{ "id" : "b452bc2b-8c3d-4132-b096-8cb983bfa0fa", "realm" : "mattermost", "notBefore" : 0, "defaultSignatureAlgorithm" : "RS256", "revokeRefreshToken" : false, "refreshTokenMaxReuse" : 0, "accessTokenLifespan" : 300, "accessTokenLifespanForImplicitFlow" : 900, "ssoSessionIdleTimeout" : 1800, "ssoSessionMaxLifespan" : 36000, "ssoSessionIdleTimeoutRememberMe" : 0, "ssoSessionMaxLifespanRememberMe" : 0, "offlineSessionIdleTimeout" : 2592000, "offlineSessionMaxLifespanEnabled" : false, "offlineSessionMaxLifespan" : 5184000, "clientSessionIdleTimeout" : 0, "clientSessionMaxLifespan" : 0, "clientOfflineSessionIdleTimeout" : 0, "clientOfflineSessionMaxLifespan" : 0, "accessCodeLifespan" : 60, "accessCodeLifespanUserAction" : 300, "accessCodeLifespanLogin" : 1800, "actionTokenGeneratedByAdminLifespan" : 43200, "actionTokenGeneratedByUserLifespan" : 300, "oauth2DeviceCodeLifespan" : 600, "oauth2DevicePollingInterval" : 5, "enabled" : true, "sslRequired" : "none", "registrationAllowed" : false, "registrationEmailAsUsername" : false, "rememberMe" : false, "verifyEmail" : false, "loginWithEmailAllowed" : true, "duplicateEmailsAllowed" : false, "resetPasswordAllowed" : false, "editUsernameAllowed" : false, "bruteForceProtected" : false, "permanentLockout" : false, "maxFailureWaitSeconds" : 900, "minimumQuickLoginWaitSeconds" : 60, "waitIncrementSeconds" : 60, "quickLoginCheckMilliSeconds" : 1000, "maxDeltaTimeSeconds" : 43200, "failureFactor" : 30, "roles" : { "realm" : [ { "id" : "9406d8de-208f-411e-beb2-56c399f04d7a", "name" : "offline_access", "description" : "${role_offline-access}", "composite" : false, "clientRole" : false, "containerId" : "b452bc2b-8c3d-4132-b096-8cb983bfa0fa", "attributes" : { } }, { "id" : "c4da0641-a06f-42af-87d7-4e8c060696c5", "name" : "uma_authorization", "description" : "${role_uma_authorization}", "composite" : false, "clientRole" : false, "containerId" : "b452bc2b-8c3d-4132-b096-8cb983bfa0fa", "attributes" : { } }, { "id" : "44215b4f-7373-48b2-9882-ff6ea744c2b9", "name" : "default-roles-mattermost", "description" : "${role_default-roles}", "composite" : true, "composites" : { "realm" : [ "offline_access", "uma_authorization" ], "client" : { "account" : [ "view-profile", "manage-account" ] } }, "clientRole" : false, "containerId" : "b452bc2b-8c3d-4132-b096-8cb983bfa0fa", "attributes" : { } } ], "client" : { "realm-management" : [ { "id" : "d4ababf1-bcef-4402-bb0a-95ae2ec3df27", "name" : "realm-admin", "description" : "${role_realm-admin}", "composite" : true, "composites" : { "client" : { "realm-management" : [ "manage-identity-providers", "query-clients", "view-authorization", "view-events", "manage-users", "view-clients", "impersonation", "query-realms", "view-realm", "view-identity-providers", "query-users", "create-client", "manage-events", "manage-realm", "query-groups", "manage-clients", "view-users", "manage-authorization" ] } }, "clientRole" : true, "containerId" : "d7c4c70f-6d4b-469f-afec-366c4494e9b4", "attributes" : { } }, { "id" : "d91eb27c-53bf-48e2-b422-076358db1299", "name" : "manage-identity-providers", "description" : "${role_manage-identity-providers}", "composite" : false, "clientRole" : true, "containerId" : "d7c4c70f-6d4b-469f-afec-366c4494e9b4", "attributes" : { } }, { "id" : "ed38a7ec-8bb6-4175-abe5-5c5bf7a4e0e3", "name" : "query-clients", "description" : "${role_query-clients}", "composite" : false, "clientRole" : true, "containerId" : "d7c4c70f-6d4b-469f-afec-366c4494e9b4", "attributes" : { } }, { "id" : "a7eabbee-680e-4537-9e28-e85609384610", "name" : "manage-users", "description" : "${role_manage-users}", "composite" : false, "clientRole" : true, "containerId" : "d7c4c70f-6d4b-469f-afec-366c4494e9b4", "attributes" : { } }, { "id" : "49d8b34f-dddb-4120-b324-05689b84a12b", "name" : "view-authorization", "description" : "${role_view-authorization}", "composite" : false, "clientRole" : true, "containerId" : "d7c4c70f-6d4b-469f-afec-366c4494e9b4", "attributes" : { } }, { "id" : "73becff0-bcfd-4531-a3b3-9d655672de7d", "name" : "view-events", "description" : "${role_view-events}", "composite" : false, "clientRole" : true, "containerId" : "d7c4c70f-6d4b-469f-afec-366c4494e9b4", "attributes" : { } }, { "id" : "efb0b52e-d184-4d1f-b48b-ac295ee7dec0", "name" : "impersonation", "description" : "${role_impersonation}", "composite" : false, "clientRole" : true, "containerId" : "d7c4c70f-6d4b-469f-afec-366c4494e9b4", "attributes" : { } }, { "id" : "c00a62b0-03ab-470e-89cb-73d4d33ac8b9", "name" : "view-clients", "description" : "${role_view-clients}", "composite" : true, "composites" : { "client" : { "realm-management" : [ "query-clients" ] } }, "clientRole" : true, "containerId" : "d7c4c70f-6d4b-469f-afec-366c4494e9b4", "attributes" : { } }, { "id" : "b13937d9-a445-4086-b6dd-349f06c57268", "name" : "query-realms", "description" : "${role_query-realms}", "composite" : false, "clientRole" : true, "containerId" : "d7c4c70f-6d4b-469f-afec-366c4494e9b4", "attributes" : { } }, { "id" : "9f2b221c-4615-4f45-a351-431518f3f694", "name" : "view-realm", "description" : "${role_view-realm}", "composite" : false, "clientRole" : true, "containerId" : "d7c4c70f-6d4b-469f-afec-366c4494e9b4", "attributes" : { } }, { "id" : "da6d79b8-fb13-47b1-9239-caac1a67674a", "name" : "query-users", "description" : "${role_query-users}", "composite" : false, "clientRole" : true, "containerId" : "d7c4c70f-6d4b-469f-afec-366c4494e9b4", "attributes" : { } }, { "id" : "ca7434e0-6d97-4ac6-8909-0a28027afbd6", "name" : "view-identity-providers", "description" : "${role_view-identity-providers}", "composite" : false, "clientRole" : true, "containerId" : "d7c4c70f-6d4b-469f-afec-366c4494e9b4", "attributes" : { } }, { "id" : "51218c0c-e7ea-4cb4-8504-b398db249d36", "name" : "create-client", "description" : "${role_create-client}", "composite" : false, "clientRole" : true, "containerId" : "d7c4c70f-6d4b-469f-afec-366c4494e9b4", "attributes" : { } }, { "id" : "cb1d1095-3d65-411d-971a-e1d769731bd4", "name" : "manage-events", "description" : "${role_manage-events}", "composite" : false, "clientRole" : true, "containerId" : "d7c4c70f-6d4b-469f-afec-366c4494e9b4", "attributes" : { } }, { "id" : "60b511a4-632e-4cce-8016-c8897cf532c3", "name" : "manage-realm", "description" : "${role_manage-realm}", "composite" : false, "clientRole" : true, "containerId" : "d7c4c70f-6d4b-469f-afec-366c4494e9b4", "attributes" : { } }, { "id" : "887e15d5-7fa2-41b0-8b9a-1f11f639c69a", "name" : "manage-clients", "description" : "${role_manage-clients}", "composite" : false, "clientRole" : true, "containerId" : "d7c4c70f-6d4b-469f-afec-366c4494e9b4", "attributes" : { } }, { "id" : "539f7011-2861-4155-ac00-3a41f743df4a", "name" : "query-groups", "description" : "${role_query-groups}", "composite" : false, "clientRole" : true, "containerId" : "d7c4c70f-6d4b-469f-afec-366c4494e9b4", "attributes" : { } }, { "id" : "9e2331cf-3b5e-49be-8ea9-be8c3fcf44ae", "name" : "manage-authorization", "description" : "${role_manage-authorization}", "composite" : false, "clientRole" : true, "containerId" : "d7c4c70f-6d4b-469f-afec-366c4494e9b4", "attributes" : { } }, { "id" : "66cc6fde-bfe9-41f0-8d72-fc679b8fed61", "name" : "view-users", "description" : "${role_view-users}", "composite" : true, "composites" : { "client" : { "realm-management" : [ "query-users", "query-groups" ] } }, "clientRole" : true, "containerId" : "d7c4c70f-6d4b-469f-afec-366c4494e9b4", "attributes" : { } } ], "mattermost" : [ ], "mattermost-openid" : [ { "id" : "4ee3d3fb-4a1d-4933-b45f-cde999835106", "name" : "uma_protection", "composite" : false, "clientRole" : true, "containerId" : "427658c0-080b-426b-b37b-d69e4ced5890", "attributes" : { } } ], "security-admin-console" : [ ], "admin-cli" : [ ], "account-console" : [ ], "broker" : [ { "id" : "c09bb3a4-54c6-4adb-9a31-b175df4a9bc8", "name" : "read-token", "description" : "${role_read-token}", "composite" : false, "clientRole" : true, "containerId" : "b4b6df43-11bd-47a8-9ba2-6d974b4a5ac1", "attributes" : { } } ], "account" : [ { "id" : "0d75120c-b321-4122-ac81-2d15ef0b4635", "name" : "view-consent", "description" : "${role_view-consent}", "composite" : false, "clientRole" : true, "containerId" : "aad4a0e3-b4ba-4530-975e-a7ccf9cdb53e", "attributes" : { } }, { "id" : "46dd8b66-9a4c-4bac-af6f-ee722902db7d", "name" : "view-groups", "description" : "${role_view-groups}", "composite" : false, "clientRole" : true, "containerId" : "aad4a0e3-b4ba-4530-975e-a7ccf9cdb53e", "attributes" : { } }, { "id" : "809817c3-1da5-46ec-8ee9-e6a08a772494", "name" : "manage-account-links", "description" : "${role_manage-account-links}", "composite" : false, "clientRole" : true, "containerId" : "aad4a0e3-b4ba-4530-975e-a7ccf9cdb53e", "attributes" : { } }, { "id" : "c93de053-4e96-44f2-9984-1ccf092fd22e", "name" : "view-profile", "description" : "${role_view-profile}", "composite" : false, "clientRole" : true, "containerId" : "aad4a0e3-b4ba-4530-975e-a7ccf9cdb53e", "attributes" : { } }, { "id" : "48bc7f84-3407-4e0f-aaec-be5b7010b5b9", "name" : "delete-account", "description" : "${role_delete-account}", "composite" : false, "clientRole" : true, "containerId" : "aad4a0e3-b4ba-4530-975e-a7ccf9cdb53e", "attributes" : { } }, { "id" : "6a3d352b-61cd-49d3-833a-7dfb5e40b3ac", "name" : "manage-account", "description" : "${role_manage-account}", "composite" : true, "composites" : { "client" : { "account" : [ "manage-account-links" ] } }, "clientRole" : true, "containerId" : "aad4a0e3-b4ba-4530-975e-a7ccf9cdb53e", "attributes" : { } }, { "id" : "70ff6d75-0c05-4d75-a477-05a31aa0508d", "name" : "manage-consent", "description" : "${role_manage-consent}", "composite" : true, "composites" : { "client" : { "account" : [ "view-consent" ] } }, "clientRole" : true, "containerId" : "aad4a0e3-b4ba-4530-975e-a7ccf9cdb53e", "attributes" : { } }, { "id" : "99ce72ff-29dc-4e38-b384-8618e0e55887", "name" : "view-applications", "description" : "${role_view-applications}", "composite" : false, "clientRole" : true, "containerId" : "aad4a0e3-b4ba-4530-975e-a7ccf9cdb53e", "attributes" : { } } ] } }, "groups" : [ { "id" : "08c66283-6438-4c88-b373-a5d97fd98a31", "name" : "simpsons", "path" : "/simpsons", "subGroups" : [ ], "attributes" : { }, "realmRoles" : [ ], "clientRoles" : { } } ], "defaultRole" : { "id" : "44215b4f-7373-48b2-9882-ff6ea744c2b9", "name" : "default-roles-mattermost", "description" : "${role_default-roles}", "composite" : true, "clientRole" : false, "containerId" : "b452bc2b-8c3d-4132-b096-8cb983bfa0fa" }, "requiredCredentials" : [ "password" ], "otpPolicyType" : "totp", "otpPolicyAlgorithm" : "HmacSHA1", "otpPolicyInitialCounter" : 0, "otpPolicyDigits" : 6, "otpPolicyLookAheadWindow" : 1, "otpPolicyPeriod" : 30, "otpPolicyCodeReusable" : false, "otpSupportedApplications" : [ "totpAppFreeOTPName", "totpAppGoogleName", "totpAppMicrosoftAuthenticatorName" ], "localizationTexts" : { }, "webAuthnPolicyRpEntityName" : "keycloak", "webAuthnPolicySignatureAlgorithms" : [ "ES256" ], "webAuthnPolicyRpId" : "", "webAuthnPolicyAttestationConveyancePreference" : "not specified", "webAuthnPolicyAuthenticatorAttachment" : "not specified", "webAuthnPolicyRequireResidentKey" : "not specified", "webAuthnPolicyUserVerificationRequirement" : "not specified", "webAuthnPolicyCreateTimeout" : 0, "webAuthnPolicyAvoidSameAuthenticatorRegister" : false, "webAuthnPolicyAcceptableAaguids" : [ ], "webAuthnPolicyExtraOrigins" : [ ], "webAuthnPolicyPasswordlessRpEntityName" : "keycloak", "webAuthnPolicyPasswordlessSignatureAlgorithms" : [ "ES256" ], "webAuthnPolicyPasswordlessRpId" : "", "webAuthnPolicyPasswordlessAttestationConveyancePreference" : "not specified", "webAuthnPolicyPasswordlessAuthenticatorAttachment" : "not specified", "webAuthnPolicyPasswordlessRequireResidentKey" : "not specified", "webAuthnPolicyPasswordlessUserVerificationRequirement" : "not specified", "webAuthnPolicyPasswordlessCreateTimeout" : 0, "webAuthnPolicyPasswordlessAvoidSameAuthenticatorRegister" : false, "webAuthnPolicyPasswordlessAcceptableAaguids" : [ ], "webAuthnPolicyPasswordlessExtraOrigins" : [ ], "users" : [ { "id" : "d3aa00db-7722-4d45-94f5-beb3ad8d6794", "username" : "homer", "enabled" : true, "totp" : false, "emailVerified" : true, "firstName" : "Homer", "lastName" : "Simpson", "email" : "homer.simpson@sample.com", "credentials" : [ { "id" : "bc3b2b63-38b2-420a-8802-f33e573eda81", "type" : "password", "createdDate" : 1714991408927, "secretData" : "{\"value\":\"iCgLsWLJO27kDrtXvpM9y7eZJbcNMZpNq+rMVr0gxoQ=\",\"salt\":\"JWIwdHDhfmb0ZxK3B2VrjA==\",\"additionalParameters\":{}}", "credentialData" : "{\"hashIterations\":27500,\"algorithm\":\"pbkdf2-sha256\",\"additionalParameters\":{}}" } ], "disableableCredentialTypes" : [ ], "requiredActions" : [ ], "notBefore" : 0, "groups" : [ ] }, { "id" : "dfa4ab33-bf3f-424d-9d37-ee222249729a", "username" : "lisa", "enabled" : true, "totp" : false, "emailVerified" : true, "firstName" : "Lisa", "lastName" : "Simpson", "email" : "lisa.simpson@sample.com", "credentials" : [ { "id" : "00a5098e-23df-49c7-98e1-73a5fe95195a", "type" : "password", "createdDate" : 1714991408973, "secretData" : "{\"value\":\"+PFQnePwCy0hhd3IsueLtv2BGskX2egPLBTUeOoOBK0=\",\"salt\":\"eOBehbwDrie/0eUwpBrlAg==\",\"additionalParameters\":{}}", "credentialData" : "{\"hashIterations\":27500,\"algorithm\":\"pbkdf2-sha256\",\"additionalParameters\":{}}" } ], "disableableCredentialTypes" : [ ], "requiredActions" : [ ], "notBefore" : 0, "groups" : [ ] }, { "id" : "337ba922-6496-4517-a4e6-f9f594c237b6", "username" : "marge", "enabled" : true, "totp" : false, "emailVerified" : true, "firstName" : "Marge", "lastName" : "Simpson", "email" : "marge.simpson@sample.com", "credentials" : [ { "id" : "768c667c-5480-4176-b272-0fa6b30aff06", "type" : "password", "createdDate" : 1714991408951, "secretData" : "{\"value\":\"u2ZcUnBkjiFSUFxP3wyvBRelU+k4ZSMQhy285S2cvI0=\",\"salt\":\"PXIfRXN3zZ3wIltsfqlRtQ==\",\"additionalParameters\":{}}", "credentialData" : "{\"hashIterations\":27500,\"algorithm\":\"pbkdf2-sha256\",\"additionalParameters\":{}}" } ], "disableableCredentialTypes" : [ ], "requiredActions" : [ ], "notBefore" : 0, "groups" : [ ] }, { "id" : "bf6d32c1-6364-4ac0-8dca-10d69ebfefa1", "createdTimestamp" : 1714991464428, "username" : "service-account-mattermost-openid", "enabled" : true, "totp" : false, "emailVerified" : false, "serviceAccountClientId" : "mattermost-openid", "credentials" : [ ], "disableableCredentialTypes" : [ ], "requiredActions" : [ ], "realmRoles" : [ "default-roles-mattermost" ], "clientRoles" : { "mattermost-openid" : [ "uma_protection" ] }, "notBefore" : 0, "groups" : [ ] } ], "scopeMappings" : [ { "clientScope" : "offline_access", "roles" : [ "offline_access" ] } ], "clientScopeMappings" : { "account" : [ { "client" : "account-console", "roles" : [ "manage-account", "view-groups" ] } ] }, "clients" : [ { "id" : "aad4a0e3-b4ba-4530-975e-a7ccf9cdb53e", "clientId" : "account", "name" : "${client_account}", "rootUrl" : "${authBaseUrl}", "baseUrl" : "/realms/mattermost/account/", "surrogateAuthRequired" : false, "enabled" : true, "alwaysDisplayInConsole" : false, "clientAuthenticatorType" : "client-secret", "redirectUris" : [ "/realms/mattermost/account/*" ], "webOrigins" : [ ], "notBefore" : 0, "bearerOnly" : false, "consentRequired" : false, "standardFlowEnabled" : true, "implicitFlowEnabled" : false, "directAccessGrantsEnabled" : false, "serviceAccountsEnabled" : false, "publicClient" : true, "frontchannelLogout" : false, "protocol" : "openid-connect", "attributes" : { "post.logout.redirect.uris" : "+" }, "authenticationFlowBindingOverrides" : { }, "fullScopeAllowed" : false, "nodeReRegistrationTimeout" : 0, "defaultClientScopes" : [ "web-origins", "acr", "roles", "profile", "email" ], "optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ] }, { "id" : "7daae697-1f13-4928-ad46-f4ef214cc9d4", "clientId" : "account-console", "name" : "${client_account-console}", "rootUrl" : "${authBaseUrl}", "baseUrl" : "/realms/mattermost/account/", "surrogateAuthRequired" : false, "enabled" : true, "alwaysDisplayInConsole" : false, "clientAuthenticatorType" : "client-secret", "redirectUris" : [ "/realms/mattermost/account/*" ], "webOrigins" : [ ], "notBefore" : 0, "bearerOnly" : false, "consentRequired" : false, "standardFlowEnabled" : true, "implicitFlowEnabled" : false, "directAccessGrantsEnabled" : false, "serviceAccountsEnabled" : false, "publicClient" : true, "frontchannelLogout" : false, "protocol" : "openid-connect", "attributes" : { "post.logout.redirect.uris" : "+", "pkce.code.challenge.method" : "S256" }, "authenticationFlowBindingOverrides" : { }, "fullScopeAllowed" : false, "nodeReRegistrationTimeout" : 0, "protocolMappers" : [ { "id" : "e1413711-1419-484d-b41e-c144b902de8b", "name" : "audience resolve", "protocol" : "openid-connect", "protocolMapper" : "oidc-audience-resolve-mapper", "consentRequired" : false, "config" : { } } ], "defaultClientScopes" : [ "web-origins", "acr", "roles", "profile", "email" ], "optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ] }, { "id" : "c24ac0ab-f5ef-4185-b23d-9eca4d84edeb", "clientId" : "admin-cli", "name" : "${client_admin-cli}", "surrogateAuthRequired" : false, "enabled" : true, "alwaysDisplayInConsole" : false, "clientAuthenticatorType" : "client-secret", "redirectUris" : [ ], "webOrigins" : [ ], "notBefore" : 0, "bearerOnly" : false, "consentRequired" : false, "standardFlowEnabled" : false, "implicitFlowEnabled" : false, "directAccessGrantsEnabled" : true, "serviceAccountsEnabled" : false, "publicClient" : true, "frontchannelLogout" : false, "protocol" : "openid-connect", "attributes" : { "post.logout.redirect.uris" : "+" }, "authenticationFlowBindingOverrides" : { }, "fullScopeAllowed" : false, "nodeReRegistrationTimeout" : 0, "defaultClientScopes" : [ "web-origins", "acr", "roles", "profile", "email" ], "optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ] }, { "id" : "b4b6df43-11bd-47a8-9ba2-6d974b4a5ac1", "clientId" : "broker", "name" : "${client_broker}", "surrogateAuthRequired" : false, "enabled" : true, "alwaysDisplayInConsole" : false, "clientAuthenticatorType" : "client-secret", "redirectUris" : [ ], "webOrigins" : [ ], "notBefore" : 0, "bearerOnly" : true, "consentRequired" : false, "standardFlowEnabled" : true, "implicitFlowEnabled" : false, "directAccessGrantsEnabled" : false, "serviceAccountsEnabled" : false, "publicClient" : false, "frontchannelLogout" : false, "protocol" : "openid-connect", "attributes" : { "post.logout.redirect.uris" : "+" }, "authenticationFlowBindingOverrides" : { }, "fullScopeAllowed" : false, "nodeReRegistrationTimeout" : 0, "defaultClientScopes" : [ "web-origins", "acr", "roles", "profile", "email" ], "optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ] }, { "id" : "88e48acd-0b87-4e5b-a1e0-94ba87c9471c", "clientId" : "mattermost", "name" : "", "description" : "", "rootUrl" : "http://localhost:8065", "adminUrl" : "", "baseUrl" : "http://localhost:8065", "surrogateAuthRequired" : false, "enabled" : true, "alwaysDisplayInConsole" : false, "clientAuthenticatorType" : "client-secret", "redirectUris" : [ "/login/sso/saml" ], "webOrigins" : [ "http://localhost:8065" ], "notBefore" : 0, "bearerOnly" : false, "consentRequired" : false, "standardFlowEnabled" : true, "implicitFlowEnabled" : false, "directAccessGrantsEnabled" : true, "serviceAccountsEnabled" : false, "publicClient" : true, "frontchannelLogout" : true, "protocol" : "saml", "attributes" : { "saml.assertion.signature" : "false", "saml.force.post.binding" : "true", "saml.encrypt" : "false", "post.logout.redirect.uris" : "+", "saml.server.signature" : "false", "saml.server.signature.keyinfo.ext" : "false", "saml.signing.certificate" : "MIICozCCAYsCBgGNzPeaJzANBgkqhkiG9w0BAQsFADAVMRMwEQYDVQQDDAptYXR0ZXJtb3N0MB4XDTI0MDIyMTE4MzgxNVoXDTM0MDIyMTE4Mzk1NVowFTETMBEGA1UEAwwKbWF0dGVybW9zdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALTGWjhcVlJ9u+/b/Q4laMj1mEYEMuNmP+ZB9zTICk7sQbihJ1JRY8vJ450GXcFRTEuSWLOavSsInLZNkYqtBQ1/cVBmj8NgqMBOyLXsa1BnSE+mB3S3MpmWZwMIY1/1fPpEW8potkIKRigidkoa1zi8U/0fDu6sA9wzygUdeckX3TxN2sIwAr7beBdcwEKyKZS5VGATj3HU7TUAIyk02Xbq5vgKIR9KqdazHIuV46I0BPgQ+WbXROviq/U7/txxXu6qxEuvAxwXxFa56fYQW6qpWS3s4muEGFyi9uKbeUeKLPYSjiZYFHOloAZ3ZILbC3k8dpPWSUq5lH5jsuPkEBkCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAO/cKwQAJBNSdwl/s4evpcfNAZMnvRi3IvhLKDbv648/eQQEhBVK7FQ8J9iQJaVbhdkZCSOF+x+HUURX/82h+CKNj0SehxPaELpVpiLXWh+KKBAiRHWTvsmjgfuqa5dWcmjBc2W1r+kOtvG/KZnxdmSR9fZc/BUF+64FUY+m7SMUBNDndn28Bc4wXZVWjHUF6NjTzplm5Karvcd7E892PwApSytwPA7BiPdL6DKgOOPya5Klyyykwz2jn74LWi+fEIWb7coaamwZ+bSU1eQINp3mjJz3w+EKX6gmbsSWopSm8cMDhh8l3/Dc1mh1gpiZV+zxoWpPFvRnDWJtV8iBsqw==", "saml.artifact.binding.identifier" : "s+FCT7acoISBsDrZ2B6VSIQhmX8=", "saml.artifact.binding" : "false", "saml.signature.algorithm" : "RSA_SHA256", "saml_force_name_id_format" : "true", "saml.client.signature" : "false", "saml.authnstatement" : "true", "display.on.consent.screen" : "false", "saml_name_id_format" : "email", "saml.signing.private.key" : "MIIEowIBAAKCAQEAtMZaOFxWUn2779v9DiVoyPWYRgQy42Y/5kH3NMgKTuxBuKEnUlFjy8njnQZdwVFMS5JYs5q9Kwictk2Riq0FDX9xUGaPw2CowE7ItexrUGdIT6YHdLcymZZnAwhjX/V8+kRbymi2QgpGKCJ2ShrXOLxT/R8O7qwD3DPKBR15yRfdPE3awjACvtt4F1zAQrIplLlUYBOPcdTtNQAjKTTZdurm+AohH0qp1rMci5XjojQE+BD5ZtdE6+Kr9Tv+3HFe7qrES68DHBfEVrnp9hBbqqlZLezia4QYXKL24pt5R4os9hKOJlgUc6WgBndkgtsLeTx2k9ZJSrmUfmOy4+QQGQIDAQABAoIBABCFsgSFdPrOZN1R+hWfR+3ZG5EnrFaCF4xGIm/bqiyHNaUILqG8kF5VfhURmkNTWMGt9yc4OPqsS3Vyjr8x29y9VYgbjZ9178p+0OOmv3Kuc+qaskMBxPFKcLETZNDGDUWK9qg/7IuJ6JpdtvnELQBRnywK+QiJpoMrZRcVV/aP7VMXuJJGZ+wW9LaCQBy+6powmpS/PnNO9DsN8UdBEGv5L08zF8yYH6gzv4bfubTwfDhL2JHTgikw8vA6ED1kpJjS8hFsBHB7WyN4AhDm4oLW83TJqdojcI7A0R/4atovl2wR/Yg9NLjIruOa7c60oziDN0rG2x9Wv2XFHl0KhQECgYEA4L9MdN3AQayYVH+Ftvz3n9Gkd8zt/NkCOuuwxMOQqHSyzpRohvreZ6HmIIw1P8vV5ll+obfKyxIM5Ry/KAO9wtJxF+6akvZL0yf1eWewaBI2C4uB2zviGfaKw0bTl+uRmOnK2R3yX8i9XSqhUuIwmXqimwQJ6QTeqopniVj9fxkCgYEAzemxj29CKNSjXPixZ6aFJdmo/k1UaqZljPLFyf6E9/TEk4ZKjy1XsiQoc5zlhEtg1QF/mhkMW+djpeA3y9D/Ytd5CGbifjgsIZz8AmEgkXv/qSu0uwCANKh74mR9st2genY+deR4csfmH0btD4suZM2epbzkYjATGDeQpauqOQECgYByZEv5C8lIZB3gnEul2Nn8yYrJw0+6q4W8EayWaefeJg/An78YPOYonznvhQ2xXAGSTijrDQ42EAjqMJiHOGhEmjIf+T1J4fy0DBmgYotiXSqO88HzoWYyys7UF9+o6qjfyNeLbPepkxX3LrSP6DrOU6Ih/otAxE7FRM7wFJBqOQKBgH/PiaY1cgR0ED66IyvqIYVf+FR43WghhrEZVAnQUOqz5HyJg6ghheiOJwm0HoaiXyV3+6ND3vcAxkqExT1eqdbJVlgPvJCJ/2KR1Z8IeLW1GPkBpvnYErwcxGC+7YLjrCO3V4fH27erOry5QpY+Vvq84rePatdDbea/PqqGxm8BAoGBAK8DpUktGogqRi5EwxyvWBwWiJCuQIzn5TW6YHTFLE6VA69KOBvSUoTpMqeOfxARAVwgwDb0kF/RX7vnoMROwn8K7dma3DnCS9+TN9a9GsI9jezU+TbdUeAcORAjRSxFZezKkqQcwU8beP4ofEwBv4n6TjbnNo5RsGVFBHeNErk6", "saml.allow.ecp.flow" : "false", "saml_signature_canonicalization_method" : "http://www.w3.org/2001/10/xml-exc-c14n#", "saml.onetimeuse.condition" : "false", "saml.server.signature.keyinfo.xmlSigKeyInfoKeyNameTransformer" : "NONE" }, "authenticationFlowBindingOverrides" : { }, "fullScopeAllowed" : true, "nodeReRegistrationTimeout" : -1, "protocolMappers" : [ { "id" : "1a6ae5ee-4561-42dc-b638-d0fd69ac06ba", "name" : "X500 givenName", "protocol" : "saml", "protocolMapper" : "saml-user-property-mapper", "consentRequired" : false, "config" : { "attribute.nameformat" : "urn:oasis:names:tc:SAML:2.0:attrname-format:uri", "user.attribute" : "firstName", "friendly.name" : "givenName", "attribute.name" : "urn:oid:2.5.4.42" } }, { "id" : "c1f536b0-176d-411d-bbb6-38544c36570b", "name" : "Username", "protocol" : "saml", "protocolMapper" : "saml-user-property-mapper", "consentRequired" : false, "config" : { "user.attribute" : "username", "attribute.nameformat" : "Basic", "attribute.name" : "username" } }, { "id" : "2b955e9f-139c-4280-880f-afb063b48b5b", "name" : "ID", "protocol" : "saml", "protocolMapper" : "saml-user-property-mapper", "consentRequired" : false, "config" : { "user.attribute" : "id", "attribute.nameformat" : "Basic", "attribute.name" : "id" } }, { "id" : "3cadb4fe-4ca8-4a29-b8b4-5089ee5c7fe7", "name" : "X500 email", "protocol" : "saml", "protocolMapper" : "saml-user-property-mapper", "consentRequired" : false, "config" : { "attribute.nameformat" : "urn:oasis:names:tc:SAML:2.0:attrname-format:uri", "user.attribute" : "email", "friendly.name" : "email", "attribute.name" : "urn:oid:1.2.840.113549.1.9.1" } }, { "id" : "fb260c06-9fbb-4f8e-938d-ce9c21b5c999", "name" : "X500 surname", "protocol" : "saml", "protocolMapper" : "saml-user-property-mapper", "consentRequired" : false, "config" : { "attribute.nameformat" : "urn:oasis:names:tc:SAML:2.0:attrname-format:uri", "user.attribute" : "lastName", "friendly.name" : "surname", "attribute.name" : "urn:oid:2.5.4.4" } } ], "defaultClientScopes" : [ "role_list" ], "optionalClientScopes" : [ ] }, { "id" : "427658c0-080b-426b-b37b-d69e4ced5890", "clientId" : "mattermost-openid", "name" : "", "description" : "", "rootUrl" : "", "adminUrl" : "", "baseUrl" : "", "surrogateAuthRequired" : false, "enabled" : true, "alwaysDisplayInConsole" : false, "clientAuthenticatorType" : "client-secret", "secret" : "9Y7dykcoA9luTC77XtXxOu9UbNx3rhj6", "redirectUris" : [ "*" ], "webOrigins" : [ "*" ], "notBefore" : 