mirror of
https://github.com/Alfresco/alfresco-content-app.git
synced 2025-07-31 17:38:28 +00:00
1674 lines
52 KiB
JSON
1674 lines
52 KiB
JSON
{
|
|
"id": "alfresco",
|
|
"realm": "alfresco",
|
|
"notBefore": 0,
|
|
"revokeRefreshToken": false,
|
|
"refreshTokenMaxReuse": 0,
|
|
"accessTokenLifespan": 300,
|
|
"accessTokenLifespanForImplicitFlow": 900,
|
|
"ssoSessionIdleTimeout": 1800,
|
|
"ssoSessionMaxLifespan": 36000,
|
|
"offlineSessionIdleTimeout": 2592000,
|
|
"accessCodeLifespan": 60,
|
|
"accessCodeLifespanUserAction": 300,
|
|
"accessCodeLifespanLogin": 1800,
|
|
"actionTokenGeneratedByAdminLifespan": 43200,
|
|
"actionTokenGeneratedByUserLifespan": 300,
|
|
"enabled": true,
|
|
"sslRequired": "none",
|
|
"registrationAllowed": false,
|
|
"registrationEmailAsUsername": false,
|
|
"rememberMe": false,
|
|
"verifyEmail": false,
|
|
"loginWithEmailAllowed": true,
|
|
"duplicateEmailsAllowed": false,
|
|
"resetPasswordAllowed": false,
|
|
"editUsernameAllowed": false,
|
|
"bruteForceProtected": false,
|
|
"permanentLockout": false,
|
|
"maxFailureWaitSeconds": 900,
|
|
"minimumQuickLoginWaitSeconds": 60,
|
|
"waitIncrementSeconds": 60,
|
|
"quickLoginCheckMilliSeconds": 1000,
|
|
"maxDeltaTimeSeconds": 43200,
|
|
"failureFactor": 30,
|
|
"roles": {
|
|
"realm": [
|
|
{
|
|
"id": "39654467-e529-418e-bd27-354a0414fb52",
|
|
"name": "admin",
|
|
"scopeParamRequired": false,
|
|
"composite": false,
|
|
"clientRole": false,
|
|
"containerId": "alfresco"
|
|
},
|
|
{
|
|
"id": "5b481c9b-38fe-474a-a047-50c3935262cb",
|
|
"name": "uma_authorization",
|
|
"description": "${role_uma_authorization}",
|
|
"scopeParamRequired": false,
|
|
"composite": false,
|
|
"clientRole": false,
|
|
"containerId": "alfresco"
|
|
},
|
|
{
|
|
"id": "86db4867-8c3c-4cdf-8950-e18790f5bf6a",
|
|
"name": "offline_access",
|
|
"description": "${role_offline-access}",
|
|
"scopeParamRequired": true,
|
|
"composite": false,
|
|
"clientRole": false,
|
|
"containerId": "alfresco"
|
|
}
|
|
],
|
|
"client": {
|
|
"realm-management": [
|
|
{
|
|
"id": "a637f20f-fd3e-4db6-9d2a-c91acb1e14e8",
|
|
"name": "create-client",
|
|
"description": "${role_create-client}",
|
|
"scopeParamRequired": false,
|
|
"composite": false,
|
|
"clientRole": true,
|
|
"containerId": "c1f65e94-ed07-4bba-bafd-413db402a5f2"
|
|
},
|
|
{
|
|
"id": "4232f8bf-dab4-4b4a-8ccf-28b8984f8ae7",
|
|
"name": "realm-admin",
|
|
"description": "${role_realm-admin}",
|
|
"scopeParamRequired": false,
|
|
"composite": true,
|
|
"composites": {
|
|
"client": {
|
|
"realm-management": [
|
|
"create-client",
|
|
"view-authorization",
|
|
"manage-events",
|
|
"query-users",
|
|
"manage-authorization",
|
|
"view-realm",
|
|
"view-clients",
|
|
"query-clients",
|
|
"query-groups",
|
|
"impersonation",
|
|
"manage-users",
|
|
"manage-clients",
|
|
"manage-identity-providers",
|
|
"view-users",
|
|
"query-realms",
|
|
"view-identity-providers",
|
|
"view-events",
|
|
"manage-realm"
|
|
]
|
|
}
|
|
},
|
|
"clientRole": true,
|
|
"containerId": "c1f65e94-ed07-4bba-bafd-413db402a5f2"
|
|
},
|
|
{
|
|
"id": "ae0da5c2-643c-480e-8900-59bdca3581b3",
|
|
"name": "view-authorization",
|
|
"description": "${role_view-authorization}",
|
|
"scopeParamRequired": false,
|
|
"composite": false,
|
|
"clientRole": true,
|
|
"containerId": "c1f65e94-ed07-4bba-bafd-413db402a5f2"
|
|
},
|
|
{
|
|
"id": "8a69ec22-4fe9-43e0-b4f0-16b632c2d324",
|
|
"name": "manage-events",
|
|
"description": "${role_manage-events}",
|
|
"scopeParamRequired": false,
|
|
"composite": false,
|
|
"clientRole": true,
|
|
"containerId": "c1f65e94-ed07-4bba-bafd-413db402a5f2"
|
|
},
|
|
{
|
|
"id": "1c2c870c-5428-4144-ab12-c7304d1a7d2d",
|
|
"name": "query-users",
|
|
"description": "${role_query-users}",
|
|
"scopeParamRequired": false,
|
|
"composite": false,
|
|
"clientRole": true,
|
|
"containerId": "c1f65e94-ed07-4bba-bafd-413db402a5f2"
|
|
},
|
|
{
|
|
"id": "9884df61-b63f-4f8b-8fba-650db69c8784",
|
|
"name": "manage-authorization",
|
|
"description": "${role_manage-authorization}",
|
|
"scopeParamRequired": false,
|
|
"composite": false,
|
|
"clientRole": true,
|
|
"containerId": "c1f65e94-ed07-4bba-bafd-413db402a5f2"
|
|
},
|
|
{
|
|
"id": "003ae8b9-e32a-4c0b-b319-d2a985249348",
|
|
"name": "view-realm",
|
|
"description": "${role_view-realm}",
|
|
"scopeParamRequired": false,
|
|
"composite": false,
|
|
"clientRole": true,
|
|
"containerId": "c1f65e94-ed07-4bba-bafd-413db402a5f2"
|
|
},
|
|
{
|
|
"id": "d0d2eaa3-e737-4a7e-990d-4c6efa323cc3",
|
|
"name": "view-clients",
|
|
"description": "${role_view-clients}",
|
|
"scopeParamRequired": false,
|
|
"composite": true,
|
|
"composites": {
|
|
"client": {
|
|
"realm-management": ["query-clients"]
|
|
}
|
|
},
|
|
"clientRole": true,
|
|
"containerId": "c1f65e94-ed07-4bba-bafd-413db402a5f2"
|
|
},
|
|
{
|
|
"id": "d9f0638c-e045-4d92-b4ff-e0c71f68f4ba",
|
|
"name": "query-clients",
|
|
"description": "${role_query-clients}",
|
|
"scopeParamRequired": false,
|
|
"composite": false,
|
|
"clientRole": true,
|
|
"containerId": "c1f65e94-ed07-4bba-bafd-413db402a5f2"
|
|
},
|
|
{
|
|
"id": "02d5937c-929b-4928-8a55-b0de4c9b4924",
|
|
"name": "query-groups",
|
|
"description": "${role_query-groups}",
|
|
"scopeParamRequired": false,
|
|
"composite": false,
|
|
"clientRole": true,
|
|
"containerId": "c1f65e94-ed07-4bba-bafd-413db402a5f2"
|
|
},
|
|
{
|
|
"id": "c74d9c9b-65e4-4847-a47a-3edbb2fce0fb",
|
|
"name": "impersonation",
|
|
"description": "${role_impersonation}",
|
|
"scopeParamRequired": false,
|
|
"composite": false,
|
|
"clientRole": true,
|
|
"containerId": "c1f65e94-ed07-4bba-bafd-413db402a5f2"
|
|
},
|
|
{
|
|
"id": "e681501e-a8da-4653-861c-c37e2e1f8609",
|
|
"name": "manage-users",
|
|
"description": "${role_manage-users}",
|
|
"scopeParamRequired": false,
|
|
"composite": false,
