diff --git a/.github/workflows/build-init-container.yml b/.github/workflows/build-init-container.yml new file mode 100644 index 00000000..e7130235 --- /dev/null +++ b/.github/workflows/build-init-container.yml @@ -0,0 +1,93 @@ +############################################################### +# Copyright (c) 2024 Contributors to the Eclipse Foundation +# +# See the NOTICE file(s) distributed with this work for additional +# information regarding copyright ownership. +# +# This program and the accompanying materials are made available under the +# terms of the Apache License, Version 2.0 which is available at +# https://www.apache.org/licenses/LICENSE-2.0. +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# SPDX-License-Identifier: Apache-2.0 +############################################################### + +name: Build - Init container IAM + +on: + push: + branches: + - main + paths: + - 'init-container/**' + - '.github/workflows/build-init-container.yml' + # trigger events for SemVer like tags + tags: + - '*.*.*-init*' + workflow_dispatch: + +env: + IMAGE_NAMESPACE: "tractusx" + IMAGE_NAME: "umbrella-init-container" + +jobs: + build: + name: Build-and push image for init container + runs-on: ubuntu-latest + permissions: + contents: read + + steps: + - name: Checkout + uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2 + + - name: Login to DockerHub + if: github.event_name != 'pull_request' + uses: docker/login-action@e92390c5fb421da1463c202d546fed0ec5c39f20 # v3.1.0 + with: + username: ${{ secrets.DOCKER_HUB_USER }} + password: ${{ secrets.DOCKER_HUB_TOKEN }} + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@d70bba72b1f3fd22344832f00baa16ece964efeb # v3.3.0 + + - name: Set up QEMU + uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 # v3.0.0 + + - name: Docker meta + id: meta + uses: docker/metadata-action@8e5442c4ef9f78752691e2d8f8d19755c6f78e81 # v5.5.1 + with: + images: ${{ env.IMAGE_NAMESPACE }}/${{ env.IMAGE_NAME }} + tags: | + type=ref,event=branch + type=ref,event=pr + type=raw,value=latest + type=raw,value=${{ github.sha }} + type=semver,pattern={{version}} + type=semver,pattern={{major}} + type=semver,pattern={{major}}.{{minor}} + + - name: Build and push init container + uses: docker/build-push-action@2cdde995de11925a030ce8070c3d77a52ffcf1c0 # v5.3.0 + with: + context: ./init-container/ + platforms: linux/amd64, linux/arm64 + push: ${{ github.event_name != 'pull_request' }} + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} + + # https://github.com/peter-evans/dockerhub-description + - name: Update Docker Hub description + if: github.event_name != 'pull_request' + uses: peter-evans/dockerhub-description@e98e4d1628a5f3be2be7c231e50981aee98723ae # v4.0.0 + with: + username: ${{ secrets.DOCKER_HUB_USER }} + password: ${{ secrets.DOCKER_HUB_TOKEN }} + repository: ${{ env.IMAGE_NAMESPACE }}/${{ env.IMAGE_NAME }} + readme-filepath: ./init-container/DOCKER-NOTICE.md diff --git a/.github/workflows/helm-checks.yaml b/.github/workflows/helm-checks.yaml index 227c374b..8ec0beb3 100644 --- a/.github/workflows/helm-checks.yaml +++ b/.github/workflows/helm-checks.yaml @@ -100,13 +100,19 @@ jobs: run: kubectl describe node - name: Build simple data backend - id: build-simple-data-backend uses: docker/build-push-action@4a13e500e55cf31b7a5d59a38ab2040ab0f42f56 # v5.1.0 with: - context: simple-data-backend/ + context: ./simple-data-backend/ push: true tags: kind-registry:5000/simple-data-backend:testing + - name: Build init container + uses: docker/build-push-action@4a13e500e55cf31b7a5d59a38ab2040ab0f42f56 # v5.1.0 + with: + context: ./init-container/ + push: true + tags: kind-registry:5000/init-container:testing + - name: Set up Helm uses: azure/setup-helm@b7246b12e77f7134dc2d460a3d5bad15bbe29390 # v4.1.0 with: @@ -132,7 +138,7 @@ jobs: - name: Install chart and run tests (umbrella) run: | - helm install umbrella charts/umbrella --namespace install --create-namespace --debug + helm install umbrella charts/umbrella -f charts/values-test.yaml --namespace install --create-namespace --debug helm uninstall umbrella --namespace install ## Skip upgrade for now until a working chart is released diff --git a/charts/umbrella/values.yaml b/charts/umbrella/values.yaml index d7089508..13f848c3 100644 --- a/charts/umbrella/values.yaml +++ b/charts/umbrella/values.yaml @@ -150,6 +150,20 @@ centralidp: keycloak: nameOverride: "centralidp" replicaCount: 1 + initContainers: + - name: import + image: docker.io/tractusx/umbrella-init-container:0.0.1-init + imagePullPolicy: Always + command: + - sh + args: + - -c + - | + echo "Copying realms..." + cp -R /import/catenax-central/realms/* /realms + volumeMounts: + - name: realms + mountPath: "/realms" postgresql: nameOverride: "centralidp-postgresql" architecture: standalone @@ -159,6 +173,20 @@ sharedidp: keycloak: nameOverride: "sharedidp" replicaCount: 1 + initContainers: + - name: import + image: docker.io/tractusx/umbrella-init-container:0.0.1-init + imagePullPolicy: Always + command: + - sh + args: + - -c + - | + echo "Copying realms..." + cp -R /import/catenax-shared/realms/* /realms + volumeMounts: + - name: realms + mountPath: "/realms" postgresql: nameOverride: "sharedidp-postgresql" architecture: standalone diff --git a/charts/values-test.yaml b/charts/values-test.yaml new file mode 100644 index 00000000..031afa0c --- /dev/null +++ b/charts/values-test.yaml @@ -0,0 +1,52 @@ +############################################################### +# Copyright (c) 2024 Contributors to the Eclipse Foundation +# +# See the NOTICE file(s) distributed with this work for additional +# information regarding copyright ownership. +# +# This program and the accompanying materials are made available under the +# terms of the Apache License, Version 2.0 which is available at +# https://www.apache.org/licenses/LICENSE-2.0. +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# SPDX-License-Identifier: Apache-2.0 +############################################################### + +centralidp: + keycloak: + initContainers: + - name: import + image: kind-registry:5000/init-container:testing + imagePullPolicy: Always + command: + - sh + args: + - -c + - | + echo "Copying realms..." + cp -R /import/catenax-central/realms/* /realms + volumeMounts: + - name: realms + mountPath: "/realms" + +sharedidp: + keycloak: + initContainers: + - name: import + image: kind-registry:5000/init-container:testing + imagePullPolicy: Always + command: + - sh + args: + - -c + - | + echo "Copying realms..." + cp -R /import/catenax-shared/realms/* /realms + volumeMounts: + - name: realms + mountPath: "/realms" diff --git a/init-container/DOCKER_NOTICE.md b/init-container/DOCKER_NOTICE.md new file mode 100644 index 00000000..728fe0cc --- /dev/null +++ b/init-container/DOCKER_NOTICE.md @@ -0,0 +1,26 @@ +## Notice for Docker image + +This application provides container images for demonstration purposes. + +DockerHub: https://hub.docker.com/r/tractusx/umbrella-init-container + +Eclipse Tractus-X product(s) installed within the image: + +Init Container with IAM realms for umbrella chart + +- GitHub: https://github.com/eclipse-tractusx/tractus-x-umbrella +- Project home: https://projects.eclipse.org/projects/automotive.tractusx +- Dockerfile: https://github.com/eclipse-tractusx/tractus-x-umbrella/blob/main/init-container/Dockerfile +- Project license: [Apache License, Version 2.0](https://github.com/eclipse-tractusx/tractus-x-umbrella/blob/main/LICENSE) + +**Used base image** + +- Dockerfile: [alpinelinux/docker-alpine:3.19](https://github.com/alpinelinux/docker-alpine/blob/v3.19/x86_64/Dockerfile) +- GitHub project: [https://github.com/alpinelinux/docker-alpine](https://github.com/alpinelinux/docker-alpine) +- DockerHub: [https://hub.docker.com/_/alpine](https://hub.docker.com/_/alpine) + +As with all Docker images, these likely also contain other software which may be under other licenses (such as Bash, etc +from the base distribution, along with any direct or indirect dependencies of the primary software being contained). + +As for any pre-built image usage, it is the image user's responsibility to ensure that any use of this image complies +with any relevant licenses for all software contained within. \ No newline at end of file diff --git a/init-container/Dockerfile b/init-container/Dockerfile new file mode 100644 index 00000000..2358a7a2 --- /dev/null +++ b/init-container/Dockerfile @@ -0,0 +1,28 @@ +############################################################### +# Copyright (c) 2024 Contributors to the Eclipse Foundation +# +# See the NOTICE file(s) distributed with this work for additional +# information regarding copyright ownership. +# +# This program and the accompanying materials are made available under the +# terms of the Apache License, Version 2.0 which is available at +# https://www.apache.org/licenses/LICENSE-2.0. +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# SPDX-License-Identifier: Apache-2.0 +############################################################### + +FROM alpine:3.19 + +RUN mkdir import + +RUN chown -R 1000:3000 /import +USER 1000:3000 + +COPY iam/centralidp/ import/catenax-central/realms +COPY iam/sharedidp/ import/catenax-shared/realms diff --git a/init-container/iam/centralidp/CX-Central-realm.json b/init-container/iam/centralidp/CX-Central-realm.json new file mode 100644 index 00000000..4ab4bd97 --- /dev/null +++ b/init-container/iam/centralidp/CX-Central-realm.json @@ -0,0 +1,6969 @@ +{ + "id": "CX-Central", + "realm": "CX-Central", + "displayName": "Catena-X Central", + "notBefore": 1660280763, + "defaultSignatureAlgorithm": "RS256", + "revokeRefreshToken": true, + "refreshTokenMaxReuse": 1, + "accessTokenLifespan": 300, + "accessTokenLifespanForImplicitFlow": 900, + "ssoSessionIdleTimeout": 1800, + "ssoSessionMaxLifespan": 36000, + "ssoSessionIdleTimeoutRememberMe": 0, + "ssoSessionMaxLifespanRememberMe": 0, + "offlineSessionIdleTimeout": 2592000, + "offlineSessionMaxLifespanEnabled": false, + "offlineSessionMaxLifespan": 5184000, + "clientSessionIdleTimeout": 0, + "clientSessionMaxLifespan": 0, + "clientOfflineSessionIdleTimeout": 0, + "clientOfflineSessionMaxLifespan": 0, + "accessCodeLifespan": 60, + "accessCodeLifespanUserAction": 300, + "accessCodeLifespanLogin": 1800, + "actionTokenGeneratedByAdminLifespan": 43200, + "actionTokenGeneratedByUserLifespan": 300, + "oauth2DeviceCodeLifespan": 600, + "oauth2DevicePollingInterval": 5, + "enabled": true, + "sslRequired": "external", + "registrationAllowed": false, + "registrationEmailAsUsername": false, + "rememberMe": false, + "verifyEmail": false, + "loginWithEmailAllowed": false, + "duplicateEmailsAllowed": true, + "resetPasswordAllowed": false, + "editUsernameAllowed": false, + "bruteForceProtected": true, + "permanentLockout": false, + "maxFailureWaitSeconds": 900, + "minimumQuickLoginWaitSeconds": 60, + "waitIncrementSeconds": 60, + "quickLoginCheckMilliSeconds": 1000, + "maxDeltaTimeSeconds": 43200, + "failureFactor": 10, + "roles": { + "realm": [ + { + "id": "9ed742fe-ac2e-462c-ab1f-09895db556b6", + "name": "uma_authorization", + "description": "${role_uma_authorization}", + "composite": false, + "clientRole": false, + "containerId": "CX-Central", + "attributes": {} + }, + { + "id": "fd7248cf-7b65-4dbf-ae84-7a967e8ec7c2", + "name": "user", + "description": "basic user", + "composite": false, + "clientRole": false, + "containerId": "CX-Central", + "attributes": {} + }, + { + "id": "4c19f2aa-f9b9-473e-ba5c-46c2f4e52c8b", + "name": "default-roles-catena-x realm", + "description": "${role_default-roles}", + "composite": true, + "composites": { + "realm": [ + "offline_access", + "uma_authorization" + ], + "client": { + "Cl23-CX-Policy-Hub": [ + "view_policy_hub" + ], + "account": [ + "manage-account", + "view-profile" + ] + } + }, + "clientRole": false, + "containerId": "CX-Central", + "attributes": {} + }, + { + "id": "1ec798aa-cd95-43bd-9494-b1883e451fbb", + "name": "offline_access", + "description": "${role_offline-access}", + "composite": false, + "clientRole": false, + "containerId": "CX-Central", + "attributes": {} + } + ], + "client": { + "sa-cl2-02": [], + "sa-cl2-01": [], + "sa-cl3-cx-1": [], + "security-admin-console": [], + "sa-cl2-03": [], + "account-console": [], + "sa-cl22-01": [], + "Cl2-CX-Portal": [ + { + "id": "39ff444c-888a-4bf6-b8e1-343b66f8a067", + "name": "decline_new_partner", + "description": "User can decline a partner application", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "c51f3a5a-02e0-414f-9c60-c2ec5c53bb09", + "name": "update_company_role", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "46905bb9-8d3b-4666-891f-a67e8f963b3b", + "name": "view_documents", + "description": "User can view/download documents", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "0769d6ca-3056-42da-84cd-35f2d535d79e", + "name": "delete_connectors", + "description": "Delete company connectors", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "54bd7ad1-0773-4c9e-b1be-5cf41faa1c05", + "name": "update_service_offering", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "d566bb6c-e621-4517-9322-26093231b77c", + "name": "Service Manager", + "composite": true, + "composites": { + "client": { + "Cl7-CX-BPDM": [ + "view_company_data" + ], + "Cl5-CX-Custodian": [ + "view_wallet" + ], + "Cl1-CX-Registration": [ + "view_registration" + ], + "Cl2-CX-Portal": [ + "view_license_types", + "delete_connectors", + "update_service_offering", + "view_technical_setup", + "view_tech_user_management", + "view_service_marketplace", + "CX User", + "view_service_offering", + "view_autosetup_status", + "add_connectors", + "upload_documents", + "view_own_user_account", + "view_use_cases", + "view_idp", + "view_services", + "add_tech_user_management", + "view_membership", + "update_own_user_account", + "add_service_offering", + "view_service_subscriptions", + "activate_subscription", + "view_tech_roles", + "view_notifications", + "view_certificates", + "technical_roles_management", + "delete_tech_user_management", + "delete_own_user_account", + "my_user_account", + "view_subscription", + "delete_notifications", + "view_connectors", + "view_partner_network" + ], + "Cl3-CX-Semantic": [ + "add_semantic_model", + "update_semantic_model", + "view_semantic_model", + "delete_semantic_model" + ] + } + }, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "4d1ca50b-8a6e-47ee-9a9b-ed5a919bc0d5", + "name": "invite_new_partner", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "a029dec3-8c6a-4a2f-a60a-82249f0590fd", + "name": "setup_client", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "34742e28-1497-4222-ad1f-93ab9feac92e", + "name": "view_app_subscription", + "description": "view app subscriptions in pending, active and inactive", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "d41dd839-6562-4be4-8364-de787c367458", + "name": "delete_documents", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "8cceb06a-fa9d-4251-a336-9173d268c6d3", + "name": "app_management", + "description": "can manage apps", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "1290996a-0229-49b8-8aa4-732f4d27f5fa", + "name": "view_company_data", + "description": "view_company_data", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "ff9d65f5-dbdf-4971-8042-f36bb23cc52c", + "name": "approve_app_release", + "description": "User can approve apps to get released on the marketplace", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "27521792-5070-4dd9-93ed-d4fea69877e2", + "name": "view_app_language", + "description": "View available app language", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "c41486f4-86d3-4b9b-9fb0-ceeaaf718268", + "name": "modify_user_account", + "description": "Users with this right can modify users related to their company", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "19c0e799-4ffd-4709-8b38-45540c677e50", + "name": "view_autosetup_status", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "03490917-fd0d-4893-b901-3a426d3958db", + "name": "App Developer", + "composite": true, + "composites": { + "client": { + "Cl7-CX-BPDM": [ + "view_company_data" + ], + "Cl5-CX-Custodian": [ + "view_wallet" + ], + "Cl1-CX-Registration": [ + "view_registration" + ], + "Cl2-CX-Portal": [ + "view_technical_setup", + "view_tech_user_management", + "app_management", + "view_tech_roles", + "view_certificates", + "view_app_language", + "technical_roles_management", + "CX User", + "edit_apps", + "view_use_cases", + "view_apps" + ] + } + }, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "5c0d11f9-a90d-4960-9917-450b70b419f2", + "name": "Business Admin", + "composite": true, + "composites": { + "client": { + "Cl7-CX-BPDM": [ + "view_company_data" + ], + "Cl5-CX-Custodian": [ + "view_wallet" + ], + "Cl1-CX-Registration": [ + "view_registration" + ], + "Cl3-CX-Semantic": [ + "add_semantic_model", + "update_semantic_model", + "view_semantic_model", + "delete_semantic_model" + ], + "Cl2-CX-Portal": [ + "view_app_subscription", + "add_user_account", + "view_company_data", + "view_service_marketplace", + "modify_user_account", + "view_service_offering", + "view_autosetup_status", + "unsubscribe_apps", + "upload_certificates", + "view_user_management", + "subscribe_apps", + "view_services", + "view_dataspaces", + "filter_apps", + "view_service_subscriptions", + "view_notifications", + "view_certificates", + "delete_certificates", + "delete_own_user_account", + "unsubscribe_services", + "view_apps", + "view_subscription", + "view_use_case_participation", + "view_connectors", + "view_partner_network" + ] + } + }, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "03acc78a-0301-4518-a548-d5bd782c3d13", + "name": "decision_ssicredential", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "37dc74e9-9f50-49d2-9b95-402b04aa84ff", + "name": "add_connectors", + "description": "Add new connector (registration and self-description)", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "c75a196c-2b82-4cd5-b572-0b70ec38e8fb", + "name": "configure_partner_registration", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "9f7a5a51-6a38-4d53-816a-6db01ef52111", + "name": "view_own_user_account", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "1d12d087-bcaf-4ad5-b21f-77fdce13b423", + "name": "view_user_management", + "description": "Users with this right can access the user management in CX", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "bcfd6c59-c999-440a-91ac-396a2b0322d4", + "name": "view_idp", + "description": "User can view IdP details", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "0cf91728-4ab6-413c-af72-4d8aee959c51", + "name": "add_apps", + "description": "Users with this role can publish new apps in the Marketplace", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "146c2388-2e26-4505-b85d-6824a4f80a2e", + "name": "add_tech_user_management", + "description": "Create / request technical users for my org", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "15bd8123-3469-4505-93ff-a5bd3b929495", + "name": "subscribe_service_offering", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "66f4b417-25d4-47d7-b3d2-e6eb80bcba5e", + "name": "create_partner_registration", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "0d41349d-30a8-42c1-9e1c-2b67d69fba30", + "name": "update_own_user_account", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "b584419b-1973-4c80-b5f9-0d5989263bd4", + "name": "add_self_descriptions", + "description": "add self descriptions", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "f42c35ab-9a75-4be8-9c7d-3ca39a156eba", + "name": "view_user_account", + "description": "Users with this role can view the user account of others", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "e5267609-478c-40b6-bf96-6495bba42cd5", + "name": "view_service_subscriptions", + "description": "User is able to view service subscription under own service", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "065e25ce-29db-41f2-87aa-f4003d62df62", + "name": "activate_subscription", + "description": "Activation of subscriptions", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "0de2c803-1130-4ebf-9dfb-5016aadb9ca2", + "name": "setup_idp", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "9db8ca83-6cfd-4c44-8ab7-ccbcb11da38f", + "name": "view_tech_roles", + "description": "View technical user roles", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "26eacd86-808a-4869-ad64-564cda6b3e2f", + "name": "delete_certificates", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "6560b255-cbc6-4fb7-8afe-d61732e34ab1", + "name": "view_client_roles", + "description": "Users with this right can view the client roles of an app", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "9c81a6b2-737b-477c-9836-479605350a5f", + "name": "subscribe_service", + "description": "subscribe_service", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "29ac8c4d-5296-467c-91fa-3a0d7487c912", + "name": "request_ssicredential", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "3c3c8452-fd50-40bd-b223-9660233dd6af", + "name": "delete_user_account", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "c78c4b1f-5578-4b31-8be4-c386fd58c55c", + "name": "view_subscription", + "description": "View my company subscriptions", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "f4eca60a-55c3-4b53-b3ee-f93a73d497f1", + "name": "delete_notifications", + "description": "User can delete