0, "bearerOnly" : false, "consentRequired" : false, "standardFlowEnabled" : true, "implicitFlowEnabled" : false, "directAccessGrantsEnabled" : true, "serviceAccountsEnabled" : true, "publicClient" : false, "frontchannelLogout" : true, "protocol" : "openid-connect", "attributes" : { "oidc.ciba.grant.enabled" : "false", "client.secret.creation.time" : "1714991470", "backchannel.logout.session.required" : "true", "post.logout.redirect.uris" : "*", "oauth2.device.authorization.grant.enabled" : "false", "display.on.consent.screen" : "false", "backchannel.logout.revoke.offline.tokens" : "false" }, "authenticationFlowBindingOverrides" : { }, "fullScopeAllowed" : true, "nodeReRegistrationTimeout" : -1, "protocolMappers" : [ { "id" : "3741bfe0-ad4f-49f6-bb44-4c05e8f8e958", "name" : "Client IP Address", "protocol" : "openid-connect", "protocolMapper" : "oidc-usersessionmodel-note-mapper", "consentRequired" : false, "config" : { "user.session.note" : "clientAddress", "introspection.token.claim" : "true", "userinfo.token.claim" : "true", "id.token.claim" : "true", "access.token.claim" : "true", "claim.name" : "clientAddress", "jsonType.label" : "String" } }, { "id" : "52456e14-87ba-431e-9ff4-420d196fb838", "name" : "Client ID", "protocol" : "openid-connect", "protocolMapper" : "oidc-usersessionmodel-note-mapper", "consentRequired" : false, "config" : { "user.session.note" : "client_id", "introspection.token.claim" : "true", "userinfo.token.claim" : "true", "id.token.claim" : "true", "access.token.claim" : "true", "claim.name" : "client_id", "jsonType.label" : "String" } }, { "id" : "a7f2c348-149e-4785-9491-37c6561486d4", "name" : "Client Host", "protocol" : "openid-connect", "protocolMapper" : "oidc-usersessionmodel-note-mapper", "consentRequired" : false, "config" : { "user.session.note" : "clientHost", "introspection.token.claim" : "true", "userinfo.token.claim" : "true", "id.token.claim" : "true", "access.token.claim" : "true", "claim.name" : "clientHost", "jsonType.label" : "String" } } ], "defaultClientScopes" : [ "web-origins", "acr", "roles", "profile", "email" ], "optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ] }, { "id" : "d7c4c70f-6d4b-469f-afec-366c4494e9b4", "clientId" : "realm-management", "name" : "${client_realm-management}", "surrogateAuthRequired" : false, "enabled" : true, "alwaysDisplayInConsole" : false, "clientAuthenticatorType" : "client-secret", "redirectUris" : [ ], "webOrigins" : [ ], "notBefore" : 0, "bearerOnly" : true, "consentRequired" : false, "standardFlowEnabled" : true, "implicitFlowEnabled" : false, "directAccessGrantsEnabled" : false, "serviceAccountsEnabled" : false, "publicClient" : false, "frontchannelLogout" : false, "protocol" : "openid-connect", "attributes" : { "post.logout.redirect.uris" : "+" }, "authenticationFlowBindingOverrides" : { }, "fullScopeAllowed" : false, "nodeReRegistrationTimeout" : 0, "defaultClientScopes" : [ "web-origins", "acr", "roles", "profile", "email" ], "optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ] }, { "id" : "7a8da89a-19a7-4821-86cb-e676bd9c1997", "clientId" : "security-admin-console", "name" : "${client_security-admin-console}", "rootUrl" : "${authAdminUrl}", "baseUrl" : "/admin/mattermost/console/", "surrogateAuthRequired" : false, "enabled" : true, "alwaysDisplayInConsole" : false, "clientAuthenticatorType" : "client-secret", "redirectUris" : [ "/admin/mattermost/console/*" ], "webOrigins" : [ "+" ], "notBefore" : 0, "bearerOnly" : false, "consentRequired" : false, "standardFlowEnabled" : true, "implicitFlowEnabled" : false, "directAccessGrantsEnabled" : false, "serviceAccountsEnabled" : false, "publicClient" : true, "frontchannelLogout" : false, "protocol" : "openid-connect", "attributes" : { "post.logout.redirect.uris" : "+", "pkce.code.challenge.method" : "S256" }, "authenticationFlowBindingOverrides" : { }, "fullScopeAllowed" : false, "nodeReRegistrationTimeout" : 0, "protocolMappers" : [ { "id" : "da60c790-d3ba-420f-b87c-17d5205891f8", "name" : "locale", "protocol" : "openid-connect", "protocolMapper" : "oidc-usermodel-attribute-mapper", "consentRequired" : false, "config" : { "introspection.token.claim" : "true", "userinfo.token.claim" : "true", "user.attribute" : "locale", "id.token.claim" : "true", "access.token.claim" : "true", "claim.name" : "locale", "jsonType.label" : "String" } } ], "defaultClientScopes" : [ "web-origins", "acr", "roles", "profile", "email" ], "optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ] } ], "clientScopes" : [ { "id" : "deaaf9e4-f944-48f0-844d-69acefa4fdee", "name" : "offline_access", "description" : "OpenID Connect built-in scope: offline_access", "protocol" : "openid-connect", "attributes" : { "consent.screen.text" : "${offlineAccessScopeConsentText}", "display.on.consent.screen" : "true" } }, { "id" : "9e05629c-59d0-49da-994c-a27b3d1ea181", "name" : "roles", "description" : "OpenID Connect scope for add user roles to the access token", "protocol" : "openid-connect", "attributes" : { "include.in.token.scope" : "false", "display.on.consent.screen" : "true", "consent.screen.text" : "${rolesScopeConsentText}" }, "protocolMappers" : [ { "id" : "30b9b185-a7a2-40ea-8400-10aa862fcaa0", "name" : "audience resolve", "protocol" : "openid-connect", "protocolMapper" : "oidc-audience-resolve-mapper", "consentRequired" : false, "config" : { "introspection.token.claim" : "true", "access.token.claim" : "true" } }, { "id" : "c6282965-cd18-49ad-92eb-9c1aac384e88", "name" : "client roles", "protocol" : "openid-connect", "protocolMapper" : "oidc-usermodel-client-role-mapper", "consentRequired" : false, "config" : { "introspection.token.claim" : "true", "multivalued" : "true", "user.attribute" : "foo", "access.token.claim" : "true", "claim.name" : "resource_access.${client_id}.roles", "jsonType.label" : "String" } }, { "id" : "cb453a01-226a-44c4-8490-e72d24369c9b", "name" : "realm roles", "protocol" : "openid-connect", "protocolMapper" : "oidc-usermodel-realm-role-mapper", "consentRequired" : false, "config" : { "introspection.token.claim" : "true", "multivalued" : "true", "user.attribute" : "foo", "access.token.claim" : "true", "claim.name" : "realm_access.roles", "jsonType.label" : "String" } } ] }, { "id" : "0916ac9b-4712-4ffa-a7ea-79cf38afc52f", "name" : "microprofile-jwt", "description" : "Microprofile - JWT built-in scope", "protocol" : "openid-connect", "attributes" : { "include.in.token.scope" : "true", "display.on.consent.screen" : "false" }, "protocolMappers" : [ { "id" : "f05b04c6-d8b2-4865-a579-b39c25d112f1", "name" : "groups", "protocol" : "openid-connect", "protocolMapper" : "oidc-usermodel-realm-role-mapper", "consentRequired" : false, "config" : { "introspection.token.claim" : "true", "multivalued" : "true", "userinfo.token.claim" : "true", "user.attribute" : "foo", "id.token.claim" : "true", "access.token.claim" : "true", "claim.name" : "groups", "jsonType.label" : "String" } }, { "id" : "94a133ec-e757-456f-bca3-8cfd7151d18f", "name" : "upn", "protocol" : "openid-connect", "protocolMapper" : "oidc-usermodel-attribute-mapper", "consentRequired" : false, "config" : { "introspection.token.claim" : "true", "userinfo.token.claim" : "true", "user.attribute" : "username", "id.token.claim" : "true", "access.token.claim" : "true", "claim.name" : "upn", "jsonType.label" : "String" } } ] }, { "id" : "29ac3b36-ce41-4050-9d63-945346650aab", "name" : "web-origins", "description" : "OpenID Connect scope for add allowed web origins to the access token", "protocol" : "openid-connect", "attributes" : { "include.in.token.scope" : "false", "display.on.consent.screen" : "false", "consent.screen.text" : "" }, "protocolMappers" : [ { "id" : "5307d33c-19ac-4b4c-ae1e-f048b3a58458", "name" : "allowed web origins", "protocol" : "openid-connect", "protocolMapper" : "oidc-allowed-origins-mapper", "consentRequired" : false, "config" : { "introspection.token.claim" : "true", "access.token.claim" : "true" } } ] }, { "id" : "72fe0a5e-bed9-493a-8b11-b518be450989", "name" : "acr", "description" : "OpenID Connect scope for add acr (authentication context class reference) to the token", "protocol" : "openid-connect", "attributes" : { "include.in.token.scope" : "false", "display.on.consent.screen" : "false" }, "protocolMappers" : [ { "id" : "00548232-102a-45e6-9c91-16dedc2a2db8", "name" : "acr loa level", "protocol" : "openid-connect", "protocolMapper" : "oidc-acr-mapper", "consentRequired" : false, "config" : { "id.token.claim" : "true", "introspection.token.claim" : "true", "access.token.claim" : "true", "userinfo.token.claim" : "true" } } ] }, { "id" : "f7d7585c-2e71-40c9-b8ab-aa022d1e2ad6", "name" : "role_list", "description" : "SAML role list", "protocol" : "saml", "attributes" : { "consent.screen.text" : "${samlRoleListScopeConsentText}", "display.on.consent.screen" : "true" }, "protocolMappers" : [ { "id" : "bf40cc9f-a059-419b-a795-b6400d8fd3c9", "name" : "role list", "protocol" : "saml", "protocolMapper" : "saml-role-list-mapper", "consentRequired" : false, "config" : { "single" : "false", "attribute.nameformat" : "Basic", "attribute.name" : "Role" } } ] }, { "id" : "5350312e-9032-4d75-b5ec-075e5b61b7c6", "name" : "address", "description" : "OpenID Connect built-in scope: address", "protocol" : "openid-connect", "attributes" : { "include.in.token.scope" : "true", "display.on.consent.screen" : "true", "consent.screen.text" : "${addressScopeConsentText}" }, "protocolMappers" : [ { "id" : "1748a067-e54a-4bb2-9982-bf0ab8741873", "name" : "address", "protocol" : "openid-connect", "protocolMapper" : "oidc-address-mapper", "consentRequired" : false, "config" : { "user.attribute.formatted" : "formatted", "user.attribute.country" : "country", "introspection.token.claim" : "true", "user.attribute.postal_code" : "postal_code", "userinfo.token.claim" : "true", "user.attribute.street" : "street", "id.token.claim" : "true", "user.attribute.region" : "region", "access.token.claim" : "true", "user.attribute.locality" : "locality" } } ] }, { "id" : "e56ed83f-f9ce-47cf-a022-a489b4835ec8", "name" : "profile", "description" : "OpenID Connect built-in scope: profile", "protocol" : "openid-connect", "attributes" : { "include.in.token.scope" : "true", "display.on.consent.screen" : "true", "consent.screen.text" : "${profileScopeConsentText}" }, "protocolMappers" : [ { "id" : "779f68b0-7898-4f85-a060-be5ee1d9f8d7", "name" : "profile", "protocol" : "openid-connect", "protocolMapper" : "oidc-usermodel-attribute-mapper", "consentRequired" : false, "config" : { "introspection.token.claim" : "true", "userinfo.token.claim" : "true", "user.attribute" : "profile", "id.token.claim" : "true", "access.token.claim" : "true", "claim.name" : "profile", "jsonType.label" : "String" } }, { "id" : "83ee31c0-3937-47ab-b690-1e02d4d17e2e", "name" : "family name", "protocol" : "openid-connect", "protocolMapper" : "oidc-usermodel-attribute-mapper", "consentRequired" : false, "config" : { "introspection.token.claim" : "true", "userinfo.token.claim" : "true", "user.attribute" : "lastName", "id.token.claim" : "true", "access.token.claim" : "true", "claim.name" : "family_name", "jsonType.label" : "String" } }, { "id" : "6390be9c-5111-492a-ae0c-26a2f9b0a37e", "name" : "nickname", "protocol" : "openid-connect", "protocolMapper" : "oidc-usermodel-attribute-mapper", "consentRequired" : false, "config" : { "introspection.token.claim" : "true", "userinfo.token.claim" : "true", "user.attribute" : "nickname", "id.token.claim" : "true", "access.token.claim" : "true", "claim.name" : "nickname", "jsonType.label" : "String" } }, { "id" : "746c53b2-d4a3-42ea-9862-17e8b51caa9c", "name" : "birthdate", "protocol" : "openid-connect", "protocolMapper" : "oidc-usermodel-attribute-mapper", "consentRequired" : false, "config" : { "introspection.token.claim" : "true", "userinfo.token.claim" : "true", "user.attribute" : "birthdate", "id.token.claim" : "true", "access.token.claim" : "true", "claim.name" : "birthdate", "jsonType.label" : "String" } }, { "id" : "caac0685-5ba9-4a4e-b0e6-a74d2e5a573f", "name" : "full name", "protocol" : "openid-connect", "protocolMapper" : "oidc-full-name-mapper", "consentRequired" : false, "config" : { "id.token.claim" : "true", "introspection.token.claim" : "true", "access.token.claim" : "true", "userinfo.token.claim" : "true" } }, { "id" : "b5c4a167-0973-4852-a946-67440d0f28c4", "name" : "website", "protocol" : "openid-connect", "protocolMapper" : "oidc-usermodel-attribute-mapper", "consentRequired" : false, "config" : { "introspection.token.claim" : "true", "userinfo.token.claim" : "true", "user.attribute" : "website", "id.token.claim" : "true", "access.token.claim" : "true", "claim.name" : "website", "jsonType.label" : "String" } }, { "id" : "fd9379e3-6faa-47b2-a7c7-24c782d185fa", "name" : "updated at", "protocol" : "openid-connect", "protocolMapper" : "oidc-usermodel-attribute-mapper", "consentRequired" : false, "config" : { "introspection.token.claim" : "true", "userinfo.token.claim" : "true", "user.attribute" : "updatedAt", "id.token.claim" : "true", "access.token.claim" : "true", "claim.name" : "updated_at", "jsonType.label" : "long" } }, { "id" : "7fe61e51-18c6-48a9-a61a-e15d1ccbfb8e", "name" : "username", "protocol" : "openid-connect", "protocolMapper" : "oidc-usermodel-attribute-mapper", "consentRequired" : false, "config" : { "introspection.token.claim" : "true", "userinfo.token.claim" : "true", "user.attribute" : "username", "id.token.claim" : "true", "access.token.claim" : "true", "claim.name" : "preferred_username", "jsonType.label" : "String" } }, { "id" : "fa7b1ff8-71e7-4c3b-9316-eef920b2c1da", "name" : "picture", "protocol" : "openid-connect", "protocolMapper" : "oidc-usermodel-attribute-mapper", "consentRequired" : false, "config" : { "introspection.token.claim" : "true", "userinfo.token.claim" : "true", "user.attribute" : "picture", "id.token.claim" : "true", "access.token.claim" : "true", "claim.name" : "picture", "jsonType.label" : "String" } }, { "id" : "ad81c29f-7977-48fa-8800-7fd5dd55a210", "name" : "middle name", "protocol" : "openid-connect", "protocolMapper" : "oidc-usermodel-attribute-mapper", "consentRequired" : false, "config" : { "introspection.token.claim" : "true", "userinfo.token.claim" : "true", "user.attribute" : "middleName", "id.token.claim" : "true", "access.token.claim" : "true", "claim.name" : "middle_name", "jsonType.label" : "String" } }, { "id" : "094011f2-703d-4421-92ab-3844363c810e", "name" : "gender", "protocol" : "openid-connect", "protocolMapper" : "oidc-usermodel-attribute-mapper", "consentRequired" : false, "config" : { "introspection.token.claim" : "true", "userinfo.token.claim" : "true", "user.attribute" : "gender", "id.token.claim" : "true", "access.token.claim" : "true", "claim.name" : "gender", "jsonType.label" : "String" } }, { "id" : "3b2d4d95-e77f-413a-8a34-8d6bd89ca07f", "name" : "locale", "protocol" : "openid-connect", "protocolMapper" : "oidc-usermodel-attribute-mapper", "consentRequired" : false, "config" : { "introspection.token.claim" : "true", "userinfo.token.claim" : "true", "user.attribute" : "locale", "id.token.claim" : "true", "access.token.claim" : "true", "claim.name" : "locale", "jsonType.label" : "String" } }, { "id" : "4dd32281-592b-4992-af19-2950da495776", "name" : "zoneinfo", "protocol" : "openid-connect", "protocolMapper" : "oidc-usermodel-attribute-mapper", "consentRequired" : false, "config" : { "introspection.token.claim" : "true", "userinfo.token.claim" : "true", "user.attribute" : "zoneinfo", "id.token.claim" : "true", "access.token.claim" : "true", "claim.name" : "zoneinfo", "jsonType.label" : "String" } }, { "id" : "bf5eff8d-a7a2-4e38-aa65-d84f6e164ce6", "name" : "given name", "protocol" : "openid-connect", "protocolMapper" : "oidc-usermodel-attribute-mapper", "consentRequired" : false, "config" : { "introspection.token.claim" : "true", "userinfo.token.claim" : "true", "user.attribute" : "firstName", "id.token.claim" : "true", "access.token.claim" : "true", "claim.name" : "given_name", "jsonType.label" : "String" } } ] }, { "id" : "10a8601c-f832-4de4-b067-c80b5b6ea41c", "name" : "email", "description" : "OpenID Connect built-in scope: email", "protocol" : "openid-connect", "attributes" : { "include.in.token.scope" : "true", "display.on.consent.screen" : "true", "consent.screen.text" : "${emailScopeConsentText}" }, "protocolMappers" : [ { "id" : "1f74af90-79f2-4a84-bb24-fd476690b440", "name" : "email", "protocol" : "openid-connect", "protocolMapper" : "oidc-usermodel-attribute-mapper", "consentRequired" : false, "config" : { "introspection.token.claim" : "true", "userinfo.token.claim" : "true", "user.attribute" : "email", "id.token.claim" : "true", "access.token.claim" : "true", "claim.name" : "email", "jsonType.label" : "String" } }, { "id" : "374eca64-4920-45bd-84c1-7b4902f6efe2", "name" : "email verified", "protocol" : "openid-connect", "protocolMapper" : "oidc-usermodel-property-mapper", "consentRequired" : false, "config" : { "introspection.token.claim" : "true", "userinfo.token.claim" : "true", "user.attribute" : "emailVerified", "id.token.claim" : "true", "access.token.claim" : "true", "claim.name" : "email_verified", "jsonType.label" : "boolean" } } ] }, { "id" : "a5b641cf-c886-4a2b-9336-149f1468927f", "name" : "phone", "description" : "OpenID