|
|
"clientRole": true,
|
|
"containerId": "c1f65e94-ed07-4bba-bafd-413db402a5f2"
|
|
},
|
|
{
|
|
"id": "067b5e3c-9918-4713-85ca-749c6aae13e1",
|
|
"name": "manage-clients",
|
|
"description": "${role_manage-clients}",
|
|
"scopeParamRequired": false,
|
|
"composite": false,
|
|
"clientRole": true,
|
|
"containerId": "c1f65e94-ed07-4bba-bafd-413db402a5f2"
|
|
},
|
|
{
|
|
"id": "5b395e85-f5fa-4af9-b573-497cc9b1e694",
|
|
"name": "manage-identity-providers",
|
|
"description": "${role_manage-identity-providers}",
|
|
"scopeParamRequired": false,
|
|
"composite": false,
|
|
"clientRole": true,
|
|
"containerId": "c1f65e94-ed07-4bba-bafd-413db402a5f2"
|
|
},
|
|
{
|
|
"id": "b4ec253f-4d52-425e-b091-ed51aac7bd4c",
|
|
"name": "view-users",
|
|
"description": "${role_view-users}",
|
|
"scopeParamRequired": false,
|
|
"composite": true,
|
|
"composites": {
|
|
"client": {
|
|
"realm-management": ["query-groups", "query-users"]
|
|
}
|
|
},
|
|
"clientRole": true,
|
|
"containerId": "c1f65e94-ed07-4bba-bafd-413db402a5f2"
|
|
},
|
|
{
|
|
"id": "574e930a-07d5-446f-9628-3d7568eb483a",
|
|
"name": "query-realms",
|
|
"description": "${role_query-realms}",
|
|
"scopeParamRequired": false,
|
|
"composite": false,
|
|
"clientRole": true,
|
|
"containerId": "c1f65e94-ed07-4bba-bafd-413db402a5f2"
|
|
},
|
|
{
|
|
"id": "0cb1c9c8-55ce-4f22-b6d5-b6882c8b74fd",
|
|
"name": "view-identity-providers",
|
|
"description": "${role_view-identity-providers}",
|
|
"scopeParamRequired": false,
|
|
"composite": false,
|
|
"clientRole": true,
|
|
"containerId": "c1f65e94-ed07-4bba-bafd-413db402a5f2"
|
|
},
|
|
{
|
|
"id": "5d07f2b1-9f28-4e8b-8f91-7d68699d327c",
|
|
"name": "view-events",
|
|
"description": "${role_view-events}",
|
|
"scopeParamRequired": false,
|
|
"composite": false,
|
|
"clientRole": true,
|
|
"containerId": "c1f65e94-ed07-4bba-bafd-413db402a5f2"
|
|
},
|
|
{
|
|
"id": "53ccf3c9-4391-4d43-9d9e-6e644b989e9f",
|
|
"name": "manage-realm",
|
|
"description": "${role_manage-realm}",
|
|
"scopeParamRequired": false,
|
|
"composite": false,
|
|
"clientRole": true,
|
|
"containerId": "c1f65e94-ed07-4bba-bafd-413db402a5f2"
|
|
}
|
|
],
|
|
"security-admin-console": [],
|
|
"alfresco": [],
|
|
"admin-cli": [],
|
|
"broker": [
|
|
{
|
|
"id": "560b729f-ebc7-4ce6-967b-045611d35cde",
|
|
"name": "read-token",
|
|
"description": "${role_read-token}",
|
|
"scopeParamRequired": false,
|
|
"composite": false,
|
|
"clientRole": true,
|
|
"containerId": "887e537f-4a97-4374-a5de-45ad37bfe2df"
|
|
}
|
|
],
|
|
"account": [
|
|
{
|
|
"id": "86de6e40-74c1-4aa6-9a8b-bff434fb9a18",
|
|
"name": "manage-account-links",
|
|
"description": "${role_manage-account-links}",
|
|
"scopeParamRequired": false,
|
|
"composite": false,
|
|
"clientRole": true,
|
|
"containerId": "140feb9e-fd73-4d02-97f6-928ed67020f1"
|
|
},
|
|
{
|
|
"id": "6a95ddc1-2b12-4e59-8d14-01a98c0fad71",
|
|
"name": "manage-account",
|
|
"description": "${role_manage-account}",
|
|
"scopeParamRequired": false,
|
|
"composite": true,
|
|
"composites": {
|
|
"client": {
|
|
"account": ["manage-account-links"]
|
|
}
|
|
},
|
|
"clientRole": true,
|
|
"containerId": "140feb9e-fd73-4d02-97f6-928ed67020f1"
|
|
},
|
|
{
|
|
"id": "a8e8d710-1f71-4481-93a1-db030533b64a",
|
|
"name": "view-profile",
|
|
"description": "${role_view-profile}",
|
|
"scopeParamRequired": false,
|
|
"composite": false,
|
|
"clientRole": true,
|
|
"containerId": "140feb9e-fd73-4d02-97f6-928ed67020f1"
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"groups": [
|
|
{
|
|
"id": "21cd4641-e7cb-456f-846d-214589cef3da",
|
|
"name": "admin",
|
|
"path": "/admin",
|
|
"attributes": {},
|
|
"realmRoles": [],
|
|
"clientRoles": {},
|
|
"subGroups": []
|
|
}
|
|
],
|
|
"defaultRoles": ["offline_access", "uma_authorization"],
|
|
"requiredCredentials": ["password"],
|
|
"otpPolicyType": "totp",
|
|
"otpPolicyAlgorithm": "HmacSHA256",
|
|
"otpPolicyInitialCounter": 0,
|
|
"otpPolicyDigits": 6,
|
|
"otpPolicyLookAheadWindow": 1,
|
|
"otpPolicyPeriod": 30,
|
|
"otpSupportedApplications": ["FreeOTP"],
|
|
"clients": [
|
|
{
|
|
"id": "fca5da6d-fd90-4596-a754-346d872b779f",
|
|
"clientId": "security-admin-console",
|
|
"name": "${client_security-admin-console}",
|
|
"baseUrl": "/auth/admin/alfresco/console/index.html",
|
|
"surrogateAuthRequired": false,
|
|
"enabled": true,
|
|
"clientAuthenticatorType": "client-secret",
|
|
"secret": "**********",
|
|
"redirectUris": ["/auth/admin/alfresco/console/*"],
|
|
"webOrigins": [],
|
|
"notBefore": 0,
|
|
"bearerOnly": false,
|
|
"consentRequired": false,
|
|
"standardFlowEnabled": true,
|
|
"implicitFlowEnabled": false,
|
|
"directAccessGrantsEnabled": false,
|
|
"serviceAccountsEnabled": false,
|
|
"publicClient": true,
|
|
"frontchannelLogout": false,
|
|
"protocol": "openid-connect",
|
|
"attributes": {},
|
|
"fullScopeAllowed": false,
|
|
"nodeReRegistrationTimeout": 0,
|
|
"protocolMappers": [
|
|
{
|
|
"id": "50435a57-d933-4392-aa63-c7b93969cb77",
|
|
"name": "role list",
|
|
"protocol": "saml",
|
|
"protocolMapper": "saml-role-list-mapper",
|
|
"consentRequired": false,
|
|
"config": {
|
|
"single": "false",
|
|
"attribute.nameformat": "Basic",
|
|
"attribute.name": "Role"
|
|
}
|
|
},
|
|
{
|
|
"id": "9d065ef2-ac16-4314-bdce-6df1e32b45da",
|
|
"name": "username",
|
|
"protocol": "openid-connect",
|
|
"protocolMapper": "oidc-usermodel-property-mapper",
|
|
"consentRequired": true,
|
|
"consentText": "${username}",
|
|
"config": {
|
|
"userinfo.token.claim": "true",
|
|
"user.attribute": "username",
|
|
"id.token.claim": "true",
|
|
"access.token.claim": "true",
|
|
"claim.name": "preferred_username",
|
|
"jsonType.label": "String"
|
|
}
|
|
},
|
|
{
|
|
"id": "f21fa9c5-090a-4873-a059-5a714e186e08",
|
|
"name": "full name",
|
|
"protocol": "openid-connect",
|
|