notifications", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "2e210651-de0f-4f3d-9701-6736c39dfd36", + "name": "submit_connector_sd", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "5c5c64c9-46c8-4876-88d0-91cdba553718", + "name": "view_license_types", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "cbf9e4ee-77f1-4310-b461-67995552324e", + "name": "view_submitted_applications", + "description": "Users with this right can view submitted applications and the respective application status", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "c6e35f9f-f7c0-4899-9ce6-7cce7ea79304", + "name": "approve_new_partner", + "description": "User with this right can let new partners access the portal by approving the company registration request inside the admin board", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "67ac93fa-6616-466a-b1db-5293b13c15bb", + "name": "view_technical_setup", + "description": "Users with this right can setup EDC /IDP/etc.", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "a34170d5-779d-489b-b2bb-e1b99b88b638", + "name": "view_tech_user_management", + "description": "View technical users", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "5998f67b-b190-443d-ab9b-3e76bbd73cab", + "name": "add_user_account", + "description": "Users with this right can add user accounts under their CX company", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "5654ef02-0b23-422e-8eb3-7bd95778db8f", + "name": "IT Admin", + "composite": true, + "composites": { + "client": { + "Cl7-CX-BPDM": [ + "view_company_data" + ], + "Cl5-CX-Custodian": [ + "view_wallet" + ], + "Cl1-CX-Registration": [ + "view_registration" + ], + "Cl2-CX-Portal": [ + "delete_connectors", + "view_technical_setup", + "view_tech_user_management", + "add_user_account", + "view_company_data", + "view_managed_idp", + "view_service_marketplace", + "modify_user_account", + "view_service_offering", + "disable_idp", + "add_connectors", + "configure_partner_registration", + "view_own_user_account", + "view_user_management", + "view_idp", + "add_tech_user_management", + "add_idp", + "delete_idp", + "view_membership", + "update_own_user_account", + "add_self_descriptions", + "view_user_account", + "view_service_subscriptions", + "setup_idp", + "view_notifications", + "view_certificates", + "technical_roles_management", + "view_client_roles", + "delete_tech_user_management", + "subscribe_service", + "delete_own_user_account", + "request_ssicredential", + "my_user_account", + "delete_user_account", + "view_apps", + "view_subscription", + "modify_connectors", + "view_use_case_participation", + "delete_notifications", + "view_connectors", + "view_partner_network" + ], + "Cl3-CX-Semantic": [ + "view_semantic_model" + ] + } + }, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "f70ac54f-c8fa-4d87-b7a6-e5a8c028cafe", + "name": "Sales Manager", + "composite": true, + "composites": { + "client": { + "Cl7-CX-BPDM": [ + "view_company_data" + ], + "Cl5-CX-Custodian": [ + "view_wallet" + ], + "Cl1-CX-Registration": [ + "view_registration" + ], + "Cl2-CX-Portal": [ + "view_service_subscriptions", + "activate_subscription", + "view_certificates", + "subscribe_service", + "CX User", + "view_service_offering", + "unsubscribe_apps", + "unsubscribe_services", + "subscribe_apps", + "view_services" + ] + } + }, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "4f2b58a5-0ebd-4b91-b354-4fefd40cc811", + "name": "delete_apps", + "description": "User with this role can delete apps published in the Marketplace", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "5bcbf360-c331-4fbf-b1d2-b16b1a1ec25a", + "name": "approve_service_release", + "description": "approve_service_release", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "21faf04f-5a8b-478a-ac93-face954ee15d", + "name": "view_managed_idp", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "43a0826f-ba1a-44d4-952f-e4b879be353c", + "name": "view_service_marketplace", + "description": "view_service_marketplace", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "4581b083-0c1e-42a2-bb4c-85dfd14cfa23", + "name": "Company Admin", + "composite": true, + "composites": { + "client": { + "Cl7-CX-BPDM": [ + "view_company_data" + ], + "Cl5-CX-Custodian": [ + "view_wallet" + ], + "Cl1-CX-Registration": [ + "view_registration" + ], + "Cl2-CX-Portal": [ + "update_company_role", + "view_documents", + "delete_connectors", + "setup_client", + "view_app_subscription", + "delete_documents", + "view_company_data", + "view_app_language", + "modify_user_account", + "view_autosetup_status", + "add_connectors", + "configure_partner_registration", + "view_own_user_account", + "view_user_management", + "view_idp", + "add_tech_user_management", + "subscribe_service_offering", + "update_own_user_account", + "add_self_descriptions", + "view_user_account", + "setup_idp", + "view_tech_roles", + "delete_certificates", + "view_client_roles", + "subscribe_service", + "request_ssicredential", + "delete_user_account", + "view_subscription", + "delete_notifications", + "view_technical_setup", + "view_tech_user_management", + "add_user_account", + "view_managed_idp", + "view_service_marketplace", + "view_service_offering", + "unsubscribe_apps", + "disable_idp", + "upload_documents", + "upload_certificates", + "view_use_cases", + "subscribe_apps", + "view_services", + "add_idp", + "delete_idp", + "view_membership", + "view_dataspaces", + "filter_apps", + "view_notifications", + "view_certificates", + "technical_roles_management", + "delete_tech_user_management", + "delete_own_user_account", + "my_user_account", + "unsubscribe_services", + "view_apps", + "modify_connectors", + "view_use_case_participation", + "view_connectors", + "view_partner_network" + ], + "Cl3-CX-Semantic": [ + "view_semantic_model", + "delete_semantic_model", + "add_semantic_model", + "update_semantic_model" + ] + } + }, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "496ae7df-fabd-4977-bb81-d6eb96ad81ed", + "name": "CX User", + "composite": true, + "composites": { + "client": { + "Cl7-CX-BPDM": [ + "view_company_data" + ], + "Cl5-CX-Custodian": [ + "view_wallet" + ], + "Cl1-CX-Registration": [ + "view_registration" + ], + "Cl2-CX-Portal": [ + "view_documents", + "view_membership", + "view_dataspaces", + "update_own_user_account", + "filter_apps", + "view_company_data", + "view_notifications", + "view_certificates", + "view_service_marketplace", + "view_service_offering", + "delete_own_user_account", + "my_user_account", + "view_own_user_account", + "view_apps", + "view_user_management", + "view_subscription", + "delete_notifications", + "view_services", + "view_partner_network" + ], + "Cl3-CX-Semantic": [ + "view_semantic_model" + ] + } + }, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "a1bc8bb5-03bb-465e-8795-c68e3920c51d", + "name": "view_service_offering", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "d4833daf-92a0-4509-9b45-4957ca1933d3", + "name": "unsubscribe_apps", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "d9609443-abd1-462f-8881-3e7d8213d785", + "name": "disable_idp", + "description": "disable an assigned idp", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "a5492307-2072-4c5d-9de3-f507f3d3302e", + "name": "App Manager", + "composite": true, + "composites": { + "client": { + "Cl7-CX-BPDM": [ + "view_company_data" + ], + "Cl5-CX-Custodian": [ + "view_wallet" + ], + "Cl1-CX-Registration": [ + "view_registration" + ], + "Cl2-CX-Portal": [ + "add_apps", + "view_license_types", + "add_user_account", + "activate_subscription", + "delete_apps", + "view_certificates", + "CX User", + "view_autosetup_status", + "App Developer", + "edit_apps" + ], + "Cl3-CX-Semantic": [ + "add_semantic_model", + "update_semantic_model", + "view_semantic_model", + "delete_semantic_model" + ] + } + }, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "39c00d2f-491f-4658-96ef-9f47920afea6", + "name": "upload_documents", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "48c262f0-3f56-4bab-94d5-f3c30fb5d9f9", + "name": "upload_certificates", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "b4bead06-e3c4-4fce-9e06-43d9d9537766", + "name": "view_use_cases", + "description": "Users can view available use cases in the network", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "51e6dede-686f-43d5-925a-693784f8a661", + "name": "subscribe_apps", + "description": "User is able to start the app subscription process", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "6e3d7bcf-7340-4def-bb76-8002acc73f95", + "name": "view_services", + "description": "view service marketplace", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "8d3a5c8d-d4dc-4aaa-8941-9cd38cd3906e", + "name": "update_application_checklist_value", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "9b440b50-0ddd-4a6f-9a22-24073aea801e", + "name": "add_idp", + "description": "User can create a new idp under his organisation", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "c190da2a-aad4-4a02-9904-88207ba322a6", + "name": "delete_idp", + "description": "User can delete company idps", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "8cebb227-d72c-428e-92fd-6b4c01cbb899", + "name": "view_membership", + "description": "view_membership", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "ee373634-1eb3-4702-a269-774f36f54453", + "name": "decline_service_release", + "description": "decline_service_release", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "8fe708e4-7870-4044-89eb-a74b8dc11a8e", + "name": "view_dataspaces", + "description": "View dataspace marketplace", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "b06c2999-6008-4fb6-a22f-93fdac150656", + "name": "decline_app_release", + "description": "User can decline apps to not get released on the marketplace", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "3a3af42c-c564-44ca-b83c-6d5c3bbd6087", + "name": "add_service_offering", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "9f5b48bf-4fc2-4feb-8c4e-00b57f5f2bed", + "name": "filter_apps", + "description": "Users with this role can filter apps in the App Marketplace", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "765bced5-b422-4f91-b35f-19d648595e6a", + "name": "Purchaser", + "composite": true, + "composites": { + "client": { + "Cl7-CX-BPDM": [ + "view_company_data" + ], + "Cl5-CX-Custodian": [ + "view_wallet" + ], + "Cl1-CX-Registration": [ + "view_registration" + ], + "Cl2-CX-Portal": [ + "delete_certificates", + "subscribe_service_offering", + "CX User", + "unsubscribe_apps", + "view_app_subscription", + "unsubscribe_services", + "upload_certificates", + "view_certificates", + "subscribe_apps" + ] + } + }, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "f9ec0166-c20b-4f1f-9f0d-11349fec657c", + "name": "view_notifications", + "description": "User can view notification details", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "f1231514-aa65-408a-bf0d-c9d6d210e99a", + "name": "view_certificates", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "7b816094-20e7-44fb-a45f-3ecb9d9d7157", + "name": "CX Admin", + "composite": true, + "composites": { + "client": { + "Cl7-CX-BPDM": [ + "delete_company_data", + "add_company_data", + "view_company_data" + ], + "Cl5-CX-Custodian": [ + "delete_wallet", + "add_wallet", + "view_wallet", + "update_wallet" + ], + "Cl1-CX-Registration": [ + "view_registration" + ], + "Cl2-CX-Portal": [ + "decline_new_partner", + "update_company_role", + "view_documents", + "delete_connectors", + "update_service_offering", + "invite_new_partner", + "setup_client", + "view_app_subscription", + "delete_documents", + "app_management", + "view_company_data", + "approve_app_release", + "view_app_language", + "modify_user_account", + "view_autosetup_status", + "decision_ssicredential", + "add_connectors", + "view_own_user_account", + "view_user_management", + "view_idp", + "add_apps", + "add_tech_user_management", + "subscribe_service_offering", + "update_own_user_account", + "add_self_descriptions", + "view_user_account", + "view_service_subscriptions", + "activate_subscription", + "setup_idp", + "view_tech_roles", + "view_client_roles", + "subscribe_service", + "request_ssicredential", + "delete_user_account", + "view_subscription", + "delete_notifications", + "view_license_types", + "view_submitted_applications", + "approve_new_partner", + "view_technical_setup", + "view_tech_user_management", + "add_user_account", + "delete_apps", + "approve_service_release", + "view_managed_idp", + "view_service_marketplace", + "view_service_offering", + "unsubscribe_apps", + "disable_idp", + "upload_documents", + "view_use_cases", + "subscribe_apps", + "view_services", + "add_idp", + "delete_idp", + "view_membership", + "decline_service_release", + "view_dataspaces", + "decline_app_release", + "add_service_offering", + "filter_apps", + "view_notifications", + "view_certificates", + "technical_roles_management", + "delete_tech_user_management", + "delete_own_user_account", + "my_user_account", + "create_notifications", + "edit_apps", + "unsubscribe_services", + "view_apps", + "modify_connectors", + "view_use_case_participation", + "view_connectors", + "view_partner_network" + ], + "Cl3-CX-Semantic": [ + "view_semantic_model", + "delete_semantic_model", + "add_semantic_model", + "update_semantic_model" + ] + } + }, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "92b5a061-8e54-4562-a86c-94c0bacef12d", + "name": "technical_roles_management", + "description": "technical roles management", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "4ac0c3dc-1401-4ed6-a5f8-d8e08e2f5c78", + "name": "delete_tech_user_management", + "description": "Delete a technical user", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "f02debf4-92ff-4b7f-a56c-db7c6321ceda", + "name": "delete_own_user_account", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "99a8940c-0fbc-4f65-8134-4b598c3aabbc", + "name": "my_user_account", + "description": "view my own user account details", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "22b05ced-cd8e-4769-a368-b8266bf967ef", + "name": "create_notifications", + "description": "User can create notifications (ONLY FOR TEST REASONS)", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "13fe64aa-6de6-4b94-9e3d-af9b2c7f2917", + "name": "edit_apps", + "description": "Users with this role can edit apps which are published in the marketplace", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "60832277-251d-47f0-b40b-004f7224d0fc", + "name": "unsubscribe_services", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "817fa189-808e-465c-b75d-838336ab7a84", + "name": "view_apps", + "description": "Users with this role can view apps in the App Marketplace", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "dc2b47a7-8e7e-49a1-b23a-e099168b8229", + "name": "modify_connectors", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "42873085-5177-4ff5-88df-0290e568babd", + "name": "view_use_case_participation", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "e5ec6a66-8fad-4066-bcdd-92041f894831", + "name": "view_connectors", + "description": "Look up company connectors and their details", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "104c094b-eaf5-4b0e-9758-f14dedf925da", + "name": "view_partner_network", + "description": "Partner Network view", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + } + ], + "Cl22-CX-BPND": [ + { + "id": "798bcaf7-fec5-414f-91ef-352967bfd72a", + "name": "add_bpn_discovery", + "composite": false, + "clientRole": true, + "containerId": "48fc6e9e-a736-4b0b-9fea-59ad847b02e0", + "attributes": {} + }, + { + "id": "07c35188-e159-4f5b-b05e-a393c5b8c115", + "name": "delete_bpn_discovery", + "composite": false, + "clientRole": true, + "containerId": "48fc6e9e-a736-4b0b-9fea-59ad847b02e0", + "attributes": {} + }, + { + "id": "05bc014a-ce02-4965-bdea-34d5b206e0e5", + "name": "view_bpn_discovery", + "composite": false, + "clientRole": true, + "containerId": "48fc6e9e-a736-4b0b-9fea-59ad847b02e0", + "attributes": {} + } + ], + "Cl21-CX-DF": [ + { + "id": "44a9692a-6d97-4ce0-9d1c-bcdd273792a9", + "name": "view_discovery_endpoint", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "bf1cfe3e-3950-4fdc-8a58-13b73cec6740", + "attributes": {} + }, + { + "id": "3bb6b58e-b10b-4705-aef9-56f359e46111", + "name": "delete_discovery_endpoint", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "bf1cfe3e-3950-4fdc-8a58-13b73cec6740", + "attributes": {} + }, + { + "id": "518d41c9-c7c7-4ab4-be2b-2b467977ecc9", + "name": "add_discovery_endpoint", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "bf1cfe3e-3950-4fdc-8a58-13b73cec6740", + "attributes": {} + } + ], + "sa-cl8-cx-1": [], + "Cl7-CX-BPDM": [ + { + "id": "b59a076b-07c5-42fa-b8d8-04a65f077226", + "name": "delete_company_data", + "composite": false, + "clientRole": true, + "containerId": "04cd6d38-674f-4588-980a-8f120bddcc44", + "attributes": {} + }, + { + "id": "a4829839-9df9-47c8-8eb0-57f4020000c3", + "name": "add_company_data", + "composite": false, + "clientRole": true, + "containerId": "04cd6d38-674f-4588-980a-8f120bddcc44", + "attributes": {} + }, + { + "id": "d16779a5-03bd-4fbd-bf40-382c4348b205", + "name": "view_company_data", + "composite": false, + "clientRole": true, + "containerId": "04cd6d38-674f-4588-980a-8f120bddcc44", + "attributes": {} + } + ], + "technical_roles_management": [ + { + "id": "b5c9ff05-b0cf-414d-bd70-e38f8e4923cf", + "name": "BPDM Management", + "composite": true, + "composites": { + "client": { + "Cl7-CX-BPDM": [ + "delete_company_data", + "add_company_data", + "view_company_data" + ] + } + }, + "clientRole": true, + "containerId": "6df310ed-500e-43d5-b510-fa4668e939ee", + "attributes": {} + }, + { + "id": "0324b0ed-43c0-4493-ad4b-4f202e288df0", + "name": "CX Membership Info", + "description": "", + "composite": true, + "composites": { + "client": { + "Cl2-CX-Portal": [ + "view_membership" + ] + } + }, + "clientRole": true, + "containerId": "6df310ed-500e-43d5-b510-fa4668e939ee", + "attributes": {} + }, + { + "id": "4776c000-7232-4804-a133-aff0c01966ba", + "name": "Semantic Model Management", + "description": "", + "composite": true, + "composites": { + "client": { + "Cl3-CX-Semantic": [ + "view_semantic_model" + ] + } + }, + "clientRole": true, + "containerId": "6df310ed-500e-43d5-b510-fa4668e939ee", + "attributes": {} + }, + { + "id": "20f2c41a-dacd-4505-877a-bb899066a767", + "name": "BPDM Pool", + "composite": true, + "composites": { + "client": { + "Cl7-CX-BPDM": [ + "view_company_data" + ] + } + }, + "clientRole": true, + "containerId": "6df310ed-500e-43d5-b510-fa4668e939ee", + "attributes": {} + }, + { + "id": "162b2472-c940-4285-a662-e712501491dc", + "name": "BPDM Gate Read & Write", + "description": "", + "composite": true, + "composites": { + "client": { + "Cl16-CX-BPDMGate": [ + "view_company_data", + "update_company_data", + "view_shared_data" + ] + } + }, + "clientRole": true, + "containerId": "6df310ed-500e-43d5-b510-fa4668e939ee", + "attributes": {} + }, + { + "id": "6f153999-e1a9-4cc7-b9c0-f53e7c5f7a42", + "name": "Identity Wallet Management", + "composite": true, + "composites": { + "client": { + "Cl5-CX-Custodian": [ + "view_wallet", + "update_wallet" + ] + } + }, + "clientRole": true, + "containerId": "6df310ed-500e-43d5-b510-fa4668e939ee", + "attributes": {} + }, + { + "id": "dee6cf7a-fb6b-451c-9ef7-87459893e48f", + "name": "Registration External", + "composite": true, + "composites": { + "client": { + "Cl2-CX-Portal": [ + "create_partner_registration", + "configure_partner_registration" + ] + } + }, + "clientRole": true, + "containerId": "6df310ed-500e-43d5-b510-fa4668e939ee", + "attributes": {} + }, + { + "id": "8ce375c0-bab3-4df7-939f-a61cd0fa0ab1", + "name": "Offer Management", + "description": "", + "composite": true, + "composites": { + "client": { + "Cl2-CX-Portal": [ + "view_tech_user_management", + "add_service_offering", + "add_connectors", + "app_management", + "activate_subscription" + ] + } + }, + "clientRole": true, + "containerId": "6df310ed-500e-43d5-b510-fa4668e939ee", + "attributes": {} + }, + { + "id": "67ef1542-73d5-4179-8c4e-d4a297b8aad3", + "name": "BPDM Partner Gate", + "composite": true, + "composites": { + "client": { + "Cl16-CX-BPDMGate": [ + "view_company_data", + "update_company_data", + "view_shared_data" + ] + } + }, + "clientRole": true, + "containerId": "6df310ed-500e-43d5-b510-fa4668e939ee", + "attributes": {} + }, + { + "id": "ef1112fd-3e6d-4e73-8947-5a21fd38f760", + "name": "BPDM Gate Read", + "description": "", + "composite": true, + "composites": { + "client": { + "Cl16-CX-BPDMGate": [ + "view_company_data" + ] + } + }, + "clientRole": true, + "containerId": "6df310ed-500e-43d5-b510-fa4668e939ee", + "attributes": {} + }, + { + "id": "d5781775-3fbd-4f46-84ea-b19164393205", + "name": "Dataspace Discovery", + "composite": true, + "composites": { + "client": { + "Cl22-CX-BPND": [ + "add_bpn_discovery", + "delete_bpn_discovery", + "view_bpn_discovery" + ], + "Cl21-CX-DF": [ + "view_discovery_endpoint" + ], + "Cl2-CX-Portal": [ + "view_connectors" + ] + } + }, + "clientRole": true, + "containerId": "6df310ed-500e-43d5-b510-fa4668e939ee", + "attributes": {} + } + ], + "admin-cli": [], + "realm-management": [ + { + "id": "aafa6845-0920-4013-a283-594c9dc7ac32", + "name": "view-realm", + "description": "${role_view-realm}", + "composite": false, + "clientRole": true, + "containerId": "213ea3ce-b036-405f-8abd-3ee08ff72857", + "attributes": {} + }, + { + "id": "08811aa8-7a05-489d-9f5e-bd51fd39fbc3", + "name": "manage-realm", + "description": "${role_manage-realm}", + "composite": false, + "clientRole": true, + "containerId": "213ea3ce-b036-405f-8abd-3ee08ff72857", + "attributes": {} + }, + { + "id": "172dbf29-cc79-438f-9f56-24d0941f04ea", + "name": "impersonation", + "description": "${role_impersonation}", + "composite": false, + "clientRole": true, + "containerId": "213ea3ce-b036-405f-8abd-3ee08ff72857", + "attributes": {} + }, + { + "id": "6ecdc37e-e84c-4b2f-b7f8-950ad361b831", + "name": "manage-events", + "description": "${role_manage-events}", + "composite": false, + "clientRole": true, + "containerId": "213ea3ce-b036-405f-8abd-3ee08ff72857", + "attributes": {} + }, + { + "id": "3bc03769-6258-4202-9f83-2f9f33821ccb", + "name": "view-users", + "description": "${role_view-users}", + "composite": true, + "composites": { + "client": { + "realm-management": [ + "query-users", + "query-groups" + ] + } + }, + "clientRole": true, + "containerId": "213ea3ce-b036-405f-8abd-3ee08ff72857", + "attributes": {} + }, + { + "id": "93db5b47-913a-4c45-a227-33f0b5c90701", + "name": "create-client", + "description": "${role_create-client}", + "composite": false, + "clientRole": true, + "containerId": "213ea3ce-b036-405f-8abd-3ee08ff72857", + "attributes": {} + }, + { + "id": "8cce49c4-c187-4573-ad0d-fddabc764ab3", + "name": "view-events", + "description": "${role_view-events}", + "composite": false, + "clientRole": true, + "containerId": "213ea3ce-b036-405f-8abd-3ee08ff72857", + "attributes": {} + }, + { + "id": "a2621233-2118-44ef-aa5b-c1c75854e395", + "name": "query-clients", + "description": "${role_query-clients}", + "composite": false, + "clientRole": true, + "containerId": "213ea3ce-b036-405f-8abd-3ee08ff72857", + "attributes": {} + }, + { + "id": "fa001419-f155-4709-af5a-7753fa0d5798", + "name": "view-identity-providers", + "description": "${role_view-identity-providers}", + "composite": false, + "clientRole": true, + "containerId": "213ea3ce-b036-405f-8abd-3ee08ff72857", + "attributes": {} + }, + { + "id": "257abe39-01cd-44d1-96c3-e179d83effb6", + "name": "manage-users", + "description": "${role_manage-users}", + "composite": false, + "clientRole": true, + "containerId": "213ea3ce-b036-405f-8abd-3ee08ff72857", + "attributes": {} + }, + { + "id": "ad4b404c-de7f-4224-bb64-fc132a6c54c1", + "name": "realm-admin", + "description": "${role_realm-admin}", + "composite": true, + "composites": { + "client": { + "realm-management": [ + "view-realm", + "manage-realm", + "impersonation", + "manage-events", + "view-users", + "create-client", + "view-events", + "query-clients", + "view-identity-providers", + "manage-users", + "query-realms", + "manage-identity-providers", + "view-authorization", + "view-clients", + "manage-authorization", + "query-users", + "manage-clients", + "query-groups" + ] + } + }, + "clientRole": true, + "containerId": "213ea3ce-b036-405f-8abd-3ee08ff72857", + "attributes": {} + }, + { + "id": "13ba5952-cd79-4aea-9511-0741b2578980", + "name": "query-realms", + "description": "${role_query-realms}", + "composite": false, + "clientRole": true, + "containerId": "213ea3ce-b036-405f-8abd-3ee08ff72857", + "attributes": {} + }, + { + "id": "9842d196-88db-4df8-9c99-e383fa2e1b95", + "name": "manage-identity-providers", + "description": "${role_manage-identity-providers}", + "composite": false, + "clientRole": true, + "containerId": "213ea3ce-b036-405f-8abd-3ee08ff72857", + "attributes": {} + }, + { + "id": "14d19c59-046b-4772-8c2d-9dc1ccc82f46", + "name": "view-authorization", + "description": "${role_view-authorization}", + "composite": false, + "clientRole": true, + "containerId": "213ea3ce-b036-405f-8abd-3ee08ff72857", + "attributes": {} + }, + { + "id": "01feddbc-f742-42a9-ba3c-64f8ac2d5ba3", + "name": "view-clients", + "description": "${role_view-clients}", + "composite": true, + "composites": { + "client": { + "realm-management": [ + "query-clients" + ] + } + }, + "clientRole": true, + "containerId": "213ea3ce-b036-405f-8abd-3ee08ff72857", + "attributes": {} + }, + { + "id": "f36cf8ec-3f54-4df5-80e6-36b44c0b1803", + "name": "manage-authorization", + "description": "${role_manage-authorization}", + "composite": false, + "clientRole": true, + "containerId": "213ea3ce-b036-405f-8abd-3ee08ff72857", + "attributes": {} + }, + { + "id": "b0c29452-6401-4f9d-a808-25b861c19006", + "name": "query-users", + "description": "${role_query-users}", + "composite": false, + "clientRole": true, + "containerId": "213ea3ce-b036-405f-8abd-3ee08ff72857", + "attributes": {} + }, + { + "id": "acf55e28-5dad-462b-abf5-51f598a7b8e8", + "name": "manage-clients", + "description": "${role_manage-clients}", + "composite": false, + "clientRole": true, + "containerId": "213ea3ce-b036-405f-8abd-3ee08ff72857", + "attributes": {} + }, + { + "id": "08547466-edfb-4676-9fb5-e4f4a6ee7363", + "name": "query-groups", + "description": "${role_query-groups}", + "composite": false, + "clientRole": true, + "containerId": "213ea3ce-b036-405f-8abd-3ee08ff72857", + "attributes": {} + } + ], + "Cl16-CX-BPDMGate": [ + { + "id": "891e715a-7fdb-4dbe-a177-998a383ee836", + "name": "view_company_data", + "composite": false, + "clientRole": true, + "containerId": "52f90723-b4c1-44c3-bef2-fd8ebe59ae6c", + "attributes": {} + }, + { + "id": "cf42a03f-20f7-4ff3-a898-e1a93bf03520", + "name": "update_company_data", + "composite": false, + "clientRole": true, + "containerId": "52f90723-b4c1-44c3-bef2-fd8ebe59ae6c", + "attributes": {} + }, + { + "id": "2a006c99-0790-4dd0-8b82-59c4fea1ce17", + "name": "view_shared_data", + "composite": false, + "clientRole": true, + "containerId": "52f90723-b4c1-44c3-bef2-fd8ebe59ae6c", + "attributes": {} + } + ], + "Cl5-CX-Custodian": [ + { + "id": "11c06d7d-8cab-42e8-b8bb-599940c61f2b", + "name": "delete_wallet", + "description": "User can delete his wallet", + "composite": false, + "clientRole": true, + "containerId": "e6ab12bb-3b26-472c-ad0b-3d871bd1461b", + "attributes": {} + }, + { + "id": "7cbf7bf7-be0b-4372-9b5d-56bfcfad4ef7", + "name": "add_wallets", + "composite": false, + "clientRole": true, + "containerId": "e6ab12bb-3b26-472c-ad0b-3d871bd1461b", + "attributes": {} + }, + { + "id": "4e985f0a-4d33-409c-93a2-8d1b1de000e6", + "name": "delete_wallets", + "composite": false, + "clientRole": true, + "containerId": "e6ab12bb-3b26-472c-ad0b-3d871bd1461b", + "attributes": {} + }, + { + "id": "823ef0fd-ad22-4817-b31b-4638139b435c", + "name": "update_wallets", + "composite": false, + "clientRole": true, + "containerId": "e6ab12bb-3b26-472c-ad0b-3d871bd1461b", + "attributes": {} + }, + { + "id": "191ff80d-5525-4dc5-a761-80783a4d8c04", + "name": "add_wallet", + "description": "Add a new wallet", + "composite": false, + "clientRole": true, + "containerId": "e6ab12bb-3b26-472c-ad0b-3d871bd1461b", + "attributes": {} + }, + { + "id": "d6521ed5-9154-49a8-9ac4-c0a12573b201", + "name": "view_wallet", + "description": "Can view own wallet", + "composite": false, + "clientRole": true, + "containerId": "e6ab12bb-3b26-472c-ad0b-3d871bd1461b", + "attributes": {} + }, + { + "id": "dbdb11f0-f21a-4012-9610-43934407c309", + "name": "update_wallet", + "description": "Change existing wallet", + "composite": false, + "clientRole": true, + "containerId": "e6ab12bb-3b26-472c-ad0b-3d871bd1461b", + "attributes": {} + }, + { + "id": "82b61160-ff26-4dd0-abf5-33d6ec57cdc7", + "name": "view_wallets", + "composite": false, + "clientRole": true, + "containerId": "e6ab12bb-3b26-472c-ad0b-3d871bd1461b", + "attributes": {} + } + ], + "Cl1-CX-Registration": [ + { + "id": "3c7b8dec-3ef8-4665-82a3-2d8aeed059d8", + "name": "view_documents", + "composite": false, + "clientRole": true, + "containerId": "fcc06fed-6259-4a49-8e1b-e7eae940145e", + "attributes": {} + }, + { + "id": "21fce69f-e42a-4f03-a47f-74441f5719c7", + "name": "view_company_roles", + "description": "View Company Roles and Descriptions", + "composite": false, + "clientRole": true, + "containerId": "fcc06fed-6259-4a49-8e1b-e7eae940145e", + "attributes": {} + }, + { + "id": "9fe7f83e-c5af-408f-9e02-66ca6d318d9b", + "name": "delete_documents", + "description": "delete_documents", + "composite": false, + "clientRole": true, + "containerId": "fcc06fed-6259-4a49-8e1b-e7eae940145e", + "attributes": {} + }, + { + "id": "009c93b3-8cb7-4961-9492-9d2fc9574583", + "name": "upload_documents", + "description": "User is able to upload documents in the registration service", + "composite": false, + "clientRole": true, + "containerId": "fcc06fed-6259-4a49-8e1b-e7eae940145e", + "attributes": {} + }, + { + "id": "9607136e-9daf-4057-9274-767d4de473ab", + "name": "add_company_data", + "description": "User is able to add / edit company data under the registration process", + "composite": false, + "clientRole": true, + "containerId": "fcc06fed-6259-4a49-8e1b-e7eae940145e", + "attributes": {} + }, + { + "id": "b1b1e25d-0e14-4fc0-882a-126f3f6cbbc0", + "name": "view_registration", + "description": "Permission to access & view the registration process", + "composite": false, + "clientRole": true, + "containerId": "fcc06fed-6259-4a49-8e1b-e7eae940145e", + "attributes": {} + }, + { + "id": "fd523149-5499-412d-82b0-d8aeccbb5c5e", + "name": "Company Admin", + "composite": true, + "composites": { + "client": { + "Cl7-CX-BPDM": [ + "view_company_data" + ], + "Cl1-CX-Registration": [ + "add_company_data", + "view_registration", + "view_documents", + "view_company_roles", + "submit_registration", + "sign_consent", + "delete_documents", + "upload_documents", + "invite_user" + ] + } + }, + "clientRole": true, + "containerId": "fcc06fed-6259-4a49-8e1b-e7eae940145e", + "attributes": {} + }, + { + "id": "e5f03bf6-0b3c-4539-8873-d146bd18e504", + "name": "CX Admin", + "composite": true, + "composites": { + "client": { + "Cl1-CX-Registration": [ + "add_company_data", + "view_registration", + "view_documents", + "view_company_roles", + "submit_registration", + "sign_consent", + "delete_documents", + "upload_documents", + "invite_user" + ] + } + }, + "clientRole": true, + "containerId": "fcc06fed-6259-4a49-8e1b-e7eae940145e", + "attributes": {} + }, + { + "id": "086cf0b0-7181-4a8a-89d3-137fd02e0847", + "name": "submit_registration", + "description": "User is able to submit the registration to Catena-X", + "composite": false, + "clientRole": true, + "containerId": "fcc06fed-6259-4a49-8e1b-e7eae940145e", + "attributes": {} + }, + { + "id": "87ecd7bb-039a-4e0a-a1a8-ca17b32d7891", + "name": "Signing Manager", + "composite": true, + "composites": { + "client": { + "Cl1-CX-Registration": [ + "add_company_data", + "view_registration", + "view_documents", + "view_company_roles", + "submit_registration", + "sign_consent", + "delete_documents", + "upload_documents", + "invite_user" + ] + } + }, + "clientRole": true, + "containerId": "fcc06fed-6259-4a49-8e1b-e7eae940145e", + "attributes": {} + }, + { + "id": "e12709ce-c1fc-454a-a095-4088cab26539", + "name": "sign_consent", + "description": "User is able to confirm Terms & Conditions", + "composite": false, + "clientRole": true, + "containerId": "fcc06fed-6259-4a49-8e1b-e7eae940145e", + "attributes": {} + }, + { + "id": "461ea134-91cd-4482-a0cb-6f8406846807", + "name": "Legal Manager", + "composite": true, + "composites": { + "client": { + "Cl1-CX-Registration": [ + "add_company_data", + "view_registration", + "view_documents", + "view_company_roles", + "submit_registration", + "sign_consent", + "delete_documents", + "upload_documents", + "invite_user" + ] + } + }, + "clientRole": true, + "containerId": "fcc06fed-6259-4a49-8e1b-e7eae940145e", + "attributes": {} + }, + { + "id": "44d50090-3343-48d8-9843-7eeb15276869", + "name": "invite_user", + "description": "User is able to add additional users to the registration process", + "composite": false, + "clientRole": true, + "containerId": "fcc06fed-6259-4a49-8e1b-e7eae940145e", + "attributes": {} + } + ], + "sa-cl21-01": [], + "sa-cl7-cx-5": [], + "broker": [ + { + "id": "d1330d07-b783-43ad-b545-85a230060023", + "name": "read-token", + "description": "${role_read-token}", + "composite": false, + "clientRole": true, + "containerId": "03885031-084a-4317-aa51-de9b4acf8fa9", + "attributes": {} + } + ], + "Cl3-CX-Semantic": [ + { + "id": "beef62b1-2e1c-4fc2-8813-7f3981ebfde2", + "name": "view_semantic_model", + "description": "View existing data models", + "composite": false, + "clientRole": true, + "containerId": "36e2745d-f331-4fa5-bbfa-90947d7f1dc4", + "attributes": {} + }, + { + "id": "fa8261a8-fe09-4867-a558-438737917185", + "name": "delete_semantic_model", + "description": "User can delete existing semantic models", + "composite": false, + "clientRole": true, + "containerId": "36e2745d-f331-4fa5-bbfa-90947d7f1dc4", + "attributes": {} + }, + { + "id": "a46242a3-26db-4b86-b836-bf0339168c56", + "name": "add_semantic_model", + "description": "Add semantic model", + "composite": false, + "clientRole": true, + "containerId": "36e2745d-f331-4fa5-bbfa-90947d7f1dc4", + "attributes": {} + }, + { + "id": "f7d88948-b75d-4ed0-851d-b4c645ae27ca", + "name": "update_semantic_model", + "description": "User can update existing semantic models", + "composite": false, + "clientRole": true, + "containerId": "36e2745d-f331-4fa5-bbfa-90947d7f1dc4", + "attributes": {} + } + ], + "sa-cl1-reg-2": [], + "sa-cl5-custodian-1": [], + "sa-cl5-custodian-2": [], + "account": [ + { + "id": "9a1e745f-e0b5-4efc-9336-3ba403a79cb8", + "name": "manage-consent", + "description": "${role_manage-consent}", + "composite": true, + "composites": { + "client": { + "account": [ + "view-consent" + ] + } + }, + "clientRole": true, + "containerId": "60313b78-e131-4358-9817-163ee938cc59", + "attributes": {} + }, + { + "id": "93070949-280d-4183-9761-94792722cc1d", + "name": "delete-account", + "description": "${role_delete-account}", + "composite": false, + "clientRole": true, + "containerId": "60313b78-e131-4358-9817-163ee938cc59", + "attributes": {} + }, + { + "id": "20d5e725-3d3b-4bfe-9a62-5e650ae55b53", + "name": "manage-account", + "description": "${role_manage-account}", + "composite": true, + "composites": { + "client": { + "account": [ + "manage-account-links" + ] + } + }, + "clientRole": true, + "containerId": "60313b78-e131-4358-9817-163ee938cc59", + "attributes": {} + }, + { + "id": "d0312a58-8fba-4fea-9a07-bd5e1515f9d8", + "name": "view-profile", + "description": "${role_view-profile}", + "composite": false, + "clientRole": true, + "containerId": "60313b78-e131-4358-9817-163ee938cc59", + "attributes": {} + }, + { + "id": "1bc65f13-4eda-4954-9944-6699ec3913b3", + "name": "manage-account-links", + "description": "${role_manage-account-links}", + "composite": false, + "clientRole": true, + "containerId": "60313b78-e131-4358-9817-163ee938cc59", + "attributes": {} + }, + { + "id": "8b60326c-d508-4563-a41f-7973383d7501", + "name": "view-applications", + "description": "${role_view-applications}", + "composite": false, + "clientRole": true, + "containerId": "60313b78-e131-4358-9817-163ee938cc59", + "attributes": {} + }, + { + "id": "1cf8486a-4671-452c-bda9-115842957c8e", + "name": "view-groups", + "description": "${role_view-groups}", + "composite": false, + "clientRole": true, + "containerId": "60313b78-e131-4358-9817-163ee938cc59", + "attributes": {} + }, + { + "id": "ef74a99a-0297-43c7-ae30-109c08a5aa69", + "name": "view-consent", + "description": "${role_view-consent}", + "composite": false, + "clientRole": true, + "containerId": "60313b78-e131-4358-9817-163ee938cc59", + "attributes": {} + } + ], + "Cl23-CX-Policy-Hub": [ + { + "id": "c9dd28a0-8abe-428b-88e0-56c9de63758a", + "name": "view_policy_hub", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "6546aea2-dbb9-4ffb-a034-c8544c4aebe0", + "attributes": {} + } + ] + } + }, + "groups": [], + "defaultRole": { + "id": "4c19f2aa-f9b9-473e-ba5c-46c2f4e52c8b", + "name": "default-roles-catena-x realm", + "description": "${role_default-roles}", + "composite": true, + "clientRole": false, + "containerId": "CX-Central" + }, + "requiredCredentials": [ + "password" + ], + "otpPolicyType": "totp", + "otpPolicyAlgorithm": "HmacSHA1", + "otpPolicyInitialCounter": 0, + "otpPolicyDigits": 6, + "otpPolicyLookAheadWindow": 1, + "otpPolicyPeriod": 30, + "otpPolicyCodeReusable": false, + "otpSupportedApplications": [ + "totpAppMicrosoftAuthenticatorName", + "totpAppFreeOTPName", + "totpAppGoogleName" + ], + "webAuthnPolicyRpEntityName": "keycloak", + "webAuthnPolicySignatureAlgorithms": [ + "ES256" + ], + "webAuthnPolicyRpId": "", + "webAuthnPolicyAttestationConveyancePreference": "not specified", + "webAuthnPolicyAuthenticatorAttachment": "not specified", + "webAuthnPolicyRequireResidentKey": "not specified", + "webAuthnPolicyUserVerificationRequirement": "not specified", + "webAuthnPolicyCreateTimeout": 0, + "webAuthnPolicyAvoidSameAuthenticatorRegister": false, + "webAuthnPolicyAcceptableAaguids": [], + "webAuthnPolicyPasswordlessRpEntityName": "keycloak", + "webAuthnPolicyPasswordlessSignatureAlgorithms": [ + "ES256" + ], + "webAuthnPolicyPasswordlessRpId": "", + "webAuthnPolicyPasswordlessAttestationConveyancePreference": "not specified", + "webAuthnPolicyPasswordlessAuthenticatorAttachment": "not specified", + "webAuthnPolicyPasswordlessRequireResidentKey": "not specified", + "webAuthnPolicyPasswordlessUserVerificationRequirement": "not specified", + "webAuthnPolicyPasswordlessCreateTimeout": 0, + "webAuthnPolicyPasswordlessAvoidSameAuthenticatorRegister": false, + "webAuthnPolicyPasswordlessAcceptableAaguids": [], + "users": [ + { + "id" : "502dabcf-01c7-47d9-a88e-0be4279097b5", + "createdTimestamp" : 1652788086549, + "username" : "ac1cf001-7fbc-1f2f-817f-bce058020006", + "enabled" : true, + "totp" : false, + "emailVerified" : false, + "firstName" : "Operator", + "lastName" : "CX Admin", + "email" : "tobeadded@cx.com", + "attributes" : { + "bpn" : [ "BPNL00000003CRHK" ], + "organisation" : [ "CX-Operator" ] + }, + "credentials" : [ ], + "disableableCredentialTypes" : [ ], + "requiredActions" : [ ], + "federatedIdentities" : [ { + "identityProvider" : "CX-Operator", + "userId" : "656e8a94-188b-4a3e-9eec-b45d8efd8347", + "userName" : "cx-operator@cx.com" + } ], + "realmRoles" : [ "default-roles-catena-x realm" ], + "clientRoles" : { + "Cl2-CX-Portal" : [ "CX Admin" ] + }, + "notBefore" : 0, + "groups" : [ ] + }, + { + "id": "e69c1397-eee8-434a-b83b-dc7944bb9bdd", + "createdTimestamp": 1651730911692, + "username": "service-account-sa-cl1-reg-2", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl1-reg-2", + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "realm-management": [ + "manage-users", + "manage-identity-providers", + "manage-clients" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "f0c69a64-dfbe-46e4-92db-75f6f4670909", + "createdTimestamp": 1676572155414, + "username": "service-account-sa-cl2-01", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl2-01", + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "Cl2-CX-Portal": [ + "update_application_checklist_value" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "18c3a6b3-ecfe-4572-bbb4-af0c1823f206", + "createdTimestamp": 1676572207640, + "username": "service-account-sa-cl2-02", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl2-02", + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "Cl2-CX-Portal": [ + "submit_connector_sd", + "update_application_checklist_value" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "a0bbb8fa-cc40-44e3-828d-342e782fd284", + "createdTimestamp": 1681380138448, + "username": "service-account-sa-cl2-03", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl2-03", + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "notBefore": 0, + "groups": [] + }, + { + "id": "319d6b7f-bd88-4103-8124-e8ac4c791acf", + "createdTimestamp": 1681915810810, + "username": "service-account-sa-cl21-01", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl21-01", + "attributes": { + "bpn": [ + "BPNL00000003CRHK" + ] + }, + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "Cl21-CX-DF": [ + "view_discovery_endpoint", + "delete_discovery_endpoint", + "add_discovery_endpoint" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "b52bd8e5-98ce-48b4-af43-0b43b45d0358", + "createdTimestamp": 1681915925763, + "username": "service-account-sa-cl22-01", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl22-01", + "attributes": { + "bpn": [ + "BPNL00000003CRHK" + ] + }, + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "Cl22-CX-BPND": [ + "add_bpn_discovery", + "delete_bpn_discovery", + "view_bpn_discovery" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "965ae857-1e91-4e0b-bdb5-4efd1fc7ea9c", + "createdTimestamp": 1658347753956, + "username": "service-account-sa-cl3-cx-1", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl3-cx-1", + "attributes": { + "bpn": [ + "CAX0000000000001" + ] + }, + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "technical_roles_management": [ + "Semantic Model Management", + "Identity Wallet Management", + "Dataspace Discovery" + ], + "Cl3-CX-Semantic": [ + "delete_semantic_model", + "add_semantic_model", + "update_semantic_model" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "6e9d388a-1a21-4196-8210-80e9a696ae87", + "createdTimestamp": 1651615151516, + "username": "service-account-sa-cl5-custodian-1", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl5-custodian-1", + "attributes": { + "bpn": [ + "BPNL00000003CRHK" + ] + }, + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "Cl5-CX-Custodian": [ + "update_wallets", + "view_wallet", + "update_wallet", + "view_wallets" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "ca2657a8-eba9-4cb4-8b66-8cc30911dfa1", + "createdTimestamp": 