Connect built-in scope: phone", "protocol" : "openid-connect", "attributes" : { "include.in.token.scope" : "true", "display.on.consent.screen" : "true", "consent.screen.text" : "${phoneScopeConsentText}" }, "protocolMappers" : [ { "id" : "8c643186-80dc-4860-8aa3-96c40e49175c", "name" : "phone number verified", "protocol" : "openid-connect", "protocolMapper" : "oidc-usermodel-attribute-mapper", "consentRequired" : false, "config" : { "introspection.token.claim" : "true", "userinfo.token.claim" : "true", "user.attribute" : "phoneNumberVerified", "id.token.claim" : "true", "access.token.claim" : "true", "claim.name" : "phone_number_verified", "jsonType.label" : "boolean" } }, { "id" : "4eb37f9e-d1e5-464e-acd5-8c6103f6843d", "name" : "phone number", "protocol" : "openid-connect", "protocolMapper" : "oidc-usermodel-attribute-mapper", "consentRequired" : false, "config" : { "introspection.token.claim" : "true", "userinfo.token.claim" : "true", "user.attribute" : "phoneNumber", "id.token.claim" : "true", "access.token.claim" : "true", "claim.name" : "phone_number", "jsonType.label" : "String" } } ] } ], "defaultDefaultClientScopes" : [ "role_list", "profile", "email", "roles", "web-origins", "acr" ], "defaultOptionalClientScopes" : [ "offline_access", "address", "phone", "microprofile-jwt" ], "browserSecurityHeaders" : { "contentSecurityPolicyReportOnly" : "", "xContentTypeOptions" : "nosniff", "referrerPolicy" : "no-referrer", "xRobotsTag" : "none", "xFrameOptions" : "SAMEORIGIN", "contentSecurityPolicy" : "frame-src 'self'; frame-ancestors 'self'; object-src 'none';", "xXSSProtection" : "1; mode=block", "strictTransportSecurity" : "max-age=31536000; includeSubDomains" }, "smtpServer" : { }, "eventsEnabled" : false, "eventsListeners" : [ "jboss-logging" ], "enabledEventTypes" : [ ], "adminEventsEnabled" : false, "adminEventsDetailsEnabled" : false, "identityProviders" : [ ], "identityProviderMappers" : [ ], "components" : { "org.keycloak.services.clientregistration.policy.ClientRegistrationPolicy" : [ { "id" : "045ba5df-2445-401a-a8a7-b4083e5a2128", "name" : "Allowed Client Scopes", "providerId" : "allowed-client-templates", "subType" : "authenticated", "subComponents" : { }, "config" : { "allow-default-scopes" : [ "true" ] } }, { "id" : "e95d38ab-da8f-4760-9346-73f5c3f25632", "name" : "Full Scope Disabled", "providerId" : "scope", "subType" : "anonymous", "subComponents" : { }, "config" : { } }, { "id" : "fabadbed-3fca-4a77-84ca-f4a6973c91d2", "name" : "Trusted Hosts", "providerId" : "trusted-hosts", "subType" : "anonymous", "subComponents" : { }, "config" : { "host-sending-registration-request-must-match" : [ "true" ], "client-uris-must-match" : [ "true" ] } }, { "id" : "0fb88997-b088-4bf9-8f28-7775fefdda78", "name" : "Allowed Protocol Mapper Types", "providerId" : "allowed-protocol-mappers", "subType" : "authenticated", "subComponents" : { }, "config" : { "allowed-protocol-mapper-types" : [ "saml-user-attribute-mapper", "oidc-usermodel-property-mapper", "oidc-usermodel-attribute-mapper", "oidc-address-mapper", "saml-user-property-mapper", "oidc-sha256-pairwise-sub-mapper", "oidc-full-name-mapper", "saml-role-list-mapper" ] } }, { "id" : "1eef8c1c-87c1-4a25-8c5a-57ca2c31b2d1", "name" : "Allowed Client Scopes", "providerId" : "allowed-client-templates", "subType" : "anonymous", "subComponents" : { }, "config" : { "allow-default-scopes" : [ "true" ] } }, { "id" : "a15ad9ca-5f30-41be-9f14-b9b12f34150a", "name" : "Max Clients Limit", "providerId" : "max-clients", "subType" : "anonymous", "subComponents" : { }, "config" : { "max-clients" : [ "200" ] } }, { "id" : "ee38000a-a362-430c-a836-e651e13e4b2f", "name" : "Allowed Protocol Mapper Types", "providerId" : "allowed-protocol-mappers", "subType" : "anonymous", "subComponents" : { }, "config" : { "allowed-protocol-mapper-types" : [ "saml-user-property-mapper", "saml-role-list-mapper", "oidc-usermodel-property-mapper", "oidc-address-mapper", "saml-user-attribute-mapper", "oidc-usermodel-attribute-mapper", "oidc-full-name-mapper", "oidc-sha256-pairwise-sub-mapper" ] } }, { "id" : "4bc26e75-f724-440f-aca9-11706ca534a8", "name" : "Consent Required", "providerId" : "consent-required", "subType" : "anonymous", "subComponents" : { }, "config" : { } } ], "org.keycloak.keys.KeyProvider" : [ { "id" : "b25fb4b0-a916-427a-9a0c-5e37257d754a", "name" : "rsa-generated", "providerId" : "rsa-generated", "subComponents" : { }, "config" : { "privateKey" : [ "MIIEpAIBAAKCAQEAwJ/6a/8r+O2FIa4N9jhGRWazYb689YtBBVbJ+a50QlWv/SsP1aZl/0HUpKoGIhDaKwAedx7+30CsHKoD3p2Gh7OGsY4CQ3giOgHJ0vx95P5ZPVq4oe6P3KA85MK/CWEAOQFHqnzPQveSViYADuvY2TOnvvNiPuh9SgpmXKa977AiSe20kdUoiGbzdRzJuGPHD03+Ts8KVZqimNJGZJI+L4nszm/aQ4LM333UZackCezPYA9svRsva+NbAn7+Yh05o5b6Ozvn6hwuaZ07j4i3VXR/IOj8scAyZPKClMrJsWT8qu7KZcWvUNKoT0wpMwV+RJLxO2JDSFGVxQRbOCADDwIDAQABAoIBABEjCm3qPTi/tNzqtb5GgmXxPZtAE2KK+YVmk8B9V0WBhw8wcg+xZpiffDIMGFCWjDpQH+W8IbOt9sH0FDUNcacH/z8zoZrsCKt9dj2pje+9+yV8uTla1nyr2s8FTmagtRrdNMmDohLUoLW+Wrn5HIkyUcWotIBhQahBJZsvkG1O6C4JigYqQUirtitQf65BpLeaqKYcwnU/i/IfkvwHPYxxT+YmnUEK65OPu931cQqmvUgEuY2oluL/SLjjanwQPHUVKQSF8XCWW7kP3yD3CHjyuBuKR9vYZmIhy0hwKta3zvz98LuSW73kb5V43gJVcig1d0+mxmfFkxdjOrY2Z9UCgYEA5QyM+cyju4cCVgOteBIdwG20XX9T5QNPoxuf/xXDnBq3Z1epsEO15kJNcjqcnm1SsGSimjgSeHtwAZ5jIqob0a/FTsPVEMWfD8MBomwmLEvMik2vjMwMmJAbUQsr0P2T6ZPJEBbIcG0s0x6s2OFG+iLVmwwvA6RZ8OTG6Jd8C2MCgYEA10pBRHnK3Hd7MLTH5s/+MfTlr54Ad2fDZ5AvcRpUEDExQfr/4lBn9Azll0mFX7Gko8SE4VfpzVP69+jr6th8rJZKt5OiuzHB7i5SAGotjNEYa/o3/htM+uiRq6IDdmnODtF4VDliCt7Pae3Xg/00AwQvS+er/Y7v0AnIsc/x92UCgYEAhf1bkt3VgmQuR6cLGUxvvxvuASv1JelT8vS8GfrfXTh7xaaQi55wkGyE5afH6x3E249jV5gppfV/xlKjZ6nfcEDEyZjh0Vfp/sxy7lMZ2ZvV4aokYdcUH0Nd14ETdsSAfImJezH4u1wCdtZhAtZ2MOmjz3nHHvhL7RHIElRbqkUCgYEAtUAvuL2s23XAAh6BGcJMaLScVwD3tY9nRJ5wQpF+6m7v4HO30EoParkc5gSgxBLj4HiHwsvn69TjOqofTIVcWVTirLEf1OesNKFMqkq59I7pN6beUxGa+raoRU5OCfhD4dfarVXuQ+aXyr/RrK6UhmGUjBwMgZlALu69x22hcb0CgYBkOO1GPVaoIrimHYKzLH587ZP367MYj77cMiXz0A3rjbQ9zb9DsBN1PPcprRMZsHMfp7gdsrmgv1cAnV2ZAWeEPEOl7qH42rlZX9VHX40s5Ax9prEg/RB3IylYs/yddDJ/YMp/3m0USiDmTym65amb7cddaFykvWtZQlpj9ov0ww==" ], "certificate" : [ "MIICozCCAYsCBgGPTXQmpjANBgkqhkiG9w0BAQsFADAVMRMwEQYDVQQDDAptYXR0ZXJtb3N0MB4XDTI0MDUwNjEwMjgyOFoXDTM0MDUwNjEwMzAwOFowFTETMBEGA1UEAwwKbWF0dGVybW9zdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMCf+mv/K/jthSGuDfY4RkVms2G+vPWLQQVWyfmudEJVr/0rD9WmZf9B1KSqBiIQ2isAHnce/t9ArByqA96dhoezhrGOAkN4IjoBydL8feT+WT1auKHuj9ygPOTCvwlhADkBR6p8z0L3klYmAA7r2Nkzp77zYj7ofUoKZlymve+wIknttJHVKIhm83Ucybhjxw9N/k7PClWaopjSRmSSPi+J7M5v2kOCzN991GWnJAnsz2APbL0bL2vjWwJ+/mIdOaOW+js75+ocLmmdO4+It1V0fyDo/LHAMmTygpTKybFk/KruymXFr1DSqE9MKTMFfkSS8TtiQ0hRlcUEWzggAw8CAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAYKj6Tl0zFBELqoZMOxqdgUQNk5BINy0taDwVVQ/IhIQtfw8WDvnrYL8wqqOHBd0lbQ0mDaMlkqCPHzLjBv5D2Pho8YRyVIfiPz99LXtkS8ONBloDl+ZFIrLPiSY83cELUOWbwI+f26VTNbKltmVRFjebydkemltevjGYKfZXQenFsW5c2j2qGIfEGcEvUIbwai+LECkMW7twK0XjW0TpApf04SI65Z30/j2p5uBceoR3HNVqpwkulu4oKTgg8gaIaqsbzUIFcIjrUDh1ykKVOKLZIj8NRdIIaRbonH1YLPLHDqdLvYzwj+rNxFmxbLovYKHObblPTAAjYbd5KWUfoA==" ], "priority" : [ "100" ] } }, { "id" : "cf234e0c-7555-49cf-99c7-bef7c50ed756", "name" : "hmac-generated", "providerId" : "hmac-generated", "subComponents" : { }, "config" : { "kid" : [ "3daf79ff-b089-4ae4-be08-392660d6b818" ], "secret" : [ "L_9PwDzGir1YHeM-v9Wl_A5AxifcmRLB0eyRD7lSGNgc_6RCO0oWcrA5o28X_1zMq7wBe3AnvFcuqzZr45CSbg" ], "priority" : [ "100" ], "algorithm" : [ "HS256" ] } }, { "id" : "a584f067-cab9-4426-815c-391f366817c4", "name" : "aes-generated", "providerId" : "aes-generated", "subComponents" : { }, "config" : { "kid" : [ "259582ce-b6c1-4242-ab1a-89c51b8a16fa" ], "secret" : [ "lZ8-auqemjtb82DPk-QEeA" ], "priority" : [ "100" ] } }, { "id" : "1b220f41-5d26-4b56-9024-f02ed1c42da5", "name" : "rsa-enc-generated", "providerId" : "rsa-enc-generated", "subComponents" : { }, "config" : { "privateKey" : [ "MIIEowIBAAKCAQEAxojT5/utgBVBEXcb99b5guOquV0juPwrV/FU2kJv0QdleLVxWzsKPS/XzGIkyQbob5RM5AIXNXLfxL46SGnY7/d32qoZzVkw5F+MzRmXePaUItdS/RpC6jSWjH1MTxKyoHju7tsvgNjz7gcyXee1FrVRag/r+88EW10T/nhjJKA0BivgYXKvUOWSb5uXxs5VY17Z7k1hjir/ceQQ4Jay2RIUqHfLhgWmiayx2YMOMovOksrUYm1tqFJBJYOUODDPQBKagB/TlXXy/vT5uddDAQCLKaup8JfyXObWo67sZBMNh+oSEQWElrSRpEq5da3RRzvqjeTrVpDHeEyDa5FPYQIDAQABAoIBAB9q2bXVUxB4zJI5+hgPUe7Pnl21CokkhqtlClt7tfwrInimpeidADLMlmbGhTG2wSOfIUfXuNqBcj3NKKX68hSPYc0dq/WeDqmlIT/3s8u1oZ2d24koFbzAU66pyWCeAdx5Jr5vuyW1r2xUgTjxCOwuB1M0b9CqYvMeWKKlZHMQC6sQ0TycC+TycoOR3Vf70UjDnbvekgy8uDkRaeh+7nlQFRK5wM/7YiR5Az2uaJA63I6TXVb2ODLqMDLzCeF73LNZe5ZYdIleW6akV0c/7Lk/ldTmTJtsDdaK48hVd5B6c1GqOZ9aNA7eYn7ppw4wywQ3GhGgSy7SdFJ6k9Khaz0CgYEA52wc8V4v/t1EAG/lqERyiyHlBMPcl2w/K9lmvHwNaYTRLFrqO1MOWjvrzs9Jyzma4QxM8JBvCNeepGmUXjy2DrsaiEvkpc44hZeKTmV366Y2GhsqZw83Q9KrTtulkpAKCaGB+/Opz36J8NCtAzfT1TOJ9h1/GLbzEVzO/mwEo1sCgYEA256QRX7lkWYreDpmgQBxCVvj9mdHl/dyAswQWXSJHUlUUwrPp4HtDRD6IvrHrvmMOLPjUcfJDBjLbgDlcKsjg3IIHg6DPCYan0QeUqyKGE6QgXwAOW7mkAP7V+nGEHGFKDt6yjidKOk0ygRpwJzjtIRmfPli3Yfz7gTO2LjSwPMCgYBDFc4WEg2rvgyWa9mRO7ZQqtSu2vA5XQG6/lyPyw5ARmY0i25XIC6K7c/ftatYpCxHjL9JBTWKxKaSVqDR6JuGDasVU5rGjc9IurM3IqbuwtHwI2vZUEne+VT7mSSYJfUi8ZSyquHQ6oemLXfZ9PcNWNFnbQmI6o/vuo2upzV4/QKBgQDNXSmlgrLi0rpFU770VFhfGwlBKXSeGyoGiZGkRL/Onfp3KL3i8jCbrktpGD5PVVUU1Mn1eC9821anB7mFMNMloCUNDh8TyMHOOmFsh6Eed6DTJAQFsLly4/ZNT/IBAFY2t9/rZyM21VOisJu/HDYlYEWCCaW0Z+Pmp6JQsAuLlwKBgDWRLlaCa8+rJPgRXs1FFfwIOTMyDsWf8PoA6vIytd28YzUolfil4AaDPvyamjA7NGZIO5ZhcGTX1vnNHNYHb/zmHC3AkeuHIKSDsyTUcvjsTguyF5rddkRL0F6mb3UCCv8bKn0ts3DWX4vr2eA40hL8EklRTVB0aFL524+enT5w" ], "certificate" : [ "MIICozCCAYsCBgGPTXQm0zANBgkqhkiG9w0BAQsFADAVMRMwEQYDVQQDDAptYXR0ZXJtb3N0MB4XDTI0MDUwNjEwMjgyOFoXDTM0MDUwNjEwMzAwOFowFTETMBEGA1UEAwwKbWF0dGVybW9zdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMaI0+f7rYAVQRF3G/fW+YLjqrldI7j8K1fxVNpCb9EHZXi1cVs7Cj0v18xiJMkG6G+UTOQCFzVy38S+Okhp2O/3d9qqGc1ZMORfjM0Zl3j2lCLXUv0aQuo0lox9TE8SsqB47u7bL4DY8+4HMl3ntRa1UWoP6/vPBFtdE/54YySgNAYr4GFyr1Dlkm+bl8bOVWNe2e5NYY4q/3HkEOCWstkSFKh3y4YFpomssdmDDjKLzpLK1GJtbahSQSWDlDgwz0ASmoAf05V18v70+bnXQwEAiymrqfCX8lzm1qOu7GQTDYfqEhEFhJa0kaRKuXWt0Uc76o3k61aQx3hMg2uRT2ECAwEAATANBgkqhkiG9w0BAQsFAAOCAQEANa0lkttYrlutce6OACDMj7KAzH+zNFWxG+A7ayw10mDXq+9SIrrwzfcQVhCoKoWabl+OSe7kQdu5RwWxRZ74j6BD2lH3ITlDbuMQZnUlBmxJvMsUNofFhnCJ+Mt59IKQfLORXFOx5fF8ds8uF6KkR18tKX07pNjYD7GKWY61TmBKHY6oq4svr4FmROqcdww1OEcwhZytaEA5T0kGo4vlkGTR5v7xigjWEFlsR8HA1QAUTOoUECq7WEmQC7JUOXprMevedHrL9BD/PXmZda0NyPf4xWt3Lnoay1g6OGmhcW8BiLFmPPnq+YQE3t//tg9EcHoysLBpTC9vTFxS5JFaJA==" ], "priority" : [ "100" ], "algorithm" : [ "RSA-OAEP" ] } } ] }, "internationalizationEnabled" : false, "supportedLocales" : [ ], "authenticationFlows" : [ { "id" : "3e3fc387-7ba6-4bbb-95ad-d637c398de02", "alias" : "Account verification options", "description" : "Method with which to verity the existing account", "providerId" : "basic-flow", "topLevel" : false, "builtIn" : true, "authenticationExecutions" : [ { "authenticator" : "idp-email-verification", "authenticatorFlow" : false, "requirement" : "ALTERNATIVE", "priority" : 10, "autheticatorFlow" : false, "userSetupAllowed" : false }, { "authenticatorFlow" : true, "requirement" : "ALTERNATIVE", "priority" : 20, "autheticatorFlow" : true, "flowAlias" : "Verify Existing Account by Re-authentication", "userSetupAllowed" : false } ] }, { "id" : "9537a3f9-40f9-4970-abc3-29420d62c0af", "alias" : "Browser - Conditional OTP", "description" : "Flow to determine if the OTP is required for the authentication", "providerId" : "basic-flow", "topLevel" : false, "builtIn" : true, "authenticationExecutions" : [ { "authenticator" : "conditional-user-configured", "authenticatorFlow" : false, "requirement" : "REQUIRED", "priority" : 10, "autheticatorFlow" : false, "userSetupAllowed" : false }, { "authenticator" : "auth-otp-form", "authenticatorFlow" : false, "requirement" : "REQUIRED", "priority" : 20, "autheticatorFlow" : false, "userSetupAllowed" : false } ] }, { "id" : "e3890212-5508-4c4f-886c-42292b71383e", "alias" : "Direct Grant - Conditional OTP", "description" : "Flow to determine if the OTP is required for the authentication", "providerId" : "basic-flow", "topLevel" : false, "builtIn" : true, "authenticationExecutions" : [ { "authenticator" : "conditional-user-configured", "authenticatorFlow" : false, "requirement" : "REQUIRED", "priority" : 10, "autheticatorFlow" : false, "userSetupAllowed" : false }, { "authenticator" : "direct-grant-validate-otp", "authenticatorFlow" : false, "requirement" : "REQUIRED", "priority" : 20, "autheticatorFlow" : false, "userSetupAllowed" : false } ] }, { "id" : "0ad2c5de-ae22-409a-9ce3-a91d2e27d4d4", "alias" : "First broker login - Conditional OTP", "description" : "Flow to determine if the OTP is required for the authentication", "providerId" : "basic-flow", "topLevel" : false, "builtIn" : true, "authenticationExecutions" : [ { "authenticator" : "conditional-user-configured", "authenticatorFlow" : false, "requirement" : "REQUIRED", "priority" : 10, "autheticatorFlow" : false, "userSetupAllowed" : false }, { "authenticator" : "auth-otp-form", "authenticatorFlow" : false, "requirement" : "REQUIRED", "priority" : 20, "autheticatorFlow" : false, "userSetupAllowed" : false } ] }, { "id" : "1ca93d86-2158-4a4b-8f4c-ad2c341551c0", "alias" : "Handle Existing Account", "description" : "Handle what to do if there is existing account with same email/username like authenticated identity provider", "providerId" : "basic-flow", "topLevel" : false, "builtIn" : true, "authenticationExecutions" : [ { "authenticator" : "idp-confirm-link", "authenticatorFlow" : false, "requirement" : "REQUIRED", "priority" : 10, "autheticatorFlow" : false, "userSetupAllowed" : false }, { "authenticatorFlow" : true, "requirement" : "REQUIRED", "priority" : 20, "autheticatorFlow" : true, "flowAlias" : "Account verification options", "userSetupAllowed" : false } ] }, { "id" : "855c44a5-25de-4e2a-9055-d7820c486aa8", "alias" : "Reset - Conditional OTP", "description" : "Flow to determine if the OTP should be reset or not. Set to REQUIRED to force.", "providerId" : "basic-flow", "topLevel" : false, "builtIn" : true, "authenticationExecutions" : [ { "authenticator" : "conditional-user-configured", "authenticatorFlow" : false, "requirement" : "REQUIRED", "priority" : 10, "autheticatorFlow" : false, "userSetupAllowed" : false }, { "authenticator" : "reset-otp", "authenticatorFlow" : false, "requirement" : "REQUIRED", "priority" : 20, "autheticatorFlow" : false, "userSetupAllowed" : false } ] }, { "id" : "5e2179fb-85bf-4bb7-a34c-df270f5b538e", "alias" : "User creation or linking", "description" : "Flow for the existing/non-existing user alternatives", "providerId" : "basic-flow", "topLevel" : false, "builtIn" : true, "authenticationExecutions" : [ { "authenticatorConfig" : "create unique user config", "authenticator" : "idp-create-user-if-unique", "authenticatorFlow" : false, "requirement" : "ALTERNATIVE", "priority" : 10, "autheticatorFlow" : false, "userSetupAllowed" : false }, { "authenticatorFlow" : true, "requirement" : "ALTERNATIVE", "priority" : 20, "autheticatorFlow" : true, "flowAlias" : "Handle Existing Account", "userSetupAllowed" : false } ] }, { "id" : "b07dae46-dffa-469a-addd-155dcc454b8e", "alias" : "Verify Existing Account by Re-authentication", "description" : "Reauthentication of existing account", "providerId" : "basic-flow", "topLevel" : false, "builtIn" : true, "authenticationExecutions" : [ { "authenticator" : "idp-username-password-form", "authenticatorFlow" : false, "requirement" : "REQUIRED", "priority" : 10, "autheticatorFlow" : false, "userSetupAllowed" : false }, { "authenticatorFlow" : true, "requirement" : "CONDITIONAL", "priority" : 20, "autheticatorFlow" : true, "flowAlias" : "First broker login - Conditional OTP", "userSetupAllowed" : false } ] }, { "id" : "5502a151-e047-4385-a0d8-115f23e9f64a", "alias" : "browser", "description" : "browser based authentication", "providerId" : "basic-flow", "topLevel" : true, "builtIn" : true, "authenticationExecutions" : [ { "authenticator" : "auth-cookie", "authenticatorFlow" : false, "requirement" : "ALTERNATIVE", "priority" : 10, "autheticatorFlow" : false, "userSetupAllowed" : false }, { "authenticator" : "auth-spnego", "authenticatorFlow" : false, "requirement" : "DISABLED", "priority" : 20, "autheticatorFlow" : false, "userSetupAllowed" : false }, { "authenticator" : "identity-provider-redirector", "authenticatorFlow" : false, "requirement" : "ALTERNATIVE", "priority" : 25, "autheticatorFlow" : false, "userSetupAllowed" : false }, { "authenticatorFlow" : true, "requirement" : "ALTERNATIVE", "priority" : 30, "autheticatorFlow" : true, "flowAlias" : "forms", "userSetupAllowed" : false } ] }, { "id" : "567a6082-f98f-4f6b-9d98-f8c53d58626d", "alias" : "clients", "description" : "Base authentication for clients", "providerId" : "client-flow", "topLevel" : true, "builtIn" : true, "authenticationExecutions" : [ { "authenticator" : "client-secret", "authenticatorFlow" : false, "requirement" : "ALTERNATIVE", "priority" : 