false,
- "requirement" : "REQUIRED",
- "priority" : 20,
- "autheticatorFlow" : false,
- "userSetupAllowed" : false
- }, {
- "authenticator" : "reset-password",
- "authenticatorFlow" : false,
- "requirement" : "REQUIRED",
- "priority" : 30,
- "autheticatorFlow" : false,
- "userSetupAllowed" : false
- }, {
- "authenticatorFlow" : true,
- "requirement" : "CONDITIONAL",
- "priority" : 40,
- "autheticatorFlow" : true,
- "flowAlias" : "Reset - Conditional OTP",
- "userSetupAllowed" : false
- } ]
- }, {
- "id" : "c8c9c4dc-a39d-4ba6-ad4b-9447a8125349",
- "alias" : "saml ecp",
- "description" : "SAML ECP Profile Authentication Flow",
- "providerId" : "basic-flow",
- "topLevel" : true,
- "builtIn" : true,
- "authenticationExecutions" : [ {
- "authenticator" : "http-basic-authenticator",
- "authenticatorFlow" : false,
- "requirement" : "REQUIRED",
- "priority" : 10,
- "autheticatorFlow" : false,
- "userSetupAllowed" : false
- } ]
- } ],
- "authenticatorConfig" : [ {
- "id" : "49d63952-ca6e-450c-a65f-70388169cb90",
- "alias" : "create unique user config",
- "config" : {
- "require.password.update.after.registration" : "false"
- }
- }, {
- "id" : "5b4f58fc-aff7-4e12-8c48-40aeb3db1432",
- "alias" : "review profile config",
- "config" : {
- "update.profile.on.first.login" : "missing"
- }
- } ],
- "requiredActions" : [ {
- "alias" : "CONFIGURE_TOTP",
- "name" : "Configure OTP",
- "providerId" : "CONFIGURE_TOTP",
- "enabled" : true,
- "defaultAction" : false,
- "priority" : 10,
- "config" : { }
- }, {
- "alias" : "TERMS_AND_CONDITIONS",
- "name" : "Terms and Conditions",
- "providerId" : "TERMS_AND_CONDITIONS",
- "enabled" : false,
- "defaultAction" : false,
- "priority" : 20,
- "config" : { }
- }, {
- "alias" : "UPDATE_PASSWORD",
- "name" : "Update Password",
- "providerId" : "UPDATE_PASSWORD",
- "enabled" : true,
- "defaultAction" : false,
- "priority" : 30,
- "config" : { }
- }, {
- "alias" : "UPDATE_PROFILE",
- "name" : "Update Profile",
- "providerId" : "UPDATE_PROFILE",
- "enabled" : true,
- "defaultAction" : false,
- "priority" : 40,
- "config" : { }
- }, {
- "alias" : "VERIFY_EMAIL",
- "name" : "Verify Email",
- "providerId" : "VERIFY_EMAIL",
- "enabled" : true,
- "defaultAction" : false,
- "priority" : 50,
- "config" : { }
- }, {
- "alias" : "delete_account",
- "name" : "Delete Account",
- "providerId" : "delete_account",
- "enabled" : false,
- "defaultAction" : false,
- "priority" : 60,
- "config" : { }
- }, {
- "alias" : "webauthn-register",
- "name" : "Webauthn Register",
- "providerId" : "webauthn-register",
- "enabled" : true,
- "defaultAction" : false,
- "priority" : 70,
- "config" : { }
- }, {
- "alias" : "webauthn-register-passwordless",
- "name" : "Webauthn Register Passwordless",
- "providerId" : "webauthn-register-passwordless",
- "enabled" : true,
- "defaultAction" : false,
- "priority" : 80,
- "config" : { }
- }, {
- "alias" : "VERIFY_PROFILE",
- "name" : "Verify Profile",
- "providerId" : "VERIFY_PROFILE",
- "enabled" : true,
- "defaultAction" : false,
- "priority" : 90,
- "config" : { }
- }, {
- "alias" : "delete_credential",
- "name" : "Delete Credential",
- "providerId" : "delete_credential",
- "enabled" : true,