1657558751239, + "username": "service-account-sa-cl5-custodian-2", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl5-custodian-2", + "attributes": { + "bpn": [ + "BPNL00000003CRHK" + ] + }, + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "Cl5-CX-Custodian": [ + "delete_wallet", + "add_wallets", + "delete_wallets", + "update_wallets", + "add_wallet", + "view_wallet", + "update_wallet", + "view_wallets" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "f014ed5d-9e05-4f29-a5c0-227c7e7b479e", + "createdTimestamp": 1670157703230, + "username": "service-account-sa-cl7-cx-5", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl7-cx-5", + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "Cl16-CX-BPDMGate": [ + "view_company_data", + "update_company_data", + "view_shared_data" + ], + "Cl7-CX-BPDM": [ + "add_company_data", + "view_company_data" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "dcb9a153-e1b4-4fac-bc51-7032023e9db9", + "createdTimestamp": 1675867052982, + "username": "service-account-sa-cl8-cx-1", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl8-cx-1", + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "Cl2-CX-Portal": [ + "add_self_descriptions" + ] + }, + "notBefore": 0, + "groups": [] + } + ], + "scopeMappings": [ + { + "clientScope": "offline_access", + "roles": [ + "offline_access" + ] + } + ], + "clientScopeMappings": { + "Cl22-CX-BPND": [ + { + "client": "sa-cl22-01", + "roles": [ + "view_bpn_discovery", + "delete_bpn_discovery", + "add_bpn_discovery" + ] + } + ], + "realm-management": [ + { + "client": "sa-cl1-reg-2", + "roles": [ + "manage-identity-providers", + "manage-users", + "manage-clients" + ] + } + ], + "Cl21-CX-DF": [ + { + "client": "sa-cl21-01", + "roles": [ + "view_discovery_endpoint", + "add_discovery_endpoint", + "delete_discovery_endpoint" + ] + } + ], + "Cl16-CX-BPDMGate": [ + { + "client": "sa-cl7-cx-5", + "roles": [ + "update_company_data", + "view_shared_data", + "view_company_data" + ] + } + ], + "Cl7-CX-BPDM": [ + { + "client": "sa-cl7-cx-5", + "roles": [ + "add_company_data", + "view_company_data" + ] + } + ], + "technical_roles_management": [ + { + "client": "sa-cl3-cx-1", + "roles": [ + "Dataspace Discovery", + "Semantic Model Management", + "Identity Wallet Management" + ] + } + ], + "Cl5-CX-Custodian": [ + { + "client": "sa-cl5-custodian-1", + "roles": [ + "update_wallets", + "update_wallet", + "view_wallets", + "view_wallet" + ] + }, + { + "client": "sa-cl5-custodian-2", + "roles": [ + "delete_wallet", + "delete_wallets", + "update_wallets", + "add_wallet", + "update_wallet", + "view_wallets", + "view_wallet", + "add_wallets" + ] + } + ], + "account": [ + { + "client": "account-console", + "roles": [ + "manage-account", + "view-groups" + ] + } + ], + "Cl2-CX-Portal": [ + { + "client": "sa-cl2-01", + "roles": [ + "update_application_checklist_value" + ] + }, + { + "client": "sa-cl2-02", + "roles": [ + "submit_connector_sd", + "update_application_checklist_value" + ] + }, + { + "client": "sa-cl8-cx-1", + "roles": [ + "add_self_descriptions" + ] + } + ], + "Cl3-CX-Semantic": [ + { + "client": "sa-cl3-cx-1", + "roles": [ + "add_semantic_model", + "update_semantic_model", + "delete_semantic_model" + ] + } + ] + }, + "clients": [ + { + "id": "60313b78-e131-4358-9817-163ee938cc59", + "clientId": "account", + "name": "${client_account}", + "rootUrl": "${authBaseUrl}", + "baseUrl": "/realms/CX-Central/account/", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [ + "/realms/CX-Central/account/*" + ], + "webOrigins": [ + "+" + ], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": true, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "post.logout.redirect.uris": "+", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "false", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "defaultClientScopes": [ + "web-origins", + "roles", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "edb1e627-426a-4593-93c0-e9b4bc45c4d6", + "clientId": "account-console", + "name": "${client_account-console}", + "rootUrl": "${authBaseUrl}", + "baseUrl": "/realms/CX-Central/account/", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [ + "/realms/CX-Central/account/*" + ], + "webOrigins": [ + "+" + ], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "post.logout.redirect.uris": "+", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "oidc.ciba.grant.enabled": "false", + "backchannel.logout.session.required": "false", + "client_credentials.use_refresh_token": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "pkce.code.challenge.method": "S256", + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.encrypt": "false", + "saml.server.signature": "false", + "exclude.session.state.from.auth.response": "false", + "saml.artifact.binding": "false", + "saml_force_name_id_format": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "protocolMappers": [ + { + "id": "62ea7826-6e5b-4200-8f5b-ff69b672d0a3", + "name": "audience resolve", + "protocol": "openid-connect", + "protocolMapper": "oidc-audience-resolve-mapper", + "consentRequired": false, + "config": {} + }, + { + "id": "dc24237b-46fa-418b-a806-24d371e4385a", + "name": "idp mapper", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "idp", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "tenant", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "38d072af-d85b-4b39-ad55-13ed5ce45791", + "clientId": "admin-cli", + "name": "${client_admin-cli}", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": true, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "post.logout.redirect.uris": "+" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "03885031-084a-4317-aa51-de9b4acf8fa9", + "clientId": "broker", + "name": "${client_broker}", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": true, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "post.logout.redirect.uris": "+" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "52f90723-b4c1-44c3-bef2-fd8ebe59ae6c", + "clientId": "Cl16-CX-BPDMGate", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [ + "https://partners-gate.example.org/*" + ], + "webOrigins": [ + "+" + ], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": true, + "serviceAccountsEnabled": false, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "post.logout.redirect.uris": "+", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "fcc06fed-6259-4a49-8e1b-e7eae940145e", + "clientId": "Cl1-CX-Registration", + "rootUrl": "", + "adminUrl": "", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [ + "https://portal.example.org/*" + ], + "webOrigins": [ + "+" + ], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": true, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "post.logout.redirect.uris": "+", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "71f9d485-62aa-41c2-a491-bcb47c447121", + "name": "idp mapper", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "tenant", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "tenant", + "jsonType.label": "String" + } + }, + { + "id": "4c180350-8f09-4eed-88f4-4b003a6b5fd1", + "name": "organisation-mapper", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "organisation", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "organisation", + "jsonType.label": "String" + } + }, + { + "id": "2b1dfde9-aff2-406b-b258-edbf574fc4dd", + "name": "audience-mapper", + "protocol": "openid-connect", + "protocolMapper": "oidc-audience-mapper", + "consentRequired": false, + "config": { + "included.client.audience": "Cl1-CX-Registration", + "id.token.claim": "true", + "access.token.claim": "true", + "userinfo.token.claim": "true" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "bf1cfe3e-3950-4fdc-8a58-13b73cec6740", + "clientId": "Cl21-CX-DF", + "description": "Client for Asset Discovery Service", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": true, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": true, + "serviceAccountsEnabled": false, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "saml.assertion.signature": "false", + "id.token.as.detached.signature": "false", + "saml.multivalued.roles": "false", + "saml.force.post.binding": "false", + "saml.encrypt": "false", + "post.logout.redirect.uris": "+", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "require.pushed.authorization.requests": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "48fc6e9e-a736-4b0b-9fea-59ad847b02e0", + "clientId": "Cl22-CX-BPND", + "description": "Client for Business Partner Discovery Service", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": true, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": true, + "serviceAccountsEnabled": false, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "saml.assertion.signature": "false", + "id.token.as.detached.signature": "false", + "saml.multivalued.roles": "false", + "saml.force.post.binding": "false", + "saml.encrypt": "false", + "post.logout.redirect.uris": "+", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "require.pushed.authorization.requests": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "6546aea2-dbb9-4ffb-a034-c8544c4aebe0", + "clientId": "Cl23-CX-Policy-Hub", + "name": "", + "description": "Client for Policy-Hub", + "rootUrl": "", + "adminUrl": "", + "baseUrl": "", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [ + "", + "/*" + ], + "webOrigins": [ + "", + "/*" + ], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": true, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": true, + "protocol": "openid-connect", + "attributes": { + "oidc.ciba.grant.enabled": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.session.required": "true", + "backchannel.logout.revoke.offline.tokens": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "a438c97e-80c6-40f5-9a27-05d4fb68ff40", + "name": "catenax-policy-hub-audience-mapper", + "protocol": "openid-connect", + "protocolMapper": "oidc-audience-mapper", + "consentRequired": false, + "config": { + "included.client.audience": "Cl23-CX-Policy-Hub", + "id.token.claim": "true", + "access.token.claim": "true" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "acr", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "clientId": "Cl2-CX-Portal", + "name": "", + "description": "", + "rootUrl": "https://portal.example.org/home", + "adminUrl": "", + "baseUrl": "", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [ + "https://portal.example.org/*" + ], + "webOrigins": [ + "+" + ], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": true, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "post.logout.redirect.uris": "+", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "35d0aa44-dd27-4dbd-8f3a-7047ae461fdd", + "name": "catenax-registration audience-mapper", + "protocol": "openid-connect", + "protocolMapper": "oidc-audience-mapper", + "consentRequired": false, + "config": { + "included.client.audience": "Cl1-CX-Registration", + "id.token.claim": "true", + "access.token.claim": "true", + "userinfo.token.claim": "true" + } + }, + { + "id": "e97b646a-3753-4da5-b6f7-3a2860741b20", + "name": "catenax-portal audience-mapper", + "protocol": "openid-connect", + "protocolMapper": "oidc-audience-mapper", + "consentRequired": false, + "config": { + "included.client.audience": "Cl2-CX-Portal", + "id.token.claim": "true", + "access.token.claim": "true", + "userinfo.token.claim": "true" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "catena", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "36e2745d-f331-4fa5-bbfa-90947d7f1dc4", + "clientId": "Cl3-CX-Semantic", + "rootUrl": "", + "adminUrl": "https://portal.example.org/home", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [ + "https://portal.example.org/*" + ], + "webOrigins": [ + "+" + ], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": true, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "post.logout.redirect.uris": "+", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "1de1f28c-00d2-42b6-bc74-e57d8e73f7df", + "name": "catenax-registration audience-mapper", + "protocol": "openid-connect", + "protocolMapper": "oidc-audience-mapper", + "consentRequired": false, + "config": { + "included.client.audience": "catenax-registration", + "id.token.claim": "true", + "access.token.claim": "true", + "userinfo.token.claim": "true" + } + }, + { + "id": "faf297ed-30d7-4e15-8051-40c540c14604", + "name": "catenax-portal audience-mapper", + "protocol": "openid-connect", + "protocolMapper": "oidc-audience-mapper", + "consentRequired": false, + "config": { + "included.client.audience": "catenax-portal", + "id.token.claim": "true", + "access.token.claim": "true", + "userinfo.token.claim": "true" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "catena", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "e6ab12bb-3b26-472c-ad0b-3d871bd1461b", + "clientId": "Cl5-CX-Custodian", + "name": "Cl5-CX-Custodian", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [ + "https://managed-identity-wallets.example.org/*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": true, + "serviceAccountsEnabled": false, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "token.endpoint.auth.signing.alg": "RS256", + "post.logout.redirect.uris": "+", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "oidc.ciba.grant.enabled": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.encrypt": "false", + "saml.server.signature": "false", + "exclude.session.state.from.auth.response": "false", + "saml.artifact.binding": "false", + "saml_force_name_id_format": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "6f273a17-cf91-43dc-9dac-4ec36250d133", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + }, + { + "id": "7a4001a7-aeaf-419c-ae46-6a190bc5e13f", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + }, + { + "id": "9fd2abb2-445e-4622-a068-e3d48eb97634", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "client_id", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "client_id", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "roles" + ], + "optionalClientScopes": [] + }, + { + "id": "04cd6d38-674f-4588-980a-8f120bddcc44", + "clientId": "Cl7-CX-BPDM", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [ + "https://partners-pool.example.org/*" + ], + "webOrigins": [ + "+" + ], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": true, + "serviceAccountsEnabled": false, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "post.logout.redirect.uris": "+", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "213ea3ce-b036-405f-8abd-3ee08ff72857", + "clientId": "realm-management", + "name": "${client_realm-management}", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": true, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "post.logout.redirect.uris": "+" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "cdf11dff-530a-4fd4-97b9-84e4d60ac21e", + "clientId": "sa-cl1-reg-2", + "description": "Technical User for Portal-Backend to call Keycloak (portal helm chart: backend.keycloak.central.clientId)", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [ + "*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "post.logout.redirect.uris": "+", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "saml.client.signature": "false", + "require.pushed.authorization.requests": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "7ef011ab-1e39-4d57-9f23-3b389394b57f", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + }, + { + "id": "dcd989ce-2636-4d01-ba95-0fa20e02383f", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "client_id", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "client_id", + "jsonType.label": "String" + } + }, + { + "id": "9d83df9b-abf7-4504-aac4-e7966f8a877c", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "6bf6f4e5-562c-4382-945f-e5fef59423e2", + "clientId": "sa-cl2-01", + "description": "Technical User Clearinghouse update application", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "post.logout.redirect.uris": "+", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "9a62e6ee-4e3c-4cb9-81b7-53e8dfbdd210", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + }, + { + "id": "b0d195d1-f5be-4249-ac88-133fcf138f4d", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "client_id", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "client_id", + "jsonType.label": "String" + } + }, + { + "id": "6920d343-be3f-4e3b-9330-841521ff4a2c", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "2d19b59b-4970-4cc0-a561-a9dac9d49045", + "clientId": "sa-cl2-02", + "description": "Technical User SelfDescription (SD) update application", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "post.logout.redirect.uris": "+", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "saml.client.signature": "false", + "require.pushed.authorization.requests": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "89fa847a-3f52-4ea3-a09b-5f3552cabccd", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + }, + { + "id": "6c3d92dd-e8db-4ecd-a819-bd2d64f73f6c", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "client_id", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "client_id", + "jsonType.label": "String" + } + }, + { + "id": "25202b04-d387-45ae-a285-a40d4eaa5b8c", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "cad1382b-0dd4-4ac7-8183-1c08386c84e8", + "clientId": "sa-cl2-03", + "description": "Technical User AutoSetup trigger - Portal to Vendor Autosetup (portal helm chart: backend.processesworker.offerprovider.clientId)", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "post.logout.redirect.uris": "+", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "f57ed439-7c35-4a6c-a097-aa750249c442", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + }, + { + "id": "ea42e697-8fa8-4359-b342-715683a67a15", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "client_id", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "client_id", + "jsonType.label": "String" + } + }, + { + "id": "743f3d13-5eb1-4fd7-a092-019c052f5db0", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "b09392dd-8b0f-4a32-bb0b-d00a4091b890", + "clientId": "sa-cl21-01", + "description": "Technical User Discovery Finder", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "saml.assertion.signature": "false", + "id.token.as.detached.signature": "false", + "saml.multivalued.roles": "false", + "saml.force.post.binding": "false", + "saml.encrypt": "false", + "post.logout.redirect.uris": "+", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "require.pushed.authorization.requests": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "f61880f7-a1d1-47cf-a3eb-906fa83aabda", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "client_id", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "client_id", + "jsonType.label": "String" + } + }, + { + "id": "3c2deac0-fd68-4c39-933c-27123ff073f9", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + }, + { + "id": "8f318235-669e-4236-b8ea-f596b802f672", + "name": "BPN", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "bpn", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "bpn", + "jsonType.label": "String" + } + }, + { + "id": "b74416e5-2376-4f8e-a49b-8a03a053454a", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "f1806543-d0ca-41cb-b029-883cdfb11a8e", + "clientId": "sa-cl22-01", + "description": "Technical User BPN Discovery", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "saml.assertion.signature": "false", + "id.token.as.detached.signature": "false", + "saml.multivalued.roles": "false", + "saml.force.post.binding": "false", + "saml.encrypt": "false", + "post.logout.redirect.uris": "+", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "require.pushed.authorization.requests": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "09824b45-f47e-4213-90d5-7aec6a078314", + "name": "BPN", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "bpn", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "bpn", + "jsonType.label": "String" + } + }, + { + "id": "0c72334b-238a-4f7b-bda6-3814bcd3b06e", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "client_id", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "client_id", + "jsonType.label": "String" + } + }, + { + "id": "5b4c8ff8-6c2d-4ece-a91d-6d3113688f6e", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + }, + { + "id": "36e185ed-3af8-489d-a94b-a280ae205e03", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "7beaee76-d447-4531-9433-fd9ce19d1460", + "clientId": "sa-cl3-cx-1", + "name": "Technical User CX internal - communication GitHub and Semantic Hub", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [ + "*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "post.logout.redirect.uris": "+", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "702c92a9-9f89-4130-9d37-c1620529ca13", + "name": "BPN", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "user.attribute": "bpn", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "bpn", + "userinfo.token.claim": "true" + } + }, + { + "id": "b5ba389e-26b0-452f-b784-ea1492cf4a0a", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "client_id", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "client_id", + "jsonType.label": "String" + } + }, + { + "id": "ef10553b-3bf7-46fe-910a-1bf8d7c74595", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + }, + { + "id": "8e82412f-7088-4562-81f2-35b85f1859f5", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "dab9dd17-0d31-46c7-b313-aca61225dcd1", + "clientId": "sa-cl5-custodian-1", + "description": "Technical User for SD Hub Call to