10, "autheticatorFlow" : false, "userSetupAllowed" : false }, { "authenticator" : "client-jwt", "authenticatorFlow" : false, "requirement" : "ALTERNATIVE", "priority" : 20, "autheticatorFlow" : false, "userSetupAllowed" : false }, { "authenticator" : "client-secret-jwt", "authenticatorFlow" : false, "requirement" : "ALTERNATIVE", "priority" : 30, "autheticatorFlow" : false, "userSetupAllowed" : false }, { "authenticator" : "client-x509", "authenticatorFlow" : false, "requirement" : "ALTERNATIVE", "priority" : 40, "autheticatorFlow" : false, "userSetupAllowed" : false } ] }, { "id" : "7b2672cd-462a-43ad-9b7f-4074ee7380ee", "alias" : "direct grant", "description" : "OpenID Connect Resource Owner Grant", "providerId" : "basic-flow", "topLevel" : true, "builtIn" : true, "authenticationExecutions" : [ { "authenticator" : "direct-grant-validate-username", "authenticatorFlow" : false, "requirement" : "REQUIRED", "priority" : 10, "autheticatorFlow" : false, "userSetupAllowed" : false }, { "authenticator" : "direct-grant-validate-password", "authenticatorFlow" : false, "requirement" : "REQUIRED", "priority" : 20, "autheticatorFlow" : false, "userSetupAllowed" : false }, { "authenticatorFlow" : true, "requirement" : "CONDITIONAL", "priority" : 30, "autheticatorFlow" : true, "flowAlias" : "Direct Grant - Conditional OTP", "userSetupAllowed" : false } ] }, { "id" : "8478b453-df05-46a6-aac9-5eb08885a447", "alias" : "docker auth", "description" : "Used by Docker clients to authenticate against the IDP", "providerId" : "basic-flow", "topLevel" : true, "builtIn" : true, "authenticationExecutions" : [ { "authenticator" : "docker-http-basic-authenticator", "authenticatorFlow" : false, "requirement" : "REQUIRED", "priority" : 10, "autheticatorFlow" : false, "userSetupAllowed" : false } ] }, { "id" : "cbd75a2b-8dcc-4f63-a2b9-2d30ed937eab", "alias" : "first broker login", "description" : "Actions taken after first broker login with identity provider account, which is not yet linked to any Keycloak account", "providerId" : "basic-flow", "topLevel" : true, "builtIn" : true, "authenticationExecutions" : [ { "authenticatorConfig" : "review profile config", "authenticator" : "idp-review-profile", "authenticatorFlow" : false, "requirement" : "REQUIRED", "priority" : 10, "autheticatorFlow" : false, "userSetupAllowed" : false }, { "authenticatorFlow" : true, "requirement" : "REQUIRED", "priority" : 20, "autheticatorFlow" : true, "flowAlias" : "User creation or linking", "userSetupAllowed" : false } ] }, { "id" : "86121d61-c8e6-4758-8c45-55a99291c877", "alias" : "forms", "description" : "Username, password, otp and other auth forms.", "providerId" : "basic-flow", "topLevel" : false, "builtIn" : true, "authenticationExecutions" : [ { "authenticator" : "auth-username-password-form", "authenticatorFlow" : false, "requirement" : "REQUIRED", "priority" : 10, "autheticatorFlow" : false, "userSetupAllowed" : false }, { "authenticatorFlow" : true, "requirement" : "CONDITIONAL", "priority" : 20, "autheticatorFlow" : true, "flowAlias" : "Browser - Conditional OTP", "userSetupAllowed" : false } ] }, { "id" : "fd722202-55f6-42fc-813c-9d568280dd00", "alias" : "registration", "description" : "registration flow", "providerId" : "basic-flow", "topLevel" : true, "builtIn" : true, "authenticationExecutions" : [ { "authenticator" : "registration-page-form", "authenticatorFlow" : true, "requirement" : "REQUIRED", "priority" : 10, "autheticatorFlow" : true, "flowAlias" : "registration form", "userSetupAllowed" : false } ] }, { "id" : "e604d749-b65d-4709-b7fe-683043322069", "alias" : "registration form", "description" : "registration form", "providerId" : "form-flow", "topLevel" : false, "builtIn" : true, "authenticationExecutions" : [ { "authenticator" : "registration-user-creation", "authenticatorFlow" : false, "requirement" : "REQUIRED", "priority" : 20, "autheticatorFlow" : false, "userSetupAllowed" : false }, { "authenticator" : "registration-password-action", "authenticatorFlow" : false, "requirement" : "REQUIRED", "priority" : 50, "autheticatorFlow" : false, "userSetupAllowed" : false }, { "authenticator" : "registration-recaptcha-action", "authenticatorFlow" : false, "requirement" : "DISABLED", "priority" : 60, "autheticatorFlow" : false, "userSetupAllowed" : false } ] }, { "id" : "34ed29ea-ff5a-48f5-89fb-55e7b0d08db5", "alias" : "reset credentials", "description" : "Reset credentials for a user if they forgot their password or something", "providerId" : "basic-flow", "topLevel" : true, "builtIn" : true, "authenticationExecutions" : [ { "authenticator" : "reset-credentials-choose-user", "authenticatorFlow" : false, "requirement" : "REQUIRED", "priority" : 10, "autheticatorFlow" : false, "userSetupAllowed" : false }, { "authenticator" : "reset-credential-email", "authenticatorFlow" : false, "requirement" : "REQUIRED", "priority" : 20, "autheticatorFlow" : false, "userSetupAllowed" : false }, { "authenticator" : "reset-password", "authenticatorFlow" : false, "requirement" : "REQUIRED", "priority" : 30, "autheticatorFlow" : false, "userSetupAllowed" : false }, { "authenticatorFlow" : true, "requirement" : "CONDITIONAL", "priority" : 40, "autheticatorFlow" : true, "flowAlias" : "Reset - Conditional OTP", "userSetupAllowed" : false } ] }, { "id" : "9c45a256-329f-40f5-947c-060be56c5fe3", "alias" : "saml ecp", "description" : "SAML ECP Profile Authentication Flow", "providerId" : "basic-flow", "topLevel" : true, "builtIn" : true, "authenticationExecutions" : [ { "authenticator" : "http-basic-authenticator", "authenticatorFlow" : false, "requirement" : "REQUIRED", "priority" : 10, "autheticatorFlow" : false, "userSetupAllowed" : false } ] } ], "authenticatorConfig" : [ { "id" : "f6497f9b-75bb-4e4a-97fb-502a77c95594", "alias" : "create unique user config", "config" : { "require.password.update.after.registration" : "false" } }, { "id" : "66b63196-6ebc-41cf-a462-e71dfe5baf84", "alias" : "review profile config", "config" : { "update.profile.on.first.login" : "missing" } } ], "requiredActions" : [ { "alias" : "CONFIGURE_TOTP", "name" : "Configure OTP", "providerId" : "CONFIGURE_TOTP", "enabled" : true, "defaultAction" : false, "priority" : 10, "config" : { } }, { "alias" : "TERMS_AND_CONDITIONS", "name" : "Terms and Conditions", "providerId" : "TERMS_AND_CONDITIONS", "enabled" : false, "defaultAction" : false, "priority" : 20, "config" : { } }, { "alias" : "UPDATE_PASSWORD", "name" : "Update Password", "providerId" : "UPDATE_PASSWORD", "enabled" : true, "defaultAction" : false, "priority" : 30, "config" : { } }, { "alias" : "UPDATE_PROFILE", "name" : "Update Profile", "providerId" : "UPDATE_PROFILE", "enabled" : true, "defaultAction" : false, "priority" : 40, "config" : { } }, { "alias" : "VERIFY_EMAIL", "name" : "Verify Email", "providerId" : "VERIFY_EMAIL", "enabled" : true, "defaultAction" : false, "priority" : 50, "config" : { } }, { "alias" : "delete_account", "name" : "Delete Account", "providerId" : "delete_account", "enabled" : false, "defaultAction" : false, "priority" : 60, "config" : { } }, { "alias" : "webauthn-register", "name" : "Webauthn Register", "providerId" : "webauthn-register", "enabled" : true, "defaultAction" : false, "priority" : 70, "config" : { } }, { "alias" : "webauthn-register-passwordless", "name" : "Webauthn Register Passwordless", "providerId" : "webauthn-register-passwordless", "enabled" : true, "defaultAction" : false, "priority" : 80, "config" : { } }, { "alias" : "update_user_locale", "name" : "Update User Locale", "providerId" : "update_user_locale", "enabled" : true, "defaultAction" : false, "priority" : 1000, "config" : { } } ], "browserFlow" : "browser", "registrationFlow" : "registration", "directGrantFlow" : "direct grant", "resetCredentialsFlow" : "reset credentials", "clientAuthenticationFlow" : "clients", "dockerAuthenticationFlow" : "docker auth", "attributes" : { "cibaBackchannelTokenDeliveryMode" : "poll", "cibaExpiresIn" : "120", "cibaAuthRequestedUserHint" : "login_hint", "oauth2DeviceCodeLifespan" : "600", "clientOfflineSessionMaxLifespan" : "0", "oauth2DevicePollingInterval" : "5", "clientSessionIdleTimeout" : "0", "parRequestUriLifespan" : "60", "clientSessionMaxLifespan" : "0", "clientOfflineSessionIdleTimeout" : "0", "cibaInterval" : "5", "realmReusableOtpCode" : "false" }, "keycloakVersion" : "23.0.7", "userManagedAccessAllowed" : false, "clientProfiles" : { "profiles" : [ ] }, "clientPolicies" : { "policies" : [ ] } }