- "defaultAction" : false,
- "priority" : 100,
- "config" : { }
- }, {
- "alias" : "update_user_locale",
- "name" : "Update User Locale",
- "providerId" : "update_user_locale",
- "enabled" : true,
- "defaultAction" : false,
- "priority" : 1000,
- "config" : { }
- } ],
- "browserFlow" : "browser",
- "registrationFlow" : "registration",
- "directGrantFlow" : "direct grant",
- "resetCredentialsFlow" : "reset credentials",
- "clientAuthenticationFlow" : "clients",
- "dockerAuthenticationFlow" : "docker auth",
- "firstBrokerLoginFlow" : "first broker login",
- "attributes" : {
- "cibaBackchannelTokenDeliveryMode" : "poll",
- "cibaAuthRequestedUserHint" : "login_hint",
- "clientOfflineSessionMaxLifespan" : "0",
- "oauth2DevicePollingInterval" : "5",
- "clientSessionIdleTimeout" : "0",
- "clientOfflineSessionIdleTimeout" : "0",
- "cibaInterval" : "5",
- "realmReusableOtpCode" : "false",
- "cibaExpiresIn" : "120",
- "oauth2DeviceCodeLifespan" : "600",
- "parRequestUriLifespan" : "60",
- "clientSessionMaxLifespan" : "0",
- "frontendUrl" : "",
- "organizationsEnabled" : "false",
- "acr.loa.map" : "{}"
- },
- "keycloakVersion" : "26.0.4",
- "userManagedAccessAllowed" : false,
- "organizationsEnabled" : false,
- "clientProfiles" : {
- "profiles" : [ ]
- },
- "clientPolicies" : {
- "policies" : [ ]
- }
- }
+ {{ (.Files.Glob "files/dbrepo-realm.json").AsConfig | nindent 2 }}
+ {{ (.Files.Glob "files/master-realm.json").AsConfig | nindent 2 }}
{{- end }}
\ No newline at end of file
diff --git a/helm/dbrepo/templates/identity-service.yaml b/helm/dbrepo/templates/identity-service.yaml
index fcff683e87c7b55d21c26f7fd79f5831edd93eef..532bc8dae6323917f98094ce19cf8a508b642c1e 100644
--- a/helm/dbrepo/templates/identity-service.yaml
+++ b/helm/dbrepo/templates/identity-service.yaml
@@ -11,11 +11,11 @@ spec:
type: ClusterIP
ports:
- name: "ldap"
- port: 389
+ port: 1389
targetPort: 1389
protocol: TCP
- name: "sldap"
- port: 636
+ port: 1636
targetPort: 1636
protocol: TCP
selector:
diff --git a/helm/dbrepo/templates/metadata-configmap.yaml b/helm/dbrepo/templates/metadata-configmap.yaml
index 059f2bd40d2418672f8f6a4a3f1c64f05156cac2..af97ce1eda66de9651deeda189273c2226ca9a91 100644
--- a/helm/dbrepo/templates/metadata-configmap.yaml
+++ b/helm/dbrepo/templates/metadata-configmap.yaml
@@ -6,5 +6,10 @@ metadata:
name: metadata-db-config
namespace: {{ include "common.names.namespace" . | quote }}
data:
+ {{- with .Values.metadatadb.extraInitDbScripts }}
+ {{ toYaml . | nindent 2 }}
+ {{- end }}
+ {{ (.Files.Glob "files/01-setup-schema.sql").AsConfig | nindent 2 }}
+ {{ (.Files.Glob "files/02-setup-data.sql").AsConfig | nindent 2 }}
{{ (.Files.Glob "files/my.cnf").AsConfig | nindent 2 }}
{{- end }}
diff --git a/helm/dbrepo/templates/metadata-setup-configmap.yaml b/helm/dbrepo/templates/metadata-setup-configmap.yaml
deleted file mode 100644
index 608f1d13e162665464faeaf3eaa789834f6a8429..0000000000000000000000000000000000000000
--- a/helm/dbrepo/templates/metadata-setup-configmap.yaml
+++ /dev/null
@@ -1,19 +0,0 @@
-{{- if .Values.metadatadb.enabled }}
----
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: metadata-db-setup
- namespace: {{ include "common.names.namespace" . | quote }}