"protocolMapper": "oidc-full-name-mapper",
|
|
"consentRequired": true,
|
|
"consentText": "${fullName}",
|
|
"config": {
|
|
"id.token.claim": "true",
|
|
"access.token.claim": "true"
|
|
}
|
|
},
|
|
{
|
|
"id": "1d28c5e3-d1ab-4563-838d-06c61e96fd3c",
|
|
"name": "family name",
|
|
"protocol": "openid-connect",
|
|
"protocolMapper": "oidc-usermodel-property-mapper",
|
|
"consentRequired": true,
|
|
"consentText": "${familyName}",
|
|
"config": {
|
|
"userinfo.token.claim": "true",
|
|
"user.attribute": "lastName",
|
|
"id.token.claim": "true",
|
|
"access.token.claim": "true",
|
|
"claim.name": "family_name",
|
|
"jsonType.label": "String"
|
|
}
|
|
},
|
|
{
|
|
"id": "0fd5ed6e-65af-4661-9d40-09a0dc90d705",
|
|
"name": "locale",
|
|
"protocol": "openid-connect",
|
|
"protocolMapper": "oidc-usermodel-attribute-mapper",
|
|
"consentRequired": false,
|
|
"consentText": "${locale}",
|
|
"config": {
|
|
"userinfo.token.claim": "true",
|
|
"user.attribute": "locale",
|
|
"id.token.claim": "true",
|
|
"access.token.claim": "true",
|
|
"claim.name": "locale",
|
|
"jsonType.label": "String"
|
|
}
|
|
},
|
|
{
|
|
"id": "47febcd5-e6e8-4c83-8ea0-551f66cbef51",
|
|
"name": "email",
|
|
"protocol": "openid-connect",
|
|
"protocolMapper": "oidc-usermodel-property-mapper",
|
|
"consentRequired": true,
|
|
"consentText": "${email}",
|
|
"config": {
|
|
"userinfo.token.claim": "true",
|
|
"user.attribute": "email",
|
|
"id.token.claim": "true",
|
|
"access.token.claim": "true",
|
|
"claim.name": "email",
|
|
"jsonType.label": "String"
|
|
}
|
|
},
|
|
{
|
|
"id": "fc891ffd-b5b7-4d56-b1cd-60ae25ec0040",
|
|
"name": "given name",
|
|
"protocol": "openid-connect",
|
|
"protocolMapper": "oidc-usermodel-property-mapper",
|
|
"consentRequired": true,
|
|
"consentText": "${givenName}",
|
|
"config": {
|
|
"userinfo.token.claim": "true",
|
|
"user.attribute": "firstName",
|
|
"id.token.claim": "true",
|
|
"access.token.claim": "true",
|
|
"claim.name": "given_name",
|
|
"jsonType.label": "String"
|
|
}
|
|
}
|
|
],
|
|
"useTemplateConfig": false,
|
|
"useTemplateScope": false,
|
|
"useTemplateMappers": false
|
|
},
|
|
{
|
|
"id": "be13165d-2792-43aa-abdb-2c6cdb627184",
|
|
"clientId": "alfresco",
|
|
"surrogateAuthRequired": false,
|
|
"enabled": true,
|
|
"clientAuthenticatorType": "client-secret",
|
|
"secret": "**********",
|
|
"redirectUris": ["*"],
|
|
"webOrigins": [],
|
|
"notBefore": 0,
|
|
"bearerOnly": false,
|
|
"consentRequired": false,
|
|
"standardFlowEnabled": true,
|
|
"implicitFlowEnabled": true,
|
|
"directAccessGrantsEnabled": true,
|
|
"serviceAccountsEnabled": false,
|
|
"publicClient": true,
|
|
"frontchannelLogout": false,
|
|
"protocol": "openid-connect",
|
|
"attributes": {},
|
|
"fullScopeAllowed": true,
|
|
"nodeReRegistrationTimeout": -1,
|
|
"protocolMappers": [
|
|
{
|
|
"id": "202b6b67-dea4-440b-b250-867fa7eb7333",
|
|
"name": "role list",
|
|
"protocol": "saml",
|
|
"protocolMapper": "saml-role-list-mapper",
|
|
"consentRequired": false,
|
|
"config": {
|
|
"single": "false",
|
|
"attribute.nameformat": "Basic",
|
|
"attribute.name": "Role"
|
|
}
|
|
},
|
|
{
|
|
"id": "cdb53973-5bf0-4de4-945d-901de3205016",
|
|
"name": "email",
|
|
"protocol": "openid-connect",
|
|
"protocolMapper": "oidc-usermodel-property-mapper",
|
|
"consentRequired": true,
|
|
"consentText": "${email}",
|
|
"config": {
|
|
"userinfo.token.claim": "true",
|
|
"user.attribute": "email",
|
|
"id.token.claim": "true",
|
|
"access.token.claim": "true",
|
|
"claim.name": "email",
|
|
"jsonType.label": "String"
|
|
}
|
|
},
|
|
{
|
|
"id": "8dd3c664-426e-44e7-931f-5e0700ed9e7f",
|
|
"name": "username",
|
|
"protocol": "openid-connect",
|
|
"protocolMapper": "oidc-usermodel-property-mapper",
|
|
"consentRequired": true,
|
|
"consentText": "${username}",
|
|
"config": {
|
|
"userinfo.token.claim": "true",
|
|
"user.attribute": "username",
|
|
"id.token.claim": "true",
|
|
"access.token.claim": "true",
|
|
"claim.name": "preferred_username",
|
|
"jsonType.label": "String"
|
|
}
|
|
},
|
|
{
|
|
"id": "aa1a443c-4716-424b-b695-49961d9cf98a",
|
|
"name": "family name",
|
|
"protocol": "openid-connect",
|
|
"protocolMapper": "oidc-usermodel-property-mapper",
|
|
"consentRequired": true,
|
|
"consentText": "${familyName}",
|
|
"config": {
|
|
"userinfo.token.claim": "true",
|
|
"user.attribute": "lastName",
|
|
"id.token.claim": "true",
|
|
"access.token.claim": "true",
|
|
"claim.name": "family_name",
|
|
"jsonType.label": "String"
|
|
}
|
|
},
|
|
{
|
|
"id": "b29201a7-e442-47f6-a589-1b6faaf27b20",
|
|
"name": "full name",
|
|
"protocol": "openid-connect",
|
|
"protocolMapper": "oidc-full-name-mapper",
|
|
"consentRequired": true,
|
|
"consentText": "${fullName}",
|
|
"config": {
|
|
"id.token.claim": "true",
|
|
"access.token.claim": "true"
|
|
}
|
|
},
|
|
{
|
|
"id": "292f1e75-3216-447d-886a-6ab91b0dee1d",
|
|
"name": "given name",
|
|
"protocol": "openid-connect",
|
|
"protocolMapper": "oidc-usermodel-property-mapper",
|
|
"consentRequired": true,
|
|
"consentText": "${givenName}",
|
|
"config": {
|
|
"userinfo.token.claim": "true",
|
|
"user.attribute": "firstName",
|
|
"id.token.claim": "true",
|
|
"access.token.claim": "true",
|
|
"claim.name": "given_name",
|
|
"jsonType.label": "String"
|
|
}
|
|
}
|
|
],
|
|
"useTemplateConfig": false,
|
|
"useTemplateScope": false,
|
|
"useTemplateMappers": false
|
|
},
|
|
{
|
|
"id": "887e537f-4a97-4374-a5de-45ad37bfe2df",
|
|
"clientId": "broker",
|
|
"name": "${client_broker}",
|
|
"surrogateAuthRequired": false,
|
|
"enabled": true,
|
|
"clientAuthenticatorType": "client-secret",
|
|
"secret": "**********",
|
|
"redirectUris": [],
|
|
"webOrigins": [],
|
|
"notBefore": 0,
|
|
"bearerOnly": false,
|
|
"consentRequired": false,
|
|
"standardFlowEnabled": true,
|
|
"implicitFlowEnabled": false,