Custodian for SD signature", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [ + "*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "post.logout.redirect.uris": "+", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "30897db9-574e-49ee-b968-ede77a6baf67", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "client_id", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "client_id", + "jsonType.label": "String" + } + }, + { + "id": "00879247-75ce-491f-abed-52a6a810f685", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + }, + { + "id": "bb69e2e4-312f-4447-946f-b51f3c7184c2", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + }, + { + "id": "0c387b1e-5a80-47c8-82f5-693e3af79425", + "name": "BPN", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "bpn", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "bpn", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles" + ], + "optionalClientScopes": [ + "microprofile-jwt" + ] + }, + { + "id": "50fa6455-a775-4683-b407-57a33a9b9f3b", + "clientId": "sa-cl5-custodian-2", + "description": "Technical User for Portal to call Custodian Wallet (portal helm chart: backend.processesworker.custodian.clientId)", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [ + "*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "post.logout.redirect.uris": "+", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "3d2518d7-950b-40da-b9d4-ca0fe3c6a328", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + }, + { + "id": "728abacc-c436-4d67-b699-92957a69b519", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + }, + { + "id": "98c6f360-6714-455a-bc94-4fa0b5072866", + "name": "BPN", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "bpn", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "bpn", + "jsonType.label": "String" + } + }, + { + "id": "a7bf4bbd-2764-46c8-b211-5d9676b1380a", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "client_id", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "client_id", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles" + ], + "optionalClientScopes": [ + "microprofile-jwt" + ] + }, + { + "id": "183aae87-c9cf-4d70-934b-629aa6974c54", + "clientId": "sa-cl7-cx-5", + "description": "User for Portal to access BPDM for Company Address publishing into the BPDM (portal helm chart: backend.processesworker.bpdm.clientId)", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "post.logout.redirect.uris": "+", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "08dbaf87-e25e-489c-bec9-f062af3de2df", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + }, + { + "id": "2420c9fc-2c5a-4e54-b6c1-3d72e4eb9e85", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + }, + { + "id": "fb8aa3d7-44dd-4348-9a43-a48fadb0a858", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "client_id", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "client_id", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "c2bdc736-ca35-43c4-8e18-27e7425df9f0", + "clientId": "sa-cl8-cx-1", + "description": "Technical User for Portal to SD (portal helm chart: backend.processesworker.sdfactory.clientId)", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [ + "*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "post.logout.redirect.uris": "+", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "5049595f-673e-4ce2-9ce2-90e11c0fc6e9", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + }, + { + "id": "b8086ec0-3da2-4f98-a7fd-19d007709e6f", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + }, + { + "id": "55da2734-a7e2-4d89-b210-7cb0a24fced4", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "client_id", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "client_id", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles" + ], + "optionalClientScopes": [ + "microprofile-jwt" + ] + }, + { + "id": "d5265cd8-d128-4dc9-8602-d49d1df0a86c", + "clientId": "security-admin-console", + "name": "${client_security-admin-console}", + "rootUrl": "${authAdminUrl}", + "baseUrl": "/admin/CX-Central/console/", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [ + "/admin/CX-Central/console/*" + ], + "webOrigins": [ + "+" + ], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "post.logout.redirect.uris": "+", + "pkce.code.challenge.method": "S256" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "protocolMappers": [ + { + "id": "12d9df9a-241b-4ec2-bafa-3f26ccaa1890", + "name": "locale", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "locale", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "locale", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "6df310ed-500e-43d5-b510-fa4668e939ee", + "clientId": "technical_roles_management", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": true, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": true, + "serviceAccountsEnabled": false, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "post.logout.redirect.uris": "+", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + } + ], + "clientScopes": [ + { + "id": "32795711-2e76-43f9-8138-3ce5b9eae1a2", + "name": "catena", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "false" + }, + "protocolMappers": [ + { + "id": "b3dd05cc-7289-4a87-9625-af60b859d748", + "name": "organisation-mapper", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "organisation", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "organisation", + "jsonType.label": "String" + } + }, + { + "id": "4baa14b7-833e-4bcb-a052-090e65c2bc2c", + "name": "username", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "username", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "preferred_username", + "jsonType.label": "String" + } + }, + { + "id": "1d94ee73-6981-486c-a2d8-2e2f857cd125", + "name": "bpn-mapper", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "bpn", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "bpn", + "jsonType.label": "String" + } + } + ] + }, + { + "id": "13834c57-9211-4e3e-b892-0632a3c15225", + "name": "phone", + "description": "OpenID Connect built-in scope: phone", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "true", + "consent.screen.text": "${phoneScopeConsentText}" + }, + "protocolMappers": [ + { + "id": "6c0bfbc5-e3d7-45f9-a0bc-61e30225e22b", + "name": "phone number verified", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "phoneNumberVerified", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "phone_number_verified", + "jsonType.label": "boolean" + } + }, + { + "id": "8868b283-df78-4c9a-b78e-1c29e4b9b61c", + "name": "phone number", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "phoneNumber", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "phone_number", + "jsonType.label": "String" + } + } + ] + }, + { + "id": "23e5acb7-2d8c-4bca-8565-36fb57ee7ee0", + "name": "role_list", + "description": "SAML role list", + "protocol": "saml", + "attributes": { + "consent.screen.text": "${samlRoleListScopeConsentText}", + "display.on.consent.screen": "true" + }, + "protocolMappers": [ + { + "id": "0adf14b5-a345-4d20-83cc-2a353c686161", + "name": "role list", + "protocol": "saml", + "protocolMapper": "saml-role-list-mapper", + "consentRequired": false, + "config": { + "single": "false", + "attribute.nameformat": "Basic", + "attribute.name": "Role" + } + } + ] + }, + { + "id": "fc35a8f5-fedd-4b66-b3fa-9427e3947dc5", + "name": "roles", + "description": "OpenID Connect scope for add user roles to the access token", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "false", + "display.on.consent.screen": "true", + "consent.screen.text": "${rolesScopeConsentText}" + }, + "protocolMappers": [ + { + "id": "73a111cf-271c-4b9f-abca-e4894e29229d", + "name": "realm roles", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-realm-role-mapper", + "consentRequired": false, + "config": { + "user.attribute": "foo", + "access.token.claim": "true", + "claim.name": "realm_access.roles", + "jsonType.label": "String", + "multivalued": "true" + } + }, + { + "id": "c06270fe-f203-4c9b-92a8-ff716b81127a", + "name": "audience resolve", + "protocol": "openid-connect", + "protocolMapper": "oidc-audience-resolve-mapper", + "consentRequired": false, + "config": {} + }, + { + "id": "8e22da0e-f450-444a-80b4-824a69532949", + "name": "client roles", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-client-role-mapper", + "consentRequired": false, + "config": { + "user.attribute": "foo", + "access.token.claim": "true", + "claim.name": "resource_access.${client_id}.roles", + "jsonType.label": "String", + "multivalued": "true" + } + } + ] + }, + { + "id": "09dc23a3-1b9f-4b9d-aa87-e875f0f20655", + "name": "address", + "description": "OpenID Connect built-in scope: address", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "true", + "consent.screen.text": "${addressScopeConsentText}" + }, + "protocolMappers": [ + { + "id": "0543fff7-3732-433b-8a24-d2784bba1501", + "name": "address", + "protocol": "openid-connect", + "protocolMapper": "oidc-address-mapper", + "consentRequired": false, + "config": { + "user.attribute.country": "country", + "user.attribute.postal_code": "postal_code", + "userinfo.token.claim": "true", + "user.attribute.street": "street", + "id.token.claim": "true", + "user.attribute.region": "region", + "access.token.claim": "true", + "user.attribute.locality": "locality" + } + } + ] + }, + { + "id": "34a2f332-9752-4a7f-9d61-b4dbd40946b4", + "name": "microprofile-jwt", + "description": "Microprofile - JWT built-in scope", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "false" + }, + "protocolMappers": [ + { + "id": "955c2cb6-3abb-44d1-a3eb-9ebec0cf6094", + "name": "upn", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "username", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "upn", + "jsonType.label": "String" + } + }, + { + "id": "48b4aa99-383c-4178-b966-c0ae710d8c21", + "name": "groups", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-realm-role-mapper", + "consentRequired": false, + "config": { + "multivalued": "true", + "userinfo.token.claim": "true", + "user.attribute": "foo", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "groups", + "jsonType.label": "String" + } + } + ] + }, + { + "id": "e24a7d06-7406-4b2f-854e-a5653f8b964f", + "name": "profile", + "description": "OpenID Connect built-in scope: profile", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "true", + "consent.screen.text": "${profileScopeConsentText}" + }, + "protocolMappers": [ + { + "id": "987e5408-e6ef-4cd2-a51f-451fb7c0dc4e", + "name": "locale", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "locale", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "locale", + "jsonType.label": "String" + } + }, + { + "id": "1a9bd37a-377a-48ae-9b95-a1c0c5f3fa08", + "name": "username", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "username", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "preferred_username", + "jsonType.label": "String" + } + }, + { + "id": "dca5ee31-87cb-407b-aba6-d6c846e6a6b4", + "name": "zoneinfo", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "zoneinfo", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "zoneinfo", + "jsonType.label": "String" + } + }, + { + "id": "6af98429-3234-4f57-95c0-7df4209cb349", + "name": "family name", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "lastName", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "family_name", + "jsonType.label": "String" + } + }, + { + "id": "b7e70ea0-1b54-469b-b818-dcb7d4657d9b", + "name": "given name", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "firstName", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "given_name", + "jsonType.label": "String" + } + }, + { + "id": "02aff4ea-454c-41cf-8bf6-1bea1e933812", + "name": "nickname", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "nickname", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "nickname", + "jsonType.label": "String" + } + }, + { + "id": "438a5f2c-727b-4ba2-82de-d5cf4b8d4daa", + "name": "gender", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "gender", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "gender", + "jsonType.label": "String" + } + }, + { + "id": "70bf1855-c34a-4bd3-a06d-f3d62d91693b", + "name": "middle name", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "middleName", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "middle_name", + "jsonType.label": "String" + } + }, + { + "id": "0c9106a1-9c93-47bd-85b3-8607ba8485c2", + "name": "full name", + "protocol": "openid-connect", + "protocolMapper": "oidc-full-name-mapper", + "consentRequired": false, + "config": { + "id.token.claim": "true", + "access.token.claim": "true", + "userinfo.token.claim": "true" + } + }, + { + "id": "4386dc68-8dd3-4439-8c63-eabcdb92fd76", + "name": "birthdate", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "birthdate", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "birthdate", + "jsonType.label": "String" + } + }, + { + "id": "78be8eb6-ca31-434c-8441-6abbfe553a22", + "name": "profile", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "profile", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "profile", + "jsonType.label": "String" + } + }, + { + "id": "fb918735-48a7-4f96-8830-606815788dfb", + "name": "picture", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "picture", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "picture", + "jsonType.label": "String" + } + }, + { + "id": "6e4e8483-7c58-4539-98d1-4b02ff5dc6f5", + "name": "updated at", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "updatedAt", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "updated_at", + "jsonType.label": "String" + } + }, + { + "id": "58e59849-6457-4c8b-b713-2c5a008461c6", + "name": "website", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "website", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "website", + "jsonType.label": "String" + } + } + ] + }, + { + "id": "99ca536c-58c2-432f-904e-10926bbc207b", + "name": "offline_access", + "description": "OpenID Connect built-in scope: offline_access", + "protocol": "openid-connect", + "attributes": { + "consent.screen.text": "${offlineAccessScopeConsentText}", + "display.on.consent.screen": "true" + } + }, + { + "id": "8a14f08a-0ba9-44ae-83bd-5a65b9d0fe8c", + "name": "email", + "description": "OpenID Connect built-in scope: email", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "true", + "consent.screen.text": "${emailScopeConsentText}" + }, + "protocolMappers": [ + { + "id": "2c452702-a301-4cc7-b76c-619b23f44fa0", + "name": "email verified", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "emailVerified", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "email_verified", + "jsonType.label": "boolean" + } + }, + { + "id": "1e6f0566-fc33-4e1f-bf4e-686676fcde70", + "name": "email", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "email", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "email", + "jsonType.label": "String" + } + } + ] + }, + { + "id": "2629904c-d708-4072-9fe4-98e4a30c7dde", + "name": "web-origins", + "description": "OpenID Connect scope for add allowed web origins to the access token", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "false", + "display.on.consent.screen": "false", + "consent.screen.text": "" + }, + "protocolMappers": [ + { + "id": "07ab75f1-40a3-4b2c-ae83-94dac6e529e2", + "name": "allowed web origins", + "protocol": "openid-connect", + "protocolMapper": "oidc-allowed-origins-mapper", + "consentRequired": false, + "config": {} + } + ] + }, + { + "id": "b0cb460b-b342-4c93-8e43-b4b29dd26d40", + "name": "acr", + "description": "OpenID Connect scope for add acr (authentication context class reference) to the token", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "false", + "display.on.consent.screen": "false" + }, + "protocolMappers": [ + { + "id": "a49b8ad7-3e2d-4a04-a2a0-bc0bcce786c9", + "name": "acr loa level", + "protocol": "openid-connect", + "protocolMapper": "oidc-acr-mapper", + "consentRequired": false, + "config": { + "id.token.claim": "true", + "access.token.claim": "true", + "userinfo.token.claim": "true" + } + } + ] + } + ], + "defaultDefaultClientScopes": [ + "role_list", + "email", + "roles", + "web-origins", + "profile", + "acr" + ], + "defaultOptionalClientScopes": [ + "offline_access", + "address", + "phone", + "microprofile-jwt" + ], + "browserSecurityHeaders": { + "contentSecurityPolicyReportOnly": "", + "xContentTypeOptions": "nosniff", + "referrerPolicy": "no-referrer", + "xRobotsTag": "none", + "xFrameOptions": "SAMEORIGIN", + "contentSecurityPolicy": "frame-src 'self'; frame-ancestors 'self'; object-src 'none';", + "xXSSProtection": "1; mode=block", + "strictTransportSecurity": "max-age=31536000; includeSubDomains" + }, + "smtpServer": {}, + "loginTheme": "catenax-central", + "eventsEnabled": true, + "eventsListeners": [ + "jboss-logging" + ], + "enabledEventTypes": [ + "SEND_RESET_PASSWORD", + "UPDATE_CONSENT_ERROR", + "GRANT_CONSENT", + "VERIFY_PROFILE_ERROR", + "REMOVE_TOTP", + "REVOKE_GRANT", + "UPDATE_TOTP", + "LOGIN_ERROR", + "CLIENT_LOGIN", + "RESET_PASSWORD_ERROR", + "IMPERSONATE_ERROR", + "CODE_TO_TOKEN_ERROR", + "CUSTOM_REQUIRED_ACTION", + "OAUTH2_DEVICE_CODE_TO_TOKEN_ERROR", + "RESTART_AUTHENTICATION", + "IMPERSONATE", + "UPDATE_PROFILE_ERROR", + "LOGIN", + "OAUTH2_DEVICE_VERIFY_USER_CODE", + "UPDATE_PASSWORD_ERROR", + "CLIENT_INITIATED_ACCOUNT_LINKING", + "TOKEN_EXCHANGE", + "AUTHREQID_TO_TOKEN", + "LOGOUT", + "REGISTER", + "DELETE_ACCOUNT_ERROR", + "CLIENT_REGISTER", + "IDENTITY_PROVIDER_LINK_ACCOUNT", + "DELETE_ACCOUNT", + "UPDATE_PASSWORD", + "CLIENT_DELETE", + "FEDERATED_IDENTITY_LINK_ERROR", + "IDENTITY_PROVIDER_FIRST_LOGIN", + "CLIENT_DELETE_ERROR", + "VERIFY_EMAIL", + "CLIENT_LOGIN_ERROR", + "RESTART_AUTHENTICATION_ERROR", + "EXECUTE_ACTIONS", + "REMOVE_FEDERATED_IDENTITY_ERROR", + "TOKEN_EXCHANGE_ERROR", + "PERMISSION_TOKEN", + "SEND_IDENTITY_PROVIDER_LINK_ERROR", + "EXECUTE_ACTION_TOKEN_ERROR", + "SEND_VERIFY_EMAIL", + "OAUTH2_DEVICE_AUTH", + "EXECUTE_ACTIONS_ERROR", + "REMOVE_FEDERATED_IDENTITY", + "OAUTH2_DEVICE_CODE_TO_TOKEN", + "IDENTITY_PROVIDER_POST_LOGIN", + "IDENTITY_PROVIDER_LINK_ACCOUNT_ERROR", + "OAUTH2_DEVICE_VERIFY_USER_CODE_ERROR", + "UPDATE_EMAIL", + "REGISTER_ERROR", + "REVOKE_GRANT_ERROR", + "EXECUTE_ACTION_TOKEN", + "LOGOUT_ERROR", + "UPDATE_EMAIL_ERROR", + "CLIENT_UPDATE_ERROR", + "AUTHREQID_TO_TOKEN_ERROR", + "UPDATE_PROFILE", + "CLIENT_REGISTER_ERROR", + "FEDERATED_IDENTITY_LINK", + "SEND_IDENTITY_PROVIDER_LINK", + "SEND_VERIFY_EMAIL_ERROR", + "RESET_PASSWORD", + "CLIENT_INITIATED_ACCOUNT_LINKING_ERROR", + "OAUTH2_DEVICE_AUTH_ERROR", + "UPDATE_CONSENT", + "REMOVE_TOTP_ERROR", + "VERIFY_EMAIL_ERROR", + "SEND_RESET_PASSWORD_ERROR", + "CLIENT_UPDATE", + "CUSTOM_REQUIRED_ACTION_ERROR", + "IDENTITY_PROVIDER_POST_LOGIN_ERROR", + "UPDATE_TOTP_ERROR", + "CODE_TO_TOKEN", + "VERIFY_PROFILE", + "GRANT_CONSENT_ERROR", + "IDENTITY_PROVIDER_FIRST_LOGIN_ERROR" + ], + "adminEventsEnabled": true, + "adminEventsDetailsEnabled": true, + "identityProviders": [ + { + "alias": "CX-Operator", + "displayName": "CX-Operator", + "internalId": "fbc571fd-cd44-4cec-a36e-4eba647fe712", + "providerId": "keycloak-oidc", + "enabled": true, + "updateProfileFirstLoginMode": "on", + "trustEmail": false, + "storeToken": false, + "addReadTokenRoleOnCreate": false, + "authenticateByDefault": false, + "linkOnly": false, + "firstBrokerLoginFlowAlias": "first broker login", + "config": { + "hideOnLoginPage": "false", + "validateSignature": "true", + "clientId": "central-idp", + "tokenUrl": "https://sharedidp.example.org/auth/realms/CX-Operator/protocol/openid-connect/token", + "jwksUrl": "https://sharedidp.example.org/auth/realms/CX-Operator/protocol/openid-connect/certs", + "authorizationUrl": "https://sharedidp.example.org/auth/realms/CX-Operator/protocol/openid-connect/auth", + "clientAuthMethod": "private_key_jwt", + "logoutUrl": "https://sharedidp.example.org/auth/realms/CX-Operator/protocol/openid-connect/logout", + "clientAssertionSigningAlg": "RS256", + "syncMode": "FORCE", + "useJwksUrl": "true" + } + } + ], + "identityProviderMappers": [ + { + "id": "05407473-42a0-4630-90ed-ce2d6d70108e", + "name": "organisation-mapper", + "identityProviderAlias": "CX-Operator", + "identityProviderMapper": "hardcoded-attribute-idp-mapper", + "config": { + "attribute.value": "CX-Operator", + "syncMode": "INHERIT", + "attribute": "organisation" + } + } + ], + "components": { + "org.keycloak.services.clientregistration.policy.ClientRegistrationPolicy": [ + { + "id": "ab25cbe7-60bc-49ed-aa4a-707f84a70893", + "name": "Max Clients Limit", + "providerId": "max-clients", + "subType": "anonymous", + "subComponents": {}, + "config": { + "max-clients": [ + "200" + ] + } + }, + { + "id": "277b586e-0b26-40e9-90d1-e76305d69a10", + "name": "Consent Required", + "providerId": "consent-required", + "subType": "anonymous", + "subComponents": {}, + "config": {} + }, + { + "id": "552bd2e5-c656-4796-8d61-b87c3508aab5", + "name": "Trusted Hosts", + "providerId": "trusted-hosts", + "subType": "anonymous", + "subComponents": {}, + "config": { + "host-sending-registration-request-must-match": [ + "true" + ], + "client-uris-must-match": [ + "true" + ] + } + }, + { + "id": "de1bbb33-9e18-4fc1-9ea3-1fd8ad22eae9", + "name": "Allowed Protocol Mapper Types", + "providerId": "allowed-protocol-mappers", + "subType": "authenticated", + "subComponents": {}, + "config": { + "allowed-protocol-mapper-types": [ + "oidc-address-mapper", + "oidc-usermodel-property-mapper", + "saml-user-attribute-mapper", + "saml-role-list-mapper", + "oidc-sha256-pairwise-sub-mapper", + "saml-user-property-mapper", + "oidc-usermodel-attribute-mapper", + "oidc-full-name-mapper" + ] + } + }, + { + "id": "b521525f-30e3-4b93-b42b-8c0dd53fc3af", + "name": "Full Scope Disabled", + "providerId": "scope", + "subType": "anonymous", + "subComponents": {}, + "config": {} + }, + { + "id": "a4df1d6a-2c46-44f4-9d06-62eb9b754bab", + "name": "Allowed Protocol Mapper Types", + "providerId": "allowed-protocol-mappers", + "subType": "anonymous", + "subComponents": {}, + "config": { + "allowed-protocol-mapper-types": [ + "oidc-address-mapper", + "oidc-usermodel-attribute-mapper", + "saml-user-attribute-mapper", + "oidc-sha256-pairwise-sub-mapper", + "oidc-usermodel-property-mapper", + "saml-role-list-mapper", + "saml-user-property-mapper", + "oidc-full-name-mapper" + ] + } + }, + { + "id": "f7e25fe0-dfe5-451a-8f54-ceea0cf201b4", + "name": "Allowed Client Scopes", + "providerId": "allowed-client-templates", + "subType": "anonymous", + "subComponents": {}, + "config": { + "allow-default-scopes": [ + "true" + ] + } + }, + { + "id": "d15d2dae-9c9c-4c7d-83f3-726f29194489", + "name": "Allowed Client Scopes", + "providerId": "allowed-client-templates", + "subType": "authenticated", + "subComponents": {}, + "config": { + "allow-default-scopes": [ + "true" + ] + } + } + ], + "org.keycloak.userprofile.UserProfileProvider": [ + { + "id": "8574d707-4fa1-4cd3-851d-9c5ab5491356", + "providerId": "declarative-user-profile", + "subComponents": {}, + "config": {} + } + ], + "org.keycloak.keys.KeyProvider": [ + { + "id": "2bd55ad0-2f32-40f3-9749-c2d422fb697d", + "name": "hmac-generated", + "providerId": "hmac-generated", + "subComponents": {}, + "config": { + "priority": [ + "100" + ], + "algorithm": [ + "HS256" + ] + } + }, + { + "id": "676a20ad-a79d-4175-998a-672bf4826e92", + "name": "rsa-enc-generated", + "providerId": "rsa-enc-generated", + "subComponents": {}, + "config": { + "priority": [ + "100" + ], + "algorithm": [ + "RSA-OAEP" + ] + } + }, + { + "id": "50220023-09bf-443a-a8b3-f306279cbb5b", + "name": "rsa-generated", + "providerId": "rsa-generated", + "subComponents": {}, + "config": { + "priority": [ + "100" + ] + } + }, + { + "id": "a510d16e-c3f7-4a88-b853-625a2cd357b4", + "name": "aes-generated", + "providerId": "aes-generated", + "subComponents": {}, + "config": { + "priority": [ + "100" + ] + } + } + ] + }, + "internationalizationEnabled": true, + "supportedLocales": [ + "de", + "en" + ], + "defaultLocale": "en", + "authenticationFlows": [ + { + "id": "fff7e51f-802f-4826-b18e-551667d2f5af", + "alias": "Account verification options", + "description": "Method with which to verity the existing account", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "idp-email-verification", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 10, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticatorFlow": true, + "requirement": "ALTERNATIVE", + "priority": 20, + "autheticatorFlow": true, + "flowAlias": "Verify Existing Account by Re-authentication", + "userSetupAllowed": false + } + ] + }, + { + "id": "078aeee3-8e08-4904-9455-10e86293fdc3", + "alias": "Browser - Conditional OTP", + "description": "Flow to determine if the OTP is required for the authentication", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "conditional-user-configured", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticator": "auth-otp-form", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "autheticatorFlow": false, + "userSetupAllowed": false + } + ] + }, + { + "id": "97a6d2ad-95fe-4a49-ba16-4fe37716f8ca", + "alias": "Direct Grant - Conditional OTP", + "description": "Flow to determine if the OTP is required for the authentication", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "conditional-user-configured", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticator": "direct-grant-validate-otp", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "autheticatorFlow": false, + "userSetupAllowed": false + } + ] + }, + { + "id": "43a7d34e-262c-42ef-874a-42a7151ef7fe", + "alias": "First broker login - Conditional OTP", + "description": "Flow to determine if the OTP is required for the authentication", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "conditional-user-configured", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticator": "auth-otp-form", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "autheticatorFlow": false, + "userSetupAllowed": false + } + ] + }, + { + "id": "49dbe5c0-a28e-4bc1-a735-01b1d44526f8", + "alias": "Handle Existing Account", + "description": "Handle what to do if there is existing account with same email/username like authenticated identity provider", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "idp-confirm-link", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticatorFlow": true, + "requirement": "REQUIRED", + "priority": 20, + "autheticatorFlow": true, + "flowAlias": "Account verification options", + "userSetupAllowed": false + } + ] + }, + { + "id": "8843a182-cb40-40c8-acb8-a96c131820bc", + "alias": "Login without auto user creation", + "description": "Actions taken after first broker login with identity provider account, which is not yet linked to any Keycloak account", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": false, + "authenticationExecutions": [ + { + "authenticatorConfig": "review profile config", + "authenticator": "idp-review-profile", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticatorFlow": true, + "requirement": "REQUIRED", + "priority": 20, + "autheticatorFlow": true, + "flowAlias": "Login without auto user creation User creation or linking", + "userSetupAllowed": false + } + ] + }, + { + "id": "bad3c307-e0c7-47b3-8124-3d850c5dbb8f", + "alias": "Login without auto user creation Account verification options", + "description": "Method with which to verity the existing account", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": false, + "authenticationExecutions": [ + { + "authenticator": "idp-email-verification", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 10, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticatorFlow": true, + "requirement": "ALTERNATIVE", + "priority": 20, + "autheticatorFlow": true, + "flowAlias": "Login without auto user creation Verify Existing Account by Re-authentication", + "userSetupAllowed": false + } + ] + }, + { + "id": "0875bc85-b5cc-4268-8faf-3706d2d377ad", + "alias": "Login without auto user creation First broker login - Conditional OTP", + "description": "Flow to determine if the OTP is required for the authentication", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": false, + "authenticationExecutions": [ + { + "authenticator": "conditional-user-configured", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticator": "auth-otp-form", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "autheticatorFlow": false, + "userSetupAllowed": false + } + ] + }, + { + "id": "a98586a2-cdf9-411d-aea8-48c4cf7b139a", + "alias": "Login without auto user creation Handle Existing Account", + "description": "Handle what to do if there is existing account with same email/username like authenticated identity provider", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": false, + "authenticationExecutions": [ + { + "authenticator": "idp-confirm-link", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticatorFlow": true, + "requirement": "REQUIRED", + "priority": 20, + "autheticatorFlow": true, + "flowAlias": "Login without auto user creation Account verification options", + "userSetupAllowed": false + } + ] + }, + { + "id": "5c6cb05b-6984-4884-ada0-302a352cae52", + "alias": "Login without auto user creation User creation or linking", + "description": "Flow for the existing/non-existing user alternatives", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": false, + "authenticationExecutions": [ + { + "authenticatorConfig": "create unique user config", + "authenticator": "idp-create-user-if-unique", + "authenticatorFlow": false, + "requirement": "DISABLED", + "priority": 10, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticatorFlow": true, + "requirement": "ALTERNATIVE", + "priority": 20, + "autheticatorFlow": true, + "flowAlias": "Login without auto user creation Handle Existing Account", + "userSetupAllowed": false + } + ] + }, + { + "id": "87cd4301-f245-4e81-9877-51bea2f77c4f", + "alias": "Login without auto user creation Verify Existing Account by Re-authentication", + "description": "Reauthentication of existing account", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": false, + "authenticationExecutions": [ + { + "authenticator": "idp-username-password-form", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticatorFlow": true, + "requirement": "CONDITIONAL", + "priority": 20, + "autheticatorFlow": true, + "flowAlias": "Login without auto user creation First broker login - Conditional OTP", + "userSetupAllowed": false + } + ] + }, + { + "id": "75deb0f4-5ce1-4daa-ac6a-ad992dee52cc", + "alias": "Reset - Conditional OTP", + "description": "Flow to determine if the OTP should be reset or not. Set to REQUIRED to force.", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "conditional-user-configured", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticator": "reset-otp", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "autheticatorFlow": false, + "userSetupAllowed": false + } + ] + }, + { + "id": "70aac624-4ea6-45b7-a3fc-d8456ef2efdc", + "alias": "User creation or linking", + "description": "Flow for the existing/non-existing user alternatives", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticatorConfig": "create unique user config", + "authenticator": "idp-create-user-if-unique", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 10, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticatorFlow": true, + "requirement": "ALTERNATIVE", + "priority": 20, + "autheticatorFlow": true, + "flowAlias": "Handle Existing Account", + "userSetupAllowed": false + } + ] + }, + { + "id": "6913a8ea-93d4-4ff7-a6c4-388b2b88cb60", + "alias": "Verify Existing Account by Re-authentication", + "description": "Reauthentication of existing account", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "idp-username-password-form", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticatorFlow": true, + "requirement": "CONDITIONAL", + "priority": 20, + "autheticatorFlow": true, + "flowAlias": "First broker login - Conditional OTP", + "userSetupAllowed": false + } + ] + }, + { + "id": "ffae9561-c06f-4b23-9748-8120ab8baaa8", + "alias": "WebAuth Browser", + "description": "browser based authentication", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": false, + "authenticationExecutions": [ + { + "authenticator": "auth-cookie", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 10, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticator": "auth-spnego", + "authenticatorFlow": false, + "requirement": "DISABLED", + "priority": 20, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticator": "identity-provider-redirector", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 25, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticatorFlow": true, + "requirement": "ALTERNATIVE", + "priority": 30, + "autheticatorFlow": true, + "flowAlias": "WebAuth Browser forms", + "userSetupAllowed": false + } + ] + }, + { + "id": "98520dfb-3e2a-4280-964a-5c6a492fd9e2", + "alias": "WebAuth Browser Browser - Conditional OTP", + "description": "Flow to determine if the OTP is required for the authentication", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": false, + "authenticationExecutions": [ + { + "authenticator": "conditional-user-configured", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticator": "auth-otp-form", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 20, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticator": "webauthn-authenticator", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 21, + "autheticatorFlow": false, + "userSetupAllowed": false + } + ] + }, + { + "id": "b6215c1f-1023-4748-9e9e-ae700573c9ea", + "alias": "WebAuth Browser forms", + "description": "Username, password, otp and other auth forms.", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": false, + "authenticationExecutions": [ + { + "authenticator": "auth-username-password-form", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticatorFlow": true, + "requirement": "CONDITIONAL", + "priority": 20, + "autheticatorFlow": true, + "flowAlias": "WebAuth Browser Browser - Conditional OTP", + "userSetupAllowed": false + } + ] + }, + { + "id": "d6521692-2a35-4fab-99a0-655393e7be1c", + "alias": "browser", + "description": "browser based authentication", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "auth-cookie", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 10, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticator": "auth-spnego", + "authenticatorFlow": false, + "requirement": "DISABLED", + "priority": 20, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticator": "identity-provider-redirector", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 25, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticatorFlow": true, + "requirement": "ALTERNATIVE", + "priority": 30, + "autheticatorFlow": true, + "flowAlias": "forms", + "userSetupAllowed": false + } + ] + }, + { + "id": "c8b74991-78e2-4948-9b71-9cd95692244a", + "alias": "clients", + "description": "Base authentication for clients", + "providerId": "client-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "client-secret", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 10, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticator": "client-jwt", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 20, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticator": "client-secret-jwt", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 30, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticator": "client-x509", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 40, + "autheticatorFlow": false, + "userSetupAllowed": false + } + ] + }, + { + "id": "6fc680e7-1083-4ae3-993c-18793394c1d8", + "alias": "direct grant", + "description": "OpenID Connect Resource Owner Grant", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "direct-grant-validate-username", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticator": "direct-grant-validate-password", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticatorFlow": true, + "requirement": "CONDITIONAL", + "priority": 30, + "autheticatorFlow": true, + "flowAlias": "Direct Grant - Conditional OTP", + "userSetupAllowed": false + } + ] + }, + { + "id": "fcc00603-9695-436a-8173-bad95ae06eb7", + "alias": "docker auth", + "description": "Used by Docker clients to authenticate against the IDP", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "docker-http-basic-authenticator", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "autheticatorFlow": false, + "userSetupAllowed": false + } + ] + }, + { + "id": "5ecaed63-22cf-4937-93a1-e4e03c3f84d3", + "alias": "first broker login", + "description": "Actions taken after first broker login with identity provider account, which is not yet linked to any Keycloak account", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticatorConfig": "review profile config", + "authenticator": "idp-review-profile", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticatorFlow": true, + "requirement": "REQUIRED", + "priority": 20, + "autheticatorFlow": true, + "flowAlias": "User creation or linking", + "userSetupAllowed": false + } + ] + }, + { + "id": "fc1db14a-88b6-4ffd-92bf-ef2aff4b20e4", + "alias": "forms", + "description": "Username, password, otp and other auth forms.", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "auth-username-password-form", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticatorFlow": true, + "requirement": "CONDITIONAL", + "priority": 20, + "autheticatorFlow": true, + "flowAlias": "Browser - Conditional OTP", + "userSetupAllowed": false + } + ] + }, + { + "id": "4e8828db-1033-4383-988c-8a80f5294c8c", + "alias": "registration", + "description": "registration flow", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "registration-page-form", + "authenticatorFlow": true, + "requirement": "REQUIRED", + "priority": 10, + "autheticatorFlow": true, + "flowAlias": "registration form", + "userSetupAllowed": false + } + ] + }, + { + "id": "5ba3a31b-4969-4b6a-9ade-6b519fd285cb", + "alias": "registration form", + "description": "registration form", + "providerId": "form-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "registration-user-creation", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticator": "registration-profile-action", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 40, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticator": "registration-password-action", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 50, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticator": "registration-recaptcha-action", + "authenticatorFlow": false, + "requirement": "DISABLED", + "priority": 60, + "autheticatorFlow": false, + "userSetupAllowed": false + } + ] + }, + { + "id": "d182f5b3-f390-4748-bd2b-65d225d27a76", + "alias": "reset credentials", + "description": "Reset credentials for a user if they forgot their password or something", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "reset-credentials-choose-user", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticator": "reset-credential-email", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticator": "reset-password", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 30, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticatorFlow": true, + "requirement": "CONDITIONAL", + "priority": 40, + "autheticatorFlow": true, + "flowAlias": "Reset - Conditional OTP", + "userSetupAllowed": false + } + ] + }, + { + "id": "afd142c8-1d76-4054-bfa3-66c0ad5244b6", + "alias": "saml ecp", + "description": "SAML ECP Profile Authentication Flow", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "http-basic-authenticator", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "autheticatorFlow": false, + "userSetupAllowed": false + } + ] + } + ], + "authenticatorConfig": [ + { + "id": "54a381ca-598a-4516-bc2c-04aeea23c6cf", + "alias": "create unique user config", + "config": { + "require.password.update.after.registration": "false" + } + }, + { + "id": "ad18ac62-bb08-478a-8260-0abad5be4c3d", + "alias": "review profile config", + "config": { + "update.profile.on.first.login": "missing" + } + } + ], + "requiredActions": [ + { + "alias": "CONFIGURE_TOTP", + "name": "Configure OTP", + "providerId": "CONFIGURE_TOTP", + "enabled": true, + "defaultAction": false, + "priority": 10, + "config": {} + }, + { + "alias": "TERMS_AND_CONDITIONS", + "name": "Terms and Conditions", + "providerId": "TERMS_AND_CONDITIONS", + "enabled": false, + "defaultAction": false, + "priority": 20, + "config": {} + }, + { + "alias": "UPDATE_PASSWORD", + "name": "Update Password", + "providerId": "UPDATE_PASSWORD", + "enabled": true, + "defaultAction": false, + "priority": 30, + "config": {} + }, + { + "alias": "UPDATE_PROFILE", + "name": "Update Profile", + "providerId": "UPDATE_PROFILE", + "enabled": true, + "defaultAction": false, + "priority": 40, + "config": {} + }, + { + "alias": "VERIFY_EMAIL", + "name": "Verify Email", + "providerId": "VERIFY_EMAIL", + "enabled": true, + "defaultAction": false, + "priority": 50, + "config": {} + }, + { + "alias": "delete_account", + "name": "Delete Account", + "providerId": "delete_account", + "enabled": false, + "defaultAction": false, + "priority": 60, + "config": {} + }, + { + "alias": "update_user_locale", + "name": "Update User Locale", + "providerId": "update_user_locale", + "enabled": true, + "defaultAction": false, + "priority": 1000, + "config": {} + } + ], + "browserFlow": "browser", + "registrationFlow": "registration", + "directGrantFlow": "direct grant", + "resetCredentialsFlow": "reset credentials", + "clientAuthenticationFlow": "clients", + "dockerAuthenticationFlow": "docker auth", + "attributes": { + "cibaBackchannelTokenDeliveryMode": "poll", + "cibaAuthRequestedUserHint": "login_hint", + "clientOfflineSessionMaxLifespan": "0", + "oauth2DevicePollingInterval": "5", + "clientSessionIdleTimeout": "0", + "userProfileEnabled": "false", + "clientOfflineSessionIdleTimeout": "0", + "cibaInterval": "5", + "realmReusableOtpCode": "false", + "cibaExpiresIn": "120", + "oauth2DeviceCodeLifespan": "600", + "parRequestUriLifespan": "60", + "clientSessionMaxLifespan": "0" + }, + "keycloakVersion": "22.0.3", + "userManagedAccessAllowed": false, + "clientProfiles": { + "profiles": [] + }, + "clientPolicies": { + "policies": [] + } +} \ No newline at end of file diff --git a/init-container/iam/sharedidp/CX-Operator-realm.json b/init-container/iam/sharedidp/CX-Operator-realm.json new file mode 100644 index 00000000..b12f0356 --- /dev/null +++ b/init-container/iam/sharedidp/CX-Operator-realm.json @@ -0,0 +1,2138 @@ +{ + "id": "CX-Operator", + "realm": "CX-Operator", + "displayName": "CX-Operator", + "notBefore": 0, + "defaultSignatureAlgorithm": "RS256", + "revokeRefreshToken": false, + "refreshTokenMaxReuse": 0, + "accessTokenLifespan": 300, + "accessTokenLifespanForImplicitFlow": 900, + "ssoSessionIdleTimeout": 1800, + "ssoSessionMaxLifespan": 36000, + "ssoSessionIdleTimeoutRememberMe": 0, + "ssoSessionMaxLifespanRememberMe": 