github.com/masterhung0112/hk_server/v5@v5.0.0-20220302090640-ec71aef15e1c/build/docker/keycloak/realm.json (about) 1 { 2 "id" : "mattermost", 3 "realm" : "mattermost", 4 "displayName" : "Keycloak", 5 "displayNameHtml" : "<div class=\"kc-logo-text\"><span>Keycloak</span></div>", 6 "notBefore" : 0, 7 "revokeRefreshToken" : false, 8 "refreshTokenMaxReuse" : 0, 9 "accessTokenLifespan" : 60, 10 "accessTokenLifespanForImplicitFlow" : 900, 11 "ssoSessionIdleTimeout" : 1800, 12 "ssoSessionMaxLifespan" : 36000, 13 "ssoSessionIdleTimeoutRememberMe" : 0, 14 "ssoSessionMaxLifespanRememberMe" : 0, 15 "offlineSessionIdleTimeout" : 2592000, 16 "offlineSessionMaxLifespanEnabled" : false, 17 "offlineSessionMaxLifespan" : 5184000, 18 "clientSessionIdleTimeout" : 0, 19 "clientSessionMaxLifespan" : 0, 20 "accessCodeLifespan" : 60, 21 "accessCodeLifespanUserAction" : 300, 22 "accessCodeLifespanLogin" : 1800, 23 "actionTokenGeneratedByAdminLifespan" : 43200, 24 "actionTokenGeneratedByUserLifespan" : 300, 25 "enabled" : true, 26 "sslRequired" : "external", 27 "registrationAllowed" : false, 28 "registrationEmailAsUsername" : false, 29 "rememberMe" : false, 30 "verifyEmail" : false, 31 "loginWithEmailAllowed" : true, 32 "duplicateEmailsAllowed" : false, 33 "resetPasswordAllowed" : false, 34 "editUsernameAllowed" : true, 35 "bruteForceProtected" : false, 36 "permanentLockout" : false, 37 "maxFailureWaitSeconds" : 900, 38 "minimumQuickLoginWaitSeconds" : 60, 39 "waitIncrementSeconds" : 60, 40 "quickLoginCheckMilliSeconds" : 1000, 41 "maxDeltaTimeSeconds" : 43200, 42 "failureFactor" : 30, 43 "roles" : { 44 "realm" : [ { 45 "id" : "1603a047-cc4c-405a-82e6-69e2c692776f", 46 "name" : "offline_access", 47 "description" : "${role_offline-access}", 48 "composite" : false, 49 "clientRole" : false, 50 "containerId" : "mattermost", 51 "attributes" : { } 52 }, { 53 "id" : "c7fdcde8-78f3-4255-bd19-7c945859d42f", 54 "name" : "create-realm", 55 "description" : "${role_create-realm}", 56 "composite" : false, 57 "clientRole" : false, 58 "containerId" : "mattermost", 59 "attributes" : { } 60 }, { 61 "id" : "41e2f2bd-b7a1-491d-9cdd-dc593f3d7483", 62 "name" : "uma_authorization", 63 "description" : "${role_uma_authorization}", 64 "composite" : false, 65 "clientRole" : false, 66 "containerId" : "mattermost", 67 "attributes" : { } 68 }, { 69 "id" : "86d6d932-461e-4e75-a2e1-0fe79802ee3b", 70 "name" : "admin", 71 "description" : "${role_admin}", 72 "composite" : true, 73 "composites" : { 74 "realm" : [ "create-realm" ], 75 "client" : { 76 "mattermost-realm" : [ "impersonation", "manage-clients", "view-events", "view-authorization", "view-realm", "create-client", "manage-authorization", "query-users", "manage-identity-providers", "view-users", "view-clients", "manage-users", "query-clients", "manage-realm", "manage-events", "view-identity-providers", "query-realms", "query-groups" ] 77 } 78 }, 79 "clientRole" : false, 80 "containerId" : "mattermost", 81 "attributes" : { } 82 } ], 83 "client" : { 84 "security-admin-console" : [ ], 85 "http://localhost:9065/login/sso/saml" : [ ], 86 "admin-cli" : [ ], 87 "account-console" : [ ], 88 "broker" : [ { 89 "id" : "2d3154ca-4b7e-4a11-809b-b8ad236035f8", 90 "name" : "read-token", 91 "description" : "${role_read-token}", 92 "composite" : false, 93 "clientRole" : true, 94 "containerId" : "1a5d8538-3004-48ad-a9ea-767e4ae09b53", 95 "attributes" : { } 96 } ], 97 "mattermost-realm" : [ { 98 "id" : "89f8999a-8b53-4aa8-ab1f-233c13954a88", 99 "name" : "impersonation", 100 "description" : "${role_impersonation}", 101 "composite" : false, 102 "clientRole" : true, 103 "containerId" : "9db3c486-1d1d-430a-84d9-304773d9b9b6", 104 "attributes" : { } 105 }, { 106 "id" : "b214d48c-94f8-4fe3-bea9-e14dcd0daf8b", 107 "name" : "manage-clients", 108 "description" : "${role_manage-clients}", 109 "composite" : false, 110 "clientRole" : true, 111 "containerId" : "9db3c486-1d1d-430a-84d9-304773d9b9b6", 112 "attributes" : { } 113 }, { 114 "id" : "a9875907-ea05-40f2-b7f5-2fa6da77d9fd", 115 "name" : "view-events", 116 "description" : "${role_view-events}", 117 "composite" : false, 118 "clientRole" : true, 119 "containerId" : "9db3c486-1d1d-430a-84d9-304773d9b9b6", 120 "attributes" : { } 121 }, { 122 "id" : "3338e04d-5781-49ca-ba50-e5eab4b2abfc", 123 "name" : "view-realm", 124 "description" : "${role_view-realm}", 125 "composite" : false, 126 "clientRole" : true, 127 "containerId" : "9db3c486-1d1d-430a-84d9-304773d9b9b6", 128 "attributes" : { } 129 }, { 130 "id" : "1ad5b686-8a60-48b1-8e69-ee7ad21f2e5d", 131 "name" : "view-authorization", 132 "description" : "${role_view-authorization}", 133 "composite" : false, 134 "clientRole" : true, 135 "containerId" : "9db3c486-1d1d-430a-84d9-304773d9b9b6", 136 "attributes" : { } 137 }, { 138 "id" : "0634edc3-0452-4745-bb68-1bd8508b803b", 139 "name" : "create-client", 140 "description" : "${role_create-client}", 141 "composite" : false, 142 "clientRole" : true, 143 "containerId" : "9db3c486-1d1d-430a-84d9-304773d9b9b6", 144 "attributes" : { } 145 }, { 146 "id" : "e4e141e2-7288-4e42-93c8-e7c3f369756b", 147 "name" : "manage-authorization", 148 "description" : "${role_manage-authorization}", 149 "composite" : false, 150 "clientRole" : true, 151 "containerId" : "9db3c486-1d1d-430a-84d9-304773d9b9b6", 152 "attributes" : { } 153 }, { 154 "id" : "0fb67bd9-8e13-4f75-acaf-75ee459a8b6c", 155 "name" : "query-users", 156 "description" : "${role_query-users}", 157 "composite" : false, 158 "clientRole" : true, 159 "containerId" : "9db3c486-1d1d-430a-84d9-304773d9b9b6", 160 "attributes" : { } 161 }, { 162 "id" : "7aff516a-4306-4ba1-92c7-aee738368321", 163 "name" : "manage-identity-providers", 164 "description" : "${role_manage-identity-providers}", 165 "composite" : false, 166 "clientRole" : true, 167 "containerId" : "9db3c486-1d1d-430a-84d9-304773d9b9b6", 168 "attributes" : { } 169 }, { 170 "id" : "796eb07f-a07e-4ac0-a8f2-069c56ce147a", 171 "name" : "view-users", 172 "description" : "${role_view-users}", 173 "composite" : true, 174 "composites" : { 175 "client" : { 176 "mattermost-realm" : [ "query-users", "query-groups" ] 177 } 178 }, 179 "clientRole" : true, 180 "containerId" : "9db3c486-1d1d-430a-84d9-304773d9b9b6", 181 "attributes" : { } 182 }, { 183 "id" : "48db4ddf-db9e-48b9-8158-a4fa9aa6bfae", 184 "name" : "view-clients", 185 "description" : "${role_view-clients}", 186 "composite" : true, 187 "composites" : { 188 "client" : { 189 "mattermost-realm" : [ "query-clients" ] 190 } 191 }, 192 "clientRole" : true, 193 "containerId" : "9db3c486-1d1d-430a-84d9-304773d9b9b6", 194 "attributes" : { } 195 }, { 196 "id" : "644ee19e-6587-4cad-a0d0-8a3e165cc8df", 197 "name" : "manage-users", 198 "description" : "${role_manage-users}", 199 "composite" : false, 200 "clientRole" : true, 201 "containerId" : "9db3c486-1d1d-430a-84d9-304773d9b9b6", 202 "attributes" : { } 203 }, { 204 "id" : "bc39205b-6498-47f2-b912-a7c9aabc7e6a", 205 "name" : "manage-realm", 206 "description" : "${role_manage-realm}", 207 "composite" : false, 208 "clientRole" : true, 209 "containerId" : "9db3c486-1d1d-430a-84d9-304773d9b9b6", 210 "attributes" : { } 211 }, { 212 "id" : "031a8159-2ac9-473f-8031-30743390f4cb", 213 "name" : "query-clients", 214 "description" : "${role_query-clients}", 215 "composite" : false, 216 "clientRole" : true, 217 "containerId" : "9db3c486-1d1d-430a-84d9-304773d9b9b6", 218 "attributes" : { } 219 }, { 220 "id" : "f522db6e-0623-4f59-89ef-5ffbad9d0301", 221 "name" : "manage-events", 222 "description" : "${role_manage-events}", 223 "composite" : false, 224 "clientRole" : true, 225 "containerId" : "9db3c486-1d1d-430a-84d9-304773d9b9b6", 226 "attributes" : { } 227 }, { 228 "id" : "34ab4e47-ed0a-427e-a826-88b556b3e4f1", 229 "name" : "view-identity-providers", 230 "description" : "${role_view-identity-providers}", 231 "composite" : false, 232 "clientRole" : true, 233 "containerId" : "9db3c486-1d1d-430a-84d9-304773d9b9b6", 234 "attributes" : { } 235 }, { 236 "id" : "e7c9c397-585e-4de5-b6bd-627aa622b27b", 237 "name" : "query-realms", 238 "description" : "${role_query-realms}", 239 "composite" : false, 240 "clientRole" : true, 241 "containerId" : "9db3c486-1d1d-430a-84d9-304773d9b9b6", 242 "attributes" : { } 243 }, { 244 "id" : "9d571819-a733-4e48-beef-61cd6f8ce604", 245 "name" : "query-groups", 246 "description" : "${role_query-groups}", 247 "composite" : false, 248 "clientRole" : true, 249 "containerId" : "9db3c486-1d1d-430a-84d9-304773d9b9b6", 250 "attributes" : { } 251 } ], 252 "account" : [ { 253 "id" : "659dde8f-c5ff-4db2-a8ad-b88479c1e2e0", 254 "name" : "manage-account", 255 "description" : "${role_manage-account}", 256 "composite" : true, 257 "composites" : { 258 "client" : { 259 "account" : [ "manage-account-links" ] 260 } 261 }, 262 "clientRole" : true, 263 "containerId" : "7e08cc43-4e60-4a0e-b03e-4d62b69f21da", 264 "attributes" : { } 265 }, { 266 "id" : "fcff0626-3b86-4e98-ab97-666d1bc35aaa", 