|
|
"directAccessGrantsEnabled": false,
|
|
"serviceAccountsEnabled": false,
|
|
"publicClient": false,
|
|
"frontchannelLogout": false,
|
|
"protocol": "openid-connect",
|
|
"attributes": {},
|
|
"fullScopeAllowed": false,
|
|
"nodeReRegistrationTimeout": 0,
|
|
"protocolMappers": [
|
|
{
|
|
"id": "865fd86a-4c5e-4900-80de-34f30feb55b8",
|
|
"name": "family name",
|
|
"protocol": "openid-connect",
|
|
"protocolMapper": "oidc-usermodel-property-mapper",
|
|
"consentRequired": true,
|
|
"consentText": "${familyName}",
|
|
"config": {
|
|
"userinfo.token.claim": "true",
|
|
"user.attribute": "lastName",
|
|
"id.token.claim": "true",
|
|
"access.token.claim": "true",
|
|
"claim.name": "family_name",
|
|
"jsonType.label": "String"
|
|
}
|
|
},
|
|
{
|
|
"id": "80b5d7cc-1ec3-4d73-8344-d0479bb4178a",
|
|
"name": "username",
|
|
"protocol": "openid-connect",
|
|
"protocolMapper": "oidc-usermodel-property-mapper",
|
|
"consentRequired": true,
|
|
"consentText": "${username}",
|
|
"config": {
|
|
"userinfo.token.claim": "true",
|
|
"user.attribute": "username",
|
|
"id.token.claim": "true",
|
|
"access.token.claim": "true",
|
|
"claim.name": "preferred_username",
|
|
"jsonType.label": "String"
|
|
}
|
|
},
|
|
{
|
|
"id": "54578e9a-e782-4a83-8f24-13da2b2f598c",
|
|
"name": "given name",
|
|
"protocol": "openid-connect",
|
|
"protocolMapper": "oidc-usermodel-property-mapper",
|
|
"consentRequired": true,
|
|
"consentText": "${givenName}",
|
|
"config": {
|
|
"userinfo.token.claim": "true",
|
|
"user.attribute": "firstName",
|
|
"id.token.claim": "true",
|
|
"access.token.claim": "true",
|
|
"claim.name": "given_name",
|
|
"jsonType.label": "String"
|
|
}
|
|
},
|
|
{
|
|
"id": "a8cd846c-f538-4001-ba5f-e37d77ff87cd",
|
|
"name": "full name",
|
|
"protocol": "openid-connect",
|
|
"protocolMapper": "oidc-full-name-mapper",
|
|
"consentRequired": true,
|
|
"consentText": "${fullName}",
|
|
"config": {
|
|
"id.token.claim": "true",
|
|
"access.token.claim": "true"
|
|
}
|
|
},
|
|
{
|
|
"id": "a259f058-dbda-473a-b96e-2998958f8510",
|
|
"name": "role list",
|
|
"protocol": "saml",
|
|
"protocolMapper": "saml-role-list-mapper",
|
|
"consentRequired": false,
|
|
"config": {
|
|
"single": "false",
|
|
"attribute.nameformat": "Basic",
|
|
"attribute.name": "Role"
|
|
}
|
|
},
|
|
{
|
|
"id": "c7aed2b8-6716-4770-a936-31d973bdc557",
|
|
"name": "email",
|
|
"protocol": "openid-connect",
|
|
"protocolMapper": "oidc-usermodel-property-mapper",
|
|
"consentRequired": true,
|
|
"consentText": "${email}",
|
|
"config": {
|
|
"userinfo.token.claim": "true",
|
|
"user.attribute": "email",
|
|
"id.token.claim": "true",
|
|
"access.token.claim": "true",
|
|
"claim.name": "email",
|
|
"jsonType.label": "String"
|
|
}
|
|
}
|
|
],
|
|
"useTemplateConfig": false,
|
|
"useTemplateScope": false,
|
|
"useTemplateMappers": false
|
|
},
|
|
{
|
|
"id": "c1f65e94-ed07-4bba-bafd-413db402a5f2",
|
|
"clientId": "realm-management",
|
|
"name": "${client_realm-management}",
|
|
"surrogateAuthRequired": false,
|
|
"enabled": true,
|
|
"clientAuthenticatorType": "client-secret",
|
|
"secret": "**********",
|
|
"redirectUris": [],
|
|
"webOrigins": [],
|
|
"notBefore": 0,
|
|
"bearerOnly": true,
|
|
"consentRequired": false,
|
|
"standardFlowEnabled": true,
|
|
"implicitFlowEnabled": false,
|
|
"directAccessGrantsEnabled": false,
|
|
"serviceAccountsEnabled": false,
|
|
"publicClient": false,
|
|
"frontchannelLogout": false,
|
|
"protocol": "openid-connect",
|
|
"attributes": {},
|
|
"fullScopeAllowed": false,
|
|
"nodeReRegistrationTimeout": 0,
|
|
"protocolMappers": [
|
|
{
|
|
"id": "b51a2178-2121-42c8-9ae1-7a6f356377c0",
|
|
"name": "full name",
|
|
"protocol": "openid-connect",
|
|
"protocolMapper": "oidc-full-name-mapper",
|
|
"consentRequired": true,
|
|
"consentText": "${fullName}",
|
|
"config": {
|
|
"id.token.claim": "true",
|
|
"access.token.claim": "true"
|
|
}
|
|
},
|
|
{
|
|
"id": "091f3317-7f74-417f-9854-1726ede0fba8",
|
|
"name": "username",
|
|
"protocol": "openid-connect",
|
|
"protocolMapper": "oidc-usermodel-property-mapper",
|
|
"consentRequired": true,
|
|
"consentText": "${username}",
|
|
"config": {
|
|
"userinfo.token.claim": "true",
|
|
"user.attribute": "username",
|
|
"id.token.claim": "true",
|
|
"access.token.claim": "true",
|
|
"claim.name": "preferred_username",
|
|
"jsonType.label": "String"
|
|
}
|
|
},
|
|
{
|
|
"id": "033aeb3f-f04f-460b-9eeb-fd9376b1f639",
|
|
"name": "family name",
|
|
"protocol": "openid-connect",
|
|
"protocolMapper": "oidc-usermodel-property-mapper",
|
|
"consentRequired": true,
|
|
"consentText": "${familyName}",
|
|
"config": {
|
|
"userinfo.token.claim": "true",
|
|
"user.attribute": "lastName",
|
|
"id.token.claim": "true",
|
|
"access.token.claim": "true",
|
|
"claim.name": "family_name",
|
|
"jsonType.label": "String"
|
|
}
|
|
},
|
|
{
|
|
"id": "5e3d143c-1792-41c1-bf10-2ece9684a8fc",
|
|
"name": "given name",
|
|
"protocol": "openid-connect",
|
|
"protocolMapper": "oidc-usermodel-property-mapper",
|
|
"consentRequired": true,
|
|
"consentText": "${givenName}",
|
|
"config": {
|
|
"userinfo.token.claim": "true",
|
|
"user.attribute": "firstName",
|
|
"id.token.claim": "true",
|
|
"access.token.claim": "true",
|
|
"claim.name": "given_name",
|
|
"jsonType.label": "String"
|
|
}
|
|
},
|
|
{
|
|
"id": "e0464a63-f5ac-4fb8-9cf5-dc671badf59e",
|
|
"name": "email",
|
|
"protocol": "openid-connect",
|
|
"protocolMapper": "oidc-usermodel-property-mapper",
|
|
"consentRequired": true,
|
|
"consentText": "${email}",
|
|
"config": {
|
|
"userinfo.token.claim": "true",
|
|
"user.attribute": "email",
|
|
"id.token.claim": "true",
|
|
"access.token.claim": "true",
|
|
"claim.name": "email",
|
|
"jsonType.label": "String"
|
|
}
|
|
},
|
|
{
|
|
"id": "b68aec8b-327d-4238-8021-cefda0f66690",
|
|