0, + "offlineSessionIdleTimeout": 2592000, + "offlineSessionMaxLifespanEnabled": false, + "offlineSessionMaxLifespan": 5184000, + "clientSessionIdleTimeout": 0, + "clientSessionMaxLifespan": 0, + "clientOfflineSessionIdleTimeout": 0, + "clientOfflineSessionMaxLifespan": 0, + "accessCodeLifespan": 60, + "accessCodeLifespanUserAction": 300, + "accessCodeLifespanLogin": 1800, + "actionTokenGeneratedByAdminLifespan": 43200, + "actionTokenGeneratedByUserLifespan": 300, + "oauth2DeviceCodeLifespan": 600, + "oauth2DevicePollingInterval": 5, + "enabled": true, + "sslRequired": "external", + "registrationAllowed": false, + "registrationEmailAsUsername": false, + "rememberMe": false, + "verifyEmail": false, + "loginWithEmailAllowed": true, + "duplicateEmailsAllowed": false, + "resetPasswordAllowed": true, + "editUsernameAllowed": false, + "bruteForceProtected": true, + "permanentLockout": false, + "maxFailureWaitSeconds": 900, + "minimumQuickLoginWaitSeconds": 60, + "waitIncrementSeconds": 60, + "quickLoginCheckMilliSeconds": 1000, + "maxDeltaTimeSeconds": 43200, + "failureFactor": 10, + "roles": { + "realm": [ + { + "id": "f9e700c4-3479-4df9-8f66-32d3d0aa402f", + "name": "default-roles-cx-operator", + "description": "${role_default-roles}", + "composite": true, + "composites": { + "realm": [ + "offline_access", + "uma_authorization" + ], + "client": { + "account": [ + "view-profile", + "manage-account" + ] + } + }, + "clientRole": false, + "containerId": "CX-Operator", + "attributes": {} + }, + { + "id": "fd28e000-c7c7-4637-9137-43aab13a4f5b", + "name": "offline_access", + "description": "${role_offline-access}", + "composite": false, + "clientRole": false, + "containerId": "CX-Operator", + "attributes": {} + }, + { + "id": "44683915-2421-4815-ba4a-81ba4af2e700", + "name": "uma_authorization", + "description": "${role_uma_authorization}", + "composite": false, + "clientRole": false, + "containerId": "CX-Operator", + "attributes": {} + } + ], + "client": { + "central-idp": [], + "realm-management": [ + { + "id": "54175197-ae2d-486c-b52a-f1de1772ef8f", + "name": "view-events", + "description": "${role_view-events}", + "composite": false, + "clientRole": true, + "containerId": "d4e536b1-c583-49b0-9fe4-39c895f91958", + "attributes": {} + }, + { + "id": "00e3c5bb-6c52-40de-8c2b-fcce4090b3fc", + "name": "manage-clients", + "description": "${role_manage-clients}", + "composite": false, + "clientRole": true, + "containerId": "d4e536b1-c583-49b0-9fe4-39c895f91958", + "attributes": {} + }, + { + "id": "de03316f-e10e-4261-9914-49b6b66f4159", + "name": "view-identity-providers", + "description": "${role_view-identity-providers}", + "composite": false, + "clientRole": true, + "containerId": "d4e536b1-c583-49b0-9fe4-39c895f91958", + "attributes": {} + }, + { + "id": "0ac296ac-bf3d-461f-96e6-cd0fcce4b97f", + "name": "impersonation", + "description": "${role_impersonation}", + "composite": false, + "clientRole": true, + "containerId": "d4e536b1-c583-49b0-9fe4-39c895f91958", + "attributes": {} + }, + { + "id": "ca00badd-aeca-4378-aab2-6f133972f3c4", + "name": "query-groups", + "description": "${role_query-groups}", + "composite": false, + "clientRole": true, + "containerId": "d4e536b1-c583-49b0-9fe4-39c895f91958", + "attributes": {} + }, + { + "id": "85556a10-4077-4929-8fa8-eb910cbcd39a", + "name": "query-realms", + "description": "${role_query-realms}", + "composite": false, + "clientRole": true, + "containerId": "d4e536b1-c583-49b0-9fe4-39c895f91958", + "attributes": {} + }, + { + "id": "d5fc862f-243c-4cf4-86b9-c269c0a6cf18", + "name": "manage-users", + "description": "${role_manage-users}", + "composite": false, + "clientRole": true, + "containerId": "d4e536b1-c583-49b0-9fe4-39c895f91958", + "attributes": {} + }, + { + "id": "4fba3f08-7718-4dbd-8eae-ec72ac38b4dd", + "name": "query-clients", + "description": "${role_query-clients}", + "composite": false, + "clientRole": true, + "containerId": "d4e536b1-c583-49b0-9fe4-39c895f91958", + "attributes": {} + }, + { + "id": "23a20fb4-0ea9-4f7f-8540-fcf9f7aaa030", + "name": "query-users", + "description": "${role_query-users}", + "composite": false, + "clientRole": true, + "containerId": "d4e536b1-c583-49b0-9fe4-39c895f91958", + "attributes": {} + }, + { + "id": "f4b36def-8935-466c-986e-230cf8e74816", + "name": "view-clients", + "description": "${role_view-clients}", + "composite": true, + "composites": { + "client": { + "realm-management": [ + "query-clients" + ] + } + }, + "clientRole": true, + "containerId": "d4e536b1-c583-49b0-9fe4-39c895f91958", + "attributes": {} + }, + { + "id": "3075363d-78e1-45fc-aeaf-1c6f0202346a", + "name": "realm-admin", + "description": "${role_realm-admin}", + "composite": true, + "composites": { + "client": { + "realm-management": [ + "view-events", + "manage-clients", + "view-identity-providers", + "impersonation", + "query-groups", + "query-realms", + "manage-users", + "query-clients", + "query-users", + "view-clients", + "manage-authorization", + "create-client", + "manage-identity-providers", + "view-users", + "manage-events", + "manage-realm", + "view-realm", + "view-authorization" + ] + } + }, + "clientRole": true, + "containerId": "d4e536b1-c583-49b0-9fe4-39c895f91958", + "attributes": {} + }, + { + "id": "e1f16553-28d3-42db-99c7-e6204246a2c1", + "name": "manage-authorization", + "description": "${role_manage-authorization}", + "composite": false, + "clientRole": true, + "containerId": "d4e536b1-c583-49b0-9fe4-39c895f91958", + "attributes": {} + }, + { + "id": "8a140563-d3d7-4cbb-a023-ac2ccf444158", + "name": "create-client", + "description": "${role_create-client}", + "composite": false, + "clientRole": true, + "containerId": "d4e536b1-c583-49b0-9fe4-39c895f91958", + "attributes": {} + }, + { + "id": "e8622ce0-182b-4c04-ba25-8ed5c50d0683", + "name": "manage-identity-providers", + "description": "${role_manage-identity-providers}", + "composite": false, + "clientRole": true, + "containerId": "d4e536b1-c583-49b0-9fe4-39c895f91958", + "attributes": {} + }, + { + "id": "0435d9b3-43a6-4b44-a661-2c7381e88ad7", + "name": "view-users", + "description": "${role_view-users}", + "composite": true, + "composites": { + "client": { + "realm-management": [ + "query-groups", + "query-users" + ] + } + }, + "clientRole": true, + "containerId": "d4e536b1-c583-49b0-9fe4-39c895f91958", + "attributes": {} + }, + { + "id": "320ceb6f-8744-4fa7-9d1b-32c8a9f0ffc6", + "name": "manage-events", + "description": "${role_manage-events}", + "composite": false, + "clientRole": true, + "containerId": "d4e536b1-c583-49b0-9fe4-39c895f91958", + "attributes": {} + }, + { + "id": "09370612-e580-4ab5-8827-5ed0e7faa0bb", + "name": "manage-realm", + "description": "${role_manage-realm}", + "composite": false, + "clientRole": true, + "containerId": "d4e536b1-c583-49b0-9fe4-39c895f91958", + "attributes": {} + }, + { + "id": "1846e5e3-6823-4ff5-9026-1751f159069a", + "name": "view-realm", + "description": "${role_view-realm}", + "composite": false, + "clientRole": true, + "containerId": "d4e536b1-c583-49b0-9fe4-39c895f91958", + "attributes": {} + }, + { + "id": "a8063557-4d74-435b-ab1e-2ba52c5308f8", + "name": "view-authorization", + "description": "${role_view-authorization}", + "composite": false, + "clientRole": true, + "containerId": "d4e536b1-c583-49b0-9fe4-39c895f91958", + "attributes": {} + } + ], + "security-admin-console": [], + "admin-cli": [], + "account-console": [], + "broker": [ + { + "id": "62ca4922-3ea7-42c0-86b5-227149277c34", + "name": "read-token", + "description": "${role_read-token}", + "composite": false, + "clientRole": true, + "containerId": "be1cf7e1-0270-41d1-9ce3-f9ed840fd432", + "attributes": {} + } + ], + "account": [ + { + "id": "ff99d820-6dff-49f0-b831-ce7fe6801b42", + "name": "view-profile", + "description": "${role_view-profile}", + "composite": false, + "clientRole": true, + "containerId": "d5894718-53cc-4aec-9bd9-102fcbd191b3", + "attributes": {} + }, + { + "id": "fb06b072-0737-4fe4-84dd-bca8d32d4550", + "name": "manage-account", + "description": "${role_manage-account}", + "composite": true, + "composites": { + "client": { + "account": [ + "manage-account-links" + ] + } + }, + "clientRole": true, + "containerId": "d5894718-53cc-4aec-9bd9-102fcbd191b3", + "attributes": {} + }, + { + "id": "bbbe2dd8-5c93-4885-8b0a-7e227d2f861d", + "name": "view-applications", + "description": "${role_view-applications}", + "composite": false, + "clientRole": true, + "containerId": "d5894718-53cc-4aec-9bd9-102fcbd191b3", + "attributes": {} + }, + { + "id": "cd0cf14c-0739-4da9-9283-98c8a7739c97", + "name": "manage-account-links", + "description": "${role_manage-account-links}", + "composite": false, + "clientRole": true, + "containerId": "d5894718-53cc-4aec-9bd9-102fcbd191b3", + "attributes": {} + }, + { + "id": "91d84ea1-42af-48c9-ab3d-b160c423120d", + "name": "view-consent", + "description": "${role_view-consent}", + "composite": false, + "clientRole": true, + "containerId": "d5894718-53cc-4aec-9bd9-102fcbd191b3", + "attributes": {} + }, + { + "id": "c61934bc-75a9-48b6-b37f-131c72b8ac37", + "name": "manage-consent", + "description": "${role_manage-consent}", + "composite": true, + "composites": { + "client": { + "account": [ + "view-consent" + ] + } + }, + "clientRole": true, + "containerId": "d5894718-53cc-4aec-9bd9-102fcbd191b3", + "attributes": {} + }, + { + "id": "494cdeb4-6193-410e-bc20-0547b2377ab6", + "name": "view-groups", + "description": "${role_view-groups}", + "composite": false, + "clientRole": true, + "containerId": "d5894718-53cc-4aec-9bd9-102fcbd191b3", + "attributes": {} + }, + { + "id": "0e19abe7-b5aa-48ae-b5ef-f589fefff5db", + "name": "delete-account", + "description": "${role_delete-account}", + "composite": false, + "clientRole": true, + "containerId": "d5894718-53cc-4aec-9bd9-102fcbd191b3", + "attributes": {} + } + ] + } + }, + "groups": [], + "defaultRole": { + "id": "f9e700c4-3479-4df9-8f66-32d3d0aa402f", + "name": "default-roles-cx-operator", + "description": "${role_default-roles}", + "composite": true, + "clientRole": false, + "containerId": "CX-Operator" + }, + "requiredCredentials": [ + "password" + ], + "passwordPolicy": "length(15) and forceExpiredPasswordChange(90) and lowerCase(1) and digits(1) and notUsername(undefined) and notEmail(undefined)", + "otpPolicyType": "totp", + "otpPolicyAlgorithm": "HmacSHA1", + "otpPolicyInitialCounter": 0, + "otpPolicyDigits": 6, + "otpPolicyLookAheadWindow": 1, + "otpPolicyPeriod": 30, + "otpPolicyCodeReusable": false, + "otpSupportedApplications": [ + "totpAppGoogleName", + "totpAppFreeOTPName", + "totpAppMicrosoftAuthenticatorName" + ], + "webAuthnPolicyRpEntityName": "keycloak", + "webAuthnPolicySignatureAlgorithms": [ + "ES256" + ], + "webAuthnPolicyRpId": "", + "webAuthnPolicyAttestationConveyancePreference": "not specified", + "webAuthnPolicyAuthenticatorAttachment": "not specified", + "webAuthnPolicyRequireResidentKey": "not specified", + "webAuthnPolicyUserVerificationRequirement": "not specified", + "webAuthnPolicyCreateTimeout": 0, + "webAuthnPolicyAvoidSameAuthenticatorRegister": false, + "webAuthnPolicyAcceptableAaguids": [], + "webAuthnPolicyPasswordlessRpEntityName": "keycloak", + "webAuthnPolicyPasswordlessSignatureAlgorithms": [ + "ES256" + ], + "webAuthnPolicyPasswordlessRpId": "", + "webAuthnPolicyPasswordlessAttestationConveyancePreference": "not specified", + "webAuthnPolicyPasswordlessAuthenticatorAttachment": "not specified", + "webAuthnPolicyPasswordlessRequireResidentKey": "not specified", + "webAuthnPolicyPasswordlessUserVerificationRequirement": "not specified", + "webAuthnPolicyPasswordlessCreateTimeout": 0, + "webAuthnPolicyPasswordlessAvoidSameAuthenticatorRegister": false, + "webAuthnPolicyPasswordlessAcceptableAaguids": [], + "scopeMappings": [ + { + "clientScope": "offline_access", + "roles": [ + "offline_access" + ] + } + ], + "clientScopeMappings": { + "account": [ + { + "client": "account-console", + "roles": [ + "manage-account", + "view-groups" + ] + } + ] + }, + "clients": [ + { + "id": "d5894718-53cc-4aec-9bd9-102fcbd191b3", + "clientId": "account", + "name": "${client_account}", + "rootUrl": "${authBaseUrl}", + "baseUrl": "/realms/CX-Operator/account/", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [ + "/realms/CX-Operator/account/*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "post.logout.redirect.uris": "+" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "586494f5-d21b-4dc9-b618-ae6dde896a59", + "clientId": "account-console", + "name": "${client_account-console}", + "rootUrl": "${authBaseUrl}", + "baseUrl": "/realms/CX-Operator/account/", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [ + "/realms/CX-Operator/account/*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "post.logout.redirect.uris": "+", + "pkce.code.challenge.method": "S256" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "protocolMappers": [ + { + "id": "3dd58884-4647-477e-a7ef-1b299aa2a26c", + "name": "audience resolve", + "protocol": "openid-connect", + "protocolMapper": "oidc-audience-resolve-mapper", + "consentRequired": false, + "config": {} + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "793217d8-80d5-46ec-9507-aca5a8dbdfbc", + "clientId": "admin-cli", + "name": "${client_admin-cli}", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": true, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "post.logout.redirect.uris": "+" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "be1cf7e1-0270-41d1-9ce3-f9ed840fd432", + "clientId": "broker", + "name": "${client_broker}", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": true, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "post.logout.redirect.uris": "+" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "e01bbf6a-966b-4a04-91cc-1be54398d023", + "clientId": "central-idp", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-jwt", + "secret": "**********", + "redirectUris": [ + "https://centralidp.example.org/auth/realms/CX-Central/broker/CX-Operator/endpoint/*" + ], + "webOrigins": [ + "+" + ], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": true, + "serviceAccountsEnabled": false, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "backchannel.logout.session.required": "true", + "jwks.url": "https://centralidp.example.org/auth/realms/CX-Central/protocol/openid-connect/certs", + "token.endpoint.auth.signing.alg": "RS256", + "post.logout.redirect.uris": "+", + "use.jwks.url": "true", + "backchannel.logout.revoke.offline.tokens": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "d4e536b1-c583-49b0-9fe4-39c895f91958", + "clientId": "realm-management", + "name": "${client_realm-management}", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": true, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "post.logout.redirect.uris": "+" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "5d4be671-a85b-4102-91c0-3d444e9549bb", + "clientId": "security-admin-console", + "name": "${client_security-admin-console}", + "rootUrl": "${authAdminUrl}", + "baseUrl": "/admin/CX-Operator/console/", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [ + "/admin/CX-Operator/console/*" + ], + "webOrigins": [ + "+" + ], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "post.logout.redirect.uris": "+", + "pkce.code.challenge.method": "S256" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "protocolMappers": [ + { + "id": "2f451e93-4f2f-450a-acb0-6b170c9158a3", + "name": "locale", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "locale", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "locale", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + } + ], + "clientScopes": [ + { + "id": "362f247c-98b6-4577-9fdf-58e9b8b02ff1", + "name": "microprofile-jwt", + "description": "Microprofile - JWT built-in scope", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "false" + }, + "protocolMappers": [ + { + "id": "85d44bfa-e5ae-4982-af15-1557b52e9fec", + "name": "groups", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-realm-role-mapper", + "consentRequired": false, + "config": { + "multivalued": "true", + "userinfo.token.claim": "true", + "user.attribute": "foo", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "groups", + "jsonType.label": "String" + } + }, + { + "id": "c073d69f-8ff1-4f66-8108-1da31b9a01ca", + "name": "upn", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "username", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "upn", + "jsonType.label": "String" + } + } + ] + }, + { + "id": "ea162d29-da0d-4caa-8210-122ea067481b", + "name": "roles", + "description": "OpenID Connect scope for add user roles to the access token", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "false", + "display.on.consent.screen": "true", + "consent.screen.text": "${rolesScopeConsentText}" + }, + "protocolMappers": [ + { + "id": "ec42fa8f-1393-41be-ba33-377b8dd0246f", + "name": "realm roles", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-realm-role-mapper", + "consentRequired": false, + "config": { + "user.attribute": "foo", + "access.token.claim": "true", + "claim.name": "realm_access.roles", + "jsonType.label": "String", + "multivalued": "true" + } + }, + { + "id": "0ab73adc-4dd1-4a32-abe2-12093cd10b43", + "name": "audience resolve", + "protocol": "openid-connect", + "protocolMapper": "oidc-audience-resolve-mapper", + "consentRequired": false, + "config": {} + }, + { + "id": "4cb009ee-b9e9-4d10-b5b5-3ccce89d12c0", + "name": "client roles", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-client-role-mapper", + "consentRequired": false, + "config": { + "user.attribute": "foo", + "access.token.claim": "true", + "claim.name": "resource_access.${client_id}.roles", + "jsonType.label": "String", + "multivalued": "true" + } + } + ] + }, + { + "id": "fe93e386-dcff-4871-b6f3-d37906ab0d43", + "name": "email", + "description": "OpenID Connect built-in scope: email", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "true", + "consent.screen.text": "${emailScopeConsentText}" + }, + "protocolMappers": [ + { + "id": "870e4c2e-83fe-4ea6-bf70-24627de5cbd9", + "name": "email", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "email", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "email", + "jsonType.label": "String" + } + }, + { + "id": "b504ae92-cf77-40d0-853f-3f7521c45c73", + "name": "email verified", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "emailVerified", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "email_verified", + "jsonType.label": "boolean" + } + } + ] + }, + { + "id": "60891e8b-ce9f-475c-b6ae-8d3ce862c43a", + "name": "phone", + "description": "OpenID Connect built-in scope: phone", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "true", + "consent.screen.text": "${phoneScopeConsentText}" + }, + "protocolMappers": [ + { + "id": "78ee36f2-b876-4e61-a821-19a41ae70fd9", + "name": "phone number", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "phoneNumber", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "phone_number", + "jsonType.label": "String" + } + }, + { + "id": "e4402c22-40ad-4be3-a3b5-567baffdcb8c", + "name": "phone number verified", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "phoneNumberVerified", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "phone_number_verified", + "jsonType.label": "boolean" + } + } + ] + }, + { + "id": "56f5418e-2b15-4f99-a54f-746b27ffa788", + "name": "web-origins", + "description": "OpenID Connect scope for add allowed web origins to the access token", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "false", + "display.on.consent.screen": "false", + "consent.screen.text": "" + }, + "protocolMappers": [ + { + "id": "023fc147-52ae-4ea9-b106-d713d4625f48", + "name": "allowed web origins", + "protocol": "openid-connect", + "protocolMapper": "oidc-allowed-origins-mapper", + "consentRequired": false, + "config": {} + } + ] + }, + { + "id": "e3617a84-1cc3-4a5d-a6ef-f44d823a86b6", + "name": "acr", + "description": "OpenID Connect scope for add acr (authentication context class reference) to the token", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "false", + "display.on.consent.screen": "false" + }, + "protocolMappers": [ + { + "id": "1c46faaa-c4c9-439b-bf07-55199453e9d1", + "name": "acr loa level", + "protocol": "openid-connect", + "protocolMapper": "oidc-acr-mapper", + "consentRequired": false, + "config": { + "id.token.claim": "true", + "access.token.claim": "true" + } + } + ] + }, + { + "id": "d63e6bfd-63b3-4853-9f80-8c8bb6a5b95b", + "name": "profile", + "description": "OpenID Connect built-in scope: profile", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "true", + "consent.screen.text": "${profileScopeConsentText}" + }, + "protocolMappers": [ + { + "id": "7550baf2-3541-46cc-827d-452328409445", + "name": "birthdate", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "birthdate", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "birthdate", + "jsonType.label": "String" + } + }, + { + "id": "5c617319-cb7e-4925-bd25-5ed43f9681e0", + "name": "website", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "website", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "website", + "jsonType.label": "String" + } + }, + { + "id": "1d8185f2-3051-4f6e-a6c7-3be7569883e4", + "name": "family name", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "lastName", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "family_name", + "jsonType.label": "String" + } + }, + { + "id": "b01c009c-28bb-405e-bdba-0a7e0d819663", + "name": "given name", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "firstName", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "given_name", + "jsonType.label": "String" + } + }, + { + "id": "525eee5e-159b-4365-b5b6-4b95e98a48f2", + "name": "profile", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "profile", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "profile", + "jsonType.label": "String" + } + }, + { + "id": "3bfec154-789d-43e1-b9d1-eabadc087ec0", + "name": "middle name", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "middleName", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "middle_name", + "jsonType.label": "String" + } + }, + { + "id": "e926db58-7353-4562-ac69-feb767ff9a45", + "name": "zoneinfo", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "zoneinfo", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "zoneinfo", + "jsonType.label": "String" + } + }, + { + "id": "b742dd79-d660-4d89-b45b-c5a803b64baa", + "name": "locale", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "locale", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "locale", + "jsonType.label": "String" + } + }, + { + "id": "ba11b750-af17-4bd9-a418-8c2c2a39146f", + "name": "updated at", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "updatedAt", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "updated_at", + "jsonType.label": "String" + } + }, + { + "id": "9532afdc-0222-4e79-b09f-c4d8c3c2a9ae", + "name": "username", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "username", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "preferred_username", + "jsonType.label": "String" + } + }, + { + "id": "5777b34c-7bd8-4148-8851-209fc716556d", + "name": "picture", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "picture", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "picture", + "jsonType.label": "String" + } + }, + { + "id": "7e11dcd2-0f73-4445-bda9-fff2a021a386", + "name": "full name", + "protocol": "openid-connect", + "protocolMapper": "oidc-full-name-mapper", + "consentRequired": false, + "config": { + "id.token.claim": "true", + "access.token.claim": "true", + "userinfo.token.claim": "true" + } + }, + { + "id": "c82ce218-3c8d-4539-a746-c66f0a1887f6", + "name": "nickname", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "nickname", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "nickname", + "jsonType.label": "String" + } + }, + { + "id": "05608ade-80a4-4684-a020-6135ca6b39c7", + "name": "gender", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "gender", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "gender", + "jsonType.label": "String" + } + } + ] + }, + { + "id": "f8a41bb2-8aae-4c7f-bca0-d241b1571896", + "name": "address", + "description": "OpenID Connect built-in scope: address", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "true", + "consent.screen.text": "${addressScopeConsentText}" + }, + "protocolMappers": [ + { + "id": "df21b649-0b05-4ba1-b0fa-0b3729af5b59", + "name": "address", + "protocol": "openid-connect", + "protocolMapper": "oidc-address-mapper", + "consentRequired": false, + "config": { + "user.attribute.formatted": "formatted", + "user.attribute.country": "country", + "user.attribute.postal_code": "postal_code", + "userinfo.token.claim": "true", + "user.attribute.street": "street", + "id.token.claim": "true", + "user.attribute.region": "region", + "access.token.claim": "true", + "user.attribute.locality": "locality" + } + } + ] + }, + { + "id": "38880d3f-296c-496c-bf6e-010c83d1243b", + "name": "role_list", + "description": "SAML role list", + "protocol": "saml", + "attributes": { + "consent.screen.text": "${samlRoleListScopeConsentText}", + "display.on.consent.screen": "true" + }, + "protocolMappers": [ + { + "id": "df3cbe76-8bc8-4d47-a17b-4ea5fdf1e70f", + "name": "role list", + "protocol": "saml", + "protocolMapper": "saml-role-list-mapper", + "consentRequired": false, + "config": { + "single": "false", + "attribute.nameformat": "Basic", + "attribute.name": "Role" + } + } + ] + }, + { + "id": "e2d302a0-1df7-4dae-9128-a1d5d9a6c160", + "name": "offline_access", + "description": "OpenID Connect built-in scope: offline_access", + "protocol": "openid-connect", + "attributes": { + "consent.screen.text": "${offlineAccessScopeConsentText}", + "display.on.consent.screen": "true" + } + } + ], + "defaultDefaultClientScopes": [ + "role_list", + "profile", + "email", + "roles", + "web-origins", + "acr" + ], + "defaultOptionalClientScopes": [ + "offline_access", + "address", + "phone", + "microprofile-jwt" + ], + "browserSecurityHeaders": { + "contentSecurityPolicyReportOnly": "", + "xContentTypeOptions": "nosniff", + "referrerPolicy": "no-referrer", + "xRobotsTag": "none", + "xFrameOptions": "SAMEORIGIN", + "contentSecurityPolicy": "frame-src 'self'; frame-ancestors 'self'; object-src 'none';", + "xXSSProtection": "1; mode=block", + "strictTransportSecurity": "max-age=31536000; includeSubDomains" + }, + "smtpServer": {}, + "eventsEnabled": false, + "eventsListeners": [ + "jboss-logging" + ], + "enabledEventTypes": [], + "adminEventsEnabled": false, + "adminEventsDetailsEnabled": false, + "identityProviders": [], + "identityProviderMappers": [], + "components": { + "org.keycloak.services.clientregistration.policy.ClientRegistrationPolicy": [ + { + "id": "e9eefa38-4c5f-4afb-bf8b-70f36d4d3180", + "name": "Allowed Protocol Mapper Types", + "providerId": "allowed-protocol-mappers", + "subType": "anonymous", + "subComponents": {}, + "config": { + "allowed-protocol-mapper-types": [ + "oidc-sha256-pairwise-sub-mapper", + "oidc-full-name-mapper", + "oidc-usermodel-attribute-mapper", + "saml-role-list-mapper", + "saml-user-attribute-mapper", + "oidc-usermodel-property-mapper", + "oidc-address-mapper", + "saml-user-property-mapper" + ] + } + }, + { + "id": "d159b35a-dab0-4f35-a1c6-4403db711c60", + "name": "Allowed Client Scopes", + "providerId": "allowed-client-templates", + "subType": "authenticated", + "subComponents": {}, + "config": { + "allow-default-scopes": [ + "true" + ] + } + }, + { + "id": "f0681c21-2cd2-4860-9bde-e73b2a2adb14", + "name": "Trusted Hosts", + "providerId": "trusted-hosts", + "subType": "anonymous", + "subComponents": {}, + "config": { + "host-sending-registration-request-must-match": [ + "true" + ], + "client-uris-must-match": [ + "true" + ] + } + }, + { + "id": "4cc22082-1d2a-4f91-bc0f-c7dccb010ef3", + "name": "Allowed Protocol Mapper Types", + "providerId": "allowed-protocol-mappers", + "subType": "authenticated", + "subComponents": {}, + "config": { + "allowed-protocol-mapper-types": [ + "saml-user-attribute-mapper", + "oidc-full-name-mapper", + "saml-user-property-mapper", + "oidc-usermodel-property-mapper", + "oidc-sha256-pairwise-sub-mapper", + "oidc-address-mapper", + "oidc-usermodel-attribute-mapper", + "saml-role-list-mapper" + ] + } + }, + { + "id": "ff800f90-97c0-4f08-b95f-397a9325bbb5", + "name": "Max Clients Limit", + "providerId": "max-clients", + "subType": "anonymous", + "subComponents": {}, + "config": { + "max-clients": [ + "200" + ] + } + }, + { + "id": "84e3090c-5cb3-4157-a366-0427efeafdd1", + "name": "Full Scope Disabled", + "providerId": "scope", + "subType": "anonymous", + "subComponents": {}, + "config": {} + }, + { + "id": "6c46f360-1831-4f1d-97c0-a36503a61243", + "name": "Allowed Client Scopes", + "providerId": "allowed-client-templates", + "subType": "anonymous", + "subComponents": {}, + "config": { + "allow-default-scopes": [ + "true" + ] + } + }, + { + "id": "d5109c64-e80b-47dc-839a-a43daf933a0d", + "name": "Consent Required", + "providerId": "consent-required", + "subType": "anonymous", + "subComponents": {}, + "config": {} + } + ], + "org.keycloak.keys.KeyProvider": [ + { + "id": "4f40e663-8063-4190-9d1b-2c4f231a157b", + "name": "hmac-generated", + "providerId": "hmac-generated", + "subComponents": {}, + "config": { + "priority": [ + "100" + ], + "algorithm": [ + "HS256" + ] + } + }, + { + "id": "46984e4d-ce4b-4f6b-ae36-52068ebd71c5", + "name": "rsa-enc-generated", + "providerId": "rsa-enc-generated", + "subComponents": {}, + "config": { + "priority": [ + "100" + ], + "algorithm": [ + "RSA-OAEP" + ] + } + }, + { + "id": "2e8584a5-4683-4c75-9a71-18b6b593fec7", + "name": "aes-generated", + "providerId": "aes-generated", + "subComponents": {}, + "config": { + "priority": [ + "100" + ] + } + }, + { + "id": "73e2090a-8890-499c-b4b8-cb652fcbc182", + "name": "rsa-generated", + "providerId": "rsa-generated", + "subComponents": {}, + "config": { + "priority": [ + "100" + ] + } + } + ] + }, + "internationalizationEnabled": false, + "supportedLocales": [], + "authenticationFlows": [ + { + "id": "5cf1632b-e3e5-415e-8dbf-5ecbd8986351", + "alias": "Account verification options", + "description": "Method with which to verity the existing account", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "idp-email-verification", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 10, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticatorFlow": true, + "requirement": "ALTERNATIVE", + "priority": 20, + "autheticatorFlow": true, + "flowAlias": "Verify Existing Account by Re-authentication", + "userSetupAllowed": false + } + ] + }, + { + "id": "5648b9f5-5ccb-4e71-b5d9-909535f54c9b", + "alias": "Browser - Conditional OTP", + "description": "Flow to determine if the OTP is required for the authentication", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "conditional-user-configured", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticator": "auth-otp-form", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "autheticatorFlow": false, + "userSetupAllowed": false + } + ] + }, + { + "id": "c36a1a61-fd22-4e7c-a2d1-0eb5d1cddd9c", + "alias": "Direct Grant - Conditional OTP", + "description": "Flow to determine if the OTP is required for the authentication", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "conditional-user-configured", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticator": "direct-grant-validate-otp", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "autheticatorFlow": false, + "userSetupAllowed": false + } + ] + }, + { + "id": "b99f1894-6f56-42db-b213-525897383d8b", + "alias": "First broker login - Conditional OTP", + "description": "Flow to determine if the OTP is required for the authentication", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "conditional-user-configured", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticator": "auth-otp-form", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "autheticatorFlow": false, + "userSetupAllowed": false + } + ] + }, + { + "id": "0b944dd1-c049-491b-bb93-8a6170ca9a03", + "alias": "Handle Existing Account", + "description": "Handle what to do if there is existing account with same email/username like authenticated identity provider", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "idp-confirm-link", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticatorFlow": true, + "requirement": "REQUIRED", + "priority": 20, + "autheticatorFlow": true, + "flowAlias": "Account verification options", + "userSetupAllowed": false + } + ] + }, + { + "id": "062e7e60-160d-42f3-8ea9-f84c3058f292", + "alias": "Reset - Conditional OTP", + "description": "Flow to determine if the OTP should be reset or not. Set to REQUIRED to force.", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "conditional-user-configured", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticator": "reset-otp", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "autheticatorFlow": false, + "userSetupAllowed": false + } + ] + }, + { + "id": "9b18252b-0fcd-44db-b2b3-7c57e7cf1fd4", + "alias": "User creation or linking", + "description": "Flow for the existing/non-existing user alternatives", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticatorConfig": "create unique user config", + "authenticator": "idp-create-user-if-unique", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 10, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticatorFlow": true, + "requirement": "ALTERNATIVE", + "priority": 20, + "autheticatorFlow": true, + "flowAlias": "Handle Existing Account", + "userSetupAllowed": false + } + ] + }, + { + "id": "9daf1573-3740-4003-88d4-217a15173a7e", + "alias": "Verify Existing Account by Re-authentication", + "description": "Reauthentication of existing account", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "idp-username-password-form", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticatorFlow": true, + "requirement": "CONDITIONAL", + "priority": 20, + "autheticatorFlow": true, + "flowAlias": "First broker login - Conditional OTP", + "userSetupAllowed": false + } + ] + }, + { + "id": "d7b85965-d6a8-4ba6-a3cd-dec0cc8582e6", + "alias": "browser", + "description": "browser based authentication", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "auth-cookie", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 10, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticator": "auth-spnego", + "authenticatorFlow": false, + "requirement": "DISABLED", + "priority": 20, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticator": "identity-provider-redirector", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 25, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticatorFlow": true, + "requirement": "ALTERNATIVE", + "priority": 30, + "autheticatorFlow": true, + "flowAlias": "forms", + "userSetupAllowed": false + } + ] + }, + { + "id": "9b1e9a02-aab8-4464-81e3-cec8a8b73770", + "alias": "clients", + "description": "Base authentication for clients", + "providerId": "client-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "client-secret", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 10, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticator": "client-jwt", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 20, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticator": "client-secret-jwt", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 30, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticator": "client-x509", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 40, + "autheticatorFlow": false, + "userSetupAllowed": false + } + ] + }, + { + "id": "abcc3b95-68be-4d60-a08d-987f4de5ea4c", + "alias": "direct grant", + "description": "OpenID Connect Resource Owner Grant", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "direct-grant-validate-username", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticator": "direct-grant-validate-password", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticatorFlow": true, + "requirement": "CONDITIONAL", + "priority": 30, + "autheticatorFlow": true, + "flowAlias": "Direct Grant - Conditional OTP", + "userSetupAllowed": false + } + ] + }, + { + "id": "181af168-b624-44e6-94d2-d1ad1bb8a5e1", + "alias": "docker auth", + "description": "Used by Docker clients to authenticate against the IDP", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "docker-http-basic-authenticator", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "autheticatorFlow": false, + "userSetupAllowed": false + } + ] + }, + { + "id": "72e85b7d-ab76-413f-8c1b-c546bf4364d8", + "alias": "first broker login", + "description": "Actions taken after first broker login with identity provider account, which is not yet linked to any Keycloak account", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticatorConfig": "review profile config", + "authenticator": "idp-review-profile", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticatorFlow": true, + "requirement": "REQUIRED", + "priority": 20, + "autheticatorFlow": true, + "flowAlias": "User creation or linking", + "userSetupAllowed": false + } + ] + }, + { + "id": "110fc25a-e5a4-4731-a100-afe1877df3ff", + "alias": "forms", + "description": "Username, password, otp and other auth forms.", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "auth-username-password-form", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticatorFlow": true, + "requirement": "CONDITIONAL", + "priority": 20, + "autheticatorFlow": true, + "flowAlias": "Browser - Conditional OTP", + "userSetupAllowed": false + } + ] + }, + { + "id": "edb80050-768e-41ba-9b6d-11721a5105b2", + "alias": "registration", + "description": "registration flow", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "registration-page-form", + "authenticatorFlow": true, + "requirement": "REQUIRED", + "priority": 10, + "autheticatorFlow": true, + "flowAlias": "registration form", + "userSetupAllowed": false + } + ] + }, + { + "id": "ee90c4ba-a47b-41a4-b12c-720e31551eeb", + "alias": "registration form", + "description": "registration form", + "providerId": "form-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "registration-user-creation", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticator": "registration-profile-action", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 40, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticator": "registration-password-action", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 50, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticator": "registration-recaptcha-action", + "authenticatorFlow": false, + "requirement": "DISABLED", + "priority": 60, + "autheticatorFlow": false, + "userSetupAllowed": false + } + ] + }, + { + "id": "6000a4fa-e7d1-421f-8d0b-d19a838162bf", + "alias": "reset credentials", + "description": "Reset credentials for a user if they forgot their password or something", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "reset-credentials-choose-user", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticator": "reset-credential-email", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticator": "reset-password", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 30, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticatorFlow": true, + "requirement": "CONDITIONAL", + "priority": 40, + "autheticatorFlow": true, + "flowAlias": "Reset - Conditional OTP", + "userSetupAllowed": false + } + ] + }, + { + "id": "3b66d772-5c58-4dcc-aaa9-46b3cc0dde27", + "alias": "saml ecp", + "description": "SAML ECP Profile Authentication Flow", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "http-basic-authenticator", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "autheticatorFlow": false, + "userSetupAllowed": false + } + ] + } + ], + "authenticatorConfig": [ + { + "id": "2a83b474-2330-4e5b-aef7-2537482d98af", + "alias": "create unique user config", + "config": { + "require.password.update.after.registration": "false" + } + }, + { + "id": "71f681b4-6fc0-4fd6-aeaf-3b94a146983f", + "alias": "review profile config", + "config": { + "update.profile.on.first.login": "missing" + } + } + ], + "requiredActions": [ + { + "alias": "CONFIGURE_TOTP", + "name": "Configure OTP", + "providerId": "CONFIGURE_TOTP", + "enabled": true, + "defaultAction": false, + "priority": 10, + "config": {} + }, + { + "alias": "TERMS_AND_CONDITIONS", + "name": "Terms and Conditions", + "providerId": "TERMS_AND_CONDITIONS", + "enabled": false, + "defaultAction": false, + "priority": 20, + "config": {} + }, + { + "alias": "UPDATE_PASSWORD", + "name": "Update Password", + "providerId": "UPDATE_PASSWORD", + "enabled": true, + "defaultAction": false, + "priority": 30, + "config": {} + }, + { + "alias": "UPDATE_PROFILE", + "name": "Update Profile", + "providerId": "UPDATE_PROFILE", + "enabled": true, + "defaultAction": false, + "priority": 40, + "config": {} + }, + { + "alias": "VERIFY_EMAIL", + "name": "Verify Email", + "providerId": "VERIFY_EMAIL", + "enabled": true, + "defaultAction": false, + "priority": 50, + "config": {} + }, + { + "alias": "delete_account", + "name": "Delete Account", + "providerId": "delete_account", + "enabled": false, + "defaultAction": false, + "priority": 60, + "config": {} + }, + { + "alias": "update_user_locale", + "name": "Update User Locale", + "providerId": "update_user_locale", + "enabled": true, + "defaultAction": false, + "priority": 1000, + "config": {} + } + ], + "browserFlow": "browser", + "registrationFlow": "registration", + "directGrantFlow": "direct grant", + "resetCredentialsFlow": "reset credentials", + "clientAuthenticationFlow": "clients", + "dockerAuthenticationFlow": "docker auth", + "attributes": { + "cibaBackchannelTokenDeliveryMode": "poll", + "cibaExpiresIn": "120", + "cibaAuthRequestedUserHint": "login_hint", + "oauth2DeviceCodeLifespan": "600", + "clientOfflineSessionMaxLifespan": "0", + "oauth2DevicePollingInterval": "5", + "clientSessionIdleTimeout": "0", + "parRequestUriLifespan": "60", + "clientSessionMaxLifespan": "0", + "clientOfflineSessionIdleTimeout": "0", + "cibaInterval": "5", + "realmReusableOtpCode": "false" + }, + "keycloakVersion": "22.0.3", + "userManagedAccessAllowed": false, + "clientProfiles": { + "profiles": [] + }, + "clientPolicies": { + "policies": [] + } +} \ No newline at end of file diff --git a/init-container/iam/sharedidp/CX-Operator-users-0.json b/init-container/iam/sharedidp/CX-Operator-users-0.json new file mode 100644 index 00000000..cd08ed40 --- /dev/null +++ b/init-container/iam/sharedidp/CX-Operator-users-0.json @@ -0,0 +1,18 @@ +{ + "realm" : "CX-Operator", + "users" : [ { + "id" : "656e8a94-188b-4a3e-9eec-b45d8efd8347", + "username" : "cx-operator@cx.com", + "enabled" : true, + "totp" : false, + "emailVerified" : false, + "firstName" : "Operator", + "lastName" : "CX Admin", + "email" : "tobeadded@cx.com", + "credentials" : [ ], + "disableableCredentialTypes" : [ ], + "requiredActions" : [ ], + "notBefore" : 0, + "groups" : [ ] + } ] +} \ No newline at end of file