-data:
- {{- with .Values.metadatadb.extraInitDbScripts }}
- {{ toYaml . | nindent 2 }}
- {{- end }}
- {{ (.Files.Glob "files/01-setup-schema.sql").AsConfig | nindent 2 }}
- 02-setup-data.sql: |
- BEGIN;
- INSERT INTO `mdb_containers` (name, internal_name, image_id, host, port, privileged_username, privileged_password)
- VALUES ('mariadb-galera:11.3.2-debian-12-r9', 'mariadb-galera:11.3.2-debian-12-r9', 1, 'data-db', 3306, '{{ .Values.datadb.rootUser.user }}', '{{ .Values.datadb.rootUser.password }}');
- COMMIT;
- {{ (.Files.Glob "files/my.cnf").AsConfig | nindent 2 }}
-{{- end }}
diff --git a/helm/dbrepo/templates/upload-configmap.yaml b/helm/dbrepo/templates/upload-configmap.yaml
deleted file mode 100644
index 3dbde251a88996f82037c8cde87aa6354ac17b79..0000000000000000000000000000000000000000
--- a/helm/dbrepo/templates/upload-configmap.yaml
+++ /dev/null
@@ -1,54 +0,0 @@
-{{- if .Values.uploadservice.enabled }}
----
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: upload-service-setup
- namespace: {{ include "common.names.namespace" . | quote }}
-data:
- pre-create: |
- #!/bin/bash
- REQUEST_RAW=$(cat /dev/stdin)
-
- echo "[DEBUG] [pre-create hook] request started" >&2
- if [ "$(echo "$REQUEST_RAW" | jq '.HTTPRequest.Header | has("Authorization")')" == "false" ]; then
- echo "[ERROR] [pre-create hook] Missing header 'Authorization'" >&2
- echo "[DEBUG] [pre-create hook] raw request: ${REQUEST_RAW}" >&2
- cat <<END
- {
- "RejectUpload": true,
- "HTTPResponse": {
- "StatusCode": 400,
- "Header": {
- "Content-Type": "application/json"
- },
- "Body": "{\"code\":\"error.upload.malformed\",\"message\":\"Missing header 'Authorization'\",\"status\":\"BAD_REQUEST\"}"
- }
- }
- END
- exit 1
- fi
-
- echo "[DEBUG] [pre-create hook] request has 'Authorization' header present" >&2
-
- BEARER="$(echo "$REQUEST_RAW" | jq -r '.HTTPRequest.Header.Authorization[0]')"
- echo "[DEBUG] [pre-create hook] attempting to contact {{ .Values.authservice.endpoint }}" >&2
- if [ ! "$(wget -O- --quiet --header "Authorization: ${BEARER}" {{ .Values.authservice.endpoint }}/realms/dbrepo/protocol/openid-connect/userinfo)" ]; then
- echo "[ERROR] [pre-create hook] Unauthorized" >&2
- cat <<END
- {
- "RejectUpload": true,
- "HTTPResponse": {
- "StatusCode": 401,
- "Header": {
- "Content-Type": "application/json"
- },
- "Body": "{\"code\":\"error.upload.unauthorized\",\"message\":\"Authentication required\",\"status\":\"UNAUTHORIZED\"}"
- }
- }
- END
- exit 1
- fi
-
- echo "[INFO] [pre-create hook] Authorized" >&2
-{{- end }}
diff --git a/helm/dbrepo/templates/upload-deployment.yaml b/helm/dbrepo/templates/upload-deployment.yaml
deleted file mode 100644
index 1eb9eebd653a9537c3435c2c59e9657425e143a7..0000000000000000000000000000000000000000
--- a/helm/dbrepo/templates/upload-deployment.yaml
+++ /dev/null
@@ -1,62 +0,0 @@
-{{- if .Values.uploadservice.enabled }}
----
-apiVersion: apps/v1
-kind: Deployment
-metadata:
- name: upload-service
- namespace: {{ include "common.names.namespace" . | quote }}
- labels:
- app: upload-service
- service: upload-service
-spec:
- replicas: {{ .Values.uploadservice.replicaCount }}
- strategy:
- type: {{ .Values.strategyType }}
- selector:
- matchLabels:
- app: upload-service
- service: upload-service
- template:
- metadata:
- labels:
- app: upload-service
- service: upload-service
- spec:
- {{- if .Values.uploadservice.podSecurityContext.enabled }}
- securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.uploadservice.podSecurityContext "context" $) | nindent 8 }}
- {{- end }}
- containers:
- - name: upload-service
- image: {{ .Values.uploadservice.image.name }}
- imagePullPolicy: {{ .Values.uploadservice.image.pullPolicy | default "IfNotPresent" }}
- {{- if .Values.uploadservice.containerSecurityContext.enabled }}
- securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.uploadservice.containerSecurityContext "context" $) | nindent 12 }}
- {{- end }}
- args:
- - "-behind-proxy"
- - "-max-size={{ .Values.uploadservice.s3.maxSize }}"
- - "-base-path=/api/upload/files/"
- - "-s3-endpoint={{ .Values.uploadservice.s3.endpoint}}"
- - "-s3-bucket={{ .Values.uploadservice.s3.bucket }}"
- ports:
- - containerPort: 1080
- protocol: TCP
- envFrom:
- - secretRef:
- name: upload-service-secret
- livenessProbe:
- httpGet:
- port: 1080
- initialDelaySeconds: 120
- periodSeconds: 10
- readinessProbe:
- httpGet:
- port: 1080
- initialDelaySeconds: 30
- periodSeconds: 10
- {{- if .Values.uploadservice.resources }}
- resources: {{- toYaml .Values.uploadservice.resources | nindent 12 }}
- {{- else if ne .Values.uploadservice.resourcesPreset "none" }}
- resources: {{- include "common.resources.preset" (dict "type" .Values.uploadservice.resourcesPreset) | nindent 12 }}
- {{- end }}
-{{- end }}
diff --git a/helm/dbrepo/templates/upload-secret.yaml b/helm/dbrepo/templates/upload-secret.yaml
deleted file mode 100644
index 9b246d177e85dba3f588f39c6f15a77b9b77c7a3..0000000000000000000000000000000000000000
--- a/helm/dbrepo/templates/upload-secret.yaml
+++ /dev/null
@@ -1,10 +0,0 @@
----
-apiVersion: v1
-kind: Secret
-metadata:
- name: upload-service-secret
- namespace: {{ include "common.names.namespace" . | quote }}
-stringData:
- AWS_ACCESS_KEY_ID: "{{ .Values.storageservice.s3.auth.adminAccessKeyId }}"
- AWS_SECRET_ACCESS_KEY: "{{ .Values.storageservice.s3.auth.adminSecretAccessKey }}"
- AWS_REGION: "{{ .Values.storageservice.s3.region | default "default" }}"
diff --git a/helm/dbrepo/templates/upload-service.yaml b/helm/dbrepo/templates/upload-service.yaml
deleted file mode 100644
index b755ca4461e6eec3066d9d73d87defe90e54b061..0000000000000000000000000000000000000000
--- a/helm/dbrepo/templates/upload-service.yaml
+++ /dev/null
@@ -1,19 +0,0 @@
-{{- if .Values.uploadservice.enabled }}
----
-apiVersion: v1
-kind: Service
-metadata:
- name: upload-service
- namespace: {{ include "common.names.namespace" . | quote }}
- labels:
- service: upload-service
-spec:
- type: ClusterIP
- ports:
- - name: "upload-service"
- port: 80
- targetPort: 1080
- protocol: TCP
- selector:
- service: upload-service
-{{- end }}
diff --git a/helm/dbrepo/values.yaml b/helm/dbrepo/values.yaml
index ff5562eebc310b204b49694fd0c53134a0cbbbf1..8668253302c988cd7f2431f20004a6d55038e728 100644
--- a/helm/dbrepo/values.yaml
+++ b/helm/dbrepo/values.yaml
@@ -55,7 +55,7 @@ metadatadb:
## @skip metadatadb.metrics.enabled The Prometheus settings.
enabled: true
## @skip metadatadb.initdbScriptsConfigMap The initial database scripts.
- initdbScriptsConfigMap: metadata-db-setup
+ initdbScriptsConfigMap: metadata-db-config
## @param metadatadb.configurationConfigMap The database configuration files.
configurationConfigMap: metadata-db-config
## @param metadatadb.extraInitDbScripts Additional init.db scripts that are executed on the first start.
@@ -122,7 +122,7 @@ authservice:
setupJob:
image:
## @skip authservice.setupJob.image.name
- name: registry.datalab.tuwien.ac.at/dbrepo/auth-service-init:1.7.0
+ name: registry.datalab.tuwien.ac.at/dbrepo/auth-service-init:1.7.1
## @param authservice.setupJob.resourcesPreset The container resource preset
resourcesPreset: "nano"
## @param authservice.setupJob.resources Set container requests and limits for different resources like CPU or memory (essential for production workloads)
@@ -415,7 +415,7 @@ analyseservice:
enabled: true
image:
## @skip analyseservice.image.name
- name: registry.datalab.tuwien.ac.at/dbrepo/analyse-service:1.7.0
+ name: registry.datalab.tuwien.ac.at/dbrepo/analyse-service:1.7.1
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod
podSecurityContext:
## @param analyseservice.podSecurityContext.enabled Enable pods' Security Context
@@ -476,7 +476,7 @@ metadataservice:
enabled: true
image:
## @skip metadataservice.image.name
- name: registry.datalab.tuwien.ac.at/dbrepo/metadata-service:1.7.0
+ name: registry.datalab.tuwien.ac.at/dbrepo/metadata-service:1.7.1
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod
podSecurityContext:
## @param metadataservice.podSecurityContext.enabled Enable pods' Security Context
@@ -573,7 +573,7 @@ dataservice:
endpoint: http://data-service
image:
## @skip dataservice.image.name
- name: registry.datalab.tuwien.ac.at/dbrepo/data-service:1.7.0
+ name: registry.datalab.tuwien.ac.at/dbrepo/data-service:1.7.1
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod
podSecurityContext:
## @param dataservice.podSecurityContext.enabled Enable pods' Security Context
@@ -659,7 +659,7 @@ searchservice:
endpoint: http://search-service
image:
## @skip searchservice.image.name
- name: registry.datalab.tuwien.ac.at/dbrepo/search-service:1.7.0
+ name: registry.datalab.tuwien.ac.at/dbrepo/search-service:1.7.1
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod
podSecurityContext:
## @param searchservice.podSecurityContext.enabled Enable pods' Security Context
@@ -706,7 +706,7 @@ searchservice:
init:
image:
## @skip searchservice.init.image.name
- name: registry.datalab.tuwien.ac.at/dbrepo/search-service-init:1.7.0
+ name: registry.datalab.tuwien.ac.at/dbrepo/search-service-init:1.7.1
## @param searchservice.init.resourcesPreset The container resource preset
resourcesPreset: "nano"
## @param searchservice.init.resources Set container requests and limits for different resources like CPU or memory (essential for production workloads)
@@ -767,7 +767,7 @@ storageservice:
init:
image:
## @skip storageservice.init.image.name
- name: registry.datalab.tuwien.ac.at/dbrepo/storage-service-init:1.7.0
+ name: registry.datalab.tuwien.ac.at/dbrepo/storage-service-init:1.7.1
s3:
## @param storageservice.init.s3.endpoint The S3-capable endpoint the microservice connects to.
endpoint: http://storage-service-s3:8333
@@ -876,7 +876,7 @@ ui:
enabled: true
image:
## @skip ui.image.name
- name: registry.datalab.tuwien.ac.at/dbrepo/ui:1.7.0
+ name: registry.datalab.tuwien.ac.at/dbrepo/ui:1.7.1
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod
podSecurityContext:
## @param ui.podSecurityContext.enabled Enable pods' Security Context
diff --git a/helm/seaweedfs/charts/common-2.30.0.tgz b/helm/seaweedfs/charts/common-2.30.0.tgz
new file mode 100644
index 0000000000000000000000000000000000000000..ef7b68044a9ee31a9ba735054c13e41814b79a16
Binary files /dev/null and b/helm/seaweedfs/charts/common-2.30.0.tgz differ
diff --git a/helm/seaweedfs/charts/mariadb-20.4.1.tgz b/helm/seaweedfs/charts/mariadb-20.4.1.tgz
new file mode 100644
index 0000000000000000000000000000000000000000..924d07c3e7f88655b179085c3546f5d3de5c6e75
Binary files /dev/null and b/helm/seaweedfs/charts/mariadb-20.4.1.tgz differ
diff --git a/helm/seaweedfs/charts/postgresql-16.4.15.tgz b/helm/seaweedfs/charts/postgresql-16.4.15.tgz
new file mode 100644
index 0000000000000000000000000000000000000000..c580a020ba87b6ab7088ac3200fcf4d015c06229
Binary files /dev/null and b/helm/seaweedfs/charts/postgresql-16.4.15.tgz differ
diff --git a/install.sh b/install.sh
index 6de016007f4e4eab84cd331a0a1a7aafca046b38..84b139ddf95128d994a912a3de3d1ba6db1cef1d 100644
--- a/install.sh
+++ b/install.sh
@@ -1,7 +1,7 @@
#!/bin/bash
# preset
-VERSION="1.7.0"
+VERSION="1.7.1"
MIN_CPU=8
MIN_RAM=4
MIN_MAP_COUNT=262144
diff --git a/lib/python/docs/index.rst b/lib/python/docs/index.rst
index 511a08b52d559b8dc252e593dd69c692aacabf6c..2ebdc80b2d703c3d3e799950079f3a4c7a9d83df 100644
--- a/lib/python/docs/index.rst
+++ b/lib/python/docs/index.rst
@@ -6,7 +6,7 @@ Pandas `DataFrame <https://pandas.pydata.org/docs/reference/api/pandas.DataFrame
provides an object-oriented API as well as low-level access to DBRepo services.
.. note::
- The SDK has been implemented and documented for DBRepo version 1.7.0, earlier versions may be supported but are not tested for compatibility.
+ The SDK has been implemented and documented for DBRepo version 1.7.1, earlier versions may be supported but are not tested for compatibility.
Quickstart
----------
diff --git a/lib/python/pyproject.toml b/lib/python/pyproject.toml
index 49b9bbb1b7e166bff6f58533fbd879559485e239..61b31fcce1795064df1451c82193f2ed73e836db 100644
--- a/lib/python/pyproject.toml
+++ b/lib/python/pyproject.toml
@@ -1,6 +1,6 @@
[project]
name = "dbrepo"
-version = "1.7.0"
+version = "1.7.1"
description = "DBRepo Python Library"
keywords = [
"DBRepo",
diff --git a/lib/python/setup.py b/lib/python/setup.py
index 4fff48185b04734932caad08d4aa06583730a52f..73d4ced6de7822ff0d430c4488f226a553894e7c 100644
--- a/lib/python/setup.py
+++ b/lib/python/setup.py
@@ -2,7 +2,7 @@
from distutils.core import setup
setup(name="dbrepo",
- version="1.7.0",
+ version="1.7.1",
description="A library for communicating with DBRepo",
url="https://www.ifs.tuwien.ac.at/infrastructures/dbrepo/1.7/",
author="Martin Weise",
diff --git a/sonar-project.properties b/sonar-project.properties
index 0d25b112d7133494be618d3f61e3e17a2c415e94..24cf0e14a408513b25631817b2b3c8fcaf6f05ee 100644
--- a/sonar-project.properties
+++ b/sonar-project.properties
@@ -2,7 +2,7 @@
sonar.projectKey=fair-data-austria-db-repository_fda-services_a57fa043-ab99-4cdd-a721-162d9a916d77
sonar.host.url=https://s39.datalab.tuwien.ac.at
# project
-sonar.projectVersion=1.7.0
+sonar.projectVersion=1.7.1
# general
sonar.qualitygate.wait=true
sonar.projectCreation.mainBranchName=master