"name": "role list",
|
|
"protocol": "saml",
|
|
"protocolMapper": "saml-role-list-mapper",
|
|
"consentRequired": false,
|
|
"config": {
|
|
"single": "false",
|
|
"attribute.nameformat": "Basic",
|
|
"attribute.name": "Role"
|
|
}
|
|
}
|
|
],
|
|
"useTemplateConfig": false,
|
|
"useTemplateScope": false,
|
|
"useTemplateMappers": false
|
|
},
|
|
{
|
|
"id": "140feb9e-fd73-4d02-97f6-928ed67020f1",
|
|
"clientId": "account",
|
|
"name": "${client_account}",
|
|
"baseUrl": "/auth/realms/alfresco/account",
|
|
"surrogateAuthRequired": false,
|
|
"enabled": true,
|
|
"clientAuthenticatorType": "client-secret",
|
|
"secret": "**********",
|
|
"defaultRoles": ["view-profile", "manage-account"],
|
|
"redirectUris": ["/auth/realms/alfresco/account/*"],
|
|
"webOrigins": [],
|
|
"notBefore": 0,
|
|
"bearerOnly": false,
|
|
"consentRequired": false,
|
|
"standardFlowEnabled": true,
|
|
"implicitFlowEnabled": false,
|
|
"directAccessGrantsEnabled": false,
|
|
"serviceAccountsEnabled": false,
|
|
"publicClient": false,
|
|
"frontchannelLogout": false,
|
|
"protocol": "openid-connect",
|
|
"attributes": {},
|
|
"fullScopeAllowed": false,
|
|
"nodeReRegistrationTimeout": 0,
|
|
"protocolMappers": [
|
|
{
|
|
"id": "fbda389d-78dd-4566-8238-c49a8809a3ac",
|
|
"name": "email",
|
|
"protocol": "openid-connect",
|
|
"protocolMapper": "oidc-usermodel-property-mapper",
|
|
"consentRequired": true,
|
|
"consentText": "${email}",
|
|
"config": {
|
|
"userinfo.token.claim": "true",
|
|
"user.attribute": "email",
|
|
"id.token.claim": "true",
|
|
"access.token.claim": "true",
|
|
"claim.name": "email",
|
|
"jsonType.label": "String"
|
|
}
|
|
},
|
|
{
|
|
"id": "88b68fdb-7f1b-459b-9013-2c1dfcb4ab87",
|
|
"name": "family name",
|
|
"protocol": "openid-connect",
|
|
"protocolMapper": "oidc-usermodel-property-mapper",
|
|
"consentRequired": true,
|
|
"consentText": "${familyName}",
|
|
"config": {
|
|
"userinfo.token.claim": "true",
|
|
"user.attribute": "lastName",
|
|
"id.token.claim": "true",
|
|
"access.token.claim": "true",
|
|
"claim.name": "family_name",
|
|
"jsonType.label": "String"
|
|
}
|
|
},
|
|
{
|
|
"id": "9d129b38-1b18-4c79-a987-088ec7460d8d",
|
|
"name": "username",
|
|
"protocol": "openid-connect",
|
|
"protocolMapper": "oidc-usermodel-property-mapper",
|
|
"consentRequired": true,
|
|
"consentText": "${username}",
|
|
"config": {
|
|
"userinfo.token.claim": "true",
|
|
"user.attribute": "username",
|
|
"id.token.claim": "true",
|
|
"access.token.claim": "true",
|
|
"claim.name": "preferred_username",
|
|
"jsonType.label": "String"
|
|
}
|
|
},
|
|
{
|
|
"id": "6ca7c6ca-4d2f-4fbe-8288-c65ec1f1a2ef",
|
|
"name": "role list",
|
|
"protocol": "saml",
|
|
"protocolMapper": "saml-role-list-mapper",
|
|
"consentRequired": false,
|
|
"config": {
|
|
"single": "false",
|
|
"attribute.nameformat": "Basic",
|
|
"attribute.name": "Role"
|
|
}
|
|
},
|
|
{
|
|
"id": "dcaaafc2-72d0-41b1-9df1-250aa82c3aa3",
|
|
"name": "full name",
|
|
"protocol": "openid-connect",
|
|
"protocolMapper": "oidc-full-name-mapper",
|
|
"consentRequired": true,
|
|
"consentText": "${fullName}",
|
|
"config": {
|
|
"id.token.claim": "true",
|
|
"access.token.claim": "true"
|
|
}
|
|
},
|
|
{
|
|
"id": "64a2de57-3811-415f-a6b9-b550c3dfd8b0",
|
|
"name": "given name",
|
|
"protocol": "openid-connect",
|
|
"protocolMapper": "oidc-usermodel-property-mapper",
|
|
"consentRequired": true,
|
|
"consentText": "${givenName}",
|
|
"config": {
|
|
"userinfo.token.claim": "true",
|
|
"user.attribute": "firstName",
|
|
"id.token.claim": "true",
|
|
"access.token.claim": "true",
|
|
"claim.name": "given_name",
|
|
"jsonType.label": "String"
|
|
}
|
|
}
|
|
],
|
|
"useTemplateConfig": false,
|
|
"useTemplateScope": false,
|
|
"useTemplateMappers": false
|
|
},
|
|
{
|
|
"id": "b5947c98-5a51-47f4-b7c9-935c491d17e9",
|
|
"clientId": "admin-cli",
|
|
"name": "${client_admin-cli}",
|
|
"surrogateAuthRequired": false,
|
|
"enabled": true,
|
|
"clientAuthenticatorType": "client-secret",
|
|
"secret": "**********",
|
|
"redirectUris": [],
|
|
"webOrigins": [],
|
|
"notBefore": 0,
|
|
"bearerOnly": false,
|
|
"consentRequired": false,
|
|
"standardFlowEnabled": false,
|
|
"implicitFlowEnabled": false,
|
|
"directAccessGrantsEnabled": true,
|
|
"serviceAccountsEnabled": false,
|
|
"publicClient": true,
|
|
"frontchannelLogout": false,
|
|
"protocol": "openid-connect",
|
|
"attributes": {},
|
|
"fullScopeAllowed": false,
|
|
"nodeReRegistrationTimeout": 0,
|
|
"protocolMappers": [
|
|
{
|
|
"id": "3a7400ad-d225-401f-bdb7-91d60db990f6",
|
|
"name": "username",
|
|
"protocol": "openid-connect",
|
|
"protocolMapper": "oidc-usermodel-property-mapper",
|
|
"consentRequired": true,
|
|
"consentText": "${username}",
|
|
"config": {
|
|
"userinfo.token.claim": "true",
|
|
"user.attribute": "username",
|
|
"id.token.claim": "true",
|
|
"access.token.claim": "true",
|
|
"claim.name": "preferred_username",
|
|
"jsonType.label": "String"
|
|
}
|
|
},
|
|
{
|
|
"id": "e4353798-aaac-40fa-967d-64aea182dd69",
|
|
"name": "email",
|
|
"protocol": "openid-connect",
|
|
"protocolMapper": "oidc-usermodel-property-mapper",
|
|
"consentRequired": true,
|
|
"consentText": "${email}",
|
|
"config": {
|
|
"userinfo.token.claim": "true",
|
|
"user.attribute": "email",
|
|
"id.token.claim": "true",
|
|
"access.token.claim": "true",
|
|
"claim.name": "email",
|
|
"jsonType.label": "String"
|
|
}
|
|
},
|
|
{
|
|
"id": "8fe5f0fa-b9f3-41c4-9a52-b195582d9239",
|
|
"name": "family name",
|
|
"protocol": "openid-connect",
|
|
"protocolMapper": "oidc-usermodel-property-mapper",
|
|
"consentRequired": true,
|
|
"consentText": "${familyName}",
|
|
"config": {
|
|
"userinfo.token.claim": "true",
|
|
"user.attribute": "lastName",
|
|
"id.token.claim": "true",
|
|
"access.token.claim": "true",
|
|