267 "name" : "manage-consent", 268 "description" : "${role_manage-consent}", 269 "composite" : true, 270 "composites" : { 271 "client" : { 272 "account" : [ "view-consent" ] 273 } 274 }, 275 "clientRole" : true, 276 "containerId" : "7e08cc43-4e60-4a0e-b03e-4d62b69f21da", 277 "attributes" : { } 278 }, { 279 "id" : "cf2d2ae8-f0d3-4a70-aad1-77709b218316", 280 "name" : "view-applications", 281 "description" : "${role_view-applications}", 282 "composite" : false, 283 "clientRole" : true, 284 "containerId" : "7e08cc43-4e60-4a0e-b03e-4d62b69f21da", 285 "attributes" : { } 286 }, { 287 "id" : "80379c27-f861-4b54-9ef1-399fd6a17f30", 288 "name" : "manage-account-links", 289 "description" : "${role_manage-account-links}", 290 "composite" : false, 291 "clientRole" : true, 292 "containerId" : "7e08cc43-4e60-4a0e-b03e-4d62b69f21da", 293 "attributes" : { } 294 }, { 295 "id" : "625e8aa3-3b40-4353-a1c4-d6d9d8630deb", 296 "name" : "view-consent", 297 "description" : "${role_view-consent}", 298 "composite" : false, 299 "clientRole" : true, 300 "containerId" : "7e08cc43-4e60-4a0e-b03e-4d62b69f21da", 301 "attributes" : { } 302 }, { 303 "id" : "87d75c32-10bc-49ad-a68e-832429a8d043", 304 "name" : "view-profile", 305 "description" : "${role_view-profile}", 306 "composite" : false, 307 "clientRole" : true, 308 "containerId" : "7e08cc43-4e60-4a0e-b03e-4d62b69f21da", 309 "attributes" : { } 310 } ] 311 } 312 }, 313 "groups" : [ ], 314 "defaultRoles" : [ "offline_access", "uma_authorization" ], 315 "requiredCredentials" : [ "password" ], 316 "otpPolicyType" : "totp", 317 "otpPolicyAlgorithm" : "HmacSHA1", 318 "otpPolicyInitialCounter" : 0, 319 "otpPolicyDigits" : 6, 320 "otpPolicyLookAheadWindow" : 1, 321 "otpPolicyPeriod" : 30, 322 "otpSupportedApplications" : [ "FreeOTP", "Google Authenticator" ], 323 "webAuthnPolicyRpEntityName" : "keycloak", 324 "webAuthnPolicySignatureAlgorithms" : [ "ES256" ], 325 "webAuthnPolicyRpId" : "", 326 "webAuthnPolicyAttestationConveyancePreference" : "not specified", 327 "webAuthnPolicyAuthenticatorAttachment" : "not specified", 328 "webAuthnPolicyRequireResidentKey" : "not specified", 329 "webAuthnPolicyUserVerificationRequirement" : "not specified", 330 "webAuthnPolicyCreateTimeout" : 0, 331 "webAuthnPolicyAvoidSameAuthenticatorRegister" : false, 332 "webAuthnPolicyAcceptableAaguids" : [ ], 333 "webAuthnPolicyPasswordlessRpEntityName" : "keycloak", 334 "webAuthnPolicyPasswordlessSignatureAlgorithms" : [ "ES256" ], 335 "webAuthnPolicyPasswordlessRpId" : "", 336 "webAuthnPolicyPasswordlessAttestationConveyancePreference" : "not specified", 337 "webAuthnPolicyPasswordlessAuthenticatorAttachment" : "not specified", 338 "webAuthnPolicyPasswordlessRequireResidentKey" : "not specified", 339 "webAuthnPolicyPasswordlessUserVerificationRequirement" : "not specified", 340 "webAuthnPolicyPasswordlessCreateTimeout" : 0, 341 "webAuthnPolicyPasswordlessAvoidSameAuthenticatorRegister" : false, 342 "webAuthnPolicyPasswordlessAcceptableAaguids" : [ ], 343 "users" : [ { 344 "id" : "322fe373-2f32-4edb-b85b-426ed4a29509", 345 "createdTimestamp" : 1592608502143, 346 "username" : "hkuser", 347 "enabled" : true, 348 "totp" : false, 349 "emailVerified" : false, 350 "credentials" : [ { 351 "id" : "12b834cf-48e7-45ac-9798-f3c3e5f22852", 352 "type" : "password", 353 "createdDate" : 1592608502380, 354 "secretData" : "{\"value\":\"e+FszAkjUqp7PVyg3FfW3XtBa2tXB1bvpxDbNHgkNWhx1b7YNi154Yvm6nR0caj2lx95KYlEevinMKb4GZKmRQ==\",\"salt\":\"lnn/AkoOO1uPJGZ5Wbwu1Q==\"}", 355 "credentialData" : "{\"hashIterations\":27500,\"algorithm\":\"pbkdf2-sha256\"}" 356 } ], 357 "disableableCredentialTypes" : [ ], 358 "requiredActions" : [ ], 359 "realmRoles" : [ "offline_access", "uma_authorization", "admin" ], 360 "clientRoles" : { 361 "account" : [ "manage-account", "view-profile" ] 362 }, 363 "notBefore" : 0, 364 "groups" : [ ] 365 }, { 366 "id" : "ffeb5559-7348-4f75-b5a9-1a9217f7db58", 367 "createdTimestamp" : 1592655068090, 368 "username" : "test.one", 369 "enabled" : true, 370 "totp" : false, 371 "emailVerified" : false, 372 "firstName" : "Test1", 373 "lastName" : "User", 374 "email" : "success+testone@simulator.amazonses.com", 375 "federationLink" : "0d94859b-cd61-4314-9669-fbcac2322dfd", 376 "attributes" : { 377 "LDAP_ENTRY_DN" : [ "uid=test.one,ou=testusers,dc=mm,dc=test,dc=com" ], 378 "createTimestamp" : [ "20200620080847Z" ], 379 "modifyTimestamp" : [ "20200620080847Z" ], 380 "LDAP_ID" : [ "034ce904-4719-103a-9320-c588f0ff1b81" ] 381 }, 382 "credentials" : [ ], 383 "disableableCredentialTypes" : [ ], 384 "requiredActions" : [ ], 385 "realmRoles" : [ "offline_access", "uma_authorization" ], 386 "clientRoles" : { 387 "account" : [ "manage-account", "view-profile" ] 388 }, 389 "notBefore" : 0, 390 "groups" : [ ] 391 } ], 392 "scopeMappings" : [ { 393 "clientScope" : "offline_access", 394 "roles" : [ "offline_access" ] 395 } ], 396 "clientScopeMappings" : { 397 "account" : [ { 398 "client" : "account-console", 399 "roles" : [ "manage-account" ] 400 } ] 401 }, 402 "clients" : [ { 403 "id" : "7e08cc43-4e60-4a0e-b03e-4d62b69f21da", 404 "clientId" : "account", 405 "name" : "${client_account}", 406 "rootUrl" : "${authBaseUrl}", 407 "baseUrl" : "/realms/mattermost/account/", 408 "surrogateAuthRequired" : false, 409 "enabled" : true, 410 "alwaysDisplayInConsole" : false, 411 "clientAuthenticatorType" : "client-secret", 412 "secret" : "7228d94d-bf02-4b5d-ab61-07a5b4d71b24", 413 "defaultRoles" : [ "manage-account", "view-profile" ], 414 "redirectUris" : [ "/realms/mattermost/account/*" ], 415 "webOrigins" : [ ], 416 "notBefore" : 0, 417 "bearerOnly" : false, 418 "consentRequired" : false, 419 "standardFlowEnabled" : true, 420 "implicitFlowEnabled" : false, 421 "directAccessGrantsEnabled" : false, 422 "serviceAccountsEnabled" : false, 423 "publicClient" : false, 424 "frontchannelLogout" : false, 425 "protocol" : "openid-connect", 426 "attributes" : { }, 427 "authenticationFlowBindingOverrides" : { }, 428 "fullScopeAllowed" : false, 429 "nodeReRegistrationTimeout" : 0, 430 "defaultClientScopes" : [ "web-origins", "role_list", "roles", "profile", "email" ], 431 "optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ] 432 }, { 433 "id" : "815a1e7b-f78e-413f-9c44-b5459df0e0c0", 434 "clientId" : "account-console", 435 "name" : "${client_account-console}", 436 "rootUrl" : "${authBaseUrl}", 437 "baseUrl" : "/realms/mattermost/account/", 438 "surrogateAuthRequired" : false, 439 "enabled" : true, 440 "alwaysDisplayInConsole" : false, 441 "clientAuthenticatorType" : "client-secret", 442 "secret" : "0406c700-8b2e-4163-9ab5-5091fdf15e5b", 443 "redirectUris" : [ "/realms/mattermost/account/*" ], 444 "webOrigins" : [ ], 445 "notBefore" : 0, 446 "bearerOnly" : false, 447 "consentRequired" : false, 448 "standardFlowEnabled" : true, 449 "implicitFlowEnabled" : false, 450 "directAccessGrantsEnabled" : false, 451 "serviceAccountsEnabled" : false, 452 "publicClient" : true, 453 "frontchannelLogout" : false, 454 "protocol" : "openid-connect", 455 "attributes" : { 456 "pkce.code.challenge.method" : "S256" 457 }, 458 "authenticationFlowBindingOverrides" : { }, 459 "fullScopeAllowed" : false, 460 "nodeReRegistrationTimeout" : 0, 461 "protocolMappers" : [ { 462 "id" : "1079cafb-6192-4059-8412-0f7b4b39ff3c", 463 "name" : "audience resolve", 464 "protocol" : "openid-connect", 465 "protocolMapper" : "oidc-audience-resolve-mapper", 466 "consentRequired" : false, 467 "config" : { } 468 } ], 469 "defaultClientScopes" : [ "web-origins", "role_list", "roles", "profile", "email" ], 470 "optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ] 471 }, { 472 "id" : "84e88764-21c4-43a0-8128-5ba882aa0990", 473 "clientId" : "admin-cli", 474 "name" : "${client_admin-cli}", 475 "surrogateAuthRequired" : false, 476 "enabled" : true, 477 "alwaysDisplayInConsole" : false, 478 "clientAuthenticatorType" : "client-secret", 479 "secret" : "da271203-180d-41a3-8f54-12d8a1a242b8", 480 "redirectUris" : [ ], 481 "webOrigins" : [ ], 482 "notBefore" : 0, 483 "bearerOnly" : false, 484 "consentRequired" : false, 485 "standardFlowEnabled" : false, 486 "implicitFlowEnabled" : false, 487 "directAccessGrantsEnabled" : true, 488 "serviceAccountsEnabled" : false, 489 "publicClient" : true, 490 "frontchannelLogout" : false, 491 "protocol" : "openid-connect", 492 "attributes" : { }, 493 "authenticationFlowBindingOverrides" : { }, 494 "fullScopeAllowed" : false, 495 "nodeReRegistrationTimeout" : 0, 496 "defaultClientScopes" : [ "web-origins", "role_list", "roles", "profile", "email" ], 497 "optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ] 498 }, { 499 "id" : "1a5d8538-3004-48ad-a9ea-767e4ae09b53", 500 "clientId" : "broker", 501 "name" : "${client_broker}", 502 "surrogateAuthRequired" : false, 503 "enabled" : true, 504 "alwaysDisplayInConsole" : false, 505 "clientAuthenticatorType" : "client-secret", 506 "secret" : "398f1561-be86-4d08-a1f3-4162dbcd0c59", 507 "redirectUris" : [ ], 508 "webOrigins" : [ ], 509 "notBefore" : 0, 510 "bearerOnly" : false, 511 "consentRequired" : false, 512 "standardFlowEnabled" : true, 513 "implicitFlowEnabled" : false, 514 "directAccessGrantsEnabled" : false, 515 "serviceAccountsEnabled" : false, 516 "publicClient" : false, 517 "frontchannelLogout" : false, 518 "protocol" : "openid-connect", 519 "attributes" : { }, 520 "authenticationFlowBindingOverrides" : { }, 521 "fullScopeAllowed" : false, 522 "nodeReRegistrationTimeout" : 0, 523 "defaultClientScopes" : [ "web-origins", "role_list", "roles", "profile", "email" ], 524 "optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ] 525 }, { 526 "id" : "52fef9a5-b43a-496d-be1d-024522142740", 527 "clientId" : "http://localhost:9065/login/sso/saml", 528 "adminUrl" : "http://localhost:9065/login/sso/saml", 529 "surrogateAuthRequired" : false, 530 "enabled" : true, 531 "alwaysDisplayInConsole" : false, 532 "clientAuthenticatorType" : "client-secret", 533 "secret" : "9c2edd74-9e20-454d-8cc2-0714e43f5f7e", 534 "redirectUris" : [ "http://localhost:9065/login/sso/saml" ], 535 "webOrigins" : [ ], 536 "notBefore" : 0, 537 "bearerOnly" : false, 538 "consentRequired" : false, 539 "standardFlowEnabled" : true, 540 "implicitFlowEnabled" : false, 541 "directAccessGrantsEnabled" : false, 542 "serviceAccountsEnabled" : false, 543 "publicClient" : false, 544 "frontchannelLogout" : true, 545 "protocol" : "saml", 546 "attributes" : { 547 "saml.assertion.signature" : "false", 548 "saml.force.post.binding" : "true", 549 "saml.multivalued.roles" : "false", 550 "saml.encrypt" : "false", 551 "saml.server.signature" : "true", 552 "saml.server.signature.keyinfo.ext" : "false", 553 "saml.signing.certificate" : "MIIC3zCCAccCBgFheaqsnDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDDChodHRwczovLzdjNTQzNTQyLm5ncm9rLmlvL2xvZ2luL3Nzby9zYW1sMB4XDTE4MDIwOTA4MjMwM1oXDTI4MDIwOTA4MjQ0M1owMzExMC8GA1UEAwwoaHR0cHM6Ly83YzU0MzU0Mi5uZ3Jvay5pby9sb2dpbi9zc28vc2FtbDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJg1eRqY8X4bGTFJgdftPoQlqwasfmZJDwkPlbWsNf4XQukwYqGcpDYKtdAd8mmLkYK1wXPjRvdZTNBA3nuMZYGcJjXMvBKGSqz9q2s8+wD+9TKcE6aSTS7+eOL9GjRWMdE5g4GsLkOjzJo6B39tniCCHHA1rlfUgDXFAvDRtS60ytuAnkD6YGdZ3moZtke8ssEZjxJRnGf3F8E1RfaP4An7a8D1ZlyvNndZpLtB/AixjIvasJpPrQX5UW/DkjKFQx+++GZdFBvGq4gva4pErmq1RfnIoEtG7V7DmgpBDx1Pv1EyJ61vowVwkUDJe2uim3s7h5iaZAeDq1NXNAYMMf0CAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAhA6yjZmkcyBgUfifrhDcK4X4PU2rtf+y9vql28Yq23Idoc0u4TavrZbEHedgAswW7D3bDnX3JAdRA3PbydGnAHeTPdsOvf/UAolPjsd/c7+KkMbrpVc/rjG8PFtVwfqD3kmoUpXZ5T1FGHO7Kjp/sP3lNXeugopxoh4lS3WAekKqD8DnLll6SspRmQrdgZQ/OSEmxXMi34Fg2zkClu/Vp59IR3yvJxkVd1tZKdSi1xkHaBdL/sG3X6D/wy68pYWB64UyP02PHaE2AytzqL/lm//KCjU8WbG+G9diCPKNp6udX1lFK4/N4gpnWSIsh1FE+/S22Er5/QjKDGPyNf35Pw==", 554 "saml.signature.algorithm" : "RSA_SHA256", 555 "saml_force_name_id_format" : "false", 556 "saml.client.signature" : "false", 557 "saml.authnstatement" : "true", 558 "saml.signing.private.key" : "MIIEpAIBAAKCAQEAmDV5GpjxfhsZMUmB1+0+hCWrBqx+ZkkPCQ+Vtaw1/hdC6TBioZykNgq10B3yaYuRgrXBc+NG91lM0EDee4xlgZwmNcy8EoZKrP2razz7AP71MpwTppJNLv544v0aNFYx0TmDgawuQ6PMmjoHf22eIIIccDWuV9SANcUC8NG1LrTK24CeQPpgZ1neahm2R7yywRmPElGcZ/cXwTVF9o/gCftrwPVmXK82d1mku0H8CLGMi9qwmk+tBflRb8OSMoVDH774Zl0UG8ariC9rikSuarVF+cigS0btXsOaCkEPHU+/UTInrW+jBXCRQMl7a6KbezuHmJpkB4OrU1c0Bgwx/QIDAQABAoIBAAiq4t6U3wujV2frG63EIM89peOXZwtEFcsaTBgwWlLB2FmXG8bAOMmrCndzfR5tiDe9SerjgmMLfshNKV43vIAI+FQP+JXFd/Mp7t0Id/Kykhvzr1rI8gQ/EXs7loZsciHL+KUlvOy1Iy2VKGAlSd/oCN6K8AaoXzSwp143Uu353ssrdj4EprMy7H0ZM9DMdR40ov7nrhD6ux2vC7FGmNchKu5whPb0X3Bq62v4ENebu6k9h/MN04hCEh5IoQBvjqSD6k0Wg+QrMo+DHFrTvtuPMtUOYi/08odx1Z4kQ34VppmkqvQnXKvL0sR5i0MOuvW/yt3UX6cjmME8knJHaDECgYEA7DD4yxnrzFKIYbeEwWbjXWwtGIq4hxH9c9lg4XQt/9TnTWPQaHOxmqL6cZgp40IKffVhc4wBRNnyH2iUZaOn8AUhOfeFIGyN3Yy3aDWsyD9nF8PqrvkEXsbRAJWY6jvFtbWYdEXDJx7mTxVsy9aeNlq+NH7NL2yj/fOzcl9KPpsCgYEApPll+o/yisM3B88Ac8fcfpS8Fs0bn5R63lIkaxKNFVHASkrMaCH4gW88o2+urYOp2dbfOkWcJ4yAT1zgv9Q+y0dwjT/eMg9Rlhi2lOUvysdJ5pQr62YTMUa0hA4uwR5fvEewbwbujcsRWpGvkVvPBrS+CXRme/ppJpgSWtYZT0cCgYEAnrxG6NDR7W7mY63f1c8dLTM/l4fbfkNz8ED+4GahZ5ehoBxd+2UNztyLrn5SYH6I6KBaTzqfu7MyCzPQ0AJOInyAGSIl4WWzbltdA/dW2PnrgkhUWCXZbwz1eAwSShHDzVxvSm18O7WDmVDP3qqth+AyhrtVkPLVwB3h0xMBpdMCgYBDnH7B6LrDSexEw/5wdQmVywkm4xqeFTEh6lJIm4q8oQuIpw0M5Fc/XMJiTQQu0pYK1DgaXqr3vmpbnDn0BF1T3ExxZyp+I68RL8GsVh13IqPT3wf86pGVEWAr+tAIj5U2yb6yUgn0jLPpBWoJzbGUEwELSOwzhVYQ3iQvnC01QwKBgQCa7bycaVyeON+fwehAzlWjvNuTOWvieOstVgLp8rHuflMaU2CHQ6G3jcM/asx9l15DT+nqPf9x6Ms2UQxnwbFS4xT2ZHXruxex7oWNPgQazOk+hBFG73G8PtPODRe2iPA9c3gKSi/y9M80zFHGNACuy7Fl7pLXAsz5eOjxIVOYTg==", 559 "saml_name_id_format" : "username", 560 "saml.onetimeuse.condition" : "false", 561 "saml_signature_canonicalization_method" : "http://www.w3.org/2001/10/xml-exc-c14n#" 562 }, 563 "authenticationFlowBindingOverrides" : { }, 564 "fullScopeAllowed" : true, 565 "nodeReRegistrationTimeout" : -1, 566 "protocolMappers" : [ { 567 "id" : "50e9a4b5-8350-4a0b-97c7-6cea4f41baad", 568 "name" : "username", 569 "protocol" : "openid-connect", 570 "protocolMapper" : "oidc-usermodel-property-mapper", 571 "consentRequired" : false, 572 "config" : { 573 "userinfo.token.claim" : "true", 574 "user.attribute" : "username", 575 "id.token.claim" : "true", 576 "access.token.claim" : "true", 577 "claim.name" : "preferred_username", 578 "jsonType.label" : "String" 579 } 580 }, { 581 "id" : "8fa1d509-76af-446e-84e0-c7ca19df70d7", 582 "name" : "X500 email", 583 "protocol" : "saml", 584 "protocolMapper" : "saml-user-property-mapper", 585 "consentRequired" : false, 586 "config" : { 587 "attribute.nameformat" : "urn:oasis:names:tc:SAML:2.0:attrname-format:uri", 588 "user.attribute" : "email", 589 "friendly.name" : "email", 590 "attribute.name" : "urn:oid:1.2.840.113549.1.9.1" 591 } 592 }, { 593 "id" : "e992fbae-5022-4faa-a9ac-ac2175f10626", 594 "name" : "email", 595 "protocol" : "openid-connect", 596 "protocolMapper" : "oidc-usermodel-property-mapper", 597 "consentRequired" : false, 598 "config" : { 599 "userinfo.token.claim" : "true", 600 "user.attribute" : "email", 601 "id.token.claim" : "true", 602 "access.token.claim" : "true", 603 "claim.name" : "email", 604 "jsonType.label" : "String" 605 } 606 }, { 607 "id" : "9cc29dfc-8f88-49b0-a5ad-602414919e96", 608 "name" : "lastName", 609 "protocol" : "saml", 610 "protocolMapper" : "saml-user-property-mapper", 611 "consentRequired" : false, 612 "config" : { 613 "attribute.nameformat" : "Basic", 614 "user.attribute" : "lastName", 615 "friendly.name" : "lastName" 616 } 617 }, { 618 "id" : "46cde274-7982-46ba-a8e2-0c83c86c0a83", 619 "name" : "username", 620 "protocol" : "saml", 621 "protocolMapper" : "saml-user-property-mapper", 622 "consentRequired" : false, 623 "config" : { 624 "attribute.nameformat" : "Basic", 625 "user.attribute" : "username", 626 "friendly.name" : "username" 627 } 628 }, { 629 "id" : "eb511875-6279-4e16-bfbb-a5bf64eb9a84", 630 "name" : "full name", 631 "protocol" : "openid-connect", 632 "protocolMapper" : "oidc-full-name-mapper", 633 "consentRequired" : false, 634 "config" : { 635 "id.token.claim" : "true", 636 "access.token.claim" : "true", 637 "userinfo.token.claim" : "true" 638 } 639 }, { 640 "id" : "8c0b03ac-68ec-4bec-9d15-60d526c82f93", 641 "name" : "given name", 642 "protocol" : "openid-connect", 643 "protocolMapper" : "oidc-usermodel-property-mapper", 644 "consentRequired" : false, 645 "config" : { 646 "userinfo.token.claim" : "true", 647 "user.attribute" : "firstName", 648 "id.token.claim" : "true", 649 "access.token.claim" : "true", 650 "claim.name" : "given_name", 651 "jsonType.label" : "String" 652 } 653 }, { 654 "id" : "820e0279-6e54-4787-90dd-dc9b983e7d21", 655 "name" : "id", 656 "protocol" : "saml", 657 "protocolMapper" : "saml-user-property-mapper", 658 "consentRequired" : false, 659 "config" : { 660 "attribute.nameformat" : "Basic", 661 "user.attribute" : "id", 662 "friendly.name" : "id" 663 } 664 }, { 665 "id" : "185850a8-98fd-45dc-9e2a-0cce60ca79b1", 666 "name" : "family name", 667 "protocol" : "openid-connect", 668 "protocolMapper" : "oidc-usermodel-property-mapper", 669 "consentRequired" : false, 670 "config" : { 671 "userinfo.token.claim" : "true", 672 "user.attribute" : "lastName", 673 "id.token.claim" : "true", 674 "access.token.claim" : "true", 675 "claim.name" : "family_name", 676 "jsonType.label" : "String" 677 } 678 }, { 679 "id" : "5c4933fa-deba-42ad-8895-4cb78c4a623a", 680 "name" : "role list", 681 "protocol" : "saml", 682 "protocolMapper" : "saml-role-list-mapper", 683 "consentRequired" : false, 684 "config" : { 685 "single" : "false", 686 "attribute.nameformat" : "Basic", 687 "attribute.name" : "Role" 688 } 689 }, { 690 "id" : "944ad38e-c7c0-4197-956e-99bea3f4aa76", 691 "name" : "firstName", 692 "protocol" : "saml", 693 "protocolMapper" : "saml-user-property-mapper", 694 "consentRequired" : false, 695 "config" : { 696 "attribute.nameformat" : "Basic", 697 "user.attribute" : "firstName", 698 "friendly.name" : "firstName" 699 } 700 } ], 701 "defaultClientScopes" : [ "web-origins", "role_list", "profile", "roles", "email" ], 702 "optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ] 703 }, { 704 "id" : "9db3c486-1d1d-430a-84d9-304773d9b9b6", 705 "clientId" : "mattermost-realm", 706 "name" : "mattermost Realm", 707 "surrogateAuthRequired" : false, 708 "enabled" : true, 709 "alwaysDisplayInConsole" : false, 710 "clientAuthenticatorType" : "client-secret", 711 "secret" : "ba813ee3-da75-4a44-8b76-0583a25ab0a6", 712 "redirectUris" : [ ], 713 "webOrigins" : [ ], 714 "notBefore" : 0, 715 "bearerOnly" : true, 716 "consentRequired" : false, 717 "standardFlowEnabled" : true, 718 "implicitFlowEnabled" : false, 719 "directAccessGrantsEnabled" : false, 720 "serviceAccountsEnabled" : false, 721 "publicClient" : false, 722 "frontchannelLogout" : false, 723 "attributes" : { }, 724 "authenticationFlowBindingOverrides" : { }, 725 "fullScopeAllowed" : true, 726 "nodeReRegistrationTimeout" : 0, 727 "defaultClientScopes" : [ "web-origins", "role_list", "roles", "profile", "email" ], 728 "optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ] 729 }, { 730 "id" : "c00ad008-c2f3-43df-a3d5-2b79bf8aa055", 731 "clientId" : "security-admin-console", 732 "name" : "${client_security-admin-console}", 733 "rootUrl" : "${authAdminUrl}", 734 "baseUrl" : "/admin/mattermost/console/", 735 "surrogateAuthRequired" : false, 736 "enabled" : true, 737 "alwaysDisplayInConsole" : false, 738 "clientAuthenticatorType" : "client-secret", 739 "secret" : "e3ff2e21-394f-4536-90ce-d9d8697da91f", 740 "redirectUris" : [ "/admin/mattermost/console/*" ], 741 "webOrigins" : [ "+" ], 742 "notBefore" : 0, 743 "bearerOnly" : false, 744 "consentRequired" : false, 745 "standardFlowEnabled" : true, 746 "implicitFlowEnabled" : false, 747 "directAccessGrantsEnabled" : false, 748 "serviceAccountsEnabled" : false, 749 "publicClient" : true, 750 "frontchannelLogout" : false, 751 "protocol" : "openid-connect", 752 "attributes" : { 753 "pkce.code.challenge.method" : "S256" 754 }, 755 "authenticationFlowBindingOverrides" : { }, 756 "fullScopeAllowed" : false, 757 "nodeReRegistrationTimeout" : 0, 758 "protocolMappers" : [ { 759 "id" : "d04c0393-31a7-400f-966e-919b19867ac7", 760 "name" : "locale", 761 "protocol" : "openid-connect", 762 "protocolMapper" : "oidc-usermodel-attribute-mapper", 763 "consentRequired" : false, 764 "config" : { 765 "userinfo.token.claim" : "true", 766 "user.attribute" : "locale", 767 "id.token.claim" : "true", 768 "access.token.claim" : "true", 769 "claim.name" : "locale", 770 "jsonType.label" : "String" 771 } 772 } ], 773 "defaultClientScopes" : [ "web-origins", "role_list", "roles", "profile", "email" ], 774 "optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ] 775 } ], 776 "clientScopes" : [ { 777 "id" : "9604111a-194e-4dda-b92e-2b5792dc0806", 778 "name" : "address", 779 "description" : "OpenID Connect built-in scope: address", 780 "protocol" : "openid-connect", 781 "attributes" : { 782 "include.in.token.scope" : "true", 783 "display.on.consent.screen" : "true", 784 "consent.screen.text" : "${addressScopeConsentText}" 785 }, 786 "protocolMappers" : [ { 787 "id" : "cd4cef7d-d064-4c37-8091-684755713eb1", 788 "name" : "address", 789 "protocol" : "openid-connect", 790 "protocolMapper" : "oidc-address-mapper", 791 "consentRequired" : false, 792 "config" : { 793 "user.attribute.formatted" : "formatted", 794 "user.attribute.country" : "country", 795 "user.attribute.postal_code" : "postal_code", 796 "userinfo.token.claim" : "true", 797 "user.attribute.street" : "street", 798 "id.token.claim" : "true", 799 "user.attribute.region" : "region", 800 "access.token.claim" : "true", 801 "user.attribute.locality" : "locality" 802 } 803 } ] 804 }, { 805 "id" : "d8096e80-d010-43dc-a882-296b3d3a7a09", 806 "name" : "email", 807 "description" : "OpenID Connect built-in scope: email", 808 "protocol" : "openid-connect", 809 "attributes" : { 810 "include.in.token.scope" : "true", 811 "display.on.consent.screen" : "true", 812 "consent.screen.text" : "${emailScopeConsentText}" 813 }, 814 "protocolMappers" : [ { 815 "id" : "b67eed41-55e3-4f4a-8df7-d6ff87293b0c", 816 "name" : "email", 817 "protocol" : "openid-connect", 818 "protocolMapper" : "oidc-usermodel-property-mapper", 819 "consentRequired" : false, 820 "config" : { 821 "userinfo.token.claim" : "true", 822 "user.attribute" : "email", 823 "id.token.claim" : "true", 824 "access.token.claim" : "true", 825 "claim.name" : "email", 826 "jsonType.label" : "String" 827 } 828 }, { 829 "id" : "5fe306a4-8f0a-497f-a832-a77b80dff8fc", 830 "name" : "email verified", 831 "protocol" : "openid-connect", 832 "protocolMapper" : "oidc-usermodel-property-mapper", 833 "consentRequired" : false, 834 "config" : { 835 "userinfo.token.claim" : "true", 836 "user.attribute" : "emailVerified", 837 "id.token.claim" : "true", 838 "access.token.claim" : "true", 839 "claim.name" : "email_verified", 840 "jsonType.label" : "boolean" 841 } 842 } ] 843 }, { 844 "id" : "599664c3-e555-4070-a665-bf31459ea0ab", 845 "name" : "microprofile-jwt", 846 "description" : "Microprofile - JWT built-in scope", 847 "protocol" : "openid-connect", 848 "attributes" : { 849 "include.in.token.scope" : "true", 850 "display.on.consent.screen" : "false" 851 }, 852 "protocolMappers" : [ { 853 "id" : "4286f2f3-93f5-4720-9e0a-6c9bcecc8ed5", 854 "name" : "upn", 855 "protocol" : "openid-connect", 856 "protocolMapper" : "oidc-usermodel-property-mapper", 857 "consentRequired" : false, 858 "config" : { 859 "userinfo.token.claim" : "true", 860 "user.attribute" : "username", 861 "id.token.claim" : "true", 862 "access.token.claim" : "true", 863 "claim.name" : "upn", 864 "jsonType.label" : "String" 865 } 866 }, { 867 "id" : "958a1c6c-1ecd-4550-babd-e527dd5f79ef", 868 "name" : "groups", 869 "protocol" : "openid-connect", 870 "protocolMapper" : "oidc-usermodel-realm-role-mapper", 871 "consentRequired" : false, 872 "config" : { 873 "multivalued" : "true", 874 "user.attribute" : "foo", 875 "id.token.claim" : "true", 876 "access.token.claim" : "true", 877 "claim.name" : "groups", 878 "jsonType.label" : "String" 879 } 880 } ] 881 }, { 882 "id" : "365bdebc-003b-4317-a2a2-8d41c2c3d57c", 883 "name" : "offline_access", 884 "description" : "OpenID Connect built-in scope: offline_access", 885 "protocol" : "openid-connect", 886 "attributes" : { 887 "consent.screen.text" : "${offlineAccessScopeConsentText}", 888 "display.on.consent.screen" : "true" 889 } 890 }, { 891 "id" : "d60a441a-4d9a-45a2-ab8d-167bfefe7dc7", 892 "name" : "phone", 893 "description" : "OpenID Connect built-in scope: phone", 894 "protocol" : "openid-connect", 895 "attributes" : { 896 "include.in.token.scope" : "true", 897 "display.on.consent.screen" : "true", 898 "consent.screen.text" : "${phoneScopeConsentText}" 899 }, 900 "protocolMappers" : [ { 901 "id" : "ee47b76e-73ef-47c3-a907-2e8fe6d31749", 902 "name" : "phone number", 903 "protocol" : "openid-connect", 904 "protocolMapper" : "oidc-usermodel-attribute-mapper", 905 "consentRequired" : false, 906 "config" : { 907 "userinfo.token.claim" : "true", 908 "user.attribute" : "phoneNumber", 909 "id.token.claim" : "true", 910 "access.token.claim" : "true", 911 "claim.name" : "phone_number", 912 "jsonType.label" : "String" 913 } 914 }, { 915 "id" : "5a864475-3ad8-4e95-8f20-536a6e1df159", 916 "name" : "phone number verified", 917 "protocol" : "openid-connect", 918 "protocolMapper" : "oidc-usermodel-attribute-mapper", 919 "consentRequired" : false, 920 "config" : { 921 "userinfo.token.claim" : "true", 922 "user.attribute" : "phoneNumberVerified", 923 "id.token.claim" : "true", 924 "access.token.claim" : "true", 925 "claim.name" : "phone_number_verified", 926 "jsonType.label" : "boolean" 927 } 928 } ] 929 }, { 930 "id" : "6412e99f-ad55-4e5c-b298-b4883a82207b", 931 "name" : "profile", 932 "description" : "OpenID Connect built-in scope: profile", 933 "protocol" : "openid-connect", 934 "attributes" : { 935 "include.in.token.scope" : "true", 936 "display.on.consent.screen" : "true", 937 "consent.screen.text" : "${profileScopeConsentText}" 938 }, 939 "protocolMappers" : [ { 940 "id" : "5804dfa5-b72b-4204-80d2-d6bfb83f76fe", 941 "name" : "username", 942 "protocol" : "openid-connect", 943 "protocolMapper" : "oidc-usermodel-property-mapper", 944 "consentRequired" : false, 945 "config" : { 946 "userinfo.token.claim" : "true", 947 "user.attribute" : "username", 948 "id.token.claim" : "true", 949 "access.token.claim" : "true", 950 "claim.name" : "preferred_username", 951 "jsonType.label" : "String" 952 } 953 }, { 954 "id" : "098106c8-d235-470a-b482-8447c2a1340e", 955 "name" : "full name", 956 "protocol" : "openid-connect", 957 "protocolMapper" : "oidc-full-name-mapper", 958 "consentRequired" : false, 959 "config" : { 960 "id.token.claim" : "true", 961 "access.token.claim" : "true", 962 "userinfo.token.claim" : "true" 963 } 964 }, { 965 "id" : "1fc223ba-b522-4680-8f2f-b99871d8b651", 966 "name" : "nickname", 967 "protocol" : "openid-connect", 968 "protocolMapper" : "oidc-usermodel-attribute-mapper", 969 "consentRequired" : false, 970 "config" : { 971 "userinfo.token.claim" : "true", 972 "user.attribute" : "nickname", 973 "id.token.claim" : "true", 974 "access.token.claim" : "true", 975 "claim.name" : "nickname", 976 "jsonType.label" : "String" 977 } 978 }, { 979 "id" : "6d53f3eb-3d25-43ba-9adf-93617eb9c6ab", 980 "name" : "zoneinfo", 981 "protocol" : "openid-connect", 982 "protocolMapper" : "oidc-usermodel-attribute-mapper", 983 "consentRequired" : false, 984 "config" : { 985 "userinfo.token.claim" : "true", 986 "user.attribute" : "zoneinfo", 987 "id.token.claim" : "true", 988 "access.token.claim" : "true", 989 "claim.name" : "zoneinfo", 990 "jsonType.label" : "String" 991 } 992 }, { 993 "id" : "f7797eb6-13a6-4245-a93d-ee8580a70675", 994 "name" : "website", 995 "protocol" : "openid-connect", 996 "protocolMapper" : "oidc-usermodel-attribute-mapper", 997 "consentRequired" : false, 998 "config" : { 999 "userinfo.token.claim" : "true", 1000 "user.attribute" : "website", 1001 "id.token.claim" : "true", 1002 "access.token.claim" : "true", 1003 "claim.name" : "website", 1004 "jsonType.label" : "String" 1005 } 1006 }, { 1007 "id" : "5512bd46-9570-4b5b-b18f-479c477f7f51", 1008 "name" : "gender", 1009 "protocol" : "openid-connect", 1010 "protocolMapper" : "oidc-usermodel-attribute-mapper", 1011 "consentRequired" : false, 1012 "config" : { 1013 "userinfo.token.claim" : "true", 1014 "user.attribute" : "gender", 1015 "id.token.claim" : "true", 1016 "access.token.claim" : "true", 1017 "claim.name" : "gender", 1018 "jsonType.label" : "String" 1019 } 1020 }, { 1021 "id" : "7e0a9d40-e1d1-483d-bc56-5ccb6e5ba1db", 1022 "name" : "middle name", 1023 "protocol" : "openid-connect", 1024 "protocolMapper" : "oidc-usermodel-attribute-mapper", 1025 "consentRequired" : false, 1026 "config" : { 1027 "userinfo.token.claim" : "true", 1028 "user.attribute" : "middleName", 1029 "id.token.claim" : "true", 1030 "access.token.claim" : "true", 1031 "claim.name" : "middle_name", 1032 "jsonType.label" : "String" 1033 } 1034 }, { 1035 "id" : "6b7ac0bc-a801-4d61-9020-dff2393b3e2f", 1036 "name" : "profile", 1037 "protocol" : "openid-connect", 1038 "protocolMapper" : "oidc-usermodel-attribute-mapper", 1039 "consentRequired" : false, 1040 "config" : { 1041 "userinfo.token.claim" : "true", 1042 "user.attribute" : "profile", 1043 "id.token.claim" : "true", 1044 "access.token.claim" : "true", 1045 "claim.name" : "profile", 1046 "jsonType.label" : "String" 1047 } 1048 }, { 1049 "id" : "21cb50d8-d4a0-4c34-8a21-a5d5a814c248", 1050 "name" : "locale", 1051 "protocol" : "openid-connect", 1052 "protocolMapper" : "oidc-usermodel-attribute-mapper", 1053 "consentRequired" : false, 1054 "config" : { 1055 "userinfo.token.claim" : "true", 1056 "user.attribute" : "locale", 1057 "id.token.claim" : "true", 1058 "access.token.claim" : "true", 1059 "claim.name" : "locale", 1060 "jsonType.label" : "String" 1061 } 1062 }, { 1063 "id" : "fa57dead-2ea3-459a-b95a-71ef8adfab1a", 1064 "name" : "family name", 1065 "protocol" : "openid-connect", 1066 "protocolMapper" : "oidc-usermodel-property-mapper", 1067 "consentRequired" : false, 1068 "config" : { 1069 "userinfo.token.claim" : "true", 1070 "user.attribute" : "lastName", 1071 "id.token.claim" : "true", 1072 "access.token.claim" : "true", 1073 "claim.name" : "family_name", 1074 "jsonType.label" : "String" 1075 } 1076 }, { 1077 "id" : "c7ceeaea-3c64-4846-9cb7-1781df7b5ad8", 1078 "name" : "given name", 1079 "protocol" : "openid-connect", 1080 "protocolMapper" : "oidc-usermodel-property-mapper", 1081 "consentRequired" : false, 1082 "config" : { 1083 "userinfo.token.claim" : "true", 1084 "user.attribute" : "firstName", 1085 "id.token.claim" : "true", 1086 "access.token.claim" : "true", 1087 "claim.name" : "given_name", 1088 "jsonType.label" : "String" 1089 } 1090 }, { 1091 "id" : "4ccaeb42-32f0-420b-9408-5fdb8c7c3aff", 1092 "name" : "birthdate", 1093 "protocol" : "openid-connect", 1094 "protocolMapper" : "oidc-usermodel-attribute-mapper", 1095 "consentRequired" : false, 1096 "config" : { 1097 "userinfo.token.claim" : "true", 1098 "user.attribute" : "birthdate", 1099 "id.token.claim" : "true", 1100 "access.token.claim" : "true", 1101 "claim.name" : "birthdate", 1102 "jsonType.label" : "String" 1103 } 1104 }, { 1105 "id" : "4eae9963-52fd-4b1d-9611-125f77371b0b", 1106 "name" : "picture", 1107 "protocol" : "openid-connect", 1108 "protocolMapper" : "oidc-usermodel-attribute-mapper", 1109 "consentRequired" : false, 1110 "config" : { 1111 "userinfo.token.claim" : "true", 1112 "user.attribute" : "picture", 1113 "id.token.claim" : "true", 1114 "access.token.claim" : "true", 1115 "claim.name" : "picture", 1116 "jsonType.label" : "String" 1117 } 1118 }, { 1119 "id" : "07000c6e-14e2-40b6-8aa0-c2b032ff98ae", 1120 "name" : "updated at", 1121 "protocol" : "openid-connect", 1122 "protocolMapper" : "oidc-usermodel-attribute-mapper", 1123 "consentRequired" : false, 1124 "config" : { 1125 "userinfo.token.claim" : "true", 1126 "user.attribute" : "updatedAt", 1127 "id.token.claim" : "true", 1128 "access.token.claim" : "true", 1129 "claim.name" : "updated_at", 1130 "jsonType.label" : "String" 1131 } 1132 } ] 1133 }, { 1134 "id" : "82b8263f-6e28-4301-8a15-0aeff9bc7cd1", 1135 "name" : "role_list", 1136 "description" : "SAML role list", 1137 "protocol" : "saml", 1138 "attributes" : { 1139 "consent.screen.text" : "${samlRoleListScopeConsentText}", 1140 "display.on.consent.screen" : "true" 1141 }, 1142 "protocolMappers" : [ { 1143 "id" : "8945e516-43b5-4137-8fa4-6d6a382dc75f", 1144 "name" : "role list", 1145 "protocol" : "saml", 1146 "protocolMapper" : "saml-role-list-mapper", 1147 "consentRequired" : false, 1148 "config" : { 1149 "single" : "false", 1150 "attribute.nameformat" : "Basic", 1151 "attribute.name" : "Role" 1152 } 1153 } ] 1154 }, { 1155 "id" : "497468e6-7fc4-49dc-9377-ce14dc73df4c", 1156 "name" : "roles", 1157 "description" : "OpenID Connect scope for add user roles to the access token", 1158 "protocol" : "openid-connect", 1159 "attributes" : { 1160 "include.in.token.scope" : "false", 1161 "display.on.consent.screen" : "true", 1162 "consent.screen.text" : "${rolesScopeConsentText}" 1163 }, 1164 "protocolMappers" : [ { 1165 "id" : "452ea040-f16d-4c2e-9660-57a8f7268d44", 1166 "name" : "audience resolve", 1167 "protocol" : "openid-connect", 1168 "protocolMapper" : "oidc-audience-resolve-mapper", 1169 "consentRequired" : false, 1170 "config" : { } 1171 }, { 1172 "id" : "e1cf8fda-5d90-49d8-b14d-dc14d1817ad6", 1173 "name" : "realm roles", 1174 "protocol" : "openid-connect", 1175 "protocolMapper" : "oidc-usermodel-realm-role-mapper", 1176 "consentRequired" : false, 1177 "config" : { 1178 "user.attribute" : "foo", 1179 "access.token.claim" : "true", 1180 "claim.name" : "realm_access.roles", 1181 "jsonType.label" : "String", 1182 "multivalued" : "true" 1183 } 1184 }, { 1185 "id" : "060321b7-cc01-4a40-a8c0-61054f2e9565", 1186 "name" : "client roles", 1187 "protocol" : "openid-connect", 1188 "protocolMapper" : "oidc-usermodel-client-role-mapper", 1189 "consentRequired" : false, 1190 "config" : { 1191 "user.attribute" : "foo", 1192 "access.token.claim" : "true", 1193 "claim.name" : "resource_access.${client_id}.roles", 1194 "jsonType.label" : "String", 1195 "multivalued" : "true" 1196 } 1197 } ] 1198 }, { 1199 "id" : "c911dee4-e0d3-469f-a180-9aab921cd7db", 1200 "name" : "web-origins", 1201 "description" : "OpenID Connect scope for add allowed web origins to the access token", 1202 "protocol" : "openid-connect", 1203 "attributes" : { 1204 "include.in.token.scope" : "false", 1205 "display.on.consent.screen" : "false", 1206 "consent.screen.text" : "" 1207 }, 1208 "protocolMappers" : [ { 1209 "id" : "9cd82ef2-2298-4e3b-b5c7-2741379c90e8", 1210 "name" : "allowed web origins", 1211 "protocol" : "openid-connect", 1212 "protocolMapper" : "oidc-allowed-origins-mapper", 1213 "consentRequired" : false, 1214 "config" : { } 1215 } ] 1216 } ], 1217 "defaultDefaultClientScopes" : [ "role_list", "profile", "email", "roles", "web-origins" ], 1218 "defaultOptionalClientScopes" : [ "offline_access", "address", "phone", "microprofile-jwt" ], 1219 "browserSecurityHeaders" : { 1220 "contentSecurityPolicyReportOnly" : "", 1221 "xContentTypeOptions" : "nosniff", 1222 "xRobotsTag" : "none", 1223 "xFrameOptions" : "SAMEORIGIN", 1224 "xXSSProtection" : "1; mode=block", 1225 "contentSecurityPolicy" : "frame-src 'self'; frame-ancestors 'self'; object-src 'none';", 1226 "strictTransportSecurity" : "max-age=31536000; includeSubDomains" 1227 }, 1228 "smtpServer" : { }, 1229 "eventsEnabled" : false, 1230 "eventsListeners" : [ "jboss-logging" ], 1231 "enabledEventTypes" : [ ], 1232 "adminEventsEnabled" : false, 1233 "adminEventsDetailsEnabled" : false, 1234 "components" : { 1235 "org.keycloak.services.clientregistration.policy.ClientRegistrationPolicy" : [ { 1236 "id" : "c8d92569-aba3-4c3c-977d-a35951b5b051", 1237 "name" : "Trusted Hosts", 1238 "providerId" : "trusted-hosts", 1239 "subType" : "anonymous", 1240 "subComponents" : { }, 1241 "config" : { 1242 "host-sending-registration-request-must-match" : [ "true" ], 1243 "client-uris-must-match" : [ "true" ] 1244 } 1245 }, { 1246 "id" : "afc06a86-b2fc-4575-a9d6-636797100557", 1247 "name" : "Max Clients Limit", 1248 "providerId" : "max-clients", 1249 "subType" : "anonymous", 1250 "subComponents" : { }, 1251 "config" : { 1252 "max-clients" : [ "200" ] 1253 } 1254 }, { 1255 "id" : "232ecdbb-d581-49f4-8935-f2dd29fd4906", 1256 "name" : "Allowed Client Scopes", 1257 "providerId" : "allowed-client-templates", 1258 "subType" : "authenticated", 1259 "subComponents" : { }, 1260 "config" : { 1261 "allow-default-scopes" : [ "true" ] 1262 } 1263 }, { 1264 "id" : "ff7e9d75-6932-4c48-847f-c4cd9b704e6a", 1265 "name" : "Consent Required", 1266 "providerId" : "consent-required", 1267 "subType" : "anonymous", 1268 "subComponents" : { }, 1269 "config" : { } 1270 }, { 1271 "id" : "9e4e98cc-e3ad-4e8f-8b29-4905c5fd5afc", 1272 "name" : "Allowed Client Scopes", 1273 "providerId" : "allowed-client-templates", 1274 "subType" : "anonymous", 1275 "subComponents" : { }, 1276 "config" : { 1277 "allow-default-scopes" : [ "true" ] 1278 } 1279 }, { 1280 "id" : "5e7e8083-346d-47da-b20b-ab5845177cd2", 1281 "name" : "Full Scope Disabled", 1282 "providerId" : "scope", 1283 "subType" : "anonymous", 1284 "subComponents" : { }, 1285 "config" : { } 1286 }, { 1287 "id" : "ccb37107-02f0-4346-8947-bf2f514c2cc1", 1288 "name" : "Allowed Protocol Mapper Types", 1289 "providerId" : "allowed-protocol-mappers", 1290 "subType" : "anonymous", 1291 "subComponents" : { }, 1292 "config" : { 1293 "allowed-protocol-mapper-types" : [ "oidc-usermodel-attribute-mapper", "oidc-usermodel-property-mapper", "saml-user-attribute-mapper", "saml-user-property-mapper", "oidc-full-name-mapper", "oidc-sha256-pairwise-sub-mapper", "oidc-address-mapper", "saml-role-list-mapper" ] 1294 } 1295 }, { 1296 "id" : "ea1b47d2-28ca-4b32-869b-bb27c0a6c01e", 1297 "name" : "Allowed Protocol Mapper Types", 1298 "providerId" : "allowed-protocol-mappers", 1299 "subType" : "authenticated", 1300 "subComponents" : { }, 1301 "config" : { 1302 "allowed-protocol-mapper-types" : [ "saml-user-property-mapper", "saml-user-attribute-mapper", "oidc-sha256-pairwise-sub-mapper", "saml-role-list-mapper", "oidc-usermodel-property-mapper", "oidc-full-name-mapper", "oidc-usermodel-attribute-mapper", "oidc-address-mapper" ] 1303 } 1304 } ], 1305 "org.keycloak.storage.UserStorageProvider" : [ { 1306 "id" : "0d94859b-cd61-4314-9669-fbcac2322dfd", 1307 "name" : "ldap", 1308 "providerId" : "ldap", 1309 "subComponents" : { 1310 "org.keycloak.storage.ldap.mappers.LDAPStorageMapper" : [ { 1311 "id" : "be8717de-8a53-4def-8a9c-fecac293726b", 1312 "name" : "last name", 1313 "providerId" : "user-attribute-ldap-mapper", 1314 "subComponents" : { }, 1315 "config" : { 1316 "ldap.attribute" : [ "sn" ], 1317 "is.mandatory.in.ldap" : [ "true" ], 1318 "always.read.value.from.ldap" : [ "true" ], 1319 "read.only" : [ "true" ], 1320 "user.model.attribute" : [ "lastName" ] 1321 } 1322 }, { 1323 "id" : "bc253cfb-58f4-4567-9947-ffd9547cb0d5", 1324 "name" : "username", 1325 "providerId" : "user-attribute-ldap-mapper", 1326 "subComponents" : { }, 1327 "config" : { 1328 "ldap.attribute" : [ "uid" ], 1329 "is.mandatory.in.ldap" : [ "true" ], 1330 "always.read.value.from.ldap" : [ "false" ], 1331 "read.only" : [ "true" ], 1332 "user.model.attribute" : [ "username" ] 1333 } 1334 }, { 1335 "id" : "1d123084-39d5-41da-9bef-824d5ba01985", 1336 "name" : "creation date", 1337 "providerId" : "user-attribute-ldap-mapper", 1338 "subComponents" : { }, 1339 "config" : { 1340 "ldap.attribute" : [ "createTimestamp" ], 1341 "is.mandatory.in.ldap" : [ "false" ], 1342 "read.only" : [ "true" ], 1343 "always.read.value.from.ldap" : [ "true" ], 1344 "user.model.attribute" : [ "createTimestamp" ] 1345 } 1346 }, { 1347 "id" : "6d433563-823f-4361-b575-59c74f2ef92e", 1348 "name" : "modify date", 1349 "providerId" : "user-attribute-ldap-mapper", 1350 "subComponents" : { }, 1351 "config" : { 1352 "ldap.attribute" : [ "modifyTimestamp" ], 1353 "is.mandatory.in.ldap" : [ "false" ], 1354 "always.read.value.from.ldap" : [ "true" ], 1355 "read.only" : [ "true" ], 1356 "user.model.attribute" : [ "modifyTimestamp" ] 1357 } 1358 }, { 1359 "id" : "6137c2fb-5672-4389-ae2c-4ef545b746e5", 1360 "name" : "first name", 1361 "providerId" : "user-attribute-ldap-mapper", 1362 "subComponents" : { }, 1363 "config" : { 1364 "ldap.attribute" : [ "cn" ], 1365 "is.mandatory.in.ldap" : [ "true" ], 1366 "read.only" : [ "true" ], 1367 "always.read.value.from.ldap" : [ "true" ], 1368 "user.model.attribute" : [ "firstName" ] 1369 } 1370 }, { 1371 "id" : "faa4cd32-50d3-45c8-a553-60d55878b7e6", 1372 "name" : "email", 1373 "providerId" : "user-attribute-ldap-mapper", 1374 "subComponents" : { }, 1375 "config" : { 1376 "ldap.attribute" : [ "mail" ], 1377 "is.mandatory.in.ldap" : [ "false" ], 1378 "always.read.value.from.ldap" : [ "false" ], 1379 "read.only" : [ "true" ], 1380 "user.model.attribute" : [ "email" ] 1381 } 1382 } ] 1383 }, 1384 "config" : { 1385 "pagination" : [ "true" ], 1386 "fullSyncPeriod" : [ "-1" ], 1387 "usersDn" : [ "ou=testusers,dc=mm,dc=test,dc=com" ], 1388 "connectionPooling" : [ "true" ], 1389 "cachePolicy" : [ "DEFAULT" ], 1390 "useKerberosForPasswordAuthentication" : [ "false" ], 1391 "importEnabled" : [ "true" ], 1392 "enabled" : [ "true" ], 1393 "bindDn" : [ "cn=admin,dc=mm,dc=test,dc=com" ], 1394 "changedSyncPeriod" : [ "-1" ], 1395 "usernameLDAPAttribute" : [ "uid" ], 1396 "bindCredential" : [ "mostest" ], 1397 "lastSync" : [ "1518169262" ], 1398 "vendor" : [ "other" ], 1399 "uuidLDAPAttribute" : [ "entryUUID" ], 1400 "connectionUrl" : [ "ldap://mattermost-openldap:389" ], 1401 "allowKerberosAuthentication" : [ "false" ], 1402 "syncRegistrations" : [ "false" ], 1403 "authType" : [ "simple" ], 1404 "debug" : [ "false" ], 1405 "searchScope" : [ "1" ], 1406 "useTruststoreSpi" : [ "ldapsOnly" ], 1407 "priority" : [ "0" ], 1408 "userObjectClasses" : [ "inetOrgPerson, organizationalPerson" ], 1409 "rdnLDAPAttribute" : [ "uid" ], 1410 "validatePasswordPolicy" : [ "false" ], 1411 "batchSizeForSync" : [ "1000" ] 1412 } 1413 } ], 1414 "org.keycloak.keys.KeyProvider" : [ { 1415 "id" : "284d2d18-f974-4b0f-b4f5-0155701257d4", 1416 "name" : "aes-generated", 1417 "providerId" : "aes-generated", 1418 "subComponents" : { }, 1419 "config" : { 1420 "kid" : [ "6a9f1872-bb81-4651-bc9e-71abb132734d" ], 1421 "secret" : [ "DiUoJ0cgUAxUuQZfbxl6-A" ], 1422 "priority" : [ "100" ] 1423 } 1424 }, { 1425 "id" : "a6a66d52-a384-44c5-a0f8-dd57900fae8d", 1426 "name" : "rsa-generated", 1427 "providerId" : "rsa-generated", 1428 "subComponents" : { }, 1429 "config" : { 1430 "privateKey" : [ "MIIEowIBAAKCAQEAthewnvlKBr2kgbbqOGRDwEowz5drjCuAA3Iw3/SwWlRghLvWbNslSG+ORdu0axDEDsaYdpqQZykEGo5ZCItvAAQsU4FrzocPsPA/muoNsqYY0vIQeYwHIJMNo5ByCgX8jJ46sWUYt95Pu6AYWgyqLMgr04Shv0G6gtvd/3JLwWVCWixKCZ+LNHkKBNKEHpF4NEp34ceyagKrb6zl7bAAm+b2xhi52SHYvUsXCwwAu5h74lNnOxkCgBlS6OGi2JSZ6/G8u8iBBr2Jp4w8d/d1fF5bio3PwyLMhD/TOC5krc0UTHfNQ5mQjoNM8fAF1XKmQrBESzr35b19WzDO/0Lb3wIDAQABAoIBABElW+ksOg82bjYUnitfLY3+rmftrx/MvMoWR4nfBXgL9+antUIcxH70miXz0SI/uuZVRufsF+rOzucdPj7yuin7Op1GU3tn9k9H4AVbQpzuzOmYB3sad1VW43LiWAqfk689+vLXPSObGFDne0OHa8K5un65P229560IvPefsIhuMoM0T7JLvtLPIBgWrY/UXj/lFZP9f4y5E6SZ7ojQFvXJXhqa0IKaVl4rdyWjK7vgXGIH2AOR1sPiQzkymdz3cJX2Q4axi0qX+PZF2IazL8kDeK3MDvDW7TrzrighyCd8SsmEWVVuFAxkDLTh6XLJrHt4epogOzRbo+DDqTi5+JECgYEA855gd/gu5k5Khw4/EsqJypjTITeCFsLjHpQjgiR+zMafgxcXnbqoSNjH/cxfqMgQl32/u/KcOI6swZK7AWBBff7Ez5tw2n6SsLjNjpYfrVS7OURN3vrqKLziUXk9kFM8OK49nggf/mdGuux91IBGgBxHKN8Jspcu6q4uVchkIecCgYEAv1jSYRS9jRsI7kY8Qc6+Xzt/vYBz1zcW6AMWw0sjBjSYuWuDPdQZhuk07c5x4G7RhCIGyUz5T53/dZsa7fww3JAsfb4awIlxQ8lAPkRBdsETxtTs5lUQ77M/wg3t9IjYCKLzaxp6TDuPU+Fpd56i3bZc6F8sXKNbfvQ3SJ69J0kCgYEA5DueOQbEOXNjkv+fy6UATlO6iMYOE/DlAoLaeVRjjskOK6v4rgZvHkAprPZJMECuep6OgDAcd0gDRR6IIBPjh3ylObJwmeI232Vi/pBagPJ+rHn3Uk1UDnJWvOmO6aVxJ9DlXSZTgu2ScBCbGfhLFD5p1DqQRUYp6Cbite8VEEUCgYBaqW8k6HrXfNPCcizi0V6KKNrhoxdABa4oyC3k4pj5u7oRQMuyY+ikb6LQelyihl9nR+gHQR1vh+EejBs6X5+XIgiym3x5daXhBF4YIqcR6XHBZ+nHSM75g+jVvVvd3WjezrafLLB9pkrG56rdLqDkhB+JSm7uhcg4YuY+1lexYQKBgG1+WvqYPiHGAtgR5fUD/DaT+8aXcUoX3uFym3WDPHnrqOM0WW10iYs3Le/rKX+G+FrMR1rTik90Ij1EJKgjPiQ15XHra+mIgPEbPtVjUh0YiJw7vvl1SYwlrkvN0/4pL4ZNFEDDc5P+fMNH0qo4Mq0i6R1CBLMkYDBLden2X3j/" ], 1431 "certificate" : [ "MIICmzCCAYMCBgFyzt0uTDANBgkqhkiG9w0BAQsFADARMQ8wDQYDVQQDDAZtYXN0ZXIwHhcNMjAwNjE5MjMxMzIxWhcNMzAwNjE5MjMxNTAxWjARMQ8wDQYDVQQDDAZtYXN0ZXIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2F7Ce+UoGvaSBtuo4ZEPASjDPl2uMK4ADcjDf9LBaVGCEu9Zs2yVIb45F27RrEMQOxph2mpBnKQQajlkIi28ABCxTgWvOhw+w8D+a6g2yphjS8hB5jAcgkw2jkHIKBfyMnjqxZRi33k+7oBhaDKosyCvThKG/QbqC293/ckvBZUJaLEoJn4s0eQoE0oQekXg0Snfhx7JqAqtvrOXtsACb5vbGGLnZIdi9SxcLDAC7mHviU2c7GQKAGVLo4aLYlJnr8by7yIEGvYmnjDx393V8XluKjc/DIsyEP9M4LmStzRRMd81DmZCOg0zx8AXVcqZCsERLOvflvX1bMM7/QtvfAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAHCyf7wTY8ZrPcqWuBj6JfD9iw+45dT4ZOAIlPXL5+wwYzdA7kkSfF7GCXLyYD0U6QEB2SA0RFPXU25WfIVMbDP1OyM4oCbzEqQvAeWkTxe0P+ZWgEUfVN9jgv4N9l/oUXiHkvyZi9K1KM8oLK3j1/YSAqBx60P6iS69a49Pry4eb6ab5mZyU/Tp7Ll7wTpdFW1o/pY9GCcX8cEBhfp+Jm2sVGczIF0s/aJ69rtcK1f8wmXOgY2VKx0eQ00wSOtkHvcPPWAmZzlkpYzdPSmMjluWVusA1T4QPOj44dxB+xI62i25BKUlQpWMmKaZX4Zb6QTUAyvDZusySnwMbr20ijE=" ], 1432 "priority" : [ "100" ] 1433 } 1434 }, { 1435 "id" : "c72c3e08-b8cd-4b7d-b4f3-45b9f58874e5", 1436 "name" : "hmac-generated", 1437 "providerId" : "hmac-generated", 1438 "subComponents" : { }, 1439 "config" : { 1440 "kid" : [ "1505fd02-fdc4-439d-a1ef-493a6be548f1" ], 1441 "secret" : [ "J2XMixVTpZh87FyTpu3NRBriVQplri-1mKrGg2tPolH0r-os-wpQt9HMAWC3oQRCFOH7QicxjubQN2OHt8-lWA" ], 1442 "priority" : [ "100" ], 1443 "algorithm" : [ "HS256" ] 1444 } 1445 } ] 1446 }, 1447 "internationalizationEnabled" : false, 1448 "supportedLocales" : [ ], 1449 "authenticationFlows" : [ { 1450 "id" : "cb3e226a-5d7d-4e81-808e-4e4cf0ecde9e", 1451 "alias" : "Account verification options", 1452 "description" : "Method with which to verity the existing account", 1453 "providerId" : "basic-flow", 1454 "topLevel" : false, 1455 "builtIn" : true, 1456 "authenticationExecutions" : [ { 1457 "authenticator" : "idp-email-verification", 1458 "requirement" : "ALTERNATIVE", 1459 "priority" : 10, 1460 "userSetupAllowed" : false, 1461 "autheticatorFlow" : false 1462 }, { 1463 "requirement" : "ALTERNATIVE", 1464 "priority" : 20, 1465 "flowAlias" : "Verify Existing Account by Re-authentication", 1466 "userSetupAllowed" : false, 1467 "autheticatorFlow" : true 1468 } ] 1469 }, { 1470 "id" : "41a1248f-a43b-48b1-b75a-ddaed38e191c", 1471 "alias" : "Authentication Options", 1472 "description" : "Authentication options.", 1473 "providerId" : "basic-flow", 1474 "topLevel" : false, 1475 "builtIn" : true, 1476 "authenticationExecutions" : [ { 1477 "authenticator" : "basic-auth", 1478 "requirement" : "REQUIRED", 1479 "priority" : 10, 1480 "userSetupAllowed" : false, 1481 "autheticatorFlow" : false 1482 }, { 1483 "authenticator" : "basic-auth-otp", 1484 "requirement" : "DISABLED", 1485 "priority" : 20, 1486 "userSetupAllowed" : false, 1487 "autheticatorFlow" : false 1488 }, { 1489 "authenticator" : "auth-spnego", 1490 "requirement" : "DISABLED", 1491 "priority" : 30, 1492 "userSetupAllowed" : false, 1493 "autheticatorFlow" : false 1494 } ] 1495 }, { 1496 "id" : "f4424450-7c5a-4af4-b78d-37e2aba0d3b1", 1497 "alias" : "Browser - Conditional OTP", 1498 "description" : "Flow to determine if the OTP is required for the authentication", 1499 "providerId" : "basic-flow", 1500 "topLevel" : false, 1501 "builtIn" : true, 1502 "authenticationExecutions" : [ { 1503 "authenticator" : "conditional-user-configured", 1504 "requirement" : "REQUIRED", 1505 "priority" : 10, 1506 "userSetupAllowed" : false, 1507 "autheticatorFlow" : false 1508 }, { 1509 "authenticator" : "auth-otp-form", 1510 "requirement" : "REQUIRED", 1511 "priority" : 20, 1512 "userSetupAllowed" : false, 1513 "autheticatorFlow" : false 1514 } ] 1515 }, { 1516 "id" : "e1062ec1-2fae-47e1-8e03-375ba2eacd43", 1517 "alias" : "Direct Grant - Conditional OTP", 1518 "description" : "Flow to determine if the OTP is required for the authentication", 1519 "providerId" : "basic-flow", 1520 "topLevel" : false, 1521 "builtIn" : true, 1522 "authenticationExecutions" : [ { 1523 "authenticator" : "conditional-user-configured", 1524 "requirement" : "REQUIRED", 1525 "priority" : 10, 1526 "userSetupAllowed" : false, 1527 "autheticatorFlow" : false 1528 }, { 1529 "authenticator" : "direct-grant-validate-otp", 1530 "requirement" : "REQUIRED", 1531 "priority" : 20, 1532 "userSetupAllowed" : false, 1533 "autheticatorFlow" : false 1534 } ] 1535 }, { 1536 "id" : "0c3a1bd6-5a42-4765-a458-f33dd1383dfa", 1537 "alias" : "First broker login - Conditional OTP", 1538 "description" : "Flow to determine if the OTP is required for the authentication", 1539 "providerId" : "basic-flow", 1540 "topLevel" : false, 1541 "builtIn" : true, 1542 "authenticationExecutions" : [ { 1543 "authenticator" : "conditional-user-configured", 1544 "requirement" : "REQUIRED", 1545 "priority" : 10, 1546 "userSetupAllowed" : false, 1547 "autheticatorFlow" : false 1548 }, { 1549 "authenticator" : "auth-otp-form", 1550 "requirement" : "REQUIRED", 1551 "priority" : 20, 1552 "userSetupAllowed" : false, 1553 "autheticatorFlow" : false 1554 } ] 1555 }, { 1556 "id" : "fcb1e54b-403a-4f15-a068-d5ca926389b4", 1557 "alias" : "Handle Existing Account", 1558 "description" : "Handle what to do if there is existing account with same email/username like authenticated identity provider", 1559 "providerId" : "basic-flow", 1560 "topLevel" : false, 1561 "builtIn" : true, 1562 "authenticationExecutions" : [ { 1563 "authenticator" : "idp-confirm-link", 1564 "requirement" : "REQUIRED", 1565 "priority" : 10, 1566 "userSetupAllowed" : false, 1567 "autheticatorFlow" : false 1568 }, { 1569 "requirement" : "REQUIRED", 1570 "priority" : 20, 1571 "flowAlias" : "Account verification options", 1572 "userSetupAllowed" : false, 1573 "autheticatorFlow" : true 1574 } ] 1575 }, { 1576 "id" : "06a646f8-ffa1-4fb2-89e9-0ca6e8f19869", 1577 "alias" : "Reset - Conditional OTP", 1578 "description" : "Flow to determine if the OTP should be reset or not. Set to REQUIRED to force.", 1579 "providerId" : "basic-flow", 1580 "topLevel" : false, 1581 "builtIn" : true, 1582 "authenticationExecutions" : [ { 1583 "authenticator" : "conditional-user-configured", 1584 "requirement" : "REQUIRED", 1585 "priority" : 10, 1586 "userSetupAllowed" : false, 1587 "autheticatorFlow" : false 1588 }, { 1589 "authenticator" : "reset-otp", 1590 "requirement" : "REQUIRED", 1591 "priority" : 20, 1592 "userSetupAllowed" : false, 1593 "autheticatorFlow" : false 1594 } ] 1595 }, { 1596 "id" : "b239d54c-319f-4018-a702-ae1bd13653a0", 1597 "alias" : "User creation or linking", 1598 "description" : "Flow for the existing/non-existing user alternatives", 1599 "providerId" : "basic-flow", 1600 "topLevel" : false, 1601 "builtIn" : true, 1602 "authenticationExecutions" : [ { 1603 "authenticatorConfig" : "create unique user config", 1604 "authenticator" : "idp-create-user-if-unique", 1605 "requirement" : "ALTERNATIVE", 1606 "priority" : 10, 1607 "userSetupAllowed" : false, 1608 "autheticatorFlow" : false 1609 }, { 1610 "requirement" : "ALTERNATIVE", 1611 "priority" : 20, 1612 "flowAlias" : "Handle Existing Account", 1613 "userSetupAllowed" : false, 1614 "autheticatorFlow" : true 1615 } ] 1616 }, { 1617 "id" : "46cf3d95-06f6-43b9-8bad-1fa4ae654e73", 1618 "alias" : "Verify Existing Account by Re-authentication", 1619 "description" : "Reauthentication of existing account", 1620 "providerId" : "basic-flow", 1621 "topLevel" : false, 1622 "builtIn" : true, 1623 "authenticationExecutions" : [ { 1624 "authenticator" : "idp-username-password-form", 1625 "requirement" : "REQUIRED", 1626 "priority" : 10, 1627 "userSetupAllowed" : false, 1628 "autheticatorFlow" : false 1629 }, { 1630 "requirement" : "CONDITIONAL", 1631 "priority" : 20, 1632 "flowAlias" : "First broker login - Conditional OTP", 1633 "userSetupAllowed" : false, 1634 "autheticatorFlow" : true 1635 } ] 1636 }, { 1637 "id" : "b7479f88-1610-4fe7-9645-9315bb74f6c1", 1638 "alias" : "browser", 1639 "description" : "browser based authentication", 1640 "providerId" : "basic-flow", 1641 "topLevel" : true, 1642 "builtIn" : true, 1643 "authenticationExecutions" : [ { 1644 "authenticator" : "auth-cookie", 1645 "requirement" : "ALTERNATIVE", 1646 "priority" : 10, 1647 "userSetupAllowed" : false, 1648 "autheticatorFlow" : false 1649 }, { 1650 "authenticator" : "auth-spnego", 1651 "requirement" : "DISABLED", 1652 "priority" : 20, 1653 "userSetupAllowed" : false, 1654 "autheticatorFlow" : false 1655 }, { 1656 "authenticator" : "identity-provider-redirector", 1657 "requirement" : "ALTERNATIVE", 1658 "priority" : 25, 1659 "userSetupAllowed" : false, 1660 "autheticatorFlow" : false 1661 }, { 1662 "requirement" : "ALTERNATIVE", 1663 "priority" : 30, 1664 "flowAlias" : "forms", 1665 "userSetupAllowed" : false, 1666 "autheticatorFlow" : true 1667 } ] 1668 }, { 1669 "id" : "10d69204-6f7a-4571-aa01-19037b107d58", 1670 "alias" : "clients", 1671 "description" : "Base authentication for clients", 1672 "providerId" : "client-flow", 1673 "topLevel" : true, 1674 "builtIn" : true, 1675 "authenticationExecutions" : [ { 1676 "authenticator" : "client-secret", 1677 "requirement" : "ALTERNATIVE", 1678 "priority" : 10, 1679 "userSetupAllowed" : false, 1680 "autheticatorFlow" : false 1681 }, { 1682 "authenticator" : "client-jwt", 1683 "requirement" : "ALTERNATIVE", 1684 "priority" : 20, 1685 "userSetupAllowed" : false, 1686 "autheticatorFlow" : false 1687 }, { 1688 "authenticator" : "client-secret-jwt", 1689 "requirement" : "ALTERNATIVE", 1690 "priority" : 30, 1691 "userSetupAllowed" : false, 1692 "autheticatorFlow" : false 1693 }, { 1694 "authenticator" : "client-x509", 1695 "requirement" : "ALTERNATIVE", 1696 "priority" : 40, 1697 "userSetupAllowed" : false, 1698 "autheticatorFlow" : false 1699 } ] 1700 }, { 1701 "id" : "e48be033-0deb-435d-a65b-2783e4e41b11", 1702 "alias" : "direct grant", 1703 "description" : "OpenID Connect Resource Owner Grant", 1704 "providerId" : "basic-flow", 1705 "topLevel" : true, 1706 "builtIn" : true, 1707 "authenticationExecutions" : [ { 1708 "authenticator" : "direct-grant-validate-username", 1709 "requirement" : "REQUIRED", 1710 "priority" : 10, 1711 "userSetupAllowed" : false, 1712 "autheticatorFlow" : false 1713 }, { 1714 "authenticator" : "direct-grant-validate-password", 1715 "requirement" : "REQUIRED", 1716 "priority" : 20, 1717 "userSetupAllowed" : false, 1718 "autheticatorFlow" : false 1719 }, { 1720 "requirement" : "CONDITIONAL", 1721 "priority" : 30, 1722 "flowAlias" : "Direct Grant - Conditional OTP", 1723 "userSetupAllowed" : false, 1724 "autheticatorFlow" : true 1725 } ] 1726 }, { 1727 "id" : "66e56029-4089-4a7b-a94a-80f3a068ef91", 1728 "alias" : "docker auth", 1729 "description" : "Used by Docker clients to authenticate against the IDP", 1730 "providerId" : "basic-flow", 1731 "topLevel" : true, 1732 "builtIn" : true, 1733 "authenticationExecutions" : [ { 1734 "authenticator" : "docker-http-basic-authenticator", 1735 "requirement" : "REQUIRED", 1736 "priority" : 10, 1737 "userSetupAllowed" : false, 1738 "autheticatorFlow" : false 1739 } ] 1740 }, { 1741 "id" : "72a99b6b-160c-4677-bf0f-37eceeafe4d5", 1742 "alias" : "first broker login", 1743 "description" : "Actions taken after first broker login with identity provider account, which is not yet linked to any Keycloak account", 1744 "providerId" : "basic-flow", 1745 "topLevel" : true, 1746 "builtIn" : true, 1747 "authenticationExecutions" : [ { 1748 "authenticatorConfig" : "review profile config", 1749 "authenticator" : "idp-review-profile", 1750 "requirement" : "REQUIRED", 1751 "priority" : 10, 1752 "userSetupAllowed" : false, 1753 "autheticatorFlow" : false 1754 }, { 1755 "requirement" : "REQUIRED", 1756 "priority" : 20, 1757 "flowAlias" : "User creation or linking", 1758 "userSetupAllowed" : false, 1759 "autheticatorFlow" : true 1760 } ] 1761 }, { 1762 "id" : "ee07e243-f09a-4913-9ec8-8cd33037ec0b", 1763 "alias" : "forms", 1764 "description" : "Username, password, otp and other auth forms.", 1765 "providerId" : "basic-flow", 1766 "topLevel" : false, 1767 "builtIn" : true, 1768 "authenticationExecutions" : [ { 1769 "authenticator" : "auth-username-password-form", 1770 "requirement" : "REQUIRED", 1771 "priority" : 10, 1772 "userSetupAllowed" : false, 1773 "autheticatorFlow" : false 1774 }, { 1775 "requirement" : "CONDITIONAL", 1776 "priority" : 20, 1777 "flowAlias" : "Browser - Conditional OTP", 1778 "userSetupAllowed" : false, 1779 "autheticatorFlow" : true 1780 } ] 1781 }, { 1782 "id" : "14b48d37-31ef-45c2-88fd-46aafec1dd53", 1783 "alias" : "http challenge", 1784 "description" : "An authentication flow based on challenge-response HTTP Authentication Schemes", 1785 "providerId" : "basic-flow", 1786 "topLevel" : true, 1787 "builtIn" : true, 1788 "authenticationExecutions" : [ { 1789 "authenticator" : "no-cookie-redirect", 1790 "requirement" : "REQUIRED", 1791 "priority" : 10, 1792 "userSetupAllowed" : false, 1793 "autheticatorFlow" : false 1794 }, { 1795 "requirement" : "REQUIRED", 1796 "priority" : 20, 1797 "flowAlias" : "Authentication Options", 1798 "userSetupAllowed" : false, 1799 "autheticatorFlow" : true 1800 } ] 1801 }, { 1802 "id" : "899ded70-7ac9-4883-b9d5-146581ec9cbf", 1803 "alias" : "registration", 1804 "description" : "registration flow", 1805 "providerId" : "basic-flow", 1806 "topLevel" : true, 1807 "builtIn" : true, 1808 "authenticationExecutions" : [ { 1809 "authenticator" : "registration-page-form", 1810 "requirement" : "REQUIRED", 1811 "priority" : 10, 1812 "flowAlias" : "registration form", 1813 "userSetupAllowed" : false, 1814 "autheticatorFlow" : true 1815 } ] 1816 }, { 1817 "id" : "5ee4cf5f-19db-4f80-98f3-0879169152c6", 1818 "alias" : "registration form", 1819 "description" : "registration form", 1820 "providerId" : "form-flow", 1821 "topLevel" : false, 1822 "builtIn" : true, 1823 "authenticationExecutions" : [ { 1824 "authenticator" : "registration-user-creation", 1825 "requirement" : "REQUIRED", 1826 "priority" : 20, 1827 "userSetupAllowed" : false, 1828 "autheticatorFlow" : false 1829 }, { 1830 "authenticator" : "registration-profile-action", 1831 "requirement" : "REQUIRED", 1832 "priority" : 40, 1833 "userSetupAllowed" : false, 1834 "autheticatorFlow" : false 1835 }, { 1836 "authenticator" : "registration-password-action", 1837 "requirement" : "REQUIRED", 1838 "priority" : 50, 1839 "userSetupAllowed" : false, 1840 "autheticatorFlow" : false 1841 }, { 1842 "authenticator" : "registration-recaptcha-action", 1843 "requirement" : "DISABLED", 1844 "priority" : 60, 1845 "userSetupAllowed" : false, 1846 "autheticatorFlow" : false 1847 } ] 1848 }, { 1849 "id" : "da5e8e7f-0c0b-4e33-a182-67a4866ee147", 1850 "alias" : "reset credentials", 1851 "description" : "Reset credentials for a user if they forgot their password or something", 1852 "providerId" : "basic-flow", 1853 "topLevel" : true, 1854 "builtIn" : true, 1855 "authenticationExecutions" : [ { 1856 "authenticator" : "reset-credentials-choose-user", 1857 "requirement" : "REQUIRED", 1858 "priority" : 10, 1859 "userSetupAllowed" : false, 1860 "autheticatorFlow" : false 1861 }, { 1862 "authenticator" : "reset-credential-email", 1863 "requirement" : "REQUIRED", 1864 "priority" : 20, 1865 "userSetupAllowed" : false, 1866 "autheticatorFlow" : false 1867 }, { 1868 "authenticator" : "reset-password", 1869 "requirement" : "REQUIRED", 1870 "priority" : 30, 1871 "userSetupAllowed" : false, 1872 "autheticatorFlow" : false 1873 }, { 1874 "requirement" : "CONDITIONAL", 1875 "priority" : 40, 1876 "flowAlias" : "Reset - Conditional OTP", 1877 "userSetupAllowed" : false, 1878 "autheticatorFlow" : true 1879 } ] 1880 }, { 1881 "id" : "7db42ea8-5e7d-4e86-8898-3ba577ae27f7", 1882 "alias" : "saml ecp", 1883 "description" : "SAML ECP Profile Authentication Flow", 1884 "providerId" : "basic-flow", 1885 "topLevel" : true, 1886 "builtIn" : true, 1887 "authenticationExecutions" : [ { 1888 "authenticator" : "http-basic-authenticator", 1889 "requirement" : "REQUIRED", 1890 "priority" : 10, 1891 "userSetupAllowed" : false, 1892 "autheticatorFlow" : false 1893 } ] 1894 } ], 1895 "authenticatorConfig" : [ { 1896 "id" : "29be9f9a-ad39-482d-8a9c-5e0021863588", 1897 "alias" : "create unique user config", 1898 "config" : { 1899 "require.password.update.after.registration" : "false" 1900 } 1901 }, { 1902 "id" : "bcefb4dc-8784-4bb0-9138-7f18deb9b184", 1903 "alias" : "review profile config", 1904 "config" : { 1905 "update.profile.on.first.login" : "missing" 1906 } 1907 } ], 1908 "requiredActions" : [ { 1909 "alias" : "CONFIGURE_TOTP", 1910 "name" : "Configure OTP", 1911 "providerId" : "CONFIGURE_TOTP", 1912 "enabled" : true, 1913 "defaultAction" : false, 1914 "priority" : 10, 1915 "config" : { } 1916 }, { 1917 "alias" : "terms_and_conditions", 1918 "name" : "Terms and Conditions", 1919 "providerId" : "terms_and_conditions", 1920 "enabled" : false, 1921 "defaultAction" : false, 1922 "priority" : 20, 1923 "config" : { } 1924 }, { 1925 "alias" : "UPDATE_PASSWORD", 1926 "name" : "Update Password", 1927 "providerId" : "UPDATE_PASSWORD", 1928 "enabled" : true, 1929 "defaultAction" : false, 1930 "priority" : 30, 1931 "config" : { } 1932 }, { 1933 "alias" : "UPDATE_PROFILE", 1934 "name" : "Update Profile", 1935 "providerId" : "UPDATE_PROFILE", 1936 "enabled" : true, 1937 "defaultAction" : false, 1938 "priority" : 40, 1939 "config" : { } 1940 }, { 1941 "alias" : "VERIFY_EMAIL", 1942 "name" : "Verify Email", 1943 "providerId" : "VERIFY_EMAIL", 1944 "enabled" : true, 1945 "defaultAction" : false, 1946 "priority" : 50, 1947 "config" : { } 1948 }, { 1949 "alias" : "update_user_locale", 1950 "name" : "Update User Locale", 1951 "providerId" : "update_user_locale", 1952 "enabled" : true, 1953 "defaultAction" : false, 1954 "priority" : 1000, 1955 "config" : { } 1956 } ], 1957 "browserFlow" : "browser", 1958 "registrationFlow" : "registration", 1959 "directGrantFlow" : "direct grant", 1960 "resetCredentialsFlow" : "reset credentials", 1961 "clientAuthenticationFlow" : "clients", 1962 "dockerAuthenticationFlow" : "docker auth", 1963 "attributes" : { }, 1964 "keycloakVersion" : "10.0.2", 1965 "userManagedAccessAllowed" : false 1966 }