"claim.name": "family_name",
|
|
"jsonType.label": "String"
|
|
}
|
|
},
|
|
{
|
|
"id": "44872cc3-57b5-41d3-aae1-825dd2c350c0",
|
|
"name": "full name",
|
|
"protocol": "openid-connect",
|
|
"protocolMapper": "oidc-full-name-mapper",
|
|
"consentRequired": true,
|
|
"consentText": "${fullName}",
|
|
"config": {
|
|
"id.token.claim": "true",
|
|
"access.token.claim": "true"
|
|
}
|
|
},
|
|
{
|
|
"id": "29d794ba-6708-49cd-8a83-c50d6fc0e293",
|
|
"name": "role list",
|
|
"protocol": "saml",
|
|
"protocolMapper": "saml-role-list-mapper",
|
|
"consentRequired": false,
|
|
"config": {
|
|
"single": "false",
|
|
"attribute.nameformat": "Basic",
|
|
"attribute.name": "Role"
|
|
}
|
|
},
|
|
{
|
|
"id": "4c266a5c-cb5f-407a-876e-18f002b7792a",
|
|
"name": "given name",
|
|
"protocol": "openid-connect",
|
|
"protocolMapper": "oidc-usermodel-property-mapper",
|
|
"consentRequired": true,
|
|
"consentText": "${givenName}",
|
|
"config": {
|
|
"userinfo.token.claim": "true",
|
|
"user.attribute": "firstName",
|
|
"id.token.claim": "true",
|
|
"access.token.claim": "true",
|
|
"claim.name": "given_name",
|
|
"jsonType.label": "String"
|
|
}
|
|
}
|
|
],
|
|
"useTemplateConfig": false,
|
|
"useTemplateScope": false,
|
|
"useTemplateMappers": false
|
|
}
|
|
],
|
|
"browserSecurityHeaders": {
|
|
"xContentTypeOptions": "nosniff",
|
|
"xRobotsTag": "none",
|
|
"xFrameOptions": "SAMEORIGIN",
|
|
"xXSSProtection": "1; mode=block",
|
|
"contentSecurityPolicy": "frame-src 'self'; frame-ancestors 'self'; object-src 'none';"
|
|
},
|
|
"smtpServer": {},
|
|
"loginTheme": "keycloak",
|
|
"eventsEnabled": false,
|
|
"eventsListeners": ["jboss-logging"],
|
|
"enabledEventTypes": [],
|
|
"adminEventsEnabled": false,
|
|
"adminEventsDetailsEnabled": false,
|
|
"components": {
|
|
"org.keycloak.services.clientregistration.policy.ClientRegistrationPolicy": [
|
|
{
|
|
"id": "20f304be-9abc-4fa2-801e-c02440148d1b",
|
|
"name": "Trusted Hosts",
|
|
"providerId": "trusted-hosts",
|
|
"subType": "anonymous",
|
|
"subComponents": {},
|
|
"config": {
|
|
"host-sending-registration-request-must-match": ["true"],
|
|
"client-uris-must-match": ["true"]
|
|
}
|
|
},
|
|
{
|
|
"id": "dd0ae9d2-7af3-4d38-b8e7-d9c5825d3b1f",
|
|
"name": "Full Scope Disabled",
|
|
"providerId": "scope",
|
|
"subType": "anonymous",
|
|
"subComponents": {},
|
|
"config": {}
|
|
},
|
|
{
|
|
"id": "b3099bb7-0064-4315-85d9-cdbcc0bfef71",
|
|
"name": "Consent Required",
|
|
"providerId": "consent-required",
|
|
"subType": "anonymous",
|
|
"subComponents": {},
|
|
"config": {}
|
|
},
|
|
{
|
|
"id": "7f35ed4a-2140-478b-b2f8-46585315b71f",
|
|
"name": "Allowed Protocol Mapper Types",
|
|
"providerId": "allowed-protocol-mappers",
|
|
"subType": "anonymous",
|
|
"subComponents": {},
|
|
"config": {
|
|
"allowed-protocol-mapper-types": [
|
|
"saml-user-attribute-mapper",
|
|
"oidc-usermodel-property-mapper",
|
|
"saml-role-list-mapper",
|
|
"saml-user-property-mapper",
|
|
"oidc-address-mapper",
|
|
"oidc-full-name-mapper",
|
|
"oidc-sha256-pairwise-sub-mapper",
|
|
"oidc-usermodel-attribute-mapper"
|
|
],
|
|
"consent-required-for-all-mappers": ["true"]
|
|
}
|
|
},
|
|
{
|
|
"id": "30ac8e1b-b8e4-4877-aeab-42af7c2af5ff",
|
|
"name": "Allowed Client Templates",
|
|
"providerId": "allowed-client-templates",
|
|
"subType": "anonymous",
|
|
"subComponents": {},
|
|
"config": {}
|
|
},
|
|
{
|
|
"id": "db5b54f2-258b-40f9-92f9-ef83a887d1fa",
|
|
"name": "Allowed Protocol Mapper Types",
|
|
"providerId": "allowed-protocol-mappers",
|
|
"subType": "authenticated",
|
|
"subComponents": {},
|
|
"config": {
|
|
"allowed-protocol-mapper-types": [
|
|
"saml-user-attribute-mapper",
|
|
"oidc-usermodel-attribute-mapper",
|
|
"oidc-usermodel-property-mapper",
|
|
"saml-role-list-mapper",
|
|
"oidc-address-mapper",
|
|
"saml-user-property-mapper",
|
|
"oidc-full-name-mapper",
|
|
"oidc-sha256-pairwise-sub-mapper"
|
|
],
|
|
"consent-required-for-all-mappers": ["true"]
|
|
}
|
|
},
|
|
{
|
|
"id": "cd68d51f-9c85-4560-b1d6-9379bf3fce54",
|
|
"name": "Allowed Client Templates",
|
|
"providerId": "allowed-client-templates",
|
|
"subType": "authenticated",
|
|
"subComponents": {},
|
|
"config": {}
|
|
},
|
|
{
|
|
"id": "cd3bfc37-cc55-40dc-8d83-98b76ad5a521",
|
|
"name": "Max Clients Limit",
|
|
"providerId": "max-clients",
|
|
"subType": "anonymous",
|
|
"subComponents": {},
|
|
"config": {
|
|
"max-clients": ["200"]
|
|
}
|
|
}
|
|
],
|
|
"org.keycloak.keys.KeyProvider": [
|
|
{
|
|
"id": "14b13815-a8b1-412c-a98d-0da235e8c8f9",
|
|
"name": "rsa-generated",
|
|
"providerId": "rsa-generated",
|
|
"subComponents": {},
|
|
"config": {
|
|
"priority": ["100"]
|
|
}
|
|
},
|
|
{
|
|
"id": "306d8c4c-9ad1-444e-af1a-d6c67dffc5b7",
|
|
"name": "hmac-generated",
|
|
"providerId": "hmac-generated",
|
|
"subComponents": {},
|
|
"config": {
|
|
"priority": ["100"]
|
|
}
|
|
},
|
|
{
|
|
"id": "bff7cf8c-001f-4cfb-8d47-9a8bd5bc48d3",
|
|
"name": "aes-generated",
|
|
"providerId": "aes-generated",
|
|
"subComponents": {},
|
|
"config": {
|
|
"priority": ["100"]
|
|
}
|
|
}
|
|
]
|
|
},
|
|
"internationalizationEnabled": true,
|
|
"supportedLocales": [
|
|
"de",
|
|
"no",
|
|
"ru",
|
|
"sv",
|
|
"pt-BR",
|
|
"lt",
|
|
"en",
|
|
"it",
|
|
"fr",
|
|
"zh-CN",
|
|
"es",
|
|
"ja",
|
|
"ca",
|
|
"nl"
|
|
],
|
|
"defaultLocale": "en",
|
|
"authenticationFlows": [
|
|
{
|
|
"id": "ac4ffcd4-6547-4e1c-90ac-aa56304011fb",
|
|
"alias": "Handle Existing Account",
|
|
"description": "Handle what to do if there is existing account with same email/username like authenticated identity provider",
|
|
"providerId": "basic-flow",
|
|
"topLevel": false,
|
|
"builtIn": true,
|
|
"authenticationExecutions": [
|
|
{
|
|
"authenticator": "idp-confirm-link",
|
|
"requirement": "REQUIRED",
|
|
"priority": 10,
|
|
"userSetupAllowed": false,
|
|
"autheticatorFlow": false
|
|
},
|
|
{
|
|
"authenticator": "idp-email-verification",
|
|
"requirement": "ALTERNATIVE",
|
|
"priority": 20,
|
|
"userSetupAllowed": false,
|
|
"autheticatorFlow": false
|
|
},
|
|
{
|
|
"requirement": "ALTERNATIVE",
|
|
"priority": 30,
|
|
"flowAlias": "Verify Existing Account by Re-authentication",
|
|
"userSetupAllowed": false,
|
|
"autheticatorFlow": true
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"id": "affb11d0-0542-4824-a433-a41e90295ec1",
|
|
"alias": "Verify Existing Account by Re-authentication",
|
|
"description": "Reauthentication of existing account",
|
|
"providerId": "basic-flow",
|
|
"topLevel": false,
|
|
"builtIn": true,
|
|
"authenticationExecutions": [
|
|
{
|
|
"authenticator": "idp-username-password-form",
|
|
"requirement": "REQUIRED",
|
|
"priority": 10,
|
|
"userSetupAllowed": false,
|
|
"autheticatorFlow": false
|
|
},
|
|
{
|
|
"authenticator": "auth-otp-form",
|
|
"requirement": "OPTIONAL",
|
|
"priority": 20,
|
|
"userSetupAllowed": false,
|
|
"autheticatorFlow": false
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"id": "19c7907b-c38a-4cbf-b106-f42ae613fce7",
|
|
"alias": "browser",
|
|
"description": "browser based authentication",
|
|
"providerId": "basic-flow",
|
|
"topLevel": true,
|
|
"builtIn": true,
|
|
"authenticationExecutions": [
|
|
{
|
|
"authenticator": "auth-cookie",
|
|
"requirement": "ALTERNATIVE",
|
|
"priority": 10,
|
|
"userSetupAllowed": false,
|
|
"autheticatorFlow": false
|
|
},
|
|
{
|
|
"authenticator": "auth-spnego",
|
|
"requirement": "DISABLED",
|
|
"priority": 20,
|
|
"userSetupAllowed": false,
|
|
"autheticatorFlow": false
|
|
},
|
|
{
|
|
"authenticator": "identity-provider-redirector",
|
|
"requirement": "ALTERNATIVE",
|
|
"priority": 25,
|
|
"userSetupAllowed": false,
|
|
"autheticatorFlow": false
|
|
},
|
|
{
|
|
"requirement": "ALTERNATIVE",
|
|
"priority": 30,
|
|
"flowAlias": "forms",
|
|
"userSetupAllowed": false,
|
|
"autheticatorFlow": true
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"id": "5d678091-c1f9-4100-866f-fe35b032ae9d",
|
|
"alias": "clients",
|
|
"description": "Base authentication for clients",
|
|
"providerId": "client-flow",
|
|
"topLevel": true,
|
|
"builtIn": true,
|
|
"authenticationExecutions": [
|
|
{
|
|
"authenticator": "client-secret",
|
|
"requirement": "ALTERNATIVE",
|
|
"priority": 10,
|
|
"userSetupAllowed": false,
|
|
"autheticatorFlow": false
|
|
},
|
|
{
|
|
"authenticator": "client-jwt",
|
|
"requirement": "ALTERNATIVE",
|
|
"priority": 20,
|
|
"userSetupAllowed": false,
|
|
"autheticatorFlow": false
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"id": "d41512a5-3b62-477c-9590-badbe9f8044d",
|
|
"alias": "direct grant",
|
|
"description": "OpenID Connect Resource Owner Grant",
|
|
"providerId": "basic-flow",
|
|
"topLevel": true,
|
|
"builtIn": true,
|
|
"authenticationExecutions": [
|
|
{
|
|
"authenticator": "direct-grant-validate-username",
|
|
"requirement": "REQUIRED",
|
|
"priority": 10,
|
|
"userSetupAllowed": false,
|
|
"autheticatorFlow": false
|
|
},
|
|
{
|
|
"authenticator": "direct-grant-validate-password",
|
|
"requirement": "REQUIRED",
|
|
"priority": 20,
|
|
"userSetupAllowed": false,
|
|
"autheticatorFlow": false
|
|
},
|
|
{
|
|
"authenticator": "direct-grant-validate-otp",
|
|
"requirement": "OPTIONAL",
|
|
"priority": 30,
|
|
"userSetupAllowed": false,
|
|
"autheticatorFlow": false
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"id": "34c91e7e-dc6c-495a-889f-f033c9311911",
|
|
"alias": "docker auth",
|
|
"description": "Used by Docker clients to authenticate against the IDP",
|
|
"providerId": "basic-flow",
|
|
"topLevel": true,
|
|
"builtIn": true,
|
|
"authenticationExecutions": [
|
|
{
|
|
"authenticator": "docker-http-basic-authenticator",
|
|
"requirement": "REQUIRED",
|
|
"priority": 10,
|
|
"userSetupAllowed": false,
|
|
"autheticatorFlow": false
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"id": "d28bb33e-87a2-4712-a62c-01015ddfdf57",
|
|
"alias": "first broker login",
|
|
"description": "Actions taken after first broker login with identity provider account, which is not yet linked to any Keycloak account",
|
|
"providerId": "basic-flow",
|
|
"topLevel": true,
|
|
"builtIn": true,
|
|
"authenticationExecutions": [
|
|
{
|
|
"authenticatorConfig": "review profile config",
|
|
"authenticator": "idp-review-profile",
|
|
"requirement": "REQUIRED",
|
|
"priority": 10,
|
|
"userSetupAllowed": false,
|
|
"autheticatorFlow": false
|
|
},
|
|
{
|
|
"authenticatorConfig": "create unique user config",
|
|
"authenticator": "idp-create-user-if-unique",
|
|
"requirement": "ALTERNATIVE",
|
|
"priority": 20,
|
|
"userSetupAllowed": false,
|
|
"autheticatorFlow": false
|
|
},
|
|
{
|
|
"requirement": "ALTERNATIVE",
|
|
"priority": 30,
|
|
"flowAlias": "Handle Existing Account",
|
|
"userSetupAllowed": false,
|
|
"autheticatorFlow": true
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"id": "e65923ea-0c5b-43e3-9ebb-648391445207",
|
|
"alias": "forms",
|
|
"description": "Username, password, otp and other auth forms.",
|
|
"providerId": "basic-flow",
|
|
"topLevel": false,
|
|
"builtIn": true,
|
|
"authenticationExecutions": [
|
|
{
|
|
"authenticator": "auth-username-password-form",
|
|
"requirement": "REQUIRED",
|
|
"priority": 10,
|
|
"userSetupAllowed": false,
|
|
"autheticatorFlow": false
|
|
},
|
|
{
|
|
"authenticator": "auth-otp-form",
|
|
"requirement": "OPTIONAL",
|
|
"priority": 20,
|
|
"userSetupAllowed": false,
|
|
"autheticatorFlow": false
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"id": "2d8d3a79-2e44-4d52-9aa2-919a400e0ab0",
|
|
"alias": "registration",
|
|
"description": "registration flow",
|
|
"providerId": "basic-flow",
|
|
"topLevel": true,
|
|
"builtIn": true,
|
|
"authenticationExecutions": [
|
|
{
|
|
"authenticator": "registration-page-form",
|
|
"requirement": "REQUIRED",
|
|
"priority": 10,
|
|
"flowAlias": "registration form",
|
|
"userSetupAllowed": false,
|
|
"autheticatorFlow": true
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"id": "5043cb5e-d76e-4a57-a0db-98366acb6bf7",
|
|
"alias": "registration form",
|
|
"description": "registration form",
|
|
"providerId": "form-flow",
|
|
"topLevel": false,
|
|
"builtIn": true,
|
|
"authenticationExecutions": [
|
|
{
|
|
"authenticator": "registration-user-creation",
|
|
"requirement": "REQUIRED",
|
|
"priority": 20,
|
|
"userSetupAllowed": false,
|
|
"autheticatorFlow": false
|
|
},
|
|
{
|
|
"authenticator": "registration-profile-action",
|
|
"requirement": "REQUIRED",
|
|
"priority": 40,
|
|
"userSetupAllowed": false,
|
|
"autheticatorFlow": false
|
|
},
|
|
{
|
|
"authenticator": "registration-password-action",
|
|
"requirement": "REQUIRED",
|
|
"priority": 50,
|
|
"userSetupAllowed": false,
|
|
"autheticatorFlow": false
|
|
},
|
|
{
|
|
"authenticator": "registration-recaptcha-action",
|
|
"requirement": "DISABLED",
|
|
"priority": 60,
|
|
"userSetupAllowed": false,
|
|
"autheticatorFlow": false
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"id": "79f99e59-6a78-4262-a86a-231e0c69d4bd",
|
|
"alias": "reset credentials",
|
|
"description": "Reset credentials for a user if they forgot their password or something",
|
|
"providerId": "basic-flow",
|
|
"topLevel": true,
|
|
"builtIn": true,
|
|
"authenticationExecutions": [
|
|
{
|
|
"authenticator": "reset-credentials-choose-user",
|
|
"requirement": "REQUIRED",
|
|
"priority": 10,
|
|
"userSetupAllowed": false,
|
|
"autheticatorFlow": false
|
|
},
|
|
{
|
|
"authenticator": "reset-credential-email",
|
|
"requirement": "REQUIRED",
|
|
"priority": 20,
|
|
"userSetupAllowed": false,
|
|
"autheticatorFlow": false
|
|
},
|
|
{
|
|
"authenticator": "reset-password",
|
|
"requirement": "REQUIRED",
|
|
"priority": 30,
|
|
"userSetupAllowed": false,
|
|
"autheticatorFlow": false
|
|
},
|
|
{
|
|
"authenticator": "reset-otp",
|
|
"requirement": "OPTIONAL",
|
|
"priority": 40,
|
|
"userSetupAllowed": false,
|
|
"autheticatorFlow": false
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"id": "62e8ccd7-e995-4226-bee4-4ef9f1d6edc1",
|
|
"alias": "saml ecp",
|
|
"description": "SAML ECP Profile Authentication Flow",
|
|
"providerId": "basic-flow",
|
|
"topLevel": true,
|
|
"builtIn": true,
|
|
"authenticationExecutions": [
|
|
{
|
|
"authenticator": "http-basic-authenticator",
|
|
"requirement": "REQUIRED",
|
|
"priority": 10,
|
|
"userSetupAllowed": false,
|
|
"autheticatorFlow": false
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"authenticatorConfig": [
|
|
{
|
|
"id": "d1eae692-c7d2-4d52-ac4d-7b1231ce0a22",
|
|
"alias": "create unique user config",
|
|
"config": {
|
|
"require.password.update.after.registration": "false"
|
|
}
|
|
},
|
|
{
|
|
"id": "c6f89a26-2c86-4b6b-aee9-a483370fa20a",
|
|
"alias": "review profile config",
|
|
"config": {
|
|
"update.profile.on.first.login": "missing"
|
|
}
|
|
}
|
|
],
|
|
"requiredActions": [
|
|
{
|
|
"alias": "CONFIGURE_TOTP",
|
|
"name": "Configure OTP",
|
|
"providerId": "CONFIGURE_TOTP",
|
|
"enabled": true,
|
|
"defaultAction": false,
|
|
"config": {}
|
|
},
|
|
{
|
|
"alias": "UPDATE_PASSWORD",
|
|
"name": "Update Password",
|
|
"providerId": "UPDATE_PASSWORD",
|
|
"enabled": true,
|
|
"defaultAction": false,
|
|
"config": {}
|
|
},
|
|
{
|
|
"alias": "UPDATE_PROFILE",
|
|
"name": "Update Profile",
|
|
"providerId": "UPDATE_PROFILE",
|
|
"enabled": true,
|
|
"defaultAction": false,
|
|
"config": {}
|
|
},
|
|
{
|
|
"alias": "VERIFY_EMAIL",
|
|
"name": "Verify Email",
|
|
"providerId": "VERIFY_EMAIL",
|
|
"enabled": true,
|
|
"defaultAction": false,
|
|
"config": {}
|
|
},
|
|
{
|
|
"alias": "terms_and_conditions",
|
|
"name": "Terms and Conditions",
|
|
"providerId": "terms_and_conditions",
|
|
"enabled": false,
|
|
"defaultAction": false,
|
|
"config": {}
|
|
}
|
|
],
|
|
"browserFlow": "browser",
|
|
"registrationFlow": "registration",
|
|
"directGrantFlow": "direct grant",
|
|
"resetCredentialsFlow": "reset credentials",
|
|
"clientAuthenticationFlow": "clients",
|
|
"dockerAuthenticationFlow": "docker auth",
|
|
"attributes": {
|
|
"_browser_header.xXSSProtection": "1; mode=block",
|
|
"_browser_header.xFrameOptions": "SAMEORIGIN",
|
|
"permanentLockout": "false",
|
|
"quickLoginCheckMilliSeconds": "1000",
|
|
"_browser_header.xRobotsTag": "none",
|
|
"maxFailureWaitSeconds": "900",
|
|
"minimumQuickLoginWaitSeconds": "60",
|
|
"failureFactor": "30",
|
|
"actionTokenGeneratedByUserLifespan": "300",
|
|
"maxDeltaTimeSeconds": "43200",
|
|
"_browser_header.xContentTypeOptions": "nosniff",
|
|
"actionTokenGeneratedByAdminLifespan": "43200",
|
|
"bruteForceProtected": "false",
|
|
"_browser_header.contentSecurityPolicy": "frame-src 'self'; frame-ancestors 'self'; object-src 'none';",
|
|
"waitIncrementSeconds": "60"
|
|
},
|
|
"users": [
|
|
{
|
|
"id": "9c978d30-c9ad-4dcb-b61c-840fe56f72f2",
|
|
"createdTimestamp": 1533234734911,
|
|
"username": "admin",
|
|
"enabled": true,
|
|
"totp": false,
|
|
"emailVerified": true,
|
|
"firstName": "admin",
|
|
"lastName": "admin",
|
|
"email": "admin.adf@alfresco.com",
|
|
"credentials": [
|
|
{
|
|
"type": "password",
|
|
"value": "admin"
|
|
}
|
|
],
|
|
"disableableCredentialTypes": ["password"],
|
|
"requiredActions": [],
|
|
"realmRoles": ["uma_authorization", "user", "offline_access"],
|
|
"clientRoles": {
|
|
"realm-management": [
|
|
"view-clients",
|
|
"manage-users",
|
|
"manage-clients",
|
|
"view-users",
|
|
"manage-realm",
|
|
"view-realm"
|
|
],
|
|
"account": ["manage-account", "view-profile"]
|
|
},
|
|
"groups": ["/admin"]
|
|
}
|
|
],
|
|
"keycloakVersion": "4.8.3.Final